[talk] a Guardian article
George Rosamond
george at ceetonetechnology.com
Fri Mar 31 11:56:00 EDT 2017
Antti Kantee:
> On 31/03/17 15:05, George Rosamond wrote:
>>> Well, if the attack is the ISP looking at your traffic, generating a
>>> profile, and selling that to advertisers (or who knows where), and fake
>>> traffic is the countermeasure, then fake traffic should somehow prevent
>>> the attack from happening. In other words, the traffic should look like
>>> a handful of people browsing, but be "all over the place" so as to
>>> prevent profiling -- e.g. generate traffic both to fox news and msnbc
>>> and also somewhere else for actual news.
>>
>> First, I'm not sure if generating fake traffic is necessarily the best
>> mitigation to surveillance. It would need to be sufficiently randomized
>> to not be clearly segmented as "fake".
>
> I'd say it needs to be sufficiently *non*-randomized. typo?
>
Understood. You were clear about that.... but responding more below.
>> It would seem the best countermeasure to ISP surveillance is using HTTPS
>> for www browsing if you're concerned about content, although obviously
>> the meta-data (source, destination, when, from where, etc) isn't hidden.
>>
>> If you're just looking at mitigating surveillance and your sole
>> adversary is the ISP, then Tor for all TCP traffic makes sense,
>> including IMAP and SSH. An alternative is certainly VPNs in this case,
>> although then if you're using a provider, you're now concentrating all
>> traffic you're attempting to hide with one choke-point.
>
> End-to-end encryption where possible is of course a given, but in this
> case I'm not trying to hide who I am -- the ISP already knows where I
> live. Like fake news is not about keeping things confidential --
> something will leak anyway -- neither is fake traffic. It's about
> giving the adversary much to choose from, in which case they tend to
> choose whatever suits their purposes.
I agree that separate from end-to-end encryption, customized 'white
noise' can be useful mitigation but the specs of such a solution matter.
Ike had a story about Russian mitigation of German radio surveillance
during WWII. The Russians had numbers and relied on that for their
solution. *Everyone* spoke on the wire, about *everything*. The weather,
the latest radio broadcast performances, their kids' birthdays... and
since German radio surveillance relied upon individuals who could
understand Russian, the volume was beyond their capacity. The German
surveillance solution couldn't scale. Meanwhile, unencrypted high-value
communications continued in this large pool of noise.
Apparently this tactic continued well into the Cold War against US
surveillance.
The difference today is scaling. Digitized communications are easier to
collect in volume, and to store and process, without relying on
individuals to listen-in.
Digital surveillance can also more easily parse and discover anomalies
in the traffic. And then it can be correlated with cell phone traffic, etc.
Your local ISP surveillance device says: "I am watching lots of traffic,
and while I see the usual queries to the news www sites, I also see that
they are accessing Chase bank on the first of each month."
The point is white noise needs to be customized insofar as anomalies
can't be easily identified. It has to be lots of banks that are
accessed, including (you) the target's own banks, at regular sloppy
intervals.
Of course, this is assuming a level of sophistication in terms of
surveillance processing... but who really knows today.
I would just run a Tor bridge at home to make your traffic sloppier, and
in the process you're also helping censored internet users around the
world :)
g
More information about the talk
mailing list