Yo William! On Wed, 2 Jan 2013 19:42:16 -0500 William Herrin <bill@herrin.us> wrote:
On Wed, Jan 2, 2013 at 5:43 PM, George Herbert <george.herbert@gmail.com> wrote:
If push came to shove and minor legalities were not restraining me, I recall (without checking) your domain's emails come to your home, and your DSL or cable line is sniffable, so any of the CA who email URL validators out could be trivially temporarily spoofed (until you read your email and responded) by tapping your data lines. BGP games to snarf your traffic are another venue, possibly not yet even covered by wiretap laws that I know of, though I'm not currently an ISP in a position to personally do that to you.
And none of this describes an extraordinary effort? The quote you're trying to refute was, "suffer such attacks only with extraordinary difficulty on the part of the attacker."
I would say it is pretty easy, and I have caught people doing it many times. All a hacker needs to do is get a sniffer near your email traffic. Then they can grab any challange emails sent to any of you domain contacts. Pretty trvial to do in a coffee shop environment. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701 gem@rellim.com Tel:+1(541)382-8588