Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

Why SixXS Does Not Provide Circumvention

posted by cmn32480 on Thursday September 03 2015, @07:14AM   Printer-friendly
from the is-anonymity-even-possible-anymore dept.

ticho writes:

A news post of IPv6 tunnel broker SixXS explains why they reject tunnel applications where the user intends to circumvent censorship or network surveillance. (Spoiler: It's not because SixXS hates free speech.)

"An adversary who would like to limit Free Speech is likely to monitor internect connections. Users therefor use tunneling/VPN techniques to circumvent the monitoring of these networks. A SixXS tunnel is a point to point link from the user to the PoP. The addresses, both IPv4 and IPv6, of the PoP are publically known. The protocols used for tunneling are publicly documented and known: proto-41 and AYIYA. Neither of these protocols encrypt the contents of the communication. Neither of these protocols cause any kind of hiding of data. On top of that Whois provides all the details about a user given a[n] IPv6 address.

Any adversary network that wants to monitor thus only has to fill in our PoP IPs in a special list and they know that anything talking to those addresses are using a tunnel, which is a red light that that user is doing something special. Their next step is to simply de-encapsulate the traffic inside the tunnel and the adversary has full access to what the user is sending. Noting[sic] that all major monitoring systems understand these protocols.

Thus when a user specifically puts in their request reason that they want to circumvent their local government, we reject the request and point that user to the Tor Project. Approving the request would put the user in a situation where they might think they are avoiding the monitoring system and thus give a false sense of security."

Original Submission

 
This discussion has been archived. No new comments can be posted.
Why SixXS Does Not Provide Circumvention | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Interesting) by chrysosphinx on Thursday September 03 2015, @09:46AM

    by chrysosphinx (5262) on Thursday September 03 2015, @09:46AM (#231643)

    Sixxs tunnel broker is just an IPV6 tunnel broker, just like any else IPV6 tunnel broker. Once you got an IPV6 address from them, you can run whatever you want over it, including your own tunnels and encryption stuff. It's no different from having a public IPV4 address by your ISP. And more, I use Hurricane Electric tunnel for ages, and all the time even with a simple tunnel Google still thinks I live in Germany only because the tunnel exit is in Frankfurt, serves me google.de instead. It did confused many usual tracking traps, though. Including Ingress on Android when connected on wifi.

    But if you really need a secure entry point into internet, you need your own private server somewhere to connect to.

    Anything else should be considered untrusted.

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   2