Today I was pointed at this document which claims, among other things, that the secret agencies perform man-in-the-middle attacks by using a second network connection established by the home router. BT routers in particular.
Now I know:
- there were backdoors found in routers
- a man-in-the-middle attack on Google's SSL connections was discovered
The big question that is asked in the document (and that they claim to answer) is how did they get in-between? I don't buy what they say, so here my question(s):
- Is there really such a VLAN 301 as described in the document, and what is it for? (and who owns it)
- How did the NSA (or whoever faked googles certificates) get "in the middle"?
- Is there really a "DoD NIC" and what is it? Some DNS server?
- What does it mean that the ping command stops eventually when executed at boot time of the router? Is there really a window where an attacker could bypass the firewall settings?