Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[snadge]

offtopic: but, The Sooner I get onto LINUX the better IMO lol. I want Linux Feren but it doesn't offer OS Encryption like ALL other distros and I love its desktop choice feature, make it look like windows, MAC, Ubuntu, all sorts - looks like I'm gonna have to go with Linux Mint, for now, cos I want that to be my 'Internet PC' and the windows one will just be an 'offline' music production workstation, updated via WSUS on USB, also this forces me to get familiar with Linux and its Terminal usage

I wonder what issues would arise there on Linux?

[Alex Atkin UK]

Biggest problems I have on Linux:

Video acceleration, or lack of it in Firefox
Screen tearing, l have no idea why they can't seem to figure that one out.  I had it sorted on NVIDIA but can't seem to fix it on the Intel iGPU.
Sound randomly glitching, this is specifically related to Fedora switching from Pulseaudio to Pipewire for their audio server, its so not ready yet.  But that's the nature of using Fedora, its the cutting-edge distro where Redhat push their latest ideas.

[Weaver]

The thing about the government requiring ISPs to record your stuff, metadata or perhaps more. I seem to remember that Andrews and Arnold said they don’t record my traffic, and so they don’t have the data to hand over to the government. Is that right? I’m thinking that that nonsense doesn’t apply to small ISPs.

[Alex Atkin UK]

The thing about the government requiring ISPs to record your stuff, metadata or perhaps more. I seem to remember that Andrews and Arnold said they don’t record my traffic, and so they don’t have the data to hand over to the government. Is that right? I’m thinking that that nonsense doesn’t apply to small ISPs.

As I understand it yes, that is true.  Its what worries me about Zen getting bigger as so far they skirt under the "small" ISP ruling too.

Then again, half my traffic goes over Plusnet and I haven't hit the problems I had before where they incorrectly blocked websites due to doing an IP block instead of a domain block.

I have to admit, I still don't like the idea of the government profiling me based on my search terms, etc.  Its bad enough Google gets to do that.  Its rather concerning that Apple are tinkering with hashing peoples media files to compare them to a "this is dodgy" list, I don't trust it not to flag false positives and the repercussions this could have to someone are quite dramatic.

Not to mention working with media files is getting slower and slower due to the amount of meta data extraction going on in the background of modern OS.  I tried to open a folder on MacOS with 130,000 PNG files in it (an upscaled movie) and it literally took HOURS and was too sluggish to let me select the files in the file requester.

[Weaver]

@Alex Indeed, I was wondering about Zen, getting so successful. I used them for a year and they were good.

I couldn’t be doing with any ISP that was recording my traffic, I’d encrypt the lot in a tunnel to my own endpoint, if that were the case.

[snadge]

The thing about the government requiring ISPs to record your stuff, metadata or perhaps more. I seem to remember that Andrews and Arnold said they don’t record my traffic, and so they don’t have the data to hand over to the government. Is that right? I’m thinking that that nonsense doesn’t apply to small ISPs.

it's not "rubbish" its all acquirable data if you seek it, and it is ALL ISPs (small or big), after Snowden's 2015 leaks (in which he also reported the UK where the worst of them all - referring to the world's inter-connected SIGINT agencies - FVEY) our government basically said "yes we do it, and we're gunna do it even more now and make it into law" and enforced that 2016 Investigatory Powers Act the following year, that does what I just said, since the 2016 IPA it means your ISP must record your TLD Metadata and store it for 12 months (but is Top-Level-Domain only - so only the what, when, where etc - not which page on a website you're actually on, just that you we're on that website at some point, so IP's, dates, time, locations etc) - read articles about it, it's nick-named "The Snoopers Charter" read all the papers and you will see.

it is also applicable to your mobile provider for data, calls and texts, they aren't supposed to record the content of the text or calls but wouldn't surprise me if they do at least the texts

did you know that if a police officer has sufficient evidence or even 'just cause' they can access your data!

I've been studying Cyber-Security for quite some time (years)

EDIT:
part of the 2016 IPA history is the Draft Communications Data Bill of 2013 which states : The Draft Communications Data Bill (nicknamed the Snoopers' Charter or Snooper's Charter) was draft legislation proposed by then Home Secretary Theresa May in the United Kingdom which would require Internet service providers and mobile phone companies to maintain records of each user's internet browsing activity  (including social media), email correspondence, voice calls, internet gaming, and mobile phone messaging services and store the records for 12 months. Retention of email and telephone contact data for this time is already required by the Data Retention Regulations 2014. In November 2015, May announced a new Investigatory Powers Bill similar to the Draft Communications Data Bill, although with more limited powers and additional oversight.

I've seen documentaries from 10 years back showing TEXTS between 'suspects" on a 10-year-old TV programme about the police, and they showed the texts sent...given to them by the supplier.

Also, recently the NSA announced in a documentary they are now using Quantum Super Computers (QSC's) to decrypt VPN traffic, and can do it so fast that not only can it retain your data for reading later, but also inject malware into your encrypted stream as it is being sent back to you!!??

just use encrypted DNS like D.o.H on Firefox/Chrome to Cloudflare (1.1.1.1) in the settings, or using the app on yer fone or windows (WARP - PC or Mobile) which is a free VPN just for DNS data (as that is always plain text and what yer ISP records) - I use D.o.H in Firefox and NordVPN's "Obfuscated Servers" so my VPN traffic looks like HTTP traffic, along with a string of other assorted security addons/settings - i know someone is gunna say "what's the point if they can decrypt traffic"

1) it may have been a lie to put people off getting VPN's thinking they are hopeless now

2) let them try, it is better than using plain-text DNS and HTTP/HTTPS are on different ports, and DNS is 'plain-text' - that's one way how Man In The Middle attacks can occur

[Weaver]

I would need to dig to find the reference, but Andrews and Arnold has said publicly that they will give people notice if they are being compelled to try and snoop on their customers’ traffic and record metadata. If I can’t find the declaration in question I’ll email them and ask them straight out. AA was slagged off in The House of Lords for their privacy stance, a badge that they can wear proudly. RevK submitted evidence to the House of Lords.

See : https://www.ispreview.co.uk/index.php/2014/07/aaisp-pledges-protect-uk-users-government-internet-snoops.html

See also: https://www.aa.net.uk/broadband/real-internet/

“We do not log which websites you visit (though the website administrator may). We don't run any sort of transparent proxies or other systems to covertly log what you do on the internet, and do not sell data to anyone. We have no, so called, black boxes which monitor traffic for the government, or anyone else.”

This is one mention of an idea that the law in practice only applies to large ISPs:

216.According to Andrews & Arnold:

“It seems clear from the Home Office that they are intending to only serve notices on those larger ISPs that are already subject to notices, and with which they have already had extensive discussions. They have indicated that they are not intending to target smaller ISPs, and even if they did, that ISPs would not be expected to log and retain data for which they simply do not have such a capability, and that they would not expect any collection of “third party data” or information from “over the top services”.” 166

[Reformed]

I've been studying Cyber-Security for quite some time (years)

2) let them try, it is better than using plain-text DNS and HTTP/HTTPS are on different ports, and DNS is 'plain-text' - that's one way how Man In The Middle attacks can occur

Good to see some so interested in cyber. I've been studying a while, post-grad, doctorate starts soon.

No-one can decrypt routinely right now. If they could we'd be mobilising our Quantum-resistant goodness more. It renders certain ciphers trivial, assuming you've the computer to process, but others are resilient.

Man in the Middle from your router manufacturer using a self-signed certificate is nothing too interesting. Crypto prevents MitM unless someone has a dubious certificate and key pair.

As far as DNS and monitoring go all the traffic from VPN endpoints will be receiving special attention and potentially used for metadata collection. One of the relatively few things VPNs like this are good for, alongside ability to access geographically restricted content and to avoid very local monitoring on a network run by someone else, is getting the spooks' attention. A bunch of people very interested in privacy all collected together in a relatively few places. Perfect.