Guns do not kill people
Guns do not kill people. People kill people.
Network boxes do not redirect people to government spyware. People redirect people to government spyware.
Err... is there something wrong with my logic this evening?
Internet users in Turkey, Egypt and Syria who attempted to download legitimate Windows applications have been redirected to nation-state spyware through deep-packet inspection boxes placed on telecom networks in Turkey and Egypt, according to a report issued Friday by security research group Citizen Lab. Citizen Lab, a Canada- …
Guns don't kill people. People with guns kill people. People with bread knives kill people. People with baseball bats kill people. People with Typhoon fighter jets kill people.
At the end of the day any use, any good or harm done, comes from people choosing to use the tool in the way they do.
How much blame and responsibility toolmakers have is something which is going to be debated forever and there is no single or simple answer.
Guns, unlike other tools, are designed only to kill people, at a long range and with maximum effectiveness.. They have no other use. The usefulness of other tools offsets their danger of being used to kill, and still, they are usually far less effective and can't be used at long range.
Anyway, these systems technology may have required an export license to those countries especially Syria. Maybe it got one to increase US export balance?
Or: Our Customers Are Our Most Important Product (how prescient that was!!!)
Or: Your Business Is Very Important To Us - Please Stay On the Line (lines being so passe)
Or: This Call May Be Monitored To Improve Customer Service (really just reading you their rights to record)
Or: What's Good For xxx Is Good For America (you're being shafted.)
Network boxn have become commodities and in the hands of governments, corporations, abusive spouses, and all the other hateful people that want to limit other people's freedom.
I mean if you are in a position to intercept the application traffic quite likely you can intercept the DNS traffic as well. Use DNS to route the traffic to a proxy on http, and optionally use https on the backend to connect to the original urls.
As for encryption for DNS, I have hosted my own domains for about 21 years now and have never used DNSSEC though according to this interesting blog post I came across https://sockpuppet.org/blog/2015/01/15/against-dnssec/
"DNSSEC doesn’t secure browser DNS lookups.
In fact, it does nothing for any of the “last mile” of DNS lookups: the link between software and DNS servers. It’s a server-to-server protocol."
The uni are just picking on SandVine to create extra noise for their report. The main issue is downloads are over http and not https. Doesn’t matter what nation the traffic initiates from it’s going to pass through kit that can do http redirect, like when I try and go to pirate bay in the uk I get redirected to a page telling me I can’t. Where is this uni jumping up and down about that?
There is a MASSIVE difference with the use described in the article versus the UK ISPs telling you that a site is blocked. The difference is that the UK is being transparent and you are not being duped into viewing something that you had not requested. In fact, it is out in the open that they were going to hijack your request as it was mandated by court orders which are in the public domain. You EXPECT this redirect to happen.
Having malware injected into a legitimate request isn't remotely comparable to your example. It's a nefarious, underhand and downright unethical practise.
The uni aren't "jumping up and down" about the UK because those activities are not unethical.