In the wake of this spring's Senate ruling nixing FCC privacy regulations imposed on ISPs, you may be (even more) worried about how your data is used, misused, and abused. There have been a lot of opinions on this topic since, ranging from "the sky is falling" to "move along, citizen, nothing to see here." The fact is, ISPs tend to be pretty unscrupulous, sometimes even ruthless, about how they gather and use their customers' data. You may not be sure how it's a problem if your ISP gives advertisers more info to serve ads you'd like to see—but what about when your ISP literally edits your HTTP traffic, inserting more ads and possibly breaking webpages?
With a Congress that has demonstrated its lack of interest in protecting you from your ISP, and ISPs that have repeatedly demonstrated a "whatever-we-can-get-away-with" attitude toward customers' data privacy and integrity, it may be time to look into how to get your data out from under your ISP's prying eyes and grubby fingers intact. To do that, you'll need a VPN.
Source: Ars Technica
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @06:38AM
IP over DNS [github.com]
IP over ICMP [github.com]
(Score: 2) by kaszz on Saturday May 27 2017, @06:52AM
Belkin [wikipedia.org] also tried "http editing" in 2003. They got some serious negative feedback from that.
Let's hope not all bugs in the ISP routers has been fixed.. :p
(Score: 4, Insightful) by lentilla on Saturday May 27 2017, @07:35AM (12 children)
The way I see it, using a self-managed VPN only moves the issue of trust along. Whilst I no longer need to have any trust in my last mile provider, now the question becomes "can I trust my 'clould provider'?"
It's worth; at this point; to identify the major threats that we are guarding against. We can probably ignore casual "hackers" because (providing we control the browser) everything of actual use to them is already encrypted.
The trouble with governments is that they often run what could be called "a shady operation". Since they are the law, they are rarely forthcoming or transparent in the reporting to their citizenry. They also tend to have the "whole deal" well stitched up from one end to the other. You never know where, or if, or how they've tapped the lines - and if you ask, you simply won't be able to trust their answer. Even if they categorically say "we aren't", the truth is probably closer to "but we have a bi-lateral agreement with a neighbouring country to snoop on our citizenry and hand the data over".
So the questions now become:
The third option above is not really an option at all. (Well, unless you actually happen to be up to no good.) Flying under the radar might work for an individual here and there but it does rather side-step our social responsibility to share improved circumstances with our neighbours. This would truly be the option of last resort and in implementing it (for reasons of normal human interaction) we would know our society had truly stepped over the precipice into totalitarism.
It saddens me greatly that people - normal, everyday people - are forced to such lengths and costs to maintain basic human rights such as free association, privacy, and access to information.
(Score: -1, Troll) by Anonymous Coward on Saturday May 27 2017, @08:12AM (6 children)
Because page 5 of TFA is just too damn far to read.......
And then you have the gall to mention........
You're right! I hereby choose not to associate with you. Go fuck yourself, asshole.
(Score: 2) by lentilla on Saturday May 27 2017, @09:46AM (3 children)
A truly erudite bon mot, AC. I confess I am somewhat hurt. Was that your intention?
By all means identify errors of logic, debate a point, or simply disagree with me - but all of this can be done without resorting to ad hominems or just plain rudeness. If we all went around saying "fuck you" to everything and everybody the level and quality of discourse would drop precipitously. I suspect your behaviour in real life is similar - not that you voice your perennial disgust aloud in such a manner - but I figure you are probably thinking it when you interact with your fellow human beings. It's not an healthy way to approach life.
You might have had something constructive to say but whatever it might have been was overshadowed by your closing repartee. Try to do better next time because; just as surely as you might choose not to associate with me; I don't wish to be showered with pointless barbs.
Pray remember; next time you go to post something; that there is another human on the other end of the Internet - a living, breathing human - another human being, essentially just like you.
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @12:42PM
Verily.
(Score: -1, Troll) by Anonymous Coward on Saturday May 27 2017, @03:58PM (1 child)
No you're just a long winded bullshitting gas bag and you're adding absolutely fucking nothing to the discussion. Kindly fuck off.
You're one of those self-important pieces of shit, who after learning to read and write, decided what you write is of such paramount supremacy that you can simply stop reading since you already know everything.
Next time you feel like writing a masturbatory treatise to your own genius, stop and read TFA first. Or you can just fuck off like the stupid motherfucker which you clearly are.
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @04:10PM
You are a horrible person.
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @01:19PM
I really don't understand the complaint here.
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @04:06PM
So the poster reiterates a point mentioned in the article... so what?
I have no idea why you took exception with this. You're offended that the poster is concerned about some basic civil rights?
How did you get so offended by this person? They did nothing to warrant that kind of response.
(Score: 3, Insightful) by bradley13 on Saturday May 27 2017, @08:50AM (1 child)
To be fair, the article is quite clear about this: you are, in fact, just moving your trust point a little farther down the line. That said, it become significantly more difficult to snoop on you for anyone except a national government. To protect against a national government, to the extent that this is possible, choose a VPN endpoint outside of your country. That way, you will at least avoid standard dragnet surveillance.
In this sense, one should give the commercial VPN operators a second look. Many of them offer you a choice of endpoints, and you can change at any time. An article I read not too long ago in a German magazine did a review of various VPN providers, and came out with a pretty strong recommendation for Freedome [f-secure.com] as a provider that appears to get most things right.
Obviously, a commercial VPN provider could be forced to cooperate with a government, but so could the cloud provider where you installed your private VPN. In that sense, I personally tend to lean towards a commercial provider. If you can trust them, they are at least supposed to know a lot more about how to set things up securely, and the convenience of their applications and choice of endpoints is worth quite a lot.
Everyone is somebody else's weirdo.
(Score: 2, Interesting) by Kawumpa on Saturday May 27 2017, @09:21AM
Here's one important thing they don't get right:
https://community.f-secure.com/t5/F-Secure/What-operating-systems-does-F/ta-p/81961 [f-secure.com]
(Score: 2, Interesting) by Anonymous Coward on Saturday May 27 2017, @08:56AM
Look at what leet haxxors do to stay out of jail.
Maybe get one of these chinese sms spam devices (search for "bulk sms"), that allow you to use 32 sim cards and change the IMEI on the fly?
https://www.alibaba.com/product-detail/8-port-support-change-IMEI-multi_1910549304.html?spm=a2700.7724838.0.0.jTwvdu&s= [alibaba.com]
Maybe try to classify your activities in categories, and only use secure comms for things where it is critical that you won't be identified? Maybe have more then one identity, and have several phones, none of them bought by you? And not turn them all on at same time, obviously.
Normal, everyday people cannot hope to compete with people who design this stuff, and it is exactly why they keep designing it that way. If you want to outsmart them, you have to become them, i'm afraid. :(
(Score: 2) by Unixnut on Saturday May 27 2017, @03:15PM
Well, my take on it:
1) Any old VPN will do, to a "VPN provider" or a VPS which you control (but in a another datacentre, handled by another ISP). However nothing stops the other ISP just monitoring your endpoint anyway (as you would be their "customer" as well). So might be worth looking at another country.
2) A VPN pointing to another country without a data sharing agreement with whichever country you reside in (so e.g. if you are in the EU/US, Russia or one of the Asian countries could be good). They , like the US and EU, are more interested in "managing" their own populations rather than what you are up to, unless you are trying to interfere politically in their countries. Plus sends quite a strong signal in the sense that if your government wanted to find out, they could see regular payments to a VPN company in another country.
Alternatively, build and make use of a totally encrypted network that sits on top of the internet. I only know of one which is not only the most popular, but rather than being a specific service like "IM", or "P2P", it supports a framework to write apps on it, like an encrypted network layer. It is called I2P: https://geti2p.net/en/ [geti2p.net]
Sends a more subtle signal, in the sense that all your traffic will become encrypted if you switch to I2P. So if they try to snoop they will find nothing, and won't even know where you are connecting to.
3) Nothing really, if you use something like I2P, the ISP/government will notice the large bulk of totally encrypted traffic. That could signal you out for "closer monitoring". You can do things like encapsulate data in another protocol like a tunnel (e.g. IP over ICMP/DNS), but they can notice (they have the resources to dedicate to this kind of thing), or use "sneakernet" type data transfer.
Or look into building out community wireless networks, which would give you a network infrastructure under your control. You can then link up different community wifi networks across the internet via VPN links as the backbone between them.
(Score: 3, Insightful) by Frost on Saturday May 27 2017, @07:47PM
The only thing the roll-your-own VPN protects you against is your ISP. Big ISPs like Comcast can get away with anything because they're literally the only choice many people have for Internet access. Hosting providers have no such captive market -- their customers are highly mobile and there are plenty of competitors providing equivalent service.
It's a big mistake to trust entities like Comcast just because they're incompetent and only care about money. Sure, they're probably not going to snoop on you personally. They're probably not even going to run dragnet analysis a la NSA. But they absolutely will collect everything they can, so they can sell it to whoever is willing to pay -- including government agencies at all levels (from the FBI all the way down to local parking enforcement), advertisers, data collection aggregators, private investigators, spammers, scammers, bullies and crooks. And furthermore they cannot be trusted to keep their logs and databases secure, so even if there is anybody in the world so scummy that even Comcast won't deal with them, they will eventually get their hands on your data -- ALL of it -- when it inevitably "leaks" to "hackers". That is why you should protect yourself from your ISP.
Data that aren't collected can't be compromised. Hosting providers and VPN services in a competitive environment have fairly strong incentives not to collect. Monopoly ISPs have no such incentives.
(Score: 3, Interesting) by The Mighty Buzzard on Saturday May 27 2017, @10:38AM (4 children)
Single-user VPNs are all fine and good for stopping your ISP from monitoring you but to any TLA they're about as effective as a tissue paper umbrella. If the majority of traffic from your VPN is going to a single address, it's not at all difficult for them to back-trace you through that VPN without even having to have access to it. If you want plausible deniability as well as opacity, you'd better have at least a couple dozen people using your VPN at any given time.
My rights don't end where your fear begins.
(Score: 3, Interesting) by art guerrilla on Saturday May 27 2017, @06:54PM
um, i was going to say something about this, but i was distracted by boobies...
.
oh, yeah, to uneducated *me*, ALL these schemes of hiding yourself with various tricked out browsers, encrypted emails, etc, etc, has one fatal flaw which you allude to: when only .0000001 to .01% of the users are using these tools, that AUTOMATICALLY puts you in a 'suspect' category (in the eyes of Empire), such that you are simply putting a big red flag on all your inertnet activities when you use these tools/techniques, REGARDLESS of whether they are 'cracked' or compromised, MERELY the factoid you are using these tools/techniques puts you in the crosshairs of the all-seeing eye of sauron...
.
the 'solution' isn't to fool sauron, the solution is to drop the ring of power in the chasm at mt doom...
(Score: 2) by tibman on Saturday May 27 2017, @10:19PM
I have a single-user VPN but it's not used to tunnel all the traffic. Just the traffic i want to extra protect. One browser uses the VPN and the other doesn't. Games don't use it.
Just a 5$ linode and uses the Shadowsocks server. Every other service is turned off, including ssh. I suppose you could run multiple people through the thing but i feel like that might attract more attention?
SN won't survive on lurkers alone. Write comments.
(Score: 2) by Gaaark on Sunday May 28 2017, @01:01PM (1 child)
What about a SN VPN?
Is the cost prohibitive? How much would monthly/yearly cost?
Does anyone have experience with this?
I use PIA, but don't know them from Jack Off, .....
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2) by The Mighty Buzzard on Sunday May 28 2017, @01:25PM
We've talked about it but came to the conclusion that we didn't want the feds coming to us with a blanket warrant and getting access to all of what little information we do store; website and vpn both. Doing it as a separately incorporated project we haven't really looked into yet.
My rights don't end where your fear begins.
(Score: 1, Interesting) by Anonymous Coward on Saturday May 27 2017, @02:13PM
Think this is bad? Google "ringless voicemail". Congress is selling us down the river again.