Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»NSA disguised itself as G...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums
 

dkf

(37,305 posts) Fri Sep 13, 2013, 11:27 AM Sep 2013

NSA disguised itself as Google to spy, say reports

If a recently leaked document is any indication, the US National Security Agency -- or its UK counterpart -- appears to have put on a Google suit to gather intelligence.


Earlier this week, Techdirt picked up on a passing mention in a Brazilian news story and a Slate article to point out that the US National Security Agency had apparently impersonated Google on at least one occasion to gather data on people. (Mother Jones subsequently pointed out Techdirt's point-out.)

Brazilian site Fantastico obtained and published a document leaked by Edward Snowden, which diagrams how a "man in the middle attack" involving Google was apparently carried out.

A technique commonly used by hackers, a MITM attack involves using a fake security certificate to pose as a legitimate Web service, bypass browser security settings, and then intercept data that an unsuspecting person is sending to that service. Hackers could, for example, pose as a banking Web site and steal passwords.

The technique is particularly sly because the hackers then use the password to log in to the real banking site and then serve as a "man in the middle," receiving requests from the banking customer, passing them on to the bank site, and then returning requested info to the customer -- all the while collecting data for themselves, with neither the customer nor the bank realizing what's happening. Such attacks can be used against e-mail providers too.

It's not clear if the supposed attack in the Fantastico document was handled by the NSA or by its UK counterpart, the Government Communications Headquarters (GCHQ). The article by the Brazilian news agency says, "In this case, data is rerouted to the NSA central, and then relayed to its destination, without either end noticing.

"There have been rumors of the NSA and others using those kinds of MITM attacks," Mike Masnick writes on Techdirt, "but to have it confirmed that they're doing them against the likes of Google... is a big deal -- and something I would imagine does not make [Google] particularly happy".

http://news.cnet.com/8301-13578_3-57602701-38/nsa-disguised-itself-as-google-to-spy-say-reports/

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 0 replies, 452 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (10) ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»NSA disguised itself as G...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.