[NetBehaviour] ISPs Removing Their Customers' Email Encryption

marc garrett marc.garrett at furtherfield.org
Fri Nov 14 12:17:41 CET 2014

ISPs Removing Their Customers' Email Encryption.

Recently, Verizon was caught tampering with its customer's web requests 
to inject a tracking super-cookie. Another network-tampering threat to 
user safety has come to light from other providers: email encryption 
downgrade attacks. In recent months, researchers have reported ISPs in 
the U.S. and Thailand intercepting their customers' data to strip a 
security flag --- called STARTTLS --- from email traffic. The STARTTLS 
flag is an essential security and privacy protection used by an email 
server to request encryption when talking to another server or client.

By stripping out this flag, these ISPs prevent the email servers from 
successfully encrypting their conversation, and by default the servers 
will proceed to send email unencrypted. Some firewalls, including 
Cisco's PIX/ASA firewall do this in order to monitor for spam 
originating from within their network and prevent it from being sent. 
Unfortunately, this causes collateral damage: the sending server will 
proceed to transmit plaintext email over the public Internet, where it 
is subject to eavesdropping and interception.



A living - breathing - thriving networked neighbourhood -
proud of free culture - claiming it with others ;)

Other reviews,articles,interviews

Furtherfield -- online arts community, platforms for creating, viewing,
discussing and learning about experimental practices at the
intersections of art, technology and social change.

Furtherfield Gallery -- Finsbury Park (London).

Netbehaviour - Networked Artists List Community.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.netbehaviour.org/pipermail/netbehaviour/attachments/20141114/f8524e55/attachment.htm>

More information about the NetBehaviour mailing list