NSA Allegedly Ran Spoofs To Disguise Itself As Google To Spy On People

The train carrying a vast amount of NSA confidential information continues to trek along today, with a revelation that the government agency conducted man-in-the-middle (MITM) attacks involving a couple of the Web's largest companies. Falling under the guise of "FLYING PIG", one of the main traffic sources to intercept was Google, and the simple drawing below explains how such an attack was structured.

Due to the quality of the original image, I re-created it above, and hopefully it gets the point across. From the time the server requests were made from a router, the NSA effectively intercepted the request before Google could reply, and with faked security certificates, acted as a proxy to gather whatever data that it could. It's being noted that SSL traffic (encrypted) was being specifically targeted.

This highlights a reality discovered not too long after the initial NSA leaks occurred that stated if you encrypt your online traffic - yes, even you - the government is watching. That's a definitive statement, not one with lenience. Of course, even if the government has your encrypted data, it doesn't mean that it will actually decipher it - or try to - unless it actually has reason to (those supercomputer cycles could be better used elsewhere).

This is some seriously scary stuff, and this MITM attack is only the latest thing to be tossed onto an ever-growing pile. When Edward Snowden came forth with the initial NSA leaks, I hadn't anticipated this level of disclosure, or this many separate things being revealed. I am not sure anyone did.


Via:  Techdirt
blog comments powered by Disqus