1/ BTW, the criticisms we techies have of Perloth's zero-day book isn't with Perlroth but with the NYTimes-style reporting. NYTimes reporters don't understand the subject but nonetheless attempt to explain it, leading to mangled information and outright lies.
2/ For example, Dave Sanger has a book on nation state hacking "A Perfect Weapon". In a chapter titled "Man In The Middle", he describes the Snowden "MUSCULAR" revelation as: 
3/ Um, no. This contradicts everyone else's reporting on MUSCULAR. This contradicts how Wikipedia describes the program. It contradicts how I, a techy, read the diagram. Nobody (of note) but Sanger thinks that arrow points to where the NSA is tapping things.
4/ The "SSL Added/Remove here :)" points to a "Google Front End" device, an SSL accelerator. It's not the NSA doing a "man-in-the-middle" as Sanger claims, but Google doing "SSL acceleration".
5/ A "MitM" is when SSL is added/removed on BOTH ends. "SSL acceleration" is when SSL is added/removed on ONE end, with unencrypted ("clear text") HTTP on the other end. It means passively tapping links anywhere on the other end allow you to spy on the "clear text".
6/ What everyone believes is that the NSA has tapped links between data centers ("DC" in the diagram). Passive eavesdropping isn't "man-in-the-middle". And it's between data-centers, not between internal servers and GFEs (though that's also possible) -- nowhere near GFEs.
7/ A few paragraphs later, Sanger gives the correct interpretation (that agrees with everyone else), that links are being tapped. Yet, in even later paragraphs, he continues to claim Google servers are hacked.
8/ It's a narrative that Sanger wants to tell, he twists the technical details to match the story. It's a belief that non-techies have, that if they don't understand the technical details, then whether they are true or false isn't important.
9/ But whether the NSA taps international links or hacks Google's servers is incredibly important. One is something we know they do (it's their job to eavesdrop), the other is something that probably violates the law (hacking American corporation servers).
10/ Anyway, in Perroth's book, she got criticized for claiming (incorrectly) that NSA hacked Google's servers, instead of tapping their links. She probably got that from Sanger. It's an NYTimes problem, not a problem with a specific author.
11/ Note that Perlroth has said she'll correct this mistake in the next version of her book. But Sanger can't really correct his mistake -- "NSA hacked Google servers" and "MitM" is woven throughout the chapter, it's too big to fail/correct.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
