Can ISPs be trusted?
Dr. Michael J. Chudobiak
mjc at avtechpulse.com
Fri Oct 9 18:12:32 UTC 2009
On 10/09/2009 02:55 PM, gilpel at altern.org wrote:
> Paul wrote:
>
>> If you have adequate security, your ISP should have no better access to
>> your system/data than any other nefarious twerp on de intertubes. Actually
>> even if you don't have security, your ISP has no better (or worse) access
>> than the twerp.
>
> Then, I'm afraid Fedora's security is not as tight as it's supposed to be.
> See my answer to Phil Meyer.
I would say that Paul's response is not correct.
Since the ISP is directly in the route of your data they can intercept
it and manipulate it.
ISPs, for example, may cache popular web sites, or deliberately disrupt
BitTorrent transmissions at certain hours to reduce bandwidth
requirements. This sort of management is probably common, and not
generally malicious.
ISPs could in theory run something like Wireshark to read your
unencrypted email. (Or they can slurp it all up and send it to the
NSA... read about the famous "secret room" lawsuits for more...) Since
they are in the routing path, they could conceivably even rewrite your
email.
A malicious employee at an ISP could launch any number of
man-in-the-middle (MITM) attacks. It is not difficult to set up a SSL
MITM attack that will intercept and falsify SSL certificates - causing
an obscure warning in your browser that most people will just ignore.
(This is an issue at wireless cafes).
The average "nefarious twerp on de intertubes" would not be able to do
these particular things.
Anyway, it is unlikely that your ISP is messing with you (has such a
case ever been reported?), but it is technically possible.
- Mike
More information about the users
mailing list