<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Fri, Aug 12, 2016 at 1:17 PM, mok-kong shen <span dir="ltr"><<a href="mailto:mok-kong.shen@t-online.de" target="_blank">mok-kong.shen@t-online.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="">Am 11.08.2016 um 22:10 schrieb Michael Kjörling:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
On 11 Aug 2016 09:56 -0400, from <a href="mailto:leichter@lrw.com" target="_blank">leichter@lrw.com</a> (Jerry Leichter):<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
The devil is, of course, in the details. You need to work the<br>
numbers to see how predictable the timing on legitimate exchanges<br>
is, and how quickly an attacker might be able to complete the MITM<br>
exchange.<br></blockquote></blockquote></span></blockquote><div><br></div><div>Physical layers do mater but one mitigation trick might be to watch physical layer</div><div>traffic to and from others on the net. That traffic would have to be duplicated</div><div>for a MITM attack to be "perfect".<br><br>Network switches do hide a lot of traffic but there are almost always broadcast</div><div>messages and other MAC level traffic.<br><br>To intercept and modify traffic to/from a device and go unnoticed it may be necessary</div><div>to impersonate and retransmit all the other traffic on the net. <br><br>It is unlikely that a legal warrant to intercept traffic involving one machine</div><div>will also permit the interception resultant storage (however short) and impersonation</div><div>to retransmit the data. <br><br>This covers almost all over the air traffic and also cable modem traffic. <br>Point to point switched nets exist but are uncommon.<br><br>Consider the traffic into a co-location data center with thousands of machines</div><div>and virtual machines serviced with a fat pipe. Technically to MITM a single machine</div><div>in a co-location facility requires a device to sit where?</div></div><br>I have also noted a confusion between privacy and secrecy. <br> <br>By any measure a post card is a private but not secret message.<br>Current TLA slurps in an attempt to detect secret messages are</div><div class="gmail_extra">ignoring the privacy issues involving all the other traffic. Postcards</div><div class="gmail_extra">can be folded and contain printed material.<br><br>regarding the postal service...<br>I cannot sit in a post office and read all the postcards.</div><div class="gmail_extra">The letter carrier cannot copy and communicate what is seen.</div><div class="gmail_extra">A hold on mail for vacationers cannot be communicated to the</div><div class="gmail_extra">world at large. i.e. not allow criminals to see hints that a home</div><div class="gmail_extra">is unoccupied.</div><div class="gmail_extra"><br></div><div class="gmail_extra">While these things are not "secret" there is an expectation </div><div class="gmail_extra">of privacy. <br><span style="color:rgb(46,46,47);font-family:"Tabac G3",Georgia,Times,serif;font-size:20px;font-style:italic">"The Postal Service must preserve and protect the security of all mail in its custody from unauthorized opening, inspection, or reading of contents or covers; tampering; delay; or other unauthorized acts. Any postal employee committing or allowing any of these unauthorized acts is subject to administrative discipline or criminal prosecution leading to fine, imprisonment, or both."<br></span><a href="http://www.apwu.org/sites/apwu/files/resource-files/Administrative%20Support%20Manual%20Issue%2013%20%28Updated%20through%2011-2013.pdf">http://www.apwu.org/sites/apwu/files/resource-files/Administrative%20Support%20Manual%20Issue%2013%20%28Updated%20through%2011-2013.pdf</a><br><br>Inspection by the postal service is limited to examination to validate the rate paid.<br>Yes a book, yes book rate but the book cannot be read or duplicated and sent to others.<br><br><a href="http://pe.usps.com/Archive/PDF/DMMArchive20070717/mailingstandards.pdf">http://pe.usps.com/Archive/PDF/DMMArchive20070717/mailingstandards.pdf</a><br>2.2.1 Inspection of Contents
First-Class Mail is closed against postal inspection. Federal law and USPS
regulations restrict both opening and reviewing the contents of First-Class Mail by
anyone other than the addressee.<br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div><div dir="ltr"><br></div><div dir="ltr"><br></div></div>
</div></div>