Comment by brookst

10 days ago

I’m having a hard time parsing that.

Are you suggesting that PCC specifically is sending things in plaintext, or that the security promises in the server and arch are false, or that a compromised CA means… IDK what?

I’m with you on the big principles, but are you implying more specific attack vectors or just kind of maybe everything could be compromised somehow?

2 comments

brookst

TalkingCodeMonk 10 days ago

> In an NSA presentation slide on “Google Cloud Exploitation,” however, a sketch shows where the “Public Internet” meets the internal “Google Cloud” where their data reside. In hand-printed letters, the drawing notes that encryption is “added and removed here!”

http://web.archive.org/web/20140101231153/https://www.washin...

https://blog.cryptographyengineering.com/2013/09/06/on-nsa/

brookst 9 days ago

So still just innuendo, nothing specific to how PCC works?