top | item 45989208

(no title)

Springtime | 3 months ago

Just on the pervasive passive monitoring aspect, I think an under-discussed aspect of the time frame covered in the material of Snowden's leaks is that sites/services by and large wasn't using encrypted protocols (HTTPS).

So much could be intercepted back then because of this. It wasn't until 2010 that various large services—including Yahoo Mail and Facebook—got a kick in their ass by a whitehat browser plugin that allowed anyone on the same network to trivially hijack session cookies of others, stimulating an adoption of HTTPS[1] during 2011-2012.

By the time the Snowden leaks occurred in 2013 the trend was heading toward encrypted-by-default and governments were having to adapt.

[1] https://threatpost.com/facebook-kills-firesheep-new-secure-b...

discuss

totetsu|3 months ago

I thought these “lawful intercept” organisations had their taps inside the data centers after https tsl to the user had already been terminated. And so the infamous ssl removed here slide from prism.

ErroneousBosh|3 months ago

> I thought these “lawful intercept” organisations had their taps inside the data centers after https tsl to the user had already been terminated.

How would that actually work?

TLS runs on the client and the server. There's no "TLS magic box" in between.