Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Tuesday November 13 2018, @03:12AM   Printer-friendly
from the with-blackjack-and-hookers dept.

The next version of HTTP won’t be using TCP

In its continued efforts to make Web networking faster, Google has been working on an experimental network protocol named QUIC: "Quick UDP Internet Connections." QUIC abandons TCP, instead using its sibling protocol UDP (User Datagram Protocol). UDP is the "opposite" of TCP; it's unreliable (data that is sent from one end may never be received by the other end, and the other end has no way of knowing that something has gone missing), and it is unordered (data sent later can overtake data sent earlier, arriving jumbled up). UDP is, however, very simple, and new protocols are often built on top of UDP.

QUIC reinstates the reliability and ordering that TCP has but without introducing the same number of round trips and latency. For example, if a client is reconnecting to a server, the client can send important encryption data with the very first packet, enabling the server to resurrect the old connection, using the same encryption as previously negotiated, without requiring any additional round trips.

The Internet Engineering Task Force (IETF—the industry group that collaboratively designs network protocols) has been working to create a standardized version of QUIC, which currently deviates significantly from Google's original proposal. The IETF also wants to create a version of HTTP that uses QUIC, previously referred to as HTTP-over-QUIC or HTTP/QUIC. HTTP-over-QUIC isn't, however, HTTP/2 over QUIC; it's a new, updated version of HTTP built for QUIC.

Accordingly, Mark Nottingham, chair of both the HTTP working group and the QUIC working group for IETF, proposed to rename HTTP-over-QUIC to HTTP/3, and the proposal seems to have been broadly accepted. The next version of HTTP will have QUIC as an essential, integral feature, such that HTTP/3 will always use QUIC as its network protocol.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by c0lo on Tuesday November 13 2018, @11:14AM (4 children)

    by c0lo (156) Subscriber Badge on Tuesday November 13 2018, @11:14AM (#761227) Journal

    Plenty of people run Tor exit nodes, right?

    Do you have any evidence to support your assertion?

    I think there would be some participation in hosting meshnet exit nodes

    I would not dare in the current legal context. Even less if I'd be to use my home connection as an exit node.
    For the young and unafraid, here's a list of of fair warnings about what may happen to you if you run a Tor exit node:

    - be flooded by DCMA takedown notices - to the point that the Tor project has a template response letter for such cases [torproject.org]. Note that you will need to answer each and every takedown request and the "safe harbour" provisions aren't available in all international jurisdictions.

    - have your home raided by FBI agents at wee hours in the morging [vice.com], your computers seized and your pet puppy kicked in the guts... umm, this latter one I slipped it in myself, no warranties that will or will not happen

    - be sentenced for distributing child porn [theregister.co.uk] and spend your saving on legal fees and fines. Maybe go to jail too.

    - have your cohosted servers tampered with by law enforcement without being officially notified [torproject.org]

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 1) by fustakrakich on Tuesday November 13 2018, @03:51PM (2 children)

    by fustakrakich (6150) on Tuesday November 13 2018, @03:51PM (#761336) Journal

    This is why Tor, and even VPN can't work. They don't blend. They are light houses, screaming for attention when exactly the opposite is needed.

    --
    La politica e i criminali sono la stessa cosa..
    • (Score: 0) by Anonymous Coward on Tuesday November 13 2018, @05:40PM (1 child)

      by Anonymous Coward on Tuesday November 13 2018, @05:40PM (#761384)

      It's why we should use the IoT to host the exit nodes!

      • (Score: 2) by bob_super on Wednesday November 14 2018, @08:34PM

        by bob_super (1357) on Wednesday November 14 2018, @08:34PM (#761891)

        That's been the plan all along. Why else do you think the security is so crappy ?
        The upcoming white-hat IoT virus will create a botnet of VPNs, mirrors, and TOR nodes inside every insecure IoT piece of junk.

  • (Score: 0) by Anonymous Coward on Saturday November 17 2018, @08:49AM

    by Anonymous Coward on Saturday November 17 2018, @08:49AM (#763002)

    There are definite concerns as to the number of unique endpoints in use, and moreover in the selection of them.

    If you watch TBB or Nyx's site circuits for long enough you will notice how often the same endpoints and exits show up without doing mass geoblocking of nodes, and even then it usually changes to the same 5 or so nodes for the remaining accepted geoip nodes.

    Another discussion involves identifying numbers which last for the whole tor daemon session, which can help dox you there. And this is all assuming 5 eyes doesn't have every major node in their regions compromised or under surveillance.

    I have heard a few other accusations as well, but they are less well founded than these bits of empirical evidence you can test and establish the validity of yourselves with a few dozen to hundred site views alternating between different websites and new circuits on existing sites. The tunnel choices start to look very suspicious after a few days, especially how often all three nodes are from the same country code, or the same dozen or so 'high volume' Tor nodes, defeating the original purpose of spreading it across nodes randomly rather than by known performance metrics, the latter of which makes it easy for well funded surveillance groups to game.