On December 14, James Harr, the owner of an online store called ComradeWorkwear, announced on social media that he planned to sell a deck of “Most Wanted CEO” playing cards, satirizing the infamous “Most-wanted Iraqi playing cards” introduced by the U.S. Defense Intelligence Agency in 2003. Per the...
  • Snot Flickerman@lemmy.blahaj.zoneEnglish
    101·
    23 hours ago

    Do protocols solve the problem of every hop in between you and the destination has to pass through what amounts to someone else’s private property? Some private servers owned by who knows who on the way between that we have no idea whether they’re inspecting every packet that comes through or not.

    Because that’s the bigger issue, and I’m not even sure it’s one we can solve, because it’s pretty important to how the internet functions.

    A protocol still has to be supported and passed through private corporations walled gardens.

    Who else remembers Comcast illegally using Sandvine to throttle bittorrent traffic specifically? Pepperidge Farm 'members.

    https://torrentfreak.com/comcast-throttles-bittorrent-traffic-seeding-impossible/

    • Rivalarrival@lemmy.todayEnglish
      141·
      21 hours ago

      Do protocols solve the problem of every hop in between you and the destination has to pass through what amounts to someone else’s private property?

      Yes. End-to-end encryption solves that.

      • TheEntity@lemmy.worldEnglish
        6·
        18 hours ago

        Not even necessarily end-to-end, just encryption. And possibly encapsulation within an already allowed protocol, like it’s extremely common with HTTP these days.

    • shortwavesurfer@lemmy.zipEnglish
      62·
      23 hours ago

      That’s what integrity checks are for, so that no one along the path can edit what you say before it actually gets published.

      • Snot Flickerman@lemmy.blahaj.zoneEnglish
        92·
        23 hours ago

        That’s rather missing the point, an integrity check doesn’t solve the fact that to communicate with anyone, you have to do it through giant corporations pipes.

        An integrity check doesn’t help when an ISP have straight blocked your protocols traffic, like Comcast previously did with bittorrent.

        Can we stop sucking down the preachings of an idiot like Jack Dorsey? We don’t actually have net neutrality, so it’s totally within their current rights to just block traffic they don’t like.

        • BradleyUffner@lemmy.worldEnglish
          11·
          20 hours ago

          Almost any protocol can be wrapped in any other protocol. You could, say, use bit torrent by encoding the packets and embedding the data in valid png files, then transporting them over http. As long as both sides understand the wrapping it’ll work just fine.

          I’ve even seen http tunneled over DNS queries in order to completely bypass firewalls.

          • Snot Flickerman@lemmy.blahaj.zoneEnglish
            6·
            22 hours ago

            https://www.malwarebytes.com/blog/news/2021/12/was-threat-actor-kax17-de-anonymizing-the-tor-network

            Given the number of servers run by KAX17 the calculated probability of a Tor user connecting to the Tor network through one of KAX17’s servers was 16%, there was a 35% chance they would pass through one of its middle relays, and up to 5% chance to exit through one.

            This would give the threat actor ample opportunity to perform a Sybil attack. A Sybil attack is a type of attack on a computer network service where an attacker subverts the service’s reputation system by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. This could lead to the deanonymization of Tor users and/or onion services.

            Given the cost and effort put into this and the fact that actors performing attacks in non-exit positions are considered more advanced adversaries because these attacks require a higher sophistication level and are less trivial to pull off, it is highly likely this is the work of a high-level (state-sponsored?) threat actor. As for who is behind this group, neither Nusenu nor the Tor Project wanted to speculate.

            A spokesperson for the Tor Project confirmed Nusenu’s latest findings and said it had also removed a batch of KAX17 malicious relays.

            “Once we got contacted, we looked through all the relays in the network and identified several hundred relays that are very likely belonging to the same group and removed them on November 8.”

            VPN’s also by definition still use the same corporate pipes as anything else.