Hacker News new | past | comments | ask | show | jobs | submit login

It's cool that we can largely "strike out" link level wiretapping from our threat models but it just means attackers move on to the endpoints. I have a wonderfully private link to google, my bank and my crypto exchange but all of those are coerced to report everything I do.



> ... but it just means attackers move on to the endpoints.

Yup but this doesn't scale anywhere near as well for the attackers.


Sorry, if there are N clients, and M servers, then there are N+M endpoints, but N*M links, which is a lot more.


The link is only as strong as it's weakest... link? Anyway, given the structure of internet, I wouldn't say it is O(N*M), more like O(the number of major ISPs).


Well all endpoints might differ but the links might rely on the exact same algorithm so you need to count distinct links


Most internet traffic is cosolidated through a small number of providers like Cloudflare and AWS.


Cloudflare being, if it wants to be, an epic MITM given its control of DNS and its role as WAF. Line level surveillance barely matters now.


Except for countries who hist companies who hold all the endpoints.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: