ietf
[Top] [All Lists]

Re: Gen-ART and OPS-Dir review of draft-wkumari-dhc-capport-13

2015-07-12 13:38:13
On 07/11/2015 05:28 PM, Christian Huitema wrote:
OK, you are probably correct that this is just one of the many attacks possible 
when connecting to insecure networks. Then, of course, there is the whole idea 
of letting an untrusted DHCP server direct one's browser to an arbitrary web 
page. Looks like an ideal setup for zero days and phishing tools. Ideally, we 
should only process the redirected page into a fairly tight sandbox...

This is just one example of the "everything is broken" problem. In point of fact, if you can inject packets on the local wire and sniff packets off of the local wire, you can easily send malware to the host simply by providing it with mostly correct information, and then once the hotspot detector has been bypassed, hack the next http query that goes by, stuffing your malware, or instructions to fetch your malware, into the HTML.