[lbtuda]

If we have an global scale attacker which can sniff the internet traffic to specific hosts, or an attacker capable of BGP hijacking, this attacker would be able to attack all companies who use Microsoft Dynamics (industrial espionage?). He would just need to sniff the credentials and log in.

After the Snowden leaks we all know that this is possible.

[rjzzleep]

> After the Snowden leaks we all know that this is possible.

This bothers me. A lot of people might remember Narus and Narusinsight[1]

> Narus is noted for having created NarusInsight, a supercomputer system, whose installation in AT&T's San Francisco Internet backbone gave rise to a 2006 class action lawsuit by the Electronic Frontier Foundation against AT&T, Hepting v. AT&T.

But sure, I'm certain there are people that actually worked for these companies and can tell you how their stuff doesn't really work as advertised. Anyway, what exactly new did Snowden bring to the table in this particular context?

[1]: https://en.wikipedia.org/wiki/Narus_(company)#NarusInsight

[sp332]

PRISM https://en.wikipedia.org/wiki/PRISM_(surveillance_program) And also that GCHQ tapped Google's datacenter links. https://arstechnica.com/tech-policy/2013/10/new-docs-show-ns... After that information came out, Google started encrypting their internal networks.

[lbtuda]

xkeyscore --> https://en.wikipedia.org/wiki/XKeyscore

[jgrahamc]

> Anyway, what exactly new did Snowden bring to the table in this particular context?

A "heroic" character that people could identify with to frame the rest of the story.

[jrochkind1]

> Anyway, what exactly new did Snowden bring to the table in this particular context?

Scale and scope. And more attention to some things that were already known by those paying attention, true.

[Donald]

Also, if such an actor was storing encrypted traffic as well, they could now easily decrypt this traffic en mass.

[tinus_hn]

If you use ephemeral keys, as you should, the contents of past encryption is still secure if the private key gets leaked. The encryption keys are newly generated each time, the certified private/public key pair is only used to validate these encryption keys belong to server that has the certified keys.

This is called Forward Secrecy.

[mvkg]

With TLS, the symmetric encryption keys are always newly generated regardless of the cipher suite chosen; the difference with the ephemeral cipher suites is how the keys are communicated.

Without forward secrecy, the client chooses the premaster secret, encrypts it with the server's public key, and sends it in the ClientKeyExchange message. With forward secrecy, the client receives signed ServerDHParams in the ServerKeyExchange and responds with ClientDiffeHellmanPublic in the ClientKeyExchange.

[lbtuda]

https://nsa.gov1.info/utah-data-center/

[moondev]

Yikes.. So compromise a public wifi and MITM + store any traffic pointed at the affected domain(s), then simply sign up for their own ERP account, download the key and decrypt.

[kbirkeland]

Most public wifi hotspots I've seen are unencrypted, so there'd be no need to do a MitM - just be within range to decode the client and AP transmissions.

[moondev]

Even on an unsecured network would the transmissions not be encrypted via tls from your computer to the server?

[willstrafach]

Only if PFS is not in use though.