I was talking to a master hacker recently. These guys seem to be able to break almost any security system. For example, the Swiss government were working on an e-government project which they thought was unbreakable but a bunch of hackers got into it in a couple of weeks.
Everything can be hacked today. That’s just a fact. It’s a question of how much money you want to spend and whether you know the right people.
This hacker told me something big and scary. He reckons that 40 per cent of all internet routers are compromised. This means that hackers and online criminals potentially have access to a huge amount of the traffic that goes across the internet.
In turn, this means that they could break SSL encryption by becoming ‘the man in the middle’. They just have to use their compromised routers, fake the other side of the SSL key exchange mechanism and, bingo, everything you thought was encrypted isn’t any more. This includes credit card details, bank account details etc. etc.
I’m not saying it’s easy or commonplace but it does seem to be possible. What does this mean for security? It’s a big question.
