Oh, yeah, I'm not too worried about the networks under your personal control, I'm worried about what happens in between those and the land of Apple. It just needs malicious BGP injection and/or a well-placed box at any intervening ISP and you're not talking to who you thought you were, and the well-placed boxes at intervening ISPs are now known to exist (and known to be used to opportunistically vacuum data and insert backdoors for further access or control) in some profusion!
I assume the more common malicious exploit will be someone setting up "FREE WIFI" and fucking with things on the way through.
I figure if the malicious actors are government entities, then they've probably already got the ability to sign things however they want and I'm already fucked either way, there.
I guess the big risk for now is a criminal group with the ability to do BGP injection in the path between me and the apple CDN, *and* the ability to get a functional new version of apple device code up and running sufficiently well already. Which is a risk but a small risk.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
timeasmymeasure
no subject
Date: 2014-02-22 03:56 pm (UTC)Since it's a MITM attack, I personally assumed that networks under my personal control were safe enough to use. But, yes, point.
no subject
Date: 2014-02-22 04:33 pm (UTC)no subject
Date: 2014-02-22 04:40 pm (UTC)I figure if the malicious actors are government entities, then they've probably already got the ability to sign things however they want and I'm already fucked either way, there.
I guess the big risk for now is a criminal group with the ability to do BGP injection in the path between me and the apple CDN, *and* the ability to get a functional new version of apple device code up and running sufficiently well already. Which is a risk but a small risk.