back to article Baddies linked to Iran fingered for DNS hijacking to read Middle Eastern regimes' emails

Infosec biz FireEye has suggested Iran may be responsible for what it claims are DNS hijacking attacks aimed at snooping on the contents of Middle Eastern governments' email inboxes. illustration showing russian president vladimir putin winking That Saudi oil and gas plant that got hacked. You'll never guess who could... OK, …

  1. Pascal Monett Silver badge
    Windows

    These shenanigans are not going to stop any time soon

    It would seem that there are so many possible attack points concerning mail that the only true solution is point-to-point encryption.

    Thank goodness we have robust, efficient systems available and that no politicians are trying to undermine encryption schemes with anything foolish like backdoors or any such nonsense.

    Oh wait . .

  2. LDS Silver badge

    Let's Encrypt used by shenigans... what a surprise

    Certificates can only work if issuing is properly vetted. Otherwise you can only know you traffic is encrypted, but not where it goes or comes from.... Symantec wasn't the only problem.

    1. o p

      Re: Let's Encrypt used by shenigans... what a surprise

      If you don't want let's encrypt to issue certificate for your domain, you can block them ( via dns !). The issue issue here is dns hijacking. It seems fairly easy to understand that once you do not control name resolution for your domain it's complicated to discuss privacy, security etc, whatever the protocol or tools.

  3. Anonymous Coward
    Anonymous Coward

    If it's not encrypted *BEFORE* it's sent, then it's not encrypted at all ?

    Or am I missing something ?

    Sure, bad actors find a way to redirect emails. But surely they're only getting encrypted emails anyway, so the only thing they can glean from them might be who they are between ? (And not even that on a decent system).

    1. Waseem Alkurdi

      Re: If it's not encrypted *BEFORE* it's sent, then it's not encrypted at all ?

      As I understand it, they are doing a man in the middle attack.

      This means that they are sitting between the mail provider and the client.

      This could be possibly getting the fully rendered HTML page of the webmail client, for example, and reading the content off.

      This way, the message itself is decrypted at the provider and only relies on HTTPS (which was evaded by the MITM).

      1. JimmyPage Silver badge
        Stop

        Re: the fully rendered HTML page of the webmail client

        If you're using a webmail service, you've already conceded defeat.

        Here's how it goes.

        1) Plaintext message generated on a machine that has to be treated as clean.

        2) On same machine, message is encrypted to whatever ludicrous degree is needed. PGP on steroids,4096-bit encryption, whatever takes your fancy.

        3) (optional) for added security the plaintext message is deleted and the disk scrambled

        4) encrypted payload is emailed to recipient.

        Obviously after that the message security is in the lap of the recipient, so for spook-proof communication they need to be as paranoid as you.

        If you are REALLY worried, have a step (0) where you handwrite your message and scan it to an image file which you hide inside another image file before encrypting.

        If I can rig that up, surely governments can ?

  4. Alistair Silver badge
    Windows

    Hey, Iran

    Is that a reciept for yellowcake I see in your email?

    1. Waseem Alkurdi

      Re: Hey, Iran

      No, no, that was al-Assad's thank-you note to Iran (cc: Russia) for keeping him in power.

      1. BrownishMonstr

        Re: Hey, Iran

        Keeping Assad in power? Not sure if there are better alternatives. I mean look at Egypt, Iraq, Iran.

        1. Waseem Alkurdi

          Re: Hey, Iran

          By that logic, and since you mentioned Iraq, Saddam Hussein should never have been ousted as well. Actually, the analogy quite fits, since both are Baathists.

          BTW:

          Egypt -> al-Sisi (not elected via due democratic process, can't give a single speech without breaking down*)

          Iraq -> government and country are in shambles after the American invasion, so nothing to see here***

          Iran -> Despotic regime that misrepresents Islam to stay in power (and grab more and more of it) **.

          * Not an opinion, seriously, just look up one on YouTube, you don't even have to understand the language.

          ** Keeping in mind the rules of al-Shura (people's consultancy) in Islam, which is quite equivalent to

          democracy (but isn't the same though), a regime (and especially its ruler) can't be despotic and lay a claim to being Islamic at the same time.

          *** Problem is that everybody wants a government in al-Iraq that represents everybody and everything. Fine in principle, but now "everybody and everything" is complaining that the other everybody and everything are the only stumbling block preventing Iraq from becoming a First World nation, so the solution is to break off into a separate state (see Kurds, other separationists). Repeat ad nauseam.

          1. Cem Ayin
            Pint

            Re: Hey, Iran

            "Keeping in mind the rules of al-Shura (people's consultancy) in Islam, which is quite equivalent to democracy (but isn't the same though), a regime (and especially its ruler) can't be despotic and lay a claim to being Islamic at the same time."

            I appreciate your sense of humor. So the Ummayads, the Abbasids, the Seljuqs, the Fatimids, the Ilkhans, the Ottomans, the Mughals and a few other, less important or even mentionable islamic dynasties right down to the Saudis and, of course, the current rulers of Iran have all, without exception, been - your words - "misrepresenting Islam to stay in power"? So Islam has basicly been constantly "misrepresented" ever since its inception? And as for those precious few upright true believers who represent the "real" Islam this leaves us with... the Qarmatians maybe???

            I'll drink to that!

            1. Waseem Alkurdi

              Re: Hey, Iran

              So the Ummayads, the Abbasids, the Seljuqs, the Fatimids, the Ilkhans, the Ottomans, the Mughals and a few other, less important or even mentionable islamic dynasties down to the Saudis

              Who cares?

              Suppose somebody decided to kill every redhead he sees.

              Is it logical to say that, hey, it's because he's a Buddhist, so all Buddhists are redhead-killers!

              I'm not sure whether any of the dynasties you mentioned were despotic*, but this doesn't necessarily mean that it is Islam which made them despotic.

              In a similar vein, one might argue that capitalism is evil simply because America invaded Iraq/Vietnam/whatever.

              You can't generalize that a principle is wrong simply because some of its adherents did wrong.

              So Islam has basicly been constantly "misrepresented" ever since its inception?

              Nah, not really. Some caliphates were quite amazing examples of how Islam should be applied (and how should countries be ruled in general). I'm referring to 'Umar bin Abdul Aziz's caliphate here, whose caliphate is held by tradition to have completely eliminated poverty through rigorous distribution of wealth (Islamic alms or zakat), and to the first four caliphs, known as the Rightly-Guided Caliphs.

              And as for those precious few upright true believers who represent the "real" Islam this leaves us with... the Qarmatians maybe???

              Already tackled above. As for the Qarmatians, you mean the looting gang which killed hundreds of innocent pilgrims and looted the Kaaba? If we were to look at it with some humor like you did, they could be regarded as militant Social Darwinists instead, advocating the elimination of the weaker "excess" of humanity so that the stronger remainder flourishes.

              * A quick Google search shows this source, which says that at least the Ottomans weren't despotic.

          2. Tom 38 Silver badge

            Re: Hey, Iran

            By that logic, and since you mentioned Iraq, Saddam Hussein should never have been ousted as well. Actually, the analogy quite fits, since both are Baathists.

            No shit.

  5. David 164 Bronze badge

    Bet the activities also align with about another dozen countries interests, all of which have capabilities to easily make it look like Iran is doing it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019