Sciencemadness Discussion Board - Your privacy is gone, get a VPN


	Not logged in [Login ]

FAQ

Member List

Today's Posts Forum Stats

Stats

Back to:

Sciencemadness Discussion Board » Non-science » Legal and Societal Issues » Your privacy is gone, get a VPN

Printable Version

Pages: 1 2

Pasrules

Hazard to Self

Posts: 78
Registered: 4-1-2015
Location: Yellow Cake Deposit
Member Is Offline

Mood: Lacking an S orbital

posted on 8-4-2015 at 13:05

Your privacy is gone, get a VPN

I'll try to keep this short. Technicals will be below.
Recently in Australia they have passed new data retention laws which require ISPs to hold your metadata for a minimum of 3 years.
However you can get around this problem buy purcheasing a VPN-virtual private network. A VPN works by encripting your data at your computer then sending it to your ISP then to the VPN server. Your ISP can't read what your sending and receiving because of this, this is your best interest concerning privacy.
I have been in contact with a sales rep and a very friendly customer support team about getting a discount on these VPNs for my Australian community of PC gamers and remembered i have another community with you guys which is why i thought it was very important to share this information.
Here is the provider i use: http://www.ibvpn.com/billing/aff.php?aff=3814&page=plans
And if anybody has questions feel free to post them or send me a U2U. Just to sweeten the deal i managed to get 40% off coupons for all my members when I got them for my community and it looks like I'll be able to do that for you guys too.

Technicals
What is meta data?
Metadata is the exact no interpretation needed of what you receive when you browse a webpage or receive something over the internet. If you want to look at an example most email services allow you to look a email source which displays all the ids of what and how it was sent.
What does this mean?
Well for us we research chemicals, specifically for me I research pharmaceuticals. This doesn't mean i'll get a knock at the door for doing it but it does mean if i get in trouble later down the track this information would look incriminating. To make matters worse some websites display illegal content which you may not even see but meta data doesn't lie that you've had access to it.

Here is a forum post from my friend stone who is a security analyst, he covers this topic in more detail then I ever will:
http://www.borderlinetactical.com.au/forums/forum/borderline...

Atropine, Bicarb, Calcium.

Pasrules

Hazard to Self

Posts: 78
Registered: 4-1-2015
Location: Yellow Cake Deposit
Member Is Offline

Mood: Lacking an S orbital

posted on 8-4-2015 at 13:08

For anybody who is a technophobe, to operate a VPN you just log in when you want to use it (similar to MSN), its just a small application in the task bar. The site link i provided above gives a 6-hour trial and a lot of support.

Atropine, Bicarb, Calcium.

Chemosynthesis

International Hazard

Posts: 1071
Registered: 26-9-2013
Member Is Offline

Mood: No Mood

posted on 8-4-2015 at 13:25

Similar here as well: https://www.sciencemadness.org/whisper/viewthread.php?tid=61...
Linked for subject matter.

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 8-4-2015 at 14:11

What a wonderful way to covertly access data, and with nobody ever being able to see who you are, where you are, or what you are doing/saying.

Naieve to say the least.

We thought of that decades ago, established 10,000s of so-called VPN services so you can all pretend that you're browsing in complete security.

You are : just it's our security, not yours.

Oh, i'm not CIA. I meant Their instead of Our etc.

Simple things that YOU think of are of no protection to you, especially if you find them on the web.

Some readers may recognise that ciphers/codes/the breaking thereof have always been intensely interesting to the military of all countries.

Pasrules

Hazard to Self

Posts: 78
Registered: 4-1-2015
Location: Yellow Cake Deposit
Member Is Offline

Mood: Lacking an S orbital

posted on 8-4-2015 at 14:29

I'm promoting these because they have more respect for privacy than the current Australian laws. Unless you want to run your own cable to every website you access, literal cable, than you can be compromised. There are free options you can take such as changing from your default DNS provided by your ISP. I recommend the OpenNic DNS http://www.opennicproject.org/ and here is a tool to test your current DNS https://www.dnsleaktest.com/

What is a DNS? well rather what does it mean to you? if you run the test from the link above it with show you exactly where your data (packets) travel to. In Australia we have the Melbourne data centre. To change your DNS instructions are provided within the top link.

Another precaution you can take is using a firefox browser with addons such as request policy (you can stop google analytics), Dolus (sends random information to location services) there are a few more I have but those are the important ones.

This is about making you more aware of your internet safety and privacy please do not take me as naïve.

[Edited on 8-4-2015 by Pasrules]

Atropine, Bicarb, Calcium.

Chemosynthesis

International Hazard

Posts: 1071
Registered: 26-9-2013
Member Is Offline

Mood: No Mood

posted on 8-4-2015 at 14:34

It's entirely possible this won't be of much use, since the Five Eyes countries have been known to use each other to spy on the citizens of their own countries, so that they circumvent internal privacy laws and regulations.

But I don't want to get into that can of worms.

Pasrules

Hazard to Self

Posts: 78
Registered: 4-1-2015
Location: Yellow Cake Deposit
Member Is Offline

Mood: Lacking an S orbital

posted on 8-4-2015 at 14:43

Yes keep that can of worms closed before people start thinking that they need to wear tin (aluminium) foil hats.

Atropine, Bicarb, Calcium.

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 8-4-2015 at 14:51

My day job is running a network supplying people with internet.

Changing your DNS server settings is a bit like wearing cling-film underpants to protect your ass from Fire.

Bottom line is that no matter what google-searched efforts you make to 'protect' yourself from snooping, you are always vulnerable.

Your Best protection is to avoid doing online things that the authorities do not want you to do.

Generally that'd be a good thing all round.

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 8-4-2015 at 15:48

Ideally, you want to be able to hide amongst a lot of incoherent traffic. This is the concept of Tor, along with its use of multiple encryption layers, that get unencrypted as the message reaches each predetermined node in the Tor network. Each node can only decrypt a message encrypted with its public key, so neither before or after can understand its secret.

Bottom line, the more people use Tor, the better. Tor provides endpoint anonyminity, but not the fact that you are using Tor. With the use of data shaping proxies and such, you could in theory connect to Tor and no one be aware of that fact. If they don't know you are using Tor, then you don't become a random target for surveillance. The NSA has the computational power to break hashes and solve for keys, that is undeniable.

The more people that use Tor, the trash they have to sift through to find you.

Chemosynthesis

International Hazard

Posts: 1071
Registered: 26-9-2013
Member Is Offline

Mood: No Mood

posted on 8-4-2015 at 16:30

Tor has been discussed in the other thread to add to that.

Cou

National Hazard

Posts: 958
Registered: 16-5-2013
Member Is Offline

Mood: Mad Scientist

posted on 8-4-2015 at 16:41

Just use tor, it's free and a lot safer than a VPN. You never know if a VPN was secretly subpoena'd by the NSA.

Varmint

Hazard to Others

Posts: 264
Registered: 30-5-2013
Location: Near Atlanta, GA
Member Is Offline

Mood: No Mood

posted on 9-4-2015 at 03:09

Wow, people still think they can achieve or maintain anonymity?

That's almost as bad as people ignoring all the lies and fabrications regarding global warming and still choosing to believe in it.

The absolute BEST way to have you data scrutinized is to try and protect you data from snooping.

A). You can't protect it, period.
B). Not wanting to get visited for researching certain topics look several orders of magnitude worse when you make an attempt to cloak it.

Imagine the following email message:

"Happy Birthday Mom!"

Sent in the clear, it looks like a dummy that should have picked up the phone and called his or her mother.

Sent "cloaked" it would automatically assume a level of interest far beyond standard traffic.

To think that they would never decode the content in the first place is, again, tantamount to still believing in global warming.

[Edited on 9-4-2015 by Varmint]

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 9-4-2015 at 05:40

Quote: Originally posted by Varmint

Yosemite Sam: Stop right there, varmint.

Yes, it is very difficult, but it is possible. You also have to be very aware of what you are doing and using, which also takes an understanding of the technologies that goes above and beyond most technical users.

You have to assume everything you interface with is listening to you, such as your computer, router, modem, ISP, etc. So how do you reduce the noise you make or ensure each one can't observe you? There is also safety in numbers, and that is an undeniable fact because the computational complexity and time requirements rise exponentially with every participating device. It also comes down to simple statistics, the more they have to watch, the less likely they are watching you.

I also liken it to duck hunting. If all the ducks scatter and fly at the same time, each individual duck has a greater chance of making it out of there alive.

Do not believe the lies that are designed to try and scare you away from attempts at anonymity. The reason behind wanting you to think it's futile is so that not as much work has to be exerted in order to achieve the same level of surveillance that has been such easily achievable in the recent past.

macckone

International Hazard

Posts: 2159
Registered: 1-3-2013
Location: Over a mile high
Member Is Offline

Mood: Electrical

posted on 9-4-2015 at 09:04

The best defense is to do nothing illegal.
As chemist that is difficult because of all the rules and
Regulations, some of which are silly (Pyrex coffee pot in texas?)
For the truly paranoid, use tor over a VPN hosted in Romania.

Very few things are going to protect you against traffic pattern analysis.

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 9-4-2015 at 09:49

Quote: Originally posted by macckone

If they can observe the entire Tor network at once, then they will start to determine correlations between messages sent and messages forwarded. There have been developments where some messages are bundled together, so it makes a correlation ever more difficult.

Yes, the ultimate defense is to do nothing wrong, but that is only given in a fair game. It has come to the attention of the public that a fair game isn't being played, and is one that utilizes drive-by attacks where the innocent are being scrutinized as well.

As you have seen in the news, drive-by shootings kill bystanders.

Don't be a bystander.

[Edited on 9-4-2015 by Loptr]

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 9-4-2015 at 11:13

Quote: Originally posted by Loptr

I also liken it to duck hunting.

I liken it to a simple matter of CPU power.

Given enough (and there is more than enough), all the ducks are toast.

A consortium of intelligence agencies started Tor and make a good profit selling the info they harvest.

Don't tell me you believe the whole Story ?

Sheesh. People will believe the Advertising bullshit next, and that a Burger and fries is good for cholesterol (they are, but it's damned hard to extract in a pure form !)

[Edited on 9-4-2015 by aga]

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 9-4-2015 at 12:23

The concept may have been developed by the Naval Research Laboratory with DARPA support, but as of 2004, it is open-source and run by the community.

Tor also has an active academic interest in breaking it. Yes, there are existing attacks, such as correlation and vulnerabilities in client software using it, but so far there hasn't been a true vulnerability in it's concept. Most of them rely on viewing the entire Tor network in real-time using something like Bayesian traffic analysis.

But hey, what do I know, I'm only a programmer that has worked on a distributed big data processing and automatic classification and inference system utilizing a 4 dimensional world ontology, hadoop, storm, and a myriad of other big data related technologies that ingests documents, videos, sound recording (voice), etc., and extract natural language, topics, noun-verb-subject triples, and runs sentiment analysis, etc., etc. I know very little about the abilities and limitations of "CPU power"...

If you were talking about computational complexity theory, there do exist some problems that can't be solved given it's required polynomial time by a deterministic Turing machine. The point being, the more power you throw at something doesn't necessarily reap rewards.

[Edited on 9-4-2015 by Loptr]

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 9-4-2015 at 12:36

Not all CPU Power involves Silicon : carbon based CPUs can also be applied in huge numbers.

Edit:

Carbon based CPUs like Yours that make the millions of silicon based ones do the stuff you want.

[Edited on 9-4-2015 by aga]

macckone

International Hazard

Posts: 2159
Registered: 1-3-2013
Location: Over a mile high
Member Is Offline

Mood: Electrical

posted on 9-4-2015 at 14:02

Traffic pattern analysis also called correlation analysis is very powerful. For example, they can detect when you send something and when a website is accessed and corresponding return traffic, they can make the connection that you are browsing a particular website. If you make a post, they can link your online activity to that post and the username. Of course for traffic analysis to work they have to have access to the information about data travelling over the Internet. The best way to come to their attention is to use tor or vpns. They can't prove it is you but it is often sufficient to get a warrant to allow more extensive monitoring. Silk road and silk road 2 were taken down using just such analysis.

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 9-4-2015 at 14:18

Analysing patterns of Which IPs you access, When and the Quantity of data you transfer (in each direction) tells a tale.

Points out which data streams to target.

But then what would i know ?

(factual data of my electronics/computer programming life before, during, and after internet inception and development omitted to avoid any attempt to pump my ego).

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 9-4-2015 at 14:29

Quote: Originally posted by macckone

Actually, what brought them down is the servers were infiltrated. They may have attempted analysis, but ultimately, they hacked into the machines.

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 9-4-2015 at 14:50

I think Loptr would agree that given enough Interest (which there Is) the Resources have already been deployed to make all of our online activity Transparent to those who deployed those resources, and things such as Tor are simply bits of flimsy Glitter to trap those who think they just Googled a 'solution'.

Fact is that Users of the Internet are not as empowered as the Makers, or the Owners.

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 9-4-2015 at 15:18

I think great strides have been made in that direction, but majority of intelligence is gathered by other means than decrypting encrypted traffic.

Remember, as the governing body, they can impose requirements to all electronics manufacturers that suit their needs.

For most datum of interest, they already have a direct line for inquiry. They have to really want to go after you in order to start decrypting your traffic. This doesn't mean they won't target subsets of traffic related to a particular point of interest, such as dark markets, which as you all know, where there are drugs, there are typically funding routes back to people of interest. So not only stay away from the shady parts of anonyminity services, but don't become grouped with their traffic. Then you must just find yourself in the middle of some drag net operation.

They have the resources, and definitely time, on their side.

Also, there are multiple aspects of intelligence, signals, human, etc., so they work from multiple angles. Just as they would if they were targeting a IED manufacturing network in Iraq; they attack the network--that being the people, places, interactions, things, time, and associations between them.

aga

Forum Drunkard

Posts: 7030
Registered: 25-3-2014
Member Is Offline

posted on 9-4-2015 at 15:22

Agreed, wholeheartedly.

Any notion of Safety is always an Illusion.

Live fast, die young, leave a good looking corpse.

Never think you're cleverer than the Machine that is the Power structures of this world.

Loptr

International Hazard

Posts: 1347
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

posted on 9-4-2015 at 15:36

But in the end it still comes down to the more you do to remove your public facing profile, the better.

Aga is right, in that mask can be removed at anytime, because they do have the resources.

It's a question of whether taking on an entire network is worth the man years and funding to pull it off, and then once it has been accomplished, to then sustain it. This is why I say the more people protecting themselves, the better, because it increases costs for them to continue to do so. It also becomes less effective if all traffic starts to go over Tor.

(I am not a Tor salesman, there was another project, i2p, that I was considering taking a part in a while back in favor over Tor, simply because it was a newer project and there were already lessons learned from Tor, but then life happened, got married, had a baby almost immediately, then fourteen months later, another one...now hardly code in my down time like I used to. At one point I was maintaining a homegrown unix clone that I had written as a member of the OSDev site, but that has also come to a hault. Enjoy life when you are young, because damn, once it changes, it's gone. lol)

So, please, for the love of god, people, use the https://www.sciencemadnes.org/whisper version of this site. I keep meaning to get back with Polverone on some changes to the Apache httpd configuration that will handle the redirects, but I keep getting pulled into crazy political trists at work, and home time is full of taking care of the kids. I will get to it eventually, Polverone, I promise.

[Edited on 9-4-2015 by Loptr]

[Edited on 9-4-2015 by Loptr]

Pages: 1 2

Sciencemadness Discussion Board » Non-science » Legal and Societal Issues » Your privacy is gone, get a VPN