[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] DPI evasion
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] DPI evasion
- From: gremlin@xxxxxxxxxx
- Date: Tue, 18 Dec 2012 13:29:54 +0400
On 17-Dec-2012 18:24:36 +0700, kai@xxxxxxxxx wrote:
> > Commercial VPN's (at least in the uk) need to keep login and
> > out times for accounts, this can be used to confirm you where
> > on-line at the same time as mp3 where being shared from that
> > VPN
That's a good reason to keep the connection persistent.
> in Russia all ISPs have to use SORM
> (http://en.wikipedia.org/wiki/SORM#SORM-2) which (as far as
> i know) marks every passing packet with special fingerprint,
> to have the full evidence who and when has downloaded that
> illegal mp3
It does not, because it works in a completely different manner:
upon getting the request from outside, it starts gathering the
traffic according to requested criteria.
Consider this equipment as a Linux host with tcpdump (which it
really is, with added interface that even a police officer can
use).
> (or who blames the government on twitter).
Twitter is very restrictive for that - to blame the governments in
the way they really deserve, one needs to write several megabytes :-)
> so how do you think, assuming that there are no backdoors (and
> possible MITM attacks) in SSL and SSH2 protocols, will ISPs be
> able to read users' emails and intercept other sensitive data
> (mp3s :-) ) which was sent over SSL+SSH?
Normally no, but... there are rumors about one Asian state being
able to bruteforce Rijndael encryption using custom hardware.
> or should we use some other technics/protocols?
More users on VPN servers + random delays on both VPN and outer
interfaces == less correlation between users and data streams.
--
Alexey V. Vissarionov aka Gremlin from Kremlin
<gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/