[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] DPI evasion



On 17-Dec-2012 18:24:36 +0700, kai@xxxxxxxxx wrote:

 > > Commercial VPN's (at least in the uk) need to keep login and
 > > out times for accounts, this can be used to confirm you where
 > > on-line at the same time as mp3 where being shared from that
 > > VPN

That's a good reason to keep the connection persistent.

 > in Russia all ISPs have to use SORM
 > (http://en.wikipedia.org/wiki/SORM#SORM-2) which (as far as
 > i know) marks every passing packet with special fingerprint,
 > to have the full evidence who and when has downloaded that
 > illegal mp3

It does not, because it works in a completely different manner:
upon getting the request from outside, it starts gathering the
traffic according to requested criteria.

Consider this equipment as a Linux host with tcpdump (which it
really is, with added interface that even a police officer can
use).

 > (or who blames the government on twitter).

Twitter is very restrictive for that - to blame the governments in
the way they really deserve, one needs to write several megabytes :-)

 > so how do you think, assuming that there are no backdoors (and
 > possible MITM attacks) in SSL and SSH2 protocols, will ISPs be
 > able to read users' emails and intercept other sensitive data
 > (mp3s :-) ) which was sent over SSL+SSH?

Normally no, but... there are rumors about one Asian state being
able to bruteforce Rijndael encryption using custom hardware.

 > or should we use some other technics/protocols?

More users on VPN servers + random delays on both VPN and outer
interfaces == less correlation between users and data streams.


-- 
Alexey V. Vissarionov aka Gremlin from Kremlin
<gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/