On 17-Dec-2012 18:24:36 +0700, [email protected] wrote: > > Commercial VPN's (at least in the uk) need to keep login and > > out times for accounts, this can be used to confirm you where > > on-line at the same time as mp3 where being shared from that > > VPN
That's a good reason to keep the connection persistent. > in Russia all ISPs have to use SORM > (http://en.wikipedia.org/wiki/SORM#SORM-2) which (as far as > i know) marks every passing packet with special fingerprint, > to have the full evidence who and when has downloaded that > illegal mp3 It does not, because it works in a completely different manner: upon getting the request from outside, it starts gathering the traffic according to requested criteria. Consider this equipment as a Linux host with tcpdump (which it really is, with added interface that even a police officer can use). > (or who blames the government on twitter). Twitter is very restrictive for that - to blame the governments in the way they really deserve, one needs to write several megabytes :-) > so how do you think, assuming that there are no backdoors (and > possible MITM attacks) in SSL and SSH2 protocols, will ISPs be > able to read users' emails and intercept other sensitive data > (mp3s :-) ) which was sent over SSL+SSH? Normally no, but... there are rumors about one Asian state being able to bruteforce Rijndael encryption using custom hardware. > or should we use some other technics/protocols? More users on VPN servers + random delays on both VPN and outer interfaces == less correlation between users and data streams. -- Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ПРИ gremlin ТЧК ru> GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
