superkuh <***@superkuh.com> writes:
I agree. In france, the ISPes officialy are going MITM attack for the
government (it's in the law).
But even though you're using a VPS to tunnel with SSL your traffic, the
VPS provider still can monitor your doing... And, well, i start to doubt
about SSL itself...
Look at this:
The standard toward SSL is so much complicated that you cannot actually
build it without a lot of potential exploits... Some are even talking
about deliberate backdoor installed in OpenSSL.
What I start to understand with internet, is that it's like real life:
to be able to be anonymous, you actually have to know peoples, and trust
some. The "super hacker", hacking alone is the darkness of his basement
is no more than a myth.
Actually, I don't think that it's even possible to be anonymous if you
don't steal the internet connexion from someone. Subscribing to an ISP with
your real information and use this connexion is a de facto checkmate.
Because even if you encrypt your traffic, they're gonna see it. They're
gonna see that you're using Tor (I don't trust it anymore at all), or a
VPN. And since they are the government, they can apply special action
towards your traffic, like using one of their exploit to decrypt everything
automatically, or simply gives you their certificate to decrypt automatically.
The only way I see anonymity being possible, is actually buying a used
laptop using nothing that can trace you back (take the meeting is the
middle of a city, from a stolen connexion, with fake phone number).
Then simply warp driving, far away from your home, then connect to it
later being careful to park your car far away to not get away your licence
plate to a camera, then buy a VPS from abroad from your computer using
only an USB key to connect, then use a script to install openvpn /
securise the VPS quickly. And finally do your stuff.
And I'm not even sure if it's working (i don't know much of network),
because it's maybe, I don't know, possible to do traffic analysis, and
trace the connexion to a certain IP. So it'll be possible to know where
you connected youself, and try to spot you with cameras.
I still don't know how to get money anonymously, without stealing
anyone. You still have to pay for the bitcoin in the first place. It
exists some prepaid card here, but I'm pretty sure that it's easely
tracable. There are things like some credit card that you can have
easely without giving away info, but I need to dig on that.
So it's not an easy task, and I'm pretty sure that your cannot do that
much if you actually don't know very well how the different protocols and
the different networks work.
Post by superkuhIt won't really help but if you want to feel better about the
situation and you can run perl scripts check out,
https://github.com/superkuh/snoopers-obfuscator
It's a little script I forked (and greatly expanded upon) that acts
like a constant random web surfer. Sort of an internet chaff mechanism
to fill up their database with bullshit.
But no matter where you are at this point you have to consider major
consumer ISP to be an active, malicious attacker. Comcast in the USA
(and others) even go so far as to perform man in the middle attacks
and inject malicious javascript into non-https pages.
Everyone should be renting VPS and socks 5 proxying through them at
minimum or even better (but more tedious, especially if you want to
host servers from home), going through a rented VPN service.
Post by Nicolashttps://tinyurl.com/zy336cs
From The Intercept: "Internet providers will be required to keep a full
record of every site that each of its customers have visited"
I'm in shock. We know that it's already the case, with the PRISM
program. But the laws going live, "democratizing" such operation... It's
opening the bound further into our lives, into more control (because
most laws have gapes, between the exact limit imposed by the law, and
the pratical application of it...). It's making people accepting such
surveillance.