Conversation
Notices
-
rd @zoowar So https won't secure the Internet in !Canada b/c can't protect communication from #lawfulaccess warrantless searches !CDNpoli
about a year ago from web-
I don't follow your logic here. Could you explain?
-
@zoowar If !Canada passes #LawfulAccess ISPs w/b required to build customer surveillance into end points, so https won't protect us !CDNpoli
-
ISPs are part of the transit path and will know nothing more than IP headers when https is used.
-
@zoowar Techdirt: http://ur1.ca/86dce @JesseBrown http://www.ur1.ca/868lf @mGeist http://www.michaelgeist.ca/content/view/6316/125/ !privacy
-
@zoowar also Canada's regulator gave Bell (our legacy phone backbone carrier + ISP) permission to use Deep Packet Inspection (w/o oversight)
-
Again, ISPs are part of the transit path and deep packet inspection is not 'practical' on https.
-
I say 'practical' because the amount of computational resources would limit the 'cracking' to a small, targeted user set.
-
Nothing technical here. But, of course, surveillance is possible on all non-ssl protected packets. Did, I here someone say email?
-
@zoowar Why is electronic mail insecure? Because most people still don’t use PGP.
-
@zoowar Christopher Parsons has a more technical report available here: http://ur1.ca/86dn1 Also I believe email is at risk from DPI
-
PGP is difficult to explain to your mother. There was an opportunistic encryption effort about 10 years ago, not sure what happened.
-
email is a risk because we let.
-
@zoowar One of our privacy commissioners warned about email security re: DPI By "not practical" do you mean DPI doesn't work on https?
-
@zoowar I've spoken to people who's internet connections were throttled by ISP solely because they were encrypted (assumed criminal).
-
Also, even if they can’t read your encrypted content, they can guess pretty well what you’re doing, by the timing and volume of packets.
-
I'd like to see the evidence before I believe such and anecdote. Did they receive notice from their ISP to that affect?
-
This is how you secure email: Opportunistic Encryption http://ur1.ca/86dw0
-
@zoowar Clearly you don't live in Canada. Our ISP's have permission to throttle from our regulator. Bell recently announced plan to stop
-
That’s great between you and your server, but it does nothing beyond that. Mail can be read at any hop beyond that.
-
@zoowar @lnxwalt @laurelrusswurm i assume all comunications are insecure by default. Probably privacy/security doesn't exist :/
-
@laurelrusswurm When I doubled my download limit my ISP throttled my speed, when I went back to the original download limit the speed ..
-
"not practical" means ssl can be cracked, but if it takes an hour of supercomputing, its not practical.
-
.. increased again.
-
"...power 2 intercept communication...isolate communications 2 individual, engage in multiple simultaneous interceptions..." #lawfulaccess
-
No, it's an end to end solution.
-
@satipera can you switch to a different ISP?
-
That's not my point. My point is that throttling could have been the result of anything. Why assume ssl?
-
@zoowar ah, but if you are one of the few using encryption you'll be a person of interest, at that point it becomes practical. #lawfulaccess
-
@laurelrusswurm Yes but it is a fuss and there is no guarantee I will not be a victim of another unadvertised policy. I was astounded ..
-
.. that my ISP throttled because I had payed for upgrade.
-
@zoowar I'm a non-technical person who has to struggle to understand this stuff, so I don't know it was ssl... what I was told was that...
-
That's why we all need to use encryption. Besides, the russian spies were communicating with coded images sent over non-ssl connections.
-
@zoowar ... when they proved to ISP's satisfaction that they were working from home, not downloading infringing movies, throttling stopped.
-
@zoowar of course; encryption makes you suspect. Not using encryption would be much safer for bad guy, good guys don't need encryption.
-
@zoowar If you oppose #LawfulAccess Big Brotherly state surveillance law our gov't says "You're For Child Porn" http://ur1.ca/86dce !CDNpoli
-
I say they just want access to child porn for their personal pleasure.
-
@zoowar I guess if our government passes #lawfulaccess then they'll get all their porn for free !CDNpoli
-
OE is end to end with chat and IM. Not likely for e-mail b/c both parties need to be logged in at once in order for switching to work.
-
All Identi.ca content and data are available under the