not-kennethreitz/convore.json
1
0
Fork 0
mirror of https://github.com/not-kennethreitz/convore.json.git synced 2026-06-21 15:40:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
convore.json/groups/brunei/net-neutrality-internet-throttling-qos/messages.json
T
Kenneth Reitz add958b068 shuffle things around a bit
2012-02-21 01:15:00 -05:00

1 line
48 KiB
JSON
Raw Permalink Blame History

[{"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302578580.31142, "message": "we are trying to discuss the issues (1) Internet throttling, (2) providing a reliable Internet connection with proper quality of service and (3) net neutrality (all packets being treated equally)\nI hope that sums it up", "group_id": 3864, "id": 636096}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302578403.4852121, "message": "Starting from @JanShim's tweet of \"I recently chanced upon someone who works at an office where every social network site is blocked and images in email stripped. Puke blood but wait, I think puking is discouraged too. Yes, this is an office in Kuala Belait.\" to mine \"nothing wrong with stripping emails of images. it's a security measure. plain text email FTW. blocking sites is a policy perhaps to prevent people from spending too much time poking their friends or the like. now while there are always ways to work around the blocking of sites and I may not totally agree with their practise, it is the management / IT dept's call on what to do with their rationale behind it. \"", "group_id": 3864, "id": 636025}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302581661.2603309, "message": "Traffic management ISP side.", "group_id": 3864, "id": 637128}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582117.8540959, "message": "The other issue is essentially, freedom of speech kind of thing. ie: Blocking websites because of its content. For example Facebook.com is (or should be) blocked by institutions.", "group_id": 3864, "id": 637341}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582197.0020571, "message": "perhaps all that is needed is more transparency and communication. let the users know why things are being done rather than just letting questions go unanswered", "group_id": 3864, "id": 637385}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302581623.681577, "message": "I think there's two issues on hand: Blocking websites by offices.", "group_id": 3864, "id": 637114}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583972.209111, "message": "Yeah. Being the sysadmin, I kind of side with the ISPs, but Merrit brings up a good point in Korea. How are they able to have all that speed and not clog the system.", "group_id": 3864, "id": 637929}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582280.4246271, "message": "the facebook question is a bit tricky. PMO network blocks Facebook, yet some departments try to connect with people through Facebook. offices are supposed to be only getting Internet via PMO network so thus would force people to use personal broadband to access FB", "group_id": 3864, "id": 637413}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582839.4517801, "message": "Heh heh. Hrm. Quotas. That sounds good.", "group_id": 3864, "id": 637645}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582273.4229939, "message": "True. Policy is important and I think there should be one, especially for the government ones (though there's a chance no facebook is policy and the circular is not being circulated_", "group_id": 3864, "id": 637408}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582355.007236, "message": "I think it's not too surprising. It's like the Old Media-New Media thing. Sometimes there's conflict of interest within a company especially if its steeped in a stringent culture.", "group_id": 3864, "id": 637458}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582417.2457731, "message": "Do office workers download porn first thing in the morning (because of fast connection)? Yes.", "group_id": 3864, "id": 637503}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582810.4236109, "message": "http://www.readwriteweb.com/archives/facebook_at_work_helpful_or_a_hazard.php", "group_id": 3864, "id": 637637}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582928.9044881, "message": "but then again it's not like Facebook is the only way to take a break", "group_id": 3864, "id": 637673}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582954.765166, "message": "This is correct. And well, this is not taking into account the benefits of a social network (say, Twitter for collaboration)", "group_id": 3864, "id": 637678}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583092.8603871, "message": "Well, it's more like, if you leave food in the kitchen do you trust them not to eat it?", "group_id": 3864, "id": 637716}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583149.7231951, "message": "perhaps on the work side, they can always do monitoring and take action if they see that the user is becoming unproductive / wasting time online", "group_id": 3864, "id": 637734}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583188.9452269, "message": "i.e. keep it all open and trust them not to abuse it. but if they do, take disciplinary actions (perhaps I'm an idealist in this way)", "group_id": 3864, "id": 637740}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302581899.796062, "message": "There are some similarities, such as management of traffic. For example, where I work we only get 3Mb/s up and down. Two or three users on the youtube and suddenly network becomes unusable. So, we could either block youtube or throttle it. I don't know how well this translates up to the ISP side, because there maybe some sort of bandwidth cap the backbone has but I've read somewhere that this may not be clear cut, always citing Korea. I honestly don't know.", "group_id": 3864, "id": 637229}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583063.3009629, "message": "if you leave the door open, can you trust your employees not to abuse it?", "group_id": 3864, "id": 637710}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583470.6626239, "message": "if it's company PC they can always get valid SSL or preinstall self-signed cert on all comps", "group_id": 3864, "id": 637807}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583782.7100749, "message": "http://www.m86security.com/solutions/security_issues/web_security/encrypted-malware.asp", "group_id": 3864, "id": 637873}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584222.942014, "message": "perhaps all their RTS players work in server rooms manually switching ethernet cables from one overloading switch to an under utilized one. haha", "group_id": 3864, "id": 638002}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582105.6267719, "message": "and obviously as mentioned in offices, it is all dictated by management and IT. it could be policy based on certain knowledge. whether right or wrong, as an employee you can't really do much aside mention your objection and your thoughts but in the end, the management has the final say. if you don't like it there, then you find proper ways around it be it more legit (i.e. personal broadband) or less clear cut (proxy through). perhaps there is lack of employee knowledge, so education is a must to let them know why policies are made", "group_id": 3864, "id": 637331}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584306.424706, "message": "(Black room filled with computers lit up with visualisation of pipes)", "group_id": 3864, "id": 638017}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583952.0400879, "message": "we dont know if they have a big enough pipe to serve all users and if they do, is the utilisation so high that they cannot provide consistent internet without throttling or something like that", "group_id": 3864, "id": 637920}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584002.4396729, "message": "if they say they are throttling and general consensus is that it seems to be a better QoS, then at least there is some quantifiable data", "group_id": 3864, "id": 637942}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582450.636342, "message": "So I think, from an MIB and mostly good taste kind of thing, it's probably safe to block?", "group_id": 3864, "id": 637522}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582453.464576, "message": "(Maybe)", "group_id": 3864, "id": 637524}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582743.8476369, "message": "will cause people to use their data wisely", "group_id": 3864, "id": 637622}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582822.5829871, "message": "lol", "group_id": 3864, "id": 637639}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583029.731811, "message": "blocking sites will just cause people to find away round them. e.g. twitter: there are many online twitter apps/clients that anybody could use (or even make their own)", "group_id": 3864, "id": 637699}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583275.426702, "message": "the argument against monitoring is that it requires people to look at the logs or to analyze them. and there always seems to be a lack in manpower", "group_id": 3864, "id": 637761}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583297.367667, "message": "(I'm worried because we have access to stupid amount of money)", "group_id": 3864, "id": 637766}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583342.9640551, "message": "unless they have a ssl proxy. i think it's called a transparent ssl proxy, that decrypts at the proxy side (for them to analyse) and re-encrypt sending over the Internet", "group_id": 3864, "id": 637775}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583553.1026599, "message": "Hrm. So even if we checked the certificates? Can they say it came from, say, convore.com?", "group_id": 3864, "id": 637823}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583660.392035, "message": "So, going back into topic, I think for personal use, use mobile broadband? (I'm.. going to get TOR on that too)", "group_id": 3864, "id": 637850}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582664.6632299, "message": "should there be a bandwidth 'quota' for employees?", "group_id": 3864, "id": 637595}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582832.6283751, "message": "QoS not there!", "group_id": 3864, "id": 637643}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583255.4047329, "message": "The problem with that is that the infrastructure to do that is just not there. What I need it to set up a domain controller for everyone using the network. Supposedly live@Edu would be this for educatop people.", "group_id": 3864, "id": 637759}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583841.6646841, "message": "And that throttling is just an easy way out for ISPs.", "group_id": 3864, "id": 637888}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582385.5173099, "message": "Another obvious case (or not obvious. I don't know). Porn sites. We block them.", "group_id": 3864, "id": 637483}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582820.7815461, "message": "i'm trying to get a quote but it's still loading", "group_id": 3864, "id": 637638}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584033.624239, "message": "perhaps somebody should go there and find out how they do it all", "group_id": 3864, "id": 637955}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582506.66729, "message": "in the work place NSFW sites should be blocked, I guess if the management believes so. anyway I would think most NSFW sites would cause a huge drain on bandwidth too", "group_id": 3864, "id": 637538}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584495.5006189, "message": "perhaps we see things too much from the technical side. the end user doesn't really care do they? or are they just not informed/educated enough about what is going on?", "group_id": 3864, "id": 638040}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582707.5641999, "message": "in Uni of Melbourne students have 1GB a week for external sites, after which they are limited to only the intranet or uni sites", "group_id": 3864, "id": 637609}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582757.9236751, "message": "after all how much youtube / videos does an employee need to watch?", "group_id": 3864, "id": 637624}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302582870.651778, "message": "Does need to have the whole Domain Controller infrastructure inplace.", "group_id": 3864, "id": 637654}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582911.8268991, "message": "\"He found that people who took small breaks between tasks were 9% more productive than their colleagues who did not. \"It gives them a chance to reset their concentration,\" says Coker. That means that companies who block access to social networking sites like MySpace and Facebook are actually inadvertently decreasing employee productivity.\"", "group_id": 3864, "id": 637668}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583335.723912, "message": "I think supposedly the eGov PCs are supposed to be locked down and they'd monitor the actons client side?", "group_id": 3864, "id": 637774}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584542.501478, "message": "ok, why are you not seen as online now? haha", "group_id": 3864, "id": 638050}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302582873.975759, "message": "and it's lunch time. meaning there should be less people around yet still QoS issues. people leaving their downloads over lunch", "group_id": 3864, "id": 637657}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583280.4315729, "message": "I'm a bit paranoid, but I'm.. fairly certain they can't monitor traffic over ssl.", "group_id": 3864, "id": 637763}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583377.7295129, "message": "Won't we get certificate problems?", "group_id": 3864, "id": 637780}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583439.669626, "message": "Erm. Hello IT guys! We weren't talking bad things about you guys! Honest.", "group_id": 3864, "id": 637799}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583600.2321081, "message": "And they ask me why I have TOR on startup.", "group_id": 3864, "id": 637836}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583751.662719, "message": "haha. not a proxy SSL guru (a real n00b probably) but they can rewrite webpages on the fly so forms get submitted to the proxy", "group_id": 3864, "id": 637864}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583797.022676, "message": "On to happier things, what do you think about the concept that there shouldn't be any problems on the backbone side of things that Tom Merrit likes to talk about.", "group_id": 3864, "id": 637877}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584323.669158, "message": "(Korean players just clicking mouses endlessly)", "group_id": 3864, "id": 638019}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302583193.6184959, "message": "Supposedly, eGBandwidth does this, but I'm not sure how it would be implemented.", "group_id": 3864, "id": 637743}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583232.451745, "message": "i've heard thats one of the reason why they want to migrate people over to PMO network: so they can monitor and be big brother", "group_id": 3864, "id": 637752}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302585453.384949, "message": "at the end of the day, you need to trust the source which is hard unless you know the person and who set it up and who has access to ti", "group_id": 3864, "id": 638214}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583771.8684199, "message": "http://ask.metafilter.com/38012/How-do-I-encrypt-my-http-traffic-so-my-company-cant-read-it", "group_id": 3864, "id": 637871}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302583899.740957, "message": "it does seem like a cop-out. but it's hard to judge. because we can't see the big picture", "group_id": 3864, "id": 637905}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585169.296463, "message": "And I think that's the beauty of the VirtualMachine thing. When you do.. erm... anon things, only do it in that box, using TOR.", "group_id": 3864, "id": 638160}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302586175.3924689, "message": "but isn't browsing pattern a way they can identify a person as well?", "group_id": 3864, "id": 638279}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302586979.1990731, "message": "And paranoid? But uselessly so.", "group_id": 3864, "id": 638338}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302586984.812587, "message": "(Laptop doesn't have a password)", "group_id": 3864, "id": 638339}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585392.46805, "message": "Man reading up on TOR vulnerabilities is depressing.", "group_id": 3864, "id": 638204}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585480.9662681, "message": "... We're going to write our own operating systems aren't we?", "group_id": 3864, "id": 638216}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585596.3308101, "message": "But I think, even if the operating system is compromised because it's in a virtual box, it doesn't know your original IP.", "group_id": 3864, "id": 638226}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302587086.4705729, "message": "essentially. I've got two extremes. Lazy and Perfectionist.", "group_id": 3864, "id": 638345}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302585023.9428661, "message": "source: http://www.grc.com/sn/sn-110.txt", "group_id": 3864, "id": 638149}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584108.366178, "message": "True. Though, I can also understand how a switch can get overwhelmed by traffic. At the rates they're talking it boggles my mind. They're faster than the LAN I'm in!", "group_id": 3864, "id": 637973}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584526.2459061, "message": "Okay. Security. http://janusvm.com/ . https everywhere.", "group_id": 3864, "id": 638045}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584786.4691839, "message": "For masking identity at least. I'd have to be sure to always connect in SSL.", "group_id": 3864, "id": 638099}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584938.9095199, "message": "You know. I don't even know why I want to be secure anymore.", "group_id": 3864, "id": 638136}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585108.7127459, "message": "Ah. The encryption thing. Yeah. I think that's why I'd need to use HTTPS everywhere or at least force SSL", "group_id": 3864, "id": 638156}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584686.693754, "message": "But anyway, Virtual Machine with all the connections piped to TOR. Sounds good?", "group_id": 3864, "id": 638081}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584814.767386, "message": "I think if the relays are under the same network that someone controls.", "group_id": 3864, "id": 638112}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585214.6686471, "message": "So even if they identity the machine and surfing patterns, they just found your anon profile.", "group_id": 3864, "id": 638162}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584287.7769649, "message": "Haha, good one. .. *serious face* I actually can imagine that.", "group_id": 3864, "id": 638015}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584593.127166, "message": "i think in brunei the issue is both the source pipe and the manpower", "group_id": 3864, "id": 638058}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584605.5087769, "message": "Hrm... I also want to say, I've got some anon box somewhere to connect too. I always thought it'll be cool to have boxes lying around in different places.", "group_id": 3864, "id": 638061}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302584657.5482261, "message": "I suppose if you have a bot net, we could use that.", "group_id": 3864, "id": 638072}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584727.860465, "message": "but you are trusting the TOR then right?", "group_id": 3864, "id": 638083}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302585391.94857, "message": "but that virtualmachine was set up by who? can't they trace it back to you?", "group_id": 3864, "id": 638203}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584668.579891, "message": "source pipe not big enough. you mentioned we can throttle but as long as it enables streaming.", "group_id": 3864, "id": 638076}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584685.0438919, "message": "users are greedy i think. if they can stream 360p, then they want 720p or 1080p streaming", "group_id": 3864, "id": 638080}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302584785.6828921, "message": "i recall that they mentioned on Security Now that they were able to back trace some data on TOR. but can't remember the premise. maybe they had their own TOR servers that recorded data", "group_id": 3864, "id": 638097}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302585013.3660331, "message": "George in Texas wonders about the security of TOR, The Onion Router. He says he saw an article on Ars Technica about a security researcher who used five TOR exit nodes to collect logon passwords from unencrypted traffic. What's the deal? I thought TOR was safe. I'm going to add something to this because we've now heard reports of at least one, I think two TOR administrators, one TOR administrator in Germany who was subpoenaed by the German authorities, they took his machine and all the information on that machine. Of course the authorities had no clue what to do with it. In fact it was worthless to them. But it does raise the issue of people can get these individual machines. Does that compromise TOR?\n\nSTEVE: Well, and in fact the guy you're talking about in Germany, this was the second time he had been harassed by the government. And he said, I'm sorry, but I'm no longer going to be able to host an endpoint node on the TOR system because of the problems that it creates.\n\nLEO: And by the way, the German police got nothing from this. They're at the wrong point.\n\nSTEVE: Well, so, okay. So let's explain what's going on here. First of all, this rather irresponsible security researcher, I mean, it's www.derangedsecurity.com. I consider him a little irresponsible, maybe a lot irresponsible...\n\nLEO: That should tell you something, just the name.\n\nSTEVE: Yeah, DEranged Security, because he was running - he runs a bunch of TOR nodes. And he specifically wrote a packet sniffer to find high-value email logon credentials, that is, username and passwords for, for example, governments and embassies and other high-value targets. He put these sniffers on five TOR servers, and they collected thousands of email name/logon password combinations. Then, because he didn't feel that anyone would take this seriously unless a lot of noise was made, he published these things that he had gathered publicly on the basis that, first, nobody would pay attention to this problem otherwise; and that, well, these were all in the clear anyway, traveling around the Internet, so what's the big deal?\n\nWell, the big deal was the U.S. government immediately stomped on him and had his site taken down. All kinds of people were really upset. And essentially he published the email logons for a bunch of embassy, government embassy email accounts, and a whole bunch of problems resulted, as you can imagine. So...\n\nLEO: But underlying that, did he point up a security issue?\n\nSTEVE: No. What he did was - and this is valuable. The reason I wanted to put this question up, first of all, a lot of people picked up on it and wrote to us about this, so I wanted to address it directly. What TOR does is it anonymizes users of the Internet. It does not provide end-to-end security, meaning that, for example, SSL, Secure Sockets Layer we've talked about often, it provides end-to-end security, meaning that when I use - when a GRC customer buying SpinRite wants to buy SpinRite, the first thing that happens is an SSL connection is created, securing all of their traffic from their machine to the GRC server and back. So nothing can be seen. TOR doesn't provide encryption except between TOR server nodes. But on the final node, after your traffic is bounced around between TOR servers, where it is encrypted, and the TOR protocol makes it extremely hard to backtrack, once it finally is done bouncing around, playing ping-pong around TOR nodes, the final TOR node decrypts it the last time, essentially takes it out of the final encryption envelope, peels that layer off the onion, so to speak, and the traffic is then emitted or injected onto the Internet in the clear, that is, as plaintext.\n\nSo the mistake that these embassy people were making is they may have believed that all of their traffic was encrypted by using this system, when in fact all that was being done was they were being anonymized, meaning that potentially they could not be backtracked. On the other hand, their email had their client IP and server name, and everyone knew, anyone who looked at this would know where they were logging onto and what was going on. And all their email even was in the clear apparently, the actual content of their email. So...\n\nLEO: So he just pointed out how insecure their system was, really.\n\nSTEVE: Well, he pointed out that people were using TOR for the wrong reason. They were - and that...\n\nLEO: Yeah. They were assuming they were secure.\n\nSTEVE: They were assuming, exactly, that it was providing them absolutely security on the \u2018Net, when in fact all it was really doing, all it was meant to do is to provide anonymity services. Now, the reason the guy in Germany has gotten into trouble several times is that it was for child pornography that he was arrested. What happened was that government officials were tracking back the IP of somebody who apparently was pulling child pornography off of a child pornography site. Well, this child pornography viewing end user was using the TOR system to provide him or her with anonymity for this web surfing that they were doing. And what happened was the child porn IP was terminating on this TOR endpoint, where it then became encrypted and was then anonymized.\n\nSo somebody on the outside of the TOR system saw that this node was apparently making these child porn queries, when in fact they were being made on behalf of somebody using the TOR system for anonymity. And you can't blame them in this case for wanting to be anonymous. I mean, they understood clearly that this is what TOR was used for. So the authorities went to this endpoint and arrested this guy, unfortunately. He did nothing wrong except he was running a TOR node endpoint. And this in fact is the great danger of running TOR node endpoints. It's actually there's a double-edged sword here. If you run the endpoint, then people on the \u2018Net will believe that it's your machine which is making these queries of potentially bad stuff, when in fact your machine is making them on behalf of somebody who wants to be anonymous specifically because they want to do things which are in many cases and many countries and locations illegal to do.\n\nThe other side of this is that all of the traffic which is coming and going from that endpoint can be scrutinized by anyone running the endpoint. And in fact something that is useful is that this DEranged Security guy has a list of example exit nodes that can read your traffic. And so he says nodes named devilhacker and hackershaven; node hosted by an illegal hacker group; major nodes hosted anonymously dedicated to TOR by the same person or organization in Washington, D.C. - each of these are handling five to ten terabytes of data every month; a node hosted by Space Research Institute/Cosmonauts Training Center controlled by the Russian government.\n\nLEO: Wow. The Russian government runs a TOR node.\n\nSTEVE: Yeah. Nodes hosted on several government controlled academies in the U.S., Russia, and around Asia; nodes hosted by criminal identity stealers; nodes hosted by Ministry of Education in Taiwan, you know, run by China; node hosted by major stock exchange company and Fortune 500 financial company; nodes hosted anonymously on dedicated servers for TOR, costing the owner between $100 and $500 every month, meaning presumably they're getting some value in return; nodes hosted by the Chinese government officials; nodes in over 50 countries with unknown owners; and nodes handling over 10 terabytes of data every month. So the point is that, you know...\n\nLEO: 10 terabytes.\n\nSTEVE: Yeah. People are using TOR to do things anonymously. But you're using - when the traffic egresses from the TOR network, you don't know who owns the node that it's egressing from, nor do you know what purpose they're using the node for. So it's worth mentioning that, once your data egresses the TOR system, it is no longer encrypted. It has been anonymized as the TOR system provides. But depending upon what you're doing, you may still be giving your identity away. And people of unknown ambition and goal could be looking at it.\n\nLEO: I think that's the bottom line, the really most important takeaway from this is that TOR is for anonymity, not encryption.", "group_id": 3864, "id": 638143}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302585672.9849391, "message": "Hopefully, the IP anonymity is fairly safe (though I guess there's vulnerabilities) so the only way they'll associate you with the machine is if you did something that's \"you\" inside the machine. (IE: you logged into any of your accounts. Or you went to sites that not a lot people go and maybe just you go)", "group_id": 3864, "id": 638235}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302586276.0556791, "message": "and now also 'how' you type your password: http://developers.slashdot.org/story/08/04/04/169229/Identify-and-Verify-Users-Based-on-How-They-Type", "group_id": 3864, "id": 638287}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302586378.3919981, "message": "Haha. erm... Lastpass?", "group_id": 3864, "id": 638295}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302587410.9792111, "message": "@mfirdaus oh you can do this too. lol", "group_id": 3864, "id": 638366}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302586551.384979, "message": "so that means you can only surf your 'set of sites' via your anonymous system and not outside it, as it could be traced back to you?", "group_id": 3864, "id": 638305}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302586108.3208849, "message": "well remember the scare in BSD (I think it was BSD) several months back where they said the secret service paid somebody to put a backdoor. though further looking into the matter said this wasn't true", "group_id": 3864, "id": 638272}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302586363.1555591, "message": "Yeah. So if you stick doing anon things in anon mode and don't do the things you normally. So even if they identify you, they identify your anon persona.", "group_id": 3864, "id": 638294}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302586968.03054, "message": "Yup. Work, work.", "group_id": 3864, "id": 638336}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302587106.5753939, "message": "(next on the list of security things is to encrypt everything)", "group_id": 3864, "id": 638346}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302586727.6382871, "message": "I think so. But if you accidently go to something that identifies the real you (say you went and listen to your icecast server) then suddenly the sites can be traced to you.", "group_id": 3864, "id": 638314}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302586922.7327111, "message": "ok i got to get back to work. resume this some other time. p.s. I think you're (overly) paranoid", "group_id": 3864, "id": 638330}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302586923.365643, "message": "haha", "group_id": 3864, "id": 638331}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302589024.9704931, "message": "Hrm... #interesting", "group_id": 3864, "id": 638509}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302589189.429498, "message": "I think there was a long aside there so going back into topic, before work, my final current thoughts on these are. As user, I want unrestricted access but I can understand the technical reasons for traffic management. I don't use office network for personal use, not because it's unusable but I'm kind of paranoid. So things being blocked and throttled there is a moot point.", "group_id": 3864, "id": 638521}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302677788.218919, "message": "In regards to bandwidth quotas, I'm still quite noob-ish in these kind of things (and vendors won't let me touch switches and routers) but I had the impression that we need authentication. I thought about IP or MAC address, but I'm not sure how reliable these are. So the only way I know of currently is by using domain controllers.", "group_id": 3864, "id": 660729}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302677649.007283, "message": "uh, hi guys", "group_id": 3864, "id": 660709}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302677702.065578, "message": "1. faking messages may be construed as illegal - so QoS attempts that try to masquerade and mess with syn-ack are dangerous", "group_id": 3864, "id": 660720}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302678959.8388231, "message": "i think your problem with security can't really be solved, because the hardware is always going to be suspect", "group_id": 3864, "id": 660905}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302677841.688287, "message": "pffft domain controllers LOL. Don't you use DHCP to restrict MAC addresses that may connect to particular subnets ?", "group_id": 3864, "id": 660735}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302677755.5250499, "message": "2. TOR is great for adding another layer of anonymity. But you gotta encrypt/tunnel packets that go over it, otherwise it's just kinda moot. It's like sending unencrypted data over an insecure channel ... which it is ... ?", "group_id": 3864, "id": 660726}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302677850.110981, "message": "Use DHCP to map MAC to IP, then bob is your uncle", "group_id": 3864, "id": 660736}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302678928.054878, "message": "then shove unknown MACs to a separate IP subnet, that'll cater to your visitors", "group_id": 3864, "id": 660902}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302678972.686506, "message": "so go buy a small $500 netbook, go get Lniux, then bob is your uncle", "group_id": 3864, "id": 660908}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302679107.2123549, "message": "unless you can get TPM and booting to a secure secure environment? meh. Keyloggers in hardware IMHO will pwn you", "group_id": 3864, "id": 660925}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684143.4186809, "message": "Well, I'm using my own hardware so that's no problem.", "group_id": 3864, "id": 661496}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684181.558805, "message": "And I'm using mobile broadband so I don't worry about that. That said, it still goes through the ISP.", "group_id": 3864, "id": 661514}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684291.299516, "message": "ipsec and tunnels is probably a bit more \"enterprise\"", "group_id": 3864, "id": 661532}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684745.271064, "message": "if you assume that, then go buy a bunch of Mac Mini's", "group_id": 3864, "id": 661619}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684267.2117231, "message": "ssh tunnel is probably the easiest \"call-on\" and \"call-off\" way of doing it", "group_id": 3864, "id": 661528}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684294.467593, "message": "So this is why I assume TOR would be useful. I did thought about SSHing into a remote server (presumably a web host) but the problem is getting a box anonymously.", "group_id": 3864, "id": 661535}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684321.3585019, "message": "Because, if I was being paranoid, the purchase of an SSH server outside the reach of one's ISP would mean that it's tied to a bank account.", "group_id": 3864, "id": 661539}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684330.048425, "message": "yes you're right about TOR being useful", "group_id": 3864, "id": 661541}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684348.080426, "message": "but if we can't trust a legit outside ISP, what hope does any of us have, lol", "group_id": 3864, "id": 661546}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684349.3048351, "message": "I am currently looking into anon purchases.", "group_id": 3864, "id": 661547}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684608.3026869, "message": "Exactly right? I'm currently assuming we can't trust anybody. And thus trying to find the best solution.", "group_id": 3864, "id": 661584}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684821.4716771, "message": "hrm", "group_id": 3864, "id": 661642}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302685437.4088171, "message": "TCP/IP over HAM radio? i guess that could work albeit at low bitrate", "group_id": 3864, "id": 661766}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684927.9319029, "message": "Yeah. But online transactions tend to be traceable?", "group_id": 3864, "id": 661659}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684962.9945021, "message": "... Can we purchase an account with amazon gift cards?", "group_id": 3864, "id": 661669}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302685289.270298, "message": "This discussion is purely educational. Is true.", "group_id": 3864, "id": 661722}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684732.466563, "message": "oh can't trust anybody?", "group_id": 3864, "id": 661613}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684742.009572, "message": "So far, the best I can come up with is to have is to acquire a box (I guess safest way is by using dark-hat means, from a fresh box connected to TOR). Then we can ssh into it by way of TOR.", "group_id": 3864, "id": 661617}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684755.1152489, "message": "make lots of friends with peeps at foreign ISPs", "group_id": 3864, "id": 661624}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684758.3290761, "message": "Haha. As a purely hypothetical situation.", "group_id": 3864, "id": 661626}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684759.6802011, "message": "and go co-lo them", "group_id": 3864, "id": 661627}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684806.4312961, "message": "Just on the principle that that'll be so damned cool.", "group_id": 3864, "id": 661639}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302685194.5861599, "message": "get a bunch of prepaid visa cards, move money between accounts, transfer funds in and out", "group_id": 3864, "id": 661700}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302685364.909112, "message": "Also interesting topic is what happens when Internet was shut off (like eygpt). Dial-Up is pretty cool.", "group_id": 3864, "id": 661744}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302685381.7129979, "message": "Also Internet over HAM radio?", "group_id": 3864, "id": 661749}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302684795.9520659, "message": "Sometimes, I just wish I had huge bot nets and list of random servers everywhere like those hackers in the TV.", "group_id": 3864, "id": 661634}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302684826.7817199, "message": "have you thought of ec2", "group_id": 3864, "id": 661645}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302685170.3581369, "message": "haven't tried it - the other option is to adopt some of the tricks money launderers use", "group_id": 3864, "id": 661694}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302685229.7177451, "message": "lol. We're getting deeper into dark places.", "group_id": 3864, "id": 661704}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302686597.5605209, "message": "Going back in track, So what you think about some people saying that bandwidth saturation is not really a problem in the backbone?", "group_id": 3864, "id": 661992}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697035.1589639, "message": "\"core networks\"", "group_id": 3864, "id": 663778}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697010.1783521, "message": "our international bandwidth won't be saturated because the overcapacity is happening not on the international link but", "group_id": 3864, "id": 663766}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697083.5082681, "message": "but totally different core network infra", "group_id": 3864, "id": 663798}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697123.537534, "message": "I'm gonna say this! But BGP is FTW, and RIP should just REST IN PIECES LOL", "group_id": 3864, "id": 663814}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302696966.0767839, "message": "Brunei's international bandwidth - all along our SEAMEWE3 links and the AAG links and that borneo link", "group_id": 3864, "id": 663749}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697050.3308339, "message": "maybe you should test the QoS in the different ISP's and see what is what", "group_id": 3864, "id": 663781}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302696947.638562, "message": "I think what people are trying to say is that even if all the Brunei net subscribers went online at the same time", "group_id": 3864, "id": 663742}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697030.756968, "message": "in certain core networks", "group_id": 3864, "id": 663775}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302696881.9338169, "message": "\"backbone\" might not be the right term for the Brunei situation", "group_id": 3864, "id": 663731}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302697066.8817, "message": "because all the local ISP's have the similar international gateways", "group_id": 3864, "id": 663788}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302736528.7234659, "message": "hrm. So problem is within ISP?", "group_id": 3864, "id": 673578}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302736623.6199739, "message": "or between ISP and user?", "group_id": 3864, "id": 673590}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302763759.489722, "message": "problem is at ISP IMHO", "group_id": 3864, "id": 680063}, {"user_id": 28885, "stars": [], "topic_id": 18811, "date_created": 1302932199.232425, "message": "I've heard things like if they do a traceroute it goes out of the country before coming back eventhough the route should be all within the country. a possible problem was implementation without proper documentation and thus when old staff leave, new staff not sure what to do and try not to touch what is there and just try build from scratch or work around", "group_id": 3864, "id": 709039}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302938811.651845, "message": "@TheWheat close. But routing protocols follow biz agreements. If no biz agreement in place then no engineer will wanna fix the RIP routes, am I right? So the problem of inter connection between local ISPs is a problem.", "group_id": 3864, "id": 709740}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302938880.8799601, "message": "Not appropriate to talk in public fora about confidential materials learned in my employment. But you are right traceroute data is public.", "group_id": 3864, "id": 709742}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1302938972.6111951, "message": "And per the rules if there is an interconnection agreement they have to publish it for all to view", "group_id": 3864, "id": 709756}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1302945474.225482, "message": "So instead of korean's Star Craft player powered routing, we have... uncommitted farmville players?", "group_id": 3864, "id": 709997}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1303030962.2178769, "message": "I wonder if BitCoin will gain traction: http://techland.time.com/2011/04/16/online-cash-bitcoin-could-challenge-governments/", "group_id": 3864, "id": 716083}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1303041640.703774, "message": "P2p micropayments is a fascinating future prospect", "group_id": 3864, "id": 716540}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1303041914.1043999, "message": "www.deloitte.com/us/cellmethemoney", "group_id": 3864, "id": 716575}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1303041941.974504, "message": "I'm organising a briefing for our clients on the subject", "group_id": 3864, "id": 716580}, {"user_id": 11411, "stars": [], "topic_id": 18811, "date_created": 1303093137.5687499, "message": "There was this one moment hearing about how Africans were using pre-paid credits to do transactions. That's brilliant.", "group_id": 3864, "id": 720752}, {"user_id": 29218, "stars": [], "topic_id": 18811, "date_created": 1303113627.6107509, "message": "yes I've read about people sending prepaid credits to each other using their phones to pay for some unusual transactions ...!!! LOL not to be commented in public tho.", "group_id": 3864, "id": 724046}]
Reference in New Issue View Git Blame Copy Permalink