402
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Aug 2023
402 points (99.5% liked)
Europe
8324 readers
1 users here now
News/Interesting Stories/Beautiful Pictures from Europe ๐ช๐บ
(Current banner: Thunder mountain, Germany, ๐ฉ๐ช ) Feel free to post submissions for banner pictures
Rules
(This list is obviously incomplete, but it will get expanded when necessary)
- Be nice to each other (e.g. No direct insults against each other);
- No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
- No posts linking to mis-information funded by foreign states or billionaires.
Also check out !yurop@lemm.ee
founded 1 year ago
MODERATORS
DoH is an actual improvement, that's true. But at the same time it's a meaningless one, since the ISP can just do a reverse DNS lookup of the IPs you are contacting, and there isn't really an option to hide the IP, unless you are using TOR or a VPN, but TOR sucks in real-world usage (and can also not really be trusted) and VPNs have been discussed before.
I worked on the "evil" side for ~7 years, in a company that made internet monitoring devices. Originally I was told it's only for debugging ISP network problems, but after a few years, when I was trusted enough in the company, they told me that a significant portion of our customers are actually secret services all around the world.
The foreign ones usually wouldn't just say that they are secret service, but they'd buy through other companies, which lead to some weird requests. For example, one time a small little British bakery asked for network monitoring equipment for their business. But they wanted the solution to be able to handle ~100 TBit/s, which was at that time roughly the total bandwidth of the whole UK plus some margin.
Some secret services, though, talked to us completely openly.
I've been at one ISP quite a few times at the department that handled secret service requests. I asked that guy what they do with our products, and he showed me the full suite that they are using. He entered a random phone number into the system, and an overview over the last year's activities of that guy showed up. It had a list with timestamps of every site he accessed. It had all emails (of his ISP account and also emails that were sent unencryped) and SMS that that guy sent and received. It had a full movement profile of that guy for the whole last year, including his visits to other countries. The system allowed the operator to easily find contacts of that guy, even through the movement profile. So you could e.g. list all users that were close to that user at a given time, or all users that are frequently close to that guy.
Tbh, it was a little shocking and eyeopening.
Well yeah, you cannot completely cut deduction off the table. Not even in the real world. The fact though that the internet makes it easier is of course true. Even Tor is vulnerable to deduction-based MITM attacks using nodes that log activity. Nowadays though I think it matters less and less what you access, since everything in the internet has been reduced to a handful of huge websites (fucking SEO). If you're in one of them, I doubt DNS info are going to be much of any use, apart from them having accessed Facebook, or YouTube. When I'm doing stuff I want hidden though, tor and DoH are a must.
Well, centralized services make it easier, not harder. Now secret services can just call up their contact at Facebook or any of the other services and they can not only monitor metadata but get content as well.