[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] DPI evasion



Hi,

> An internet connection and bitTorrent client is enogth to share 
> mp3's...

surely mp3s are just an example, i wanted to discuss DPI evasion in 
general.

> Commercial VPN's (at least in the uk) need to keep login and out 
> times for accounts, this can be used to confirm you where on-line at 
> the same time as mp3 where being shared from that VPN

in Russia all ISPs have to use SORM 
(http://en.wikipedia.org/wiki/SORM#SORM-2) which (as far as i know) 
marks every passing packet with special fingerprint, to have the full 
evidence who and when has downloaded that illegal mp3 (or who blames the 
government on twitter).
so how do you think, assuming that there are no backdoors (and possible 
MITM attacks) in SSL and SSH2 protocols, will ISPs be able to read 
users' emails and intercept other sensitive data (mp3s :-) ) which was 
sent over SSL+SSH? or should we use some other technics/protocols?

> P.S. you may be interested in i2p which has a bitTorrent like client.

thanks for your suggestion, i know i2p (and a lot of info about 
darknets and deepweb), but it doesn't suit my needs.


Cheers,

Kai

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/