←back to thread

577 points mooreds | 1 comments | | HN request time: 0.212s | source
Show context
ct520 ◴[] No.42180260[source]
Dumb question but my assumption is fiber optic cables could be “tapped”? But the disruption would be noticeable when monitoring the cable. Could you just tap it when you cut it and when it hooked back up that’s the new baseline with the tap in place? That would seem more of a logical reason then a country just randomly cutting lines to me?
replies(3): >>42180345 #>>42180526 #>>42187302 #
jillesvangurp ◴[] No.42180345[source]
Most/all of the traffic would be encrypted.
replies(1): >>42180914 #
donalhunt ◴[] No.42180914[source]
That wasn't the case in the past. Events over the past 15 years have resulted in most companies encrypting all traffic between datacenters (due to the perceived risk). TLS between consumers and companies is probably at an all time high though due to a push for end-to-end encryption.
replies(2): >>42181002 #>>42181120 #
metachris ◴[] No.42181002[source]
TLS doesn't help here, because state actors (including China, Russia) own trusted root certificates, which allow them to TLS-terminate for _any_ website they choose and silently decrypt/MITM the traffic.
replies(2): >>42181733 #>>42185747 #
1. lolc ◴[] No.42181733[source]
TLS offers quite good protection actually: Anytime they create fraudulent certificates they risk burning their CA. Attacks need to be very targeted to keep risk of detection low. Due to Certificate Transparency, hiding attacks got even harder. And for sites that use cert pinning, the attack doesn't even work in the first place.

And eavesdrop is one thing but I'm not clear how you could MITM an undersea cable without the operators noticing.