On Wed, Aug 04, 2010 at 06:26:40PM -0400, Dan Ritter wrote:
> To my personal knowledge, a MITM attack has happened at a major
> Boston-area company within the last twenty years. It is
> unreasonable to think that this was the sole incident.

But, to your knowledge, one case occured.  In twenty years.  I'd say
that qualifies as "extremely unlikely" -- wouldn't you?

> It's not common, but it can happen.

Sure, they happen.  I've read about them.  Never saw one, and don't
know anyone that's ever seen one.  [That's probably not quite true
actually, I know a guy who did security for the military -- I have no
idea what he's seen or not seen.... I'd venture a guess that he's seen
quite a few attempts at one.]  

Based on the frequency with which it occurs (pretty rare), do you
think it's worth Jarod's time to jump through hoops to guard against
one?  To guard his MythTV box?  I don't.  If I were in his shoes, and
someone were willing to go to the trouble to perpetrate a MITM attack
on any of my publicly-facing services to get at my junk, I wouldn't
feel too bad about them getting in.  But I also know that I don't have
anything worth all that time and effort on my home network, so...
worrying about it would be bonkers.  The only data I possess that might
remotely be worth hacking is my financial info, and I don't keep any
of that on any of my computers.  If they want my video game saves,
or my mp3 collection, for the price of one MITM attack, they can have
them.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.