Say I want to engage in an action that can be compromised through a man-in-the-middle attack (like key exchange). I’ve done my best to secure my end of the communication up until the point the network leaves the building: I make sure my machine is not compromised, there’s no unrecognized devices on my LAN, I verify that my DNS has not been compromised etc. My partner also does the same on their end and we’re both confident that a man in the middle attack can not be conducted from within the building.
How motivated would an attacker have to be to successfully compromise the network between us in order to conduct a man in the middle attack? I’m assuming the US government, with the co-operation of the ISPs would be able to do it. But what about doing it without the permission of the ISP?
If I’m using DSL, could someone break into the local DSLAM and insert a proxy?
Could they dig up the wire in somebody’s front yard & compromise it?
Is it possible to remotely hack into backbone routers and have them act as a proxy?
Most discussions about securing against man-in-the-middle attacks focus on the local network with the implicit assumption that once it gets out of your building, it’s secure. How true is this in theory & practice?