this post was submitted on 27 Jun 2024
254 points (98.5% liked)

Technology

74058 readers
3173 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
254
South Korean telecom company attacks torrent users with malware (www.tomshardware.com)
submitted 1 year ago by schizoidman@lemmy.ml to c/technology@lemmy.world
25 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] LainTrain@lemmy.dbzer0.com 2 points 1 year ago* (last edited 1 year ago) (1 children)

Thanks for the explainer, but that's not what I meant.

For example: If I, an ISP in Beijing went to BEIJING CERTIFICATE AUTHORITY Co., Ltd. which is on the list, and had my cert issued by them for foobar.com that listed them as the root trust, wouldn't that work? Because the service operating there currently is illegal and I need to take it down, i don't see how or why they could refuse. If they can't do this for ISPs, then certainly law enforcement should be able to force them to comply, I would assume.

If I then went to abuse that cert and spread malware on my fake cloned site, then what are the affected users going to do, call the cops and tell them the illegal seedbox is down?

This is the only way I can see governments being able to display blocked website notices, takedown notices and other MITM insertions demonstrably happening in all sorts of countries without triggering a "back to safety" warning in most browsers.

This has to be possible, because otherwise the observable results don't make any sense.

I'm not necessarily saying they did the attack this way instead of just simply spreading malicious torrents which is far easier, but I don't see why they wouldn't be able to do this.

[–] Zeoic@lemmy.world 1 points 1 year ago (1 children)

Well for one, ISPs are not the government, and two, if any CA was caught doing this, browsers like firefox would drop them. Hopefully google would too, but who knows. Thats an aweful lot of risk on their part.

[–] LainTrain@lemmy.dbzer0.com 1 points 1 year ago

ISPs are not the government - yes, so they have to actually follow laws. And CAs caught doing what exactly, complying with the regulations of their country?