Unquestionably, this is happening today.Steve wrote:In view of that, sticking a few geek-operatives behind a few computer screens so that they can set up accounts on sites like this in order to engage in fishing exercises for potential enemies of the state is entirely plausible.
TOR: is it any good?
Moderator: Peak Moderation
As has been discussed it is currently perfectly possible to assess most online services totally anonymously. Maintaining such anonymity for any significant length of time under a serious attempt to compromise it would be far harder, however remains possible. Motivations for such activities are a separate issue.
-
Blue Peter
- Posts: 1939
- Joined: 24 Nov 2005, 11:09
- Location: Milton Keynes
Are you going to name and shame, Chris?clv101 wrote:As has been discussed it is currently perfectly possible to assess most online services totally anonymously. Maintaining such anonymity for any significant length of time under a serious attempt to compromise it would be far harder, however remains possible. Motivations for such activities are a separate issue.
Unquestionably, this is happening today.Steve wrote:In view of that, sticking a few geek-operatives behind a few computer screens so that they can set up accounts on sites like this in order to engage in fishing exercises for potential enemies of the state is entirely plausible.
Peter.
Does anyone know where the love of God goes when the waves turn the seconds to hours?
-
JavaScriptDonkey
- Posts: 1683
- Joined: 02 Jun 2011, 00:12
- Location: SE England
A recent one is the Chinese attack on Coke-a-Cola.
The long and short of it is that Coke's network was too secure to break in the available time so they targeted websites likely to be visited by Coke employees from their own PCs and hoped to get lucky.
Looks like they did.
The long and short of it is that Coke's network was too secure to break in the available time so they targeted websites likely to be visited by Coke employees from their own PCs and hoped to get lucky.
Looks like they did.
-
emordnilap
- Posts: 14815
- Joined: 05 Sep 2007, 16:36
- Location: here
Firefox gives the same report, if you try to access Powerswitch with the https protocol.
('standard' web protocol is http. https adds a digital signature based on encryption that gives some degree of security from snoopers and man in the middle attacks etc. etc. Owners of a web site buy a digital certificate from a commercial source and add it to their web site. The one on the powerswitch site appears to have been 'borrowed' from another web site. This may be an oversight, or it might belong to whoever set up the powerswitch site and they haven't bought a separate certificate for this URL. )
Tor , of course would never use plain http.
I don't think we are looking at a compromised site. Powerswitch is just a plain web site if no pretensions at real security. That would require more money and/or specialist knowledge.
('standard' web protocol is http. https adds a digital signature based on encryption that gives some degree of security from snoopers and man in the middle attacks etc. etc. Owners of a web site buy a digital certificate from a commercial source and add it to their web site. The one on the powerswitch site appears to have been 'borrowed' from another web site. This may be an oversight, or it might belong to whoever set up the powerswitch site and they haven't bought a separate certificate for this URL. )
Tor , of course would never use plain http.
I don't think we are looking at a compromised site. Powerswitch is just a plain web site if no pretensions at real security. That would require more money and/or specialist knowledge.