[ NNSquad ] Re: Proposals for mass Internet monitoring and P2P disruptions

[Wes Felter <wesley@felter.org>]

Cliff Sojourner wrote:
> very interesting...  but I call BS on this:
>
> > Encrypted files on the peer-to-peer network could not be decrypted by CopyRouter, but the company claims it 
> > can fool the sender's computer into believing that the recipient was requesting an unencrypted and 
> > uncompressed file. The slide show calls this "special handling." This is done by changing the 
> > underlying protocol settings that establish how the sender and recipient exchange the file. 
> > This trickery, unknown to either the sender or recipient, would make it possible for CopyRouter 
> > to see the underlying files, calculate a hash value and compare the files to the list of 
> > illegal files, Brilliant Digital says.
>
> wow, they have a man-in-the-middle attack, previously unknown?  that's amazing.

This type of encryption downgrade attack has been known for a long time. 
Most P2P protocols have no authentication and are not designed to resist 
MITM. Several P2P caching products are based on MITM; just think of this 
CopyRouter as a cache that returns the wrong data. This is the 
predictable result of the P2P blocking/obfuscation arms race.

> I wonder what Bruce Schneier would have to say about that.

If you lock the front door, expect the bad guys to come in the side door.

Wes Felter