LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 07-30-2017, 02:26 PM   #1
ardvark71
LQ Veteran
 
Registered: Feb 2015
Location: Oregon, USA
Distribution: Lubuntu 14.04, Windows Vista
Posts: 6,279
Blog Entries: 3

Rep: Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835
Russia to ban VPNs...


Hi all...

Just as a heads up for those who weren't aware, Russia is set to ban the use of VPN's and other "anonymizers," which, from what I understand, includes Tor.

http://www.newshub.co.nz/home/world/...-browsing.html

Quote:
It will ban the use of virtual private networks (VPNs) and other technologies, known as anonymisers, that allow people to surf the web anonymously.

It comes into force on November 1.
I'm not sure what the penalties are for violations but I find this very unfortunate. I'm sure many folks in Russia, like elsewhere, use VPN's for legitimate reasons, such as enhanced privacy and security.

Regards...
 
Old 07-31-2017, 08:14 AM   #2
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,444
Blog Entries: 4

Rep: Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896
I'll wait for a considerable amount of corroborating evidence on this one, from many agreeing sources, before considering it to be anything other than a rumor.

Like it or not, you cannot have an international TCP/IP network without encryption, any more than you can have an international "party line" for telephones. Everyone, regardless of country, must be able to obtain these three fundamental assurances when they need them:
  1. That the message received was actually the one that was sent.
  2. That the message received actually did come from its purported sender.
  3. (Optionally(!)) That the contents of the message remained private as it passed along the public network.
I dismiss this (for now) as a fanciful rumor, because it would mean that Russia and its people could not do business with the world. No one uses paper purchase-orders or anything else these days: it's all done electronically, and guess what ... it's encrypted. Of course.

Last edited by sundialsvcs; 07-31-2017 at 08:16 AM.
 
Old 07-31-2017, 11:04 AM   #3
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware has beern Main OpSys for decades while testing others to keep up
Posts: 1,425

Rep: Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335
If one manages to employ VPNs or anonymisers properly there is no way to detect and nail down who the user was so even if this rumor bears fruit all it can possibly be is an additional charge tacked on after someone is caught for something else. It's a bit like making it a law forbidding the use of unregistered weapons in the commission of a crime, or requiring users pay taxes on an illegal substance.... a Catch 22 for morons on one end or an added charge on the other. .
 
Old 07-31-2017, 11:12 AM   #4
justmy2cents
Member
 
Registered: May 2017
Location: U.S.
Distribution: Un*x
Posts: 221
Blog Entries: 2

Rep: Reputation: Disabled
Could it be that their on edge with the new U.S. sanctions, and what happening with NK? @Enorbet "encryption can only help you so much when metadata leaks whom you're talking to, when youre talking to them, and even suggests what you're talking to them about."
 
Old 07-31-2017, 11:28 AM   #5
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,444
Blog Entries: 4

Rep: Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896
Actually, you should not expect "anonymizers," or for that matter VPN, to help you if you're up to no good. The Government owns the Internet ... and MILNET ... and is capable of "total-network traffic analysis." Whether or not it can immediately decipher the traffic, it can deduce where messages are going. (Or, by observing traffic that is headed to a target-of-interest, work backwards to its probable source.) And then, it can apply prodigious computing power and secret knowledge to provide the Federal Prosecutors what they need to know to bust you.

Encryption technologies are not incriminating: you use them every time you visit an https: web site. You use them every time you swipe a credit-card or use an ATM. But, "if you are up to no good," realize that you can be detected no matter what you do. We didn't design this network to have no provision for public safety.

There is a well-recognized and fundamental need for civilians(!) to have access to strong encryption, because every nation is made up of millions of ... civilians. The military exists to protect ... civilians. But, so do agencies like the US NSA. "National Security" is not a mission that can be separated from concern for civilians. Rather, it is a mission that consists of providing security, whatever that may mean, to a Nation ... of Civilians.

This includes providing secure and dependable ways for trillions of messages to be passed, every single day ... among civilians.

The NSA provided expert help in the development of the original DES cipher, supplying the "S-box" tables and cautioning people to use them without explaining why. Many people were of course suspicious at the time, but later civilian discovery of "differential cryptanalysis" revealed that the provided tables provided strength against this attack. After the discovery was made, NSA acknowledged that this was what they were talking about. Government agencies have also assisted in the development and testing of many other crypto suites and protocols that we use today. And, that is part of their mission. That's part of what we are paying them to do.

Also – part of their mission is "to tell the commanding officer, today, what the enemy is going to do tomorrow." And so, if you are "up to no good," preventing you from doing so is also part of what we are paying them to do.

No sympathies from me. When the time comes, I hope they throw away the key.

Last edited by sundialsvcs; 07-31-2017 at 11:34 AM.
 
Old 07-31-2017, 11:50 AM   #6
justmy2cents
Member
 
Registered: May 2017
Location: U.S.
Distribution: Un*x
Posts: 221
Blog Entries: 2

Rep: Reputation: Disabled
Quote:
Government agencies have also assisted in the development and testing of many other crypto suites and protocols that we use today. And, that is part of their mission. That's part of what we are paying them to do.
AES is old and outdated why haven't we moved to something more secure already? Its now vulnerable I believe to new algebraic style attacks.

Quote:
Also part of their mission is "to tell the commanding officer, today, what the enemy is going to do tomorrow."
With all the data they collect they still haven't prevented one terror attack..
 
Old 07-31-2017, 02:40 PM   #7
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,444
Blog Entries: 4

Rep: Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896
Quote:
Originally Posted by justmy2cents View Post
With all the data they collect they still haven't prevented one terror attack..
Well, we really don't know, now do we?
 
Old 07-31-2017, 05:47 PM   #8
jefro
Moderator
 
Registered: Mar 2008
Posts: 16,854

Rep: Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486Reputation: 2486
Some of the most advanced hackers are in Russia. Bet they know a way around it already.
 
Old 07-31-2017, 07:22 PM   #9
Woolie Wool
LQ Newbie
 
Registered: Jul 2017
Location: Memphis, TN
Distribution: Xubuntu
Posts: 19

Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
Actually, you should not expect "anonymizers," or for that matter VPN, to help you if you're up to no good. The Government owns the Internet ... and MILNET ... and is capable of "total-network traffic analysis." Whether or not it can immediately decipher the traffic, it can deduce where messages are going. (Or, by observing traffic that is headed to a target-of-interest, work backwards to its probable source.) And then, it can apply prodigious computing power and secret knowledge to provide the Federal Prosecutors what they need to know to bust you.

Encryption technologies are not incriminating: you use them every time you visit an https: web site. You use them every time you swipe a credit-card or use an ATM. But, "if you are up to no good," realize that you can be detected no matter what you do. We didn't design this network to have no provision for public safety.

There is a well-recognized and fundamental need for civilians(!) to have access to strong encryption, because every nation is made up of millions of ... civilians. The military exists to protect ... civilians. But, so do agencies like the US NSA. "National Security" is not a mission that can be separated from concern for civilians. Rather, it is a mission that consists of providing security, whatever that may mean, to a Nation ... of Civilians.

This includes providing secure and dependable ways for trillions of messages to be passed, every single day ... among civilians.

The NSA provided expert help in the development of the original DES cipher, supplying the "S-box" tables and cautioning people to use them without explaining why. Many people were of course suspicious at the time, but later civilian discovery of "differential cryptanalysis" revealed that the provided tables provided strength against this attack. After the discovery was made, NSA acknowledged that this was what they were talking about. Government agencies have also assisted in the development and testing of many other crypto suites and protocols that we use today. And, that is part of their mission. That's part of what we are paying them to do.

Also part of their mission is "to tell the commanding officer, today, what the enemy is going to do tomorrow." And so, if you are "up to no good," preventing you from doing so is also part of what we are paying them to do.

No sympathies from me. When the time comes, I hope they throw away the key.
It kind of disturbs me that you would trust our own corporate-controlled far-right government so implicitly, let alone Russia's, who have always been an authoritarian regime. The NSA is not there to protect the American people, it is there to protect the interests of American business and the American "defense" apparatus from the American people.

Quote:
Originally Posted by jefro View Post
Some of the most advanced hackers are in Russia. Bet they know a way around it already.
Who do you think those Russian hackers work for? They have nothing to fear from Put(a)in because they're part of his regime protection force and fully aligned with his interests.

Last edited by Woolie Wool; 07-31-2017 at 07:25 PM.
 
Old 08-01-2017, 08:22 AM   #10
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,444
Blog Entries: 4

Rep: Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896Reputation: 2896
Quote:
Originally Posted by Woolie Wool View Post
It kind of disturbs me that you would trust our own corporate-controlled far-right government so implicitly, let alone Russia's, who have always been an authoritarian regime. The NSA is not there to protect the American people, it is there to protect the interests of American business and the American "defense" apparatus from the American people.
- - - - -
Who do you think those Russian hackers work for? They have nothing to fear from Put(a)in because they're part of his regime protection force and fully aligned with his interests.
I prefer to think outside of the usual boxes. "Corporate-controlled, far-right," etc., is a straw-man argument. The ultimate bugaboo and of course there's nothing that the common man can possibly do about it. Likewise, "hackers," who of course(!) simply must be Soviet ... USSR ... "Russian." And all-powerful, of course.

Media pours out simple, easy-to-understand arguments ... which are actually propaganda. The truth of any matter is much more subtle. When you hear words tumbling out of your own mouth that you just heard on television or read in the newspapers – stop, and think for yourself.

"Russian hackers" came to the fore when "the wrong person won" the American presidential election. As Mr. Trump rightly observed, had the election gone the other way, they would have been laughed off the field as mere "sore losers," and no one would have given them any further mind. Instead, the US Congress(!) is passing a draconian measure intended to re-ignite Cold War thinking, and they are explicitly citing "meddling with the election" as one of the justifications. Still dreaming of "Tricky Dick" Nixon, they want to spend millions of dollars and months of time on an "investigation," perhaps still hoping that they will have Madame Presidente and that the world of Washington, DC will "return to 'normal'" for the next fifty years.

When the actual fact is, if you're stupid enough to deploy an election machine anywhere which cannot be hand-audited, you're just being stupid, that's all. Anyone, anywhere could tamper with such a system and, human nature being what it is, they would. They don't have to be half-a-planet away to do it. Create a ballot-box that can be stuffed without detection, and it will be stuffed! Maybe we are fortunate that the deficiencies of these systems was thrust to the forefront by a bunch of sore losers.

Last edited by sundialsvcs; 08-01-2017 at 08:33 AM.
 
Old 08-01-2017, 09:58 AM   #11
ardvark71
LQ Veteran
 
Registered: Feb 2015
Location: Oregon, USA
Distribution: Lubuntu 14.04, Windows Vista
Posts: 6,279
Blog Entries: 3

Original Poster
Rep: Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835
Quote:
Originally Posted by sundialsvcs View Post
I'll wait for a considerable amount of corroborating evidence on this one, from many agreeing sources, before considering it to be anything other than a rumor.

I dismiss this (for now) as a fanciful rumor, because it would mean that Russia and its people could not do business with the world. No one uses paper purchase-orders or anything else these days: it's all done electronically, and guess what ... it's encrypted. Of course.
Hi...

Take a look a TechCrunch's article here, which includes a link to a copy of the signed legislation here. I know LQ has at least one or two Russian members, perhaps they can verify, as well.

EDIT: There's a little foul language in the comments section, which was not there when I posted the (TechCrunch) link nor do I condone it. Just FYI.

Regards...

Last edited by ardvark71; 08-01-2017 at 06:01 PM. Reason: Added information.
 
Old 08-01-2017, 10:25 AM   #12
elcore
Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 351

Rep: Reputation: Disabled
Reuters reported this too, and cited a government source. Pretty sure they all must register a tunnel with Roskomnadzor or be fined.
 
Old 08-01-2017, 12:48 PM   #13
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware has beern Main OpSys for decades while testing others to keep up
Posts: 1,425

Rep: Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335Reputation: 1335
Quote:
Originally Posted by sundialsvcs View Post
Actually, you should not expect "anonymizers," or for that matter VPN, to help you if you're up to no good. The Government owns the Internet ...
Obviously what I have emboldened is the keystone. What any authority considers "no good" is entirely subjective and arbitrary, and often completely ridiculous depending on your stance on victimless "crimes". Paying no attention to that whole grey area, lets just look at an obvious "no good" at least for Mubarak's totalitarian regime in Egypt, just one example of many of the whole Arab Spring censorship and control issue which is also just one of many. In an entirely unprecedented level of censorship, even exceeding Iraq and Iran, for example, Mubarak didn't just selectively censor or bar access, he shut the whole internet down in Egypt... well, for a time. Numerous organizations but especially private as well as organized hackers made access available resulting in Mubarak's removal and imprisonment. He was released after six years but is entirely discredited as "completely poison" and will likely never hold office, ever again. Those who did that and also chose to remain anonymous still are unknown today, whether for reprisal or recruitment.

If you think Mubarak's regime was primitive and unsophisticated, think again. We know they purchased surveillance software from Boeing and that's just one example of what we know. It's difficult to tell what they managed to hide. Do you not imagine Trump would like to "bring to justice" those who have leaked damaging information about him? Yet they are still an unknown.

Is there censorship and control? Certainly, and much of it is from corporations like banking institutions who refuse to pay credit card purchases from sites they consider objectionable. They issue a blacklist and it is powerful and effective, at least against the average web user and the sites they blacklist. Verizon just dealt a blow to Free Speech on the Web, but watch... Tumblr will be replaced just as it largely filled gaps in previous "wild west" forums. You push in on a balloon and it rises elsewhere.

While today Bonnie and Clyde tactics wouldn't likely get past the first bank, people with such interests have adapted and crime continues, as does anything considered "no good" by any authority no matter how seemingly benevolent (or even actually a champion of the people, if that exists anywhere) or aggressively intolerant.

As for the grey areas, TLDR, it is still possible to be anonymous and very likely always will be. The landscape and rules just change. That's all.
 
Old 08-03-2017, 06:40 AM   #14
willieaames
LQ Newbie
 
Registered: Aug 2017
Location: Ashburn, USA
Distribution: KDE plasma
Posts: 3

Rep: Reputation: Disabled
Russia is the new discount china.
 
Old 08-03-2017, 02:30 PM   #15
Trihexagonal
Member
 
Registered: Jul 2017
Location: Over the hills and far away
Distribution: FreeBSD and OpenBSD
Posts: 64

Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
We didn't design this network to have no provision for public safety.
Is that you, Al Gore?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] VPNs Completely Clueless Linux - Security 0 10-27-2014 06:44 PM
Why are VPNs so hard to get set up? Skaperen Linux - Networking 1 12-19-2012 03:22 AM
LXer: About vservers, VPNs, and more LXer Syndicated Linux News 0 05-22-2006 05:33 PM
LXer: VPNs Illustrated: Tunnels, VPNS, and IPsec -- A Book Review LXer Syndicated Linux News 0 04-17-2006 07:54 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 09:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration