On 10/09/2009 02:55 PM, gilpel@xxxxxxxxxx wrote:
Paul wrote:
If you have adequate security, your ISP should have no better access to
your system/data than any other nefarious twerp on de intertubes. Actually
even if you don't have security, your ISP has no better (or worse) access
than the twerp.
Then, I'm afraid Fedora's security is not as tight as it's supposed to be.
See my answer to Phil Meyer.
I would say that Paul's response is not correct.
Since the ISP is directly in the route of your data they can intercept
it and manipulate it.
ISPs, for example, may cache popular web sites, or deliberately disrupt
BitTorrent transmissions at certain hours to reduce bandwidth
requirements. This sort of management is probably common, and not
generally malicious.
ISPs could in theory run something like Wireshark to read your
unencrypted email. (Or they can slurp it all up and send it to the
NSA... read about the famous "secret room" lawsuits for more...) Since
they are in the routing path, they could conceivably even rewrite your
email.
A malicious employee at an ISP could launch any number of
man-in-the-middle (MITM) attacks. It is not difficult to set up a SSL
MITM attack that will intercept and falsify SSL certificates - causing
an obscure warning in your browser that most people will just ignore.
(This is an issue at wireless cafes).
The average "nefarious twerp on de intertubes" would not be able to do
these particular things.
Anyway, it is unlikely that your ISP is messing with you (has such a
case ever been reported?), but it is technically possible.
- Mike
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
