subSTRATA (OP)
Legendary
 Offline
Activity: 1288
Merit: 1043
:^)
|
 |
December 06, 2012, 10:28:16 PM
Last edit: August 10, 2013, 11:41:03 AM by subSTRATA |
|
"."
|
theres nothing here. message me if you want to put something here.
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
December 06, 2012, 10:49:24 PM |
|
Govts control ... that is what they do ... that is all they do.
Then again you can't deep packet inspect an encrypted packet.
Deep Packest Inspector "Hmm I deeply know this packet is still encrypted".
|
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
December 06, 2012, 11:54:33 PM |
|
No I am sure on that.
|
|
|
|
|
mcgravier
Member
Offline
Activity: 83
Merit: 10
|
|
December 07, 2012, 03:47:28 PM |
|
If this goes on, internet gonna be renamed as in-TOR-net.
|
|
|
|
|
spiccioli
Legendary
Offline
Activity: 1378
Merit: 1003
nec sine labore
|
|
December 07, 2012, 07:42:36 PM |
|
No I am sure on that.
Death&Taxes, next step will be stopping every packet that cannot be deeply inspected ... spiccioli |
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
December 07, 2012, 07:45:08 PM |
|
No I am sure on that.
Death&Taxes, next step will be stopping every packet that cannot be deeply inspected ... spiccioli Next will come steganographic streaming algorithms that look like mpeg but carry unidentifiable encrypted data. |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
spiccioli
Legendary
Offline
Activity: 1378
Merit: 1003
nec sine labore
|
|
December 07, 2012, 08:28:05 PM |
|
No I am sure on that.
Death&Taxes, next step will be stopping every packet that cannot be deeply inspected ... spiccioli Next will come steganographic streaming algorithms that look like mpeg but carry unidentifiable encrypted data. casascius, I'm not sure this would be feasible, how much data do you need to hide current blockchain inside it? spiccioli |
|
|
|
|
BladeMcCool
Member
Offline
Activity: 83
Merit: 10
|
|
December 08, 2012, 07:29:56 AM |
|
No I am sure on that.
Death&Taxes, next step will be stopping every packet that cannot be deeply inspected ... spiccioli Next will come steganographic streaming algorithms that look like mpeg but carry unidentifiable encrypted data. casascius, I'm not sure this would be feasible, how much data do you need to hide current blockchain inside it? spiccioli of course it's feasible. the point is that governments cannot stop the free flow of information no matter how hard they try. we will always find ways to route around the damage they try to cause. |
|
|
|
|
Rudd-O
Newbie
Offline
Activity: 56
Merit: 0
|
|
December 08, 2012, 08:31:18 AM |
|
Then again you can't deep packet inspect an encrypted packet.
Of course you can. DPI hardware has the capability to decrypt using phony certificates and then reencrypt. You wouldn't even notice it happening, unless you have a browser extension that flagged those phony certs. They have been doing this for YEARS already. |
|
|
|
|
|
Insu Dra
|
|
December 08, 2012, 12:58:03 PM |
|
Then again you can't deep packet inspect an encrypted packet.
Of course you can. DPI hardware has the capability to decrypt using phony certificates and then reencrypt. You wouldn't even notice it happening, unless you have a browser extension that flagged those phony certs. They have been doing this for YEARS already. +1 SSL has become a joke and this will just hollow it out even further. Playing man in the middle was already easy for isp's, cloadflare was a nice beta test to scale this up and to get around specific tools that warned about possible false certificates. More Info: http://perspectives-project.org/Personally I removed all ca's from my browser and only trust certificates I add manually. |
"drugs, guns, and gambling for anyone and everyone!"
|
|
|
|
Deafboy
|
|
December 08, 2012, 02:10:27 PM |
|
Personally I removed all ca's from my browser and only trust certificates I add manually. I am using certpatrol in FF instead, but with google's services it's useless. They has so many different certificates... |
|
|
|
|
|
pyramining
|
|
December 08, 2012, 02:16:03 PM |
|
IPv6 should support IPSec natively, I am not an expert of crypto stuff, but to me it seems strong enough to prevent DPI. We should just use it.
|
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
|
December 08, 2012, 02:17:36 PM |
|
In the soon to be released CIYAM open source project all sensitive content is encrypted over plain HTTP that is injected dynamically (think AJAX).
With the page calling for the injection being able to be formatted any way you like it should be very hard to determine what is going on unless they also plan to ban all dynamic HTML injection.
|
|
|
|
|
Insu Dra
|
|
December 08, 2012, 02:20:29 PM
Last edit: December 08, 2012, 02:32:46 PM by Insu Dra |
|
Personally I removed all ca's from my browser and only trust certificates I add manually. I am using certpatrol in FF instead, but with google's services it's useless. They has so many different certificates... Yha, there are some services that will simply not work when removing ca's or at least not within reason, they have to meany or dynamic certs (google being one of them idd). I just have a unsafe os setup to use those and keep things separated. IPv6 should support IPSec natively, I am not an expert of crypto stuff, but to me it seems strong enough to prevent DPI. We should just use it.
It has the same issue, what certificate to trust ? Only if you manually add a certificate that you personally trust is it secure, any exciting type of dynamic/automated distribution creates holes. |
"drugs, guns, and gambling for anyone and everyone!"
|
|
|
|
