It’s getting to where if you can think of a way for the NSA to snoop on you, no matter how looney it sounds, they’ve probably done it.
Buried in a Brazilian television report on Sunday was the disclosure that the NSA has impersonated Google and possibly other major internet sites in order to intercept, store, and read supposedly secure online communications.
In what appears to be a slide taken from an NSA presentation that also contains some GCHQ slides, the agency describes “how the attack was done” on “target” Google users. According to the document, NSA employees log into an internet router—most likely one used by an internet service provider or a backbone network. (It’s not clear whether this was done with the permission or knowledge of the router’s owner.) Once logged in, the NSA redirects the “target traffic” to an “MITM,” a site that acts as a stealthy intermediary, harvesting communications before forwarding them to their intended destination.
The brilliance of an MITM attack is that it defeats encryption without actually needing to crack any code. If you visit an impostor version of your bank’s website, for example, the NSA could harvest your login and password, use that information to establish a secure connection with your real bank, and feed you the resulting account information—all without you knowing.
And in a vaguely unrelated topic…