Stories
Slash Boxes
Comments

SoylentNews is people

Ask Soylent: How To Inspect Your Own Packets

posted by cmn32480 on Friday August 28 2015, @10:14PM   Printer-friendly
from the time-for-port-mirroring dept.

skullz writes:

With the release of Windows 10 there have been serious privacy concerns raised as to what data Windows is sending home to mommy and daddy. Much of this could be called benign data leakage for your average user (location information for a map, search information, etc) but it has been hinted that even disabling these features doesn't prevent data being sent from your computer. This is also true for Android, iOS devices, browsers, browser plugins, and software registration / update tools. Even a vanilla Linux or BSD install may be sending out information you aren't aware of. If you haven't checked, you don't know.

Firing up a packet monitor is fairly easy on the host OS and a decent firewall / gateway can dump all the packets from a local network. Assuming the majority of data you would be concerned about leaking out is encrypted, is there an easy way for an owner to decrypt it to see what is actually being sent out? Are there groups conducting this type of analysis and publishing their results with any level of detail?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ask Soylent: How To Inspect Your Own Packets | Log In/Create an Account | Top | 41 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by jmorris on Saturday August 29 2015, @05:25AM

    by jmorris (4844) on Saturday August 29 2015, @05:25AM (#229337)

    But how do you know the firewall isn't phoning home too?

    Because it runs OpenWRT. Or it runs OpenBSD. Or similarly trustworthy software. Trust nothing commercial. No I'm not some hippie Bernie Sanders fan or baked Ronulan but seriously, you can't trust any software anymore that doesn't let you sync their repo and build an image yourself. Even if you don't actually do it, knowing you COULD keeps them honest because they know somebody IS doing exactly that and looking around in that source before they build it to see how it differs from upstream... and somebody is looking at most of the upstream projects these days and decades old bugs are getting closed. Because it isn't paranoia anymore when just everybody is out to do ya.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by jmorris on Saturday August 29 2015, @05:27AM

    by jmorris (4844) on Saturday August 29 2015, @05:27AM (#229340)

    Assuming the majority of data you would be concerned about leaking out is encrypted, is there an easy way for an owner to decrypt it to see what is actually being sent out?

    Really?

    Really?

    Help, I can't even snark that one because my brain hurts too much.

  • (Score: 0) by Anonymous Coward on Saturday August 29 2015, @03:21PM

    by Anonymous Coward on Saturday August 29 2015, @03:21PM (#229434)

    Mmmmmmm. Baked Ronulan.

    It goes wonderful with a nice chianti.

  • (Score: 2) by mtrycz on Saturday August 29 2015, @09:08PM

    by mtrycz (60) on Saturday August 29 2015, @09:08PM (#229558)

    Sadly, as a counterargument of sorts, you can't trust your hardware either. So even a free/open source OS won't give guarantees on the hardware (expecially with what's currently possibile with modern hardware)

    The sad conclusion is that there is no way to be ever 100% sure. Sigh.

    --
    In capitalist America, ads view YOU!