Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Man-in-the-middle attack on GitHub in China

x z xhzhang at gmail.com
Wed Jan 30 23:30:39 PST 2013


2013/1/30 Matt Mackall <mpm at selenic.com>

> On Wed, 2013-01-30 at 13:15 -0600, Matt Mackall wrote:
> > On Wed, 2013-01-30 at 09:55 -0800, x z wrote:
> > > @Nadim, I think breaking in a CA is a rather serious crime that GFW
> would
> > > refrain from committing;
> >
> > Unlike, say, breaking into the Tibetan government-in-exile, Google and
> > hundreds of other companies?
>
> From today's news:
>
>
> https://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html
>
> Interesting. The following from this article is alarming:

"Security experts found evidence that the hackers stole the corporate
passwords for every Times employee and used those to gain access to the
personal computers of 53 employees, most of them outside The Times’s
newsroom."

Does Times store these passwords in plain text?

But still, hacking of this kind is very different in nature to "breaking
into a CA and forge valid certificates". These targeted hacking incidents
can be traced to China, but Chinese authority can easily deny the state
sponsorship. For the github case, China's motivation is to disrupt the
entire site, so if China "breaks into a CA and forges valid certificates",
it is going to be deployed to the entire GFW, which, Chinese government can
be held responsible. If they rely on CNNIC, then they'll risk CNNIC's root
CA status getting revoked.

However, like many people have mentioned, China may reserve CNNIC for
highly targeted attacks, i.e. on individual dissidents.

Best,

 --
> Mathematics is the supreme nostalgia of our time.
>
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130130/9d524484/attachment.html>


More information about the liberationtech mailing list