| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Dec 2012 18:24:36 +0700 From: kai@...nn.net To: <full-disclosure@...ts.grok.org.uk> Subject: Re: DPI evasion Hi, > An internet connection and bitTorrent client is enogth to share > mp3's... surely mp3s are just an example, i wanted to discuss DPI evasion in general. > Commercial VPN's (at least in the uk) need to keep login and out > times for accounts, this can be used to confirm you where on-line at > the same time as mp3 where being shared from that VPN in Russia all ISPs have to use SORM (http://en.wikipedia.org/wiki/SORM#SORM-2) which (as far as i know) marks every passing packet with special fingerprint, to have the full evidence who and when has downloaded that illegal mp3 (or who blames the government on twitter). so how do you think, assuming that there are no backdoors (and possible MITM attacks) in SSL and SSH2 protocols, will ISPs be able to read users' emails and intercept other sensitive data (mp3s :-) ) which was sent over SSL+SSH? or should we use some other technics/protocols? > P.S. you may be interested in i2p which has a bitTorrent like client. thanks for your suggestion, i know i2p (and a lot of info about darknets and deepweb), but it doesn't suit my needs. Cheers, Kai _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists