Conversation
what does this mean???
Phantasm
phnt@fluffytail.org
@kirby It means that Internet traffic is logged in real time, like it has been at least since PATRIOT Act and that some dropped the mask officially only now.
1
0
1
@phnt that's obvious, but you make a post to a service with ssl which keeps no metadata about the post and you've got yourself a note in the bottle situation. what are they going to do, assume all communications on that service are foreign?
1
0
0
Phantasm
phnt@fluffytail.org
@kirby MITMed SSL traffic is widely used on hosting providers when they are subpoenad. That's easy to do. If you are paranoid about that, force TLS 1.3 only.
Besides that SSL traffic still leaves you with metadata about the server (domain) you are connecting to and your source IP. Which is quite a lot of metadata. They don't need to know what you are looking at, but they know that you visited a that site. From there they can subpoena the service and get your data that way, if they already don't have access which is likely for something like social media.
Besides that SSL traffic still leaves you with metadata about the server (domain) you are connecting to and your source IP. Which is quite a lot of metadata. They don't need to know what you are looking at, but they know that you visited a that site. From there they can subpoena the service and get your data that way, if they already don't have access which is likely for something like social media.
2
0
1
@kirby If the IP is foreign, they can treat it as foreign communication, because what else can they do besides honeypotting the VPNs. Something they likely do for stuff like NordVPN.
0
0
1
@phnt >From there they can subpoena the service and get your data that way
Which wouldn't matter much for a service which doesn't keep metadata for its users. Though I assume few exist right now. The most intelligence agencies can do then is take control of the box the service is run on and log the metadata for incoming posts themselves. But that definitely isn't insignificant
edit: a million and one edits, because my posts are unintelligible garbage written by a halfwit
Which wouldn't matter much for a service which doesn't keep metadata for its users. Though I assume few exist right now. The most intelligence agencies can do then is take control of the box the service is run on and log the metadata for incoming posts themselves. But that definitely isn't insignificant
edit: a million and one edits, because my posts are unintelligible garbage written by a halfwit
0
0
0