Post Friends My journal
wylde_writer

I'm on VPN now, so take THAT, misguided ISP! And NSA too!

Aug 30, 2013 04:06

I've been excessively perturbed about NSA's shenanigans lately. Now, on a separate but related note, today my internet service was rudely and abruptly cut off.

Reason? Someone from this IP address downloaded several files from a torrent with "Girls" in the title, and the ISP service suspected child porn. (Obviously the traffic stream + title ( Read more... )

anonymity, surveillance, isps, internet access, vpn, nsa

Leave a comment

Comments 4

seawasp August 30 2013, 13:07:02 UTC
How do you link to the VPN without going through any of the more local and thus buggable media?

Reply

wylde_writer August 30 2013, 17:25:59 UTC
It is true that a standard internet connection must be available, but once a usable port is present, a vpn client at the desktop connects to the vpn host server and creates a secure point to point connection between the two. This encrypts all information through that connection. VPN is often likened to a "tunnel" that goes securely from point A to point B ( ... )

Reply

merlynn_valen September 1 2013, 03:34:09 UTC
I have been working from home via VPNs for over 10 years now. Not every client allows it, but many do. The most secure VPNs use IPsec v3 for IPv4 or IPsec for IPv6 with Group 5 Diffie-Helman exchanges. The next in line use Group 2. Those tunnels are impregnable to existing computing technology for the foreseeable life of the universe. SSLv3 tunnels are not bad, but I would make sure that they use large binary primes for key exchanges (like Diffie-Helman Group 5). I would also make sure they use TLS (not the broken WiFi TLS). High-end SSL tunnels are breakable in algebraic time by the computing power of the entire world. Realistically, that means 20-80 years to break it.

By the way, that is a solid article on the subject. Being a mathematician, I thought you might want to know a little more of the realities.

Reply

merlynn_valen September 14 2013, 05:08:08 UTC
Here is a disturbing twist on the safety of SSL VPNs. Schneier found a story in which the NSA actually performed a man-in-the-middle attack against Google users, watching for traffic coming out of anonymizer sites and other known VPN providers. This is an ugly trend. Fortunately, this time, they were after an oil company in Latin America. https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html

Reply

Leave a comment

Up
Homepage Read journal... Full version Help Русская версия
© 1999-2024 LiveJournal, Inc.