ISP snooping

Forums › New Zealand Broadband › ISP snooping

1 | 2

l43a2

1746 posts

Uber Geek

ID Verified

Trusted

#459275 15-Apr-2011 23:05

could just use itunes... :|

Pluralsight

Learn cloud, mobile, security, data and web technologies with Pluralsight (affiliate link).

Regs

4064 posts

Uber Geek

Trusted

Snowflake

#459279 15-Apr-2011 23:16

Jarno: If you are concerned about ISPs snooping on your traffic on behalf of a malevolent government, then HTTPS isn't going to save you.

If it is determined that HTTPS is getting used extensively to avoid the law, then I'm pretty sure the government is capable of obtaining valid certs to spoof the sites of concern and do a man-in-the-middle attack.

i think you better ditch the tinfoil and go for some nuclear containment graded steel for your hat.

Sales Engineer
Snowflake
www.snowflake.com

about.me/nzregs
Twitter: @nzregs

Talkiet

4689 posts

Uber Geek

Trusted

#459280 15-Apr-2011 23:17

Jarno:[snip]

If it is determined that HTTPS is getting used extensively to avoid the law, then I'm pretty sure the government is capable of obtaining valid certs to spoof the sites of concern and do a man-in-the-middle attack.

No.

N

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

Oldhat

180 posts

Master Geek

#459290 16-Apr-2011 01:59

Some interesting articles on Ars Technica about SSL.

http://arstechnica.com/security/news/2010/03/govts-certificate-authorities-conspire-to-spy-on-ssl-us...

http://arstechnica.com/security/news/2011/03/how-the-comodo-certificate-fraud-calls-ca-trust-into-qu...

Also, they have a rather timely one about TOR and torrents.

http://arstechnica.com/tech-policy/news/2011/04/not-anonymous-attack-reveals-bittorrent-users-on-tor...

Just some food for thought. ;-)

scottr

261 posts

Ultimate Geek

Trusted

#459342 16-Apr-2011 12:30

Talkiet:
Jarno:[snip]

If it is determined that HTTPS is getting used extensively to avoid the law, then I'm pretty sure the government is capable of obtaining valid certs to spoof the sites of concern and do a man-in-the-middle attack.

No.

N

This.. Glee episodes just aren't that important.

Talkiet

4689 posts

Uber Geek

Trusted

#459582 17-Apr-2011 01:15

scottr:
Talkiet:
Jarno:[snip]

If it is determined that HTTPS is getting used extensively to avoid the law, then I'm pretty sure the government is capable of obtaining valid certs to spoof the sites of concern and do a man-in-the-middle attack.

No.

N

This.. Glee episodes just aren't that important.

Actually to be fair, I'd rate Glee episodes pretty damned highly on the important list (1)

cheers - N

(1) i'M really drunk...

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

maverick

3594 posts

Uber Geek

Trusted

WorldxChange

#459594 17-Apr-2011 08:25

Talkiet:
scottr:
Talkiet:
Jarno:[snip]

If it is determined that HTTPS is getting used extensively to avoid the law, then I'm pretty sure the government is capable of obtaining valid certs to spoof the sites of concern and do a man-in-the-middle attack.

No.

N

This.. Glee episodes just aren't that important.

Actually to be fair, I'd rate Glee episodes pretty damned highly on the important list (1)

cheers - N

(1) i'M really drunk...

Bloody hell Neil you would have to be ...

Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well

https://www.facebook.com/wxccommunications

freitasm

BDFL - Memuneh
76370 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#459616 17-Apr-2011 10:27

l43a2: could just use itunes... :|

Yeps, that would be the sensible way of doing it. But people rather pay VPNs, overseas seedboxes, instead of actually BUYING the music or content they like. Incredible isn't it?

Instead of discussing how to evade copyright protection or oversight people should be discussing how to redesign copyright to make it more flexible, or how to work with content providers to make it more widely available and cheaper.

Instead people want to pirate things. No one discusses how to create better laws and better experiences, everyone discusses their "privacy rights", which seems to include the right to pirate things.

And their usual response? "If it was cheaper I would buy." or "If the money went to the bands I would buy". Or the best yet "I already pay for my Internet access, why do I have to pay for content?"

Then there are those who say "we need private access because of political persecution". Come on, people. I agree there's this kind of usage, but here in New Zealand people are clearly talking about piracy, not about dictatorial political regimes...

This doesn't help and it's the wrong answer.

Please support Geekzone by subscribing, or using one of our referral links: Dosh referral: 00001283 | Sharesies | Goodsync | Mighty Ape | Backblaze

freitasm on Keybase | My technology disclosure

oxnsox

1923 posts

Uber Geek

#459685 17-Apr-2011 14:14

Redesigning copyright is part of the problem. The corporates who've invested soo much in claiming ownership (via IP) of the copyright ain't going to let it go lightly.

Why did DAT never get a fair shot at the market? Why do we have regionalised media?
Because the patent/copyright/IP holders want to protect the investment they've made in whatever barrow they have in the marketplace, and ensure it gets well milked in the process.

The itunes approach is more palatable because if has the appearance of lowering the cost of the copyright, because you're only paying a portion for the bit you want. I wouldn't call it re-designing because the same model can't be applied across all copyrighted material. (I'll just buy the first and the last chapter of the book thanks Steve.) But it may be on the right track.

I think theres a lot of room for education in whole IP/copyright space. If we don't produce products (like code or media) that we've invested our own time and knowledge in it's often hard for us to see where the value is in the price we pay. We might begrudgingly pay our Doctors and Lawyers (amongst others) hundreds of dollars an hour, without seeking out a credible lower cost option... but we still pay them. Yet when it comes to paying the sticker price for code or media we'll happily download a lower cost copy and expect support through official channels or forums.

foobar

186 posts

Master Geek

#460061 18-Apr-2011 12:01

freitasm:
Yeps, that would be the sensible way of doing it. But people rather pay VPNs, overseas seedboxes, instead of actually BUYING the music or content they like. Incredible isn't it?

No, it's quite understandable, actually. People are not as stupid as you make them out to be.

As long as the songs you can buy legally are crippled by DRM paying for this content is a complete non-starter. It won't happen. At least not from me, and probably not from many others. When I buy a song I should be mine, it shouldn't be leased, it shouldn't be possible for someone else to remove my right to listen to it, etc.

As long as the pirated product is better (!) - that is, free from DRM - then many people won't understand why they should pay for an inferior product.

Let the music industry offer a better product - free from DRM for starters - and people will be willing to pay for it rather than VPNs and such.

foobar

186 posts

Master Geek

#460062 18-Apr-2011 12:04

codyc1515:
foobar:
the host portion of the url you type in the browser is unencrypted and it has to be, otherwise it would be kind of difficult to reach a host. the GET request and any parameters are encrypted.

That is not correct.

Your entire HTTP header (including the Host line) are encrypted with SSL....

I just tried running my web browsing through my own personal proxy for testing purposes and it could show the Host name but not the url, that was encrypted.

That is because your own personal proxy did a name lookup on the IP address to which you connect. Nevertheless, the entire content of an SSL connection is encrypted, including the host portion of the URL (the HTTP Host header).

freitasm

BDFL - Memuneh
76370 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#460064 18-Apr-2011 12:05

Apple already offer DRM free music. They are not doing it for video yet. But they are coming...

Please support Geekzone by subscribing, or using one of our referral links: Dosh referral: 00001283 | Sharesies | Goodsync | Mighty Ape | Backblaze

freitasm on Keybase | My technology disclosure

foobar

186 posts

Master Geek

#460080 18-Apr-2011 12:42

freitasm: Apple already offer DRM free music. They are not doing it for video yet. But they are coming...

That's a good start. I'm not very familiar with Apple's offerings. For example, do you need to use Apple software to access that store?

freitasm

BDFL - Memuneh
76370 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#460101 18-Apr-2011 13:27

You need to use their software to access the store (and obviously have an account to pay for purchases). You can use any software to play the music though.

Please support Geekzone by subscribing, or using one of our referral links: Dosh referral: 00001283 | Sharesies | Goodsync | Mighty Ape | Backblaze

freitasm on Keybase | My technology disclosure

1 | 2