
South Korea NIS admits to "packet tapping" Gmail - ajdecon
http://english.hani.co.kr/arti/english_edition/e_national/496473.html
======
tptacek
South Korea does not "possess the technology to decrypt the packets
transmitted over Internet lines after intercepting them", no matter what this
credulous article says.

The list of things law enforcement can do to capture GMail messages without
secretly having compromised the most important encrypted protocol in the world
includes:

* Having owned up the target's box and installed malware

* Having owned up the target's box and installed a bogus certificate

* Redirecting the target to a bogus GMail and assuming the target doesn't care about cert warnings

* Posing as a man in the middle and assuming the target doesn't care about cert warnings

and on and on.

Is it outside the realm of possibility that a nation state actor might have
figured out a flaw in the SSL/TLS protocol that would allow them to decrypt
traffic? No.

Is it outside the realm of possibility that such an actor could have a bogus
root certificate, or a bogus Google certificate? No.

Is it outside the realm of possibility that an actor possessing one of those
things would then proceed to use that capability in the course of mundane law
enforcement activity, on the record, exposed to public court proceedings? Yes.
It is unpossible that that happened.

~~~
qx24b
The most probable situation here (if it actually occurred) is that South Korea
owns a certificate authority that is accepted by browsers and did a MITM
attack with their own google cert.

~~~
tptacek
I don't know how probable it is that South Korea has the capability to mint
bogus Google certificates.

I do think it's highly _improbable_ that they would use that capability for
run-of-the-mill law enforcement cases.

~~~
marshray
What makes you think that? Have you read the Soghoian,Stamm Certified Lies
paper? <http://files.cloudprivacy.net/ssl-mitm.pdf>

They're not obvious attacker certs, but Ralph Holtz has found some very
strange certs in S. Korea with SN:"Government of Korea" and CA:TRUE.
[http://www.mail-
archive.com/cryptography@randombit.net/msg01...](http://www.mail-
archive.com/cryptography@randombit.net/msg01443.html)

Also, it's not clear that this is "run of the mill law enforcement". This is
NIS, the S. Korean state intelligence service, which is admitting to having
done this.

~~~
tptacek
In public court proceedings. Come on.

~~~
marshray
Perhaps they didn't get the memo. :-) You know, the one that says:

"First rule of State-run CA Club is...

------
breck
Odds that NIS is actually decoding SSL packets: 00.1%

Odds that this was before Gmail instituted HTTPS or that there is some other
explanation that the reporter missed: 99.9%

However, importance if the former is the case: World changing news. But
extremely unlikely.

~~~
lukeschlather
Seems to me pretty clear that SSL is kind of a joke as far as security goes, a
little like WEP wireless security. Yes, unlike WEP if everything is working
properly SSL is in theory safe. But there are so many gotchas, from the
byzantine CA system to the fact that most of the time when a browser warns you
that a certificate is bad there's nothing wrong, SSL just doesn't hold up to a
determined attacker (especially a government.)

~~~
jmillikin
WEP is completely broken. Even if you do everything right, it's trivial for an
attacker to access a WEP-protected network.

    
    
      most of the time when a browser warns you that a certificate is bad there's nothing wrong
    

I've never had a false-positive browser warning. I assume you're complaining
about Firefox's and Chrome's treatment of self-signed certificates, which is
completely appropriate. Self-signed certificates should always be rejected,
unless the user has manually added them to the keystore.

~~~
ori_b
The problem is that to the average user, a self-signed certificate that they
should accept appears EXACTLY THE SAME as a bad SSL certificate.

~~~
jmillikin
Users should not accept self-signed certificates. IMO, browsers shouldn't even
offer them the option. If someone is smart enough to verify the certificate
fingerprint, they can add it to their certificate store manually.

~~~
archivator
I disagree. SSL is meant to do 2 things: prove identity and provide
encryption. Self-signed certificates do just the latter. While, yes, they
might provide a false sense of security in that they can't prevent MITM
attacks, at least you're not sending out data in the open.

~~~
marshray
Ever since the first released version SSLv2,
[http://www.mozilla.org/projects/security/pki/nss/ssl/draft02...](http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html)
it has had the stated goal of defending against MitM attack.

Still, if protection from completely passive eavesdropping is all you care
about, you can use anonymous Diffie-Hellman to negotiate an ephemeral key. The
protocol supports it. Heck a lot of home-grown client software doesn't even
check the name on the cert and ends up with effectively just that by accident.

Feel free to add your own self-signed exceptions. I find it useful myself.

But that's not what HTTPS is and it's not how web browsers work. By
definition, the lock icon in the user's browser means that the server (as
displayed in the URL) has been authenticated to the user.

------
hannibalhorn
One would assume they forced a CA to sign a false google.com certificate and
substituted that for the real one, MitM style, in order to do the decryption.
Governments are obviously capable of this.

Firefox's Cert Patrol or Chrome's certificate pinning are really the best
defenses against this kind of thing. If you're on Chrome 13 or later, you're
mostly guaranteed that gmail.com is the real deal.

------
pnathan
Tapping is a mistranslation of "sniffing".

(At least according to Reddit's discussion on this event).

~~~
fraserharris
Link?

~~~
wx77
Discussion:
[http://www.reddit.com/r/netsec/comments/kj25j/south_korea_ad...](http://www.reddit.com/r/netsec/comments/kj25j/south_korea_admits_to_packet_tapping_gmail/)

Specific comment:
[http://www.reddit.com/r/netsec/comments/kj25j/south_korea_ad...](http://www.reddit.com/r/netsec/comments/kj25j/south_korea_admits_to_packet_tapping_gmail/c2knx71)

To corin_ : perhaps he wanted a link to see the discussion rather than a
source.

~~~
fraserharris
This was what I was interested in.

------
Tsagadai
This is probably an old pre-default HTTPS Gmail, man in the middle attack and
the original article is badly written as others have posted. However, the man
in the middle based packet inspection and injection is widely used. From what
I can tell this is how the censorship banner
(<http://en.wikipedia.org/wiki/File:KCSC-Warning.png>) gets pasted over JS and
html partials within sites the government takes issue to. Packet inspection is
almost certainly being widely used.

------
foobarbazetc
Every country in the world is "packet tapping" (whatever this means) Gmail.

