LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   The encrypted web (https://www.linuxquestions.org/questions/linux-general-1/the-encrypted-web-658377/)

resetreset 07-26-2008 07:38 AM
The encrypted web
 
It just struck me on a post over here where someone was discussing network management tools that my ISP has access to ALL of my net activity - which sites i go to, what i post, etc etc. I have a suggestion - can we encrypt ALL web sessions that happen over the Internet? This would put tremendous load on the servers I guess, but todays computers are fast and cheap :)
What does everybody make of it?

matthewg42 07-26-2008 08:03 AM
Well, so long as you stick to using https sessions, the content of all your traffic will be un-snoopable by your ISP, however the sites which you visit (and when) will still be visible to you ISP. There is also the problem that by quite a long way, not all sites will allow you to use https for general browsing.

There are services which provide a proxy to which you connect and surf (through an encrypted channel), making it impossible for your ISP to see which sites you visit, but then you move the problem from your ISP to the provider of the proxy.

There are some attempts to provide a distributed network of proxies, like the onion router (tor), but this is also not immune to snooping (e.g. tainted end points, timing attacks). It also slows down your web traffic by quite a lot, so it might not be suitable for regular browsing.

ErV 07-26-2008 08:08 AM
Quote:
Originally Posted by resetreset (Post 3226852)
It just struck me on a post over here where someone was discussing network management tools that my ISP has access to ALL of my net activity - which sites i go to, what i post, etc etc.
I think you misunderstand it a bit.
Your ISP can track which IPs you connect.
Tracking what your post would require analysing traffic on the fly (installing keylogger into (windows) machine is much easier). Just storing data all users have posted will take too much space. Or if you are using ISP's proxy it is possible to retrieve what exactly you've downloaded (during last several days) through that proxy. Tracking proxy requests is more realistic. It is possible that ISP stores statistics of number of connections or volume of downloaded/uploaded information for some specific IP range. ISP probably could log all connections (which IP connected to which IP and when), but this doesn't mean your ISP is actually doing that. Anyway, I don't think your ISP is crazy enough to store copy of all data posted by all users somewhere.

Quote:
Originally Posted by resetreset (Post 3226852)
I have a suggestion - can we encrypt ALL web sessions that happen over the Internet?
Read about Tor and Privoxy.
The data also is encrypted when connecting through https, I think.
Anyway it is possible to implement this (using public/private encryption keys). Still, even with encryption it'll be possible to track to which sites you connect (if you don't use proxy, etc).

Quote:
Originally Posted by resetreset (Post 3226852)
This would put tremendous load on the servers I guess, but todays computers are fast and cheap :)
Maybe computers are cheap, but I don't think that servers are cheap too.


All times are GMT -5. The time now is 11:26 PM.