Re: Gmail and SSL

["Gary E. Miller" <gem () rellim com>]

Yo William!

On Wed, 2 Jan 2013 19:42:16 -0500
William Herrin <bill () herrin us> wrote:

> On Wed, Jan 2, 2013 at 5:43 PM, George Herbert
> <george.herbert () gmail com> wrote:
> > If push came to shove and minor legalities were not restraining me,
> > I recall (without checking) your domain's emails come to your home,
> > and your DSL or cable line is sniffable, so any of the CA who email
> > URL validators out could be trivially temporarily spoofed (until
> > you read your email and responded) by tapping your data lines.  BGP
> > games to snarf your traffic are another venue, possibly not yet
> > even covered by wiretap laws that I know of, though I'm not
> > currently an ISP in a position to personally do that to you.
>
> And none of this describes an extraordinary effort? The quote you're
> trying to refute was, "suffer such attacks only with extraordinary
> difficulty on the part of the attacker."

I would say it is pretty easy, and I have caught people doing it many
times.  All a hacker needs to do is get a sniffer near your email
traffic.  Then they can grab any challange emails sent to any of you
domain contacts.  Pretty trvial to do in a coffee shop environment.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588

Attachment: signature.asc
Description: