[146797] in cryptography@c2.net mail archive
Re: [Cryptography] Bruce Schneier has gotten seriously spooked
daemon@ATHENA.MIT.EDU (Bill Stewart)
Sun Sep 8 02:07:26 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 07 Sep 2013 20:57:05 -0700
To: Cryptography Mailing List <cryptography@metzdowd.com>
From: Bill Stewart <bill.stewart@pobox.com>
In-Reply-To: <CALi+ztGk9sJ6SJorY8X3eEN+8GtoXf60Oisopk6=x-dpX9+8-g@mail.g
mail.com>
Cc: Brian Gladman <brg@gladman.plus.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
At 12:09 PM 9/7/2013, Chris Palmer wrote:
>On Sat, Sep 7, 2013 at 1:33 AM, Brian Gladman <brg@gladman.plus.com> wrote:
>
> >> Why would they perform the attack only for encryption software? They
> >> could compromise people's laptops by spiking any popular app.
> >
> > Because NSA and GCHQ are much more interested in attacking communictions
> > in transit rather than attacking endpoints.
>
>So they spike a popular download (security-related apps are less
>likely to be popular) with a tiny malware add-on that scans every file
>that it can read to see if it's an encryption key, cookie, password
More to the point, spike a popular download with remote-execution malware,
and download spiked patches for important binaries,
so the not-a-collection-target's browser uses known keys
(the opposite of the "fortify" patch that made 40-bit Mozilla do 128-bit),
and the disk encryption software broadcasts its keys or stashes them
in plaintext
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
