

Schrodinger's Cat Video and the Death of Clear Text - _pius
https://citizenlab.org/2014/08/cat-video-and-the-death-of-clear-text/

======
DenisM
Salient point:

    
    
      The target is presented with a dialogue to upgrade their
      flash installation [via ISP-based MITM - DenisM]. 
      If this upgrade is accepted the malicious SWF enables the 
      installation of a ‘scout agent’ which provides target 
      validation.

------
dang
A related article is [https://firstlook.org/theintercept/2014/08/15/cat-video-
hack...](https://firstlook.org/theintercept/2014/08/15/cat-video-hack/), via
[https://news.ycombinator.com/item?id=8184061](https://news.ycombinator.com/item?id=8184061).

------
agwa
Adopting HTTPS is very important for the Web, but the lack of HTTPS in this
case is just a red herring. The real problem is that it's way too easy to
exploit systems through the web browser. If the entire Web switched to HTTPS,
government attackers would just find another way to deliver their exploits
besides injection into plain text websites. Working on solving this problem is
just as essential as transitioning to HTTPS.

~~~
userbinator
_If the entire Web switched to HTTPS, government attackers would just find
another way to deliver their exploits besides injection into plain text
websites._

Exactly. HTTPS relies on a centralised CA infrastructure, which is probably
(indirectly) under the control of government anyway, so I don't see how taking
away the ability to MITM plain text connections will help; and governments
would prefer that their exploits be done over HTTPS since a properly-forged
certificate will look "secure", and that makes the end-users more likely to
blindly trust the authenticity of the content they download... it also means
that firewalls and other systems designed to detect suspicious content in
traffic (as much as they're derided for being used for censorship-related
purposes, ones under the control of the user can be beneficial) won't catch
the exploit either. I think that would be even worse.

HTTP causes some suspecion of the content, but HTTPS gives the impression of
being secure, decreasing the level of suspicion while implicitly forcing the
user to trust the CAs.

HTTPS with self-signed certificates that are exchanged in-person would
probably provide the most secure authentication, but that doesn't really
scale.

~~~
Intermernet
I'm assuming, as there is a live PE executable modification payload listed,
and Windows is supposed to throw warnings for unverified / unsigned updates
and installers, that the CA infrastructure is already compromised.

Either that or most Windows users still just habitually click through security
warnings, which I sincerely hope is no longer the case.

------
Simucal
With tools like these out there, what can we do to protect ourselves? Besides
not downloading binaries over HTTP (which still wouldn't protect you if a CA
has been compromised) what other steps can someone take? I hate how vulnerable
and yet utterly essential our browsers have become.

~~~
allegory
Ship the public key by post like internet banking in the early 2000s.

This is actually how OpenBSD operates. If you buy an official CD set, the
thing ships with keys which are then used to sign downloaded packages.

When the keys go via a side channel, the probability of compromise decreases
considerably.

------
iamshs
Maybe a stretch, but is this somehow connected:-
[https://news.ycombinator.com/item?id=8160844](https://news.ycombinator.com/item?id=8160844)
?

I oddly remembered this comment from my memory trove.

------
InfiniteRand
The internet 1.0 was designed so grad students could argue about Star Trek
while pretending to publish research

