[talk] a Guardian article

Antti Kantee pooka at iki.fi
Fri Mar 31 11:25:51 EDT 2017


On 31/03/17 15:05, George Rosamond wrote:
>> Well, if the attack is the ISP looking at your traffic, generating a
>> profile, and selling that to advertisers (or who knows where), and fake
>> traffic is the countermeasure, then fake traffic should somehow prevent
>> the attack from happening.  In other words, the traffic should look like
>> a handful of people browsing, but be "all over the place" so as to
>> prevent profiling -- e.g. generate traffic both to fox news and msnbc
>> and also somewhere else for actual news.
>
> First, I'm not sure if generating fake traffic is necessarily the best
> mitigation to surveillance. It would need to be sufficiently randomized
> to not be clearly segmented as "fake".

I'd say it needs to be sufficiently *non*-randomized.  typo?

> It would seem the best countermeasure to ISP surveillance is using HTTPS
> for www browsing if you're concerned about content, although obviously
> the meta-data (source, destination, when, from where, etc) isn't hidden.
>
> If you're just looking at mitigating surveillance and your sole
> adversary is the ISP, then Tor for all TCP traffic makes sense,
> including IMAP and SSH. An alternative is certainly VPNs in this case,
> although then if you're using a provider, you're now concentrating all
> traffic you're attempting to hide with one choke-point.

End-to-end encryption where possible is of course a given, but in this 
case I'm not trying to hide who I am -- the ISP already knows where I 
live.  Like fake news is not about keeping things confidential -- 
something will leak anyway -- neither is fake traffic.  It's about 
giving the adversary much to choose from, in which case they tend to 
choose whatever suits their purposes.



More information about the talk mailing list