• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

[UK] Encrypting traffic totally so that ISP cannot see?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Anonymity // Privacy // Spam

View previous topic :: View next topic  
Author Message
fRo*ni#wI$n+3D
Just Arrived
Just Arrived


Joined: 06 Apr 2009
Posts: 0


Offline

PostPosted: Mon Apr 06, 2009 7:53 pm    Post subject: [UK] Encrypting traffic totally so that ISP cannot see? Reply with quote

"Details of every email sent and website visited by people in Britain are to be stored for use by the state from tomorrow as part of what campaigners claim is a massive assault on privacy.", The Daily Telegraph (posted yesterday)

So, proxies hide stuff to a limited extent, but do not encrypt the data, meaning that your ISP still has a log of everything you look at:

https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers

What can be used to encrypt it in a way that your ISP is left with nothing including stuff they could see like DNS server lookups etc?

Thanks for any help anyone
Back to top
View user's profile Send private message
Nonapeptide
Trusted SF Member
Trusted SF Member


Joined: 10 Nov 2008
Posts: 2
Location: Scottsdale, Arizona

Offline

PostPosted: Mon Apr 06, 2009 9:10 pm    Post subject: Re: [UK] Encrypting traffic totally so that ISP cannot see? Reply with quote

Off the top of my head, the easiest thing that I could think of is if you had a VPN connection to an offshore VPN endpoint. If you really wanted to go crazy, buy an ISP connection in some less restrictive country, set up a gateway to gateway VPN connection to that offshore VPN endpoint and voila! All network traffic is encrypted. Depending on your paranoia (I don't mean that in a mocking way... there is good reason to be paranoid of stuff like this even if you're absolutely innocent), you need to choose a sufficiently strong encryption algorithm and bit strength. 512 or 1024 bit TLS would make me feel secure. Furthermore, make sure that the offshore government doesn't have equally draconian privacy invasion practices (extremely unlikely).

However, once again depending on your level of paranoia and belief of various conspiracy theories, there are allegations of various government organizations having sufficient CPU power and decryption methods to crack live streams of astonishingly highly encrypted data. Rumor at various hacker cons is that the US can decrypt 128 bit TLS at OC-3 speeds... and I think that was several years ago (or was it OC-192 speed? Doubtful...). Furthermore, you can be absolutely sure that your ISP will see that all data from your network is encrypted and pointed at a single node offshore somewhere. They could conceivably flag that account for further surveillance. Any government inquiry could cause your account to be on the top of a short list of "suspicious" accounts and your government might even contact that foreign government to see if they would cooperate to eavesdrop on your traffic as it leaves that network in unencrypted form. Your only hope is to go off the grid, dig a bunker and grow your own food.

If you'll excuse me, I have to go. I need to buy a shovel and some seeds.
Back to top
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Tue Apr 07, 2009 12:15 am    Post subject: Reply with quote

Encrypting data is not the answer to privacy. You could use something like PGP or GPG to encrypt your mail but your ISP will still be able to see who you send emails to. Even this has its issues as your friends would have to use it to encrypt emails to you. For your web traffic, if it is encrypted then your ISP will still be able to see the addresses you go.

The previous post about VPN is a reasonable approach but absolutely impractical. At the moment no one offers these services and I doubt they ever will as they would need more than double the bandwidth to operate.

Matt_s
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Anonymity // Privacy // Spam All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register