|
|
|
|
|
|
by 0x073
85 days ago
|
|
|
If you mean MITM between DNS Server and CA (e.g. letsencrypt), thats on a level of BGP hacking (means for me government involved) and means they can just use a CA (e.g. Fina CA 2025 with cloudflare). I think the risk didn't change much (except for big corp/bank). |
|
|
* https://thehackernews.com/2013/11/snowden-reveals-gchq-plant...
* https://www.aclu.org/documents/quantum-insert-diagrams
* https://en.wikipedia.org/wiki/Man-on-the-side_attack
Still state-level, but probably less noticeable than BGP hijacking.
Unless you're entering IP addresses in all your applications and code, non-SEC DNS is an unsecured link in the chain of communications.