-
for mitre tester
-
If you have concern about this stuff, use the SSL version of this site and attempt to try SSL versions of other sites too :)
SSL means that between you and the remote server, no-one can listen in. That means no government as much as it means no criminals.
Does SSL mean it is difficult to listen in or impossible ?
-
hahahahahahaaaaaahahaaaahhha lol, palm sunday! a missed opportunity there tynan!
-
So non-trivial that it is effectively impossible until the day that quantum computing becomes a reality and all encryption is broken.
How does that relate to the overall picture, the new powers compel your ISP to monitor and handover a record of all the places you visit.
Would visiting a SSL website mean that the visit would not appear on your record, ie: the ISP can see activity but has no clue as to what you have logged onto ?
One other point might be - what a better way to flag yourself up as of interest than to exclusively visit SSL sites ??
I am a bit clueless about how all this SSL works !??!??
-
How does that relate to the overall picture, the new powers compel your ISP to monitor and handover a record of all the places you visit.
Would visiting a SSL website mean that the visit would not appear on your record, ie: the ISP can see activity but has no clue as to what you have logged onto ?
They know where you've been (the IP address, and hence the domain) but they don't know what you saw. At the moment, AFAIK, that's pretty much all they're logging at the moment anyway, i.e. which numbers you phone, which addresses you send email to, which websites you visit, but not the content. The server will record the actual http requests, so if they (the Feds) seize the web server logs, they can tie your IP address to a particular file on a particualr date and time, but they still have to do some work to prove what the content of a particular file consisted of at that time, because they don't store a copy of the content as they snoop on the request.
-
They know where you've been (the IP address, and hence the domain) but they don't know what you saw. At the moment, AFAIK, that's pretty much all they're logging at the moment anyway, i.e. which numbers you phone, which addresses you send email to, which websites you visit, but not the content. The server will record the actual http requests, so if they (the Feds) seize the web server logs, they can tie your IP address to a particular file on a particualr date and time, but they still have to do some work to prove what the content of a particular file consisted of at that time, because they don't store a copy of the content as they snoop on the request.
That's the gist of it.
Or in simple terms, everything between you and the server is secure and cannot be monitored.
The server can still have traces of your visit, if the server bothers to record that. This server (LFGSS) does not keep server logs, and many don't. It's not a paranoia measure, it's a performance one... I don't want to degrade performance by having a file write each time a file is requested... we simply don't keep logs at all. Performance is the reason, but privacy is a side effect.
If you're worried, when you access a website, try to see whether that site is also available over SSL. This one is, gmail is, many are.
-
They know where you've been (the IP address, and hence the domain) but they don't know what you saw. At the moment, AFAIK, that's pretty much all they're logging at the moment anyway, i.e. which numbers you phone, which addresses you send email to, which websites you visit, but not the content.
Yeah, that's right, that is what is being logged as from Monday, where you visit, who you speak to (via email phone) - but not the content.
But, like I say above, I don't doubt the future will facilitate function creep. The Home Office is already (since - and in addition to - the initial draft of the new powers) considering plans to monitor Facebook, Bebo, MySpace, and all other similar social networking sites. The Home Office have been unclear about the exact extent of their monitoring.
Logic says to me that as it is perfectly legal to use these sites there would be little purpose in monitoring their use without monitoring their content. What use is it when prosecuting - for instance - an environmental activist - to say "Is it not right sir, that on the 14th of June you logged onto MySpace ?" - because the answer would be "Yeah, so what ?"
The server will record the actual http requests, so if they (the Feds) seize the web server logs, they can tie your IP address to a particular file on a particualr date and time, but they still have to do some work to prove what the content of a particular file consisted of at that time, because they don't store a copy of the content as they snoop on the request.
But could they (the government, the ISP, whoever) not store a record of how websites appear over time ? A simple correlation of the records shows who and what was viewed ?
Regardless, and without knowledge of which page you viewed, I suspect the goal is to build a profile of each citizen.
-
The server can still have traces of your visit, if the server bothers to record that. This server (LFGSS) does not keep server logs, and many don't.
But do these new powers not compel a record to be kept, or does your ISP not record these things.
By that I mean would an ISP being forced to record all visits effect server logs.
(Yes I don't know too much about how all this stuff works)
-
But do these new powers not compel a record to be kept, or does your ISP not record these things.
By that I mean would an ISP being forced to record all visits effect server logs.
(Yes I don't know too much about how all this stuff works)
Your ISP is an intermediary, SSL secures you from having any intermediary between you and the server see what is communicated between you.
Your ISP, if you use SSL, cannot see what you're accessing.
And as for logs, I personally am not being compelled to store log files nor make them available to anyone. But then, I'm hosted in the USA. But then... most sites are. Hardware is cheaper in the US, land (data centres) is cheaper in the US, bandwidth is cheaper, there are more telecomms peering points (the internet is faster and more resilient)... so not having a server in the UK I cannot be forced to comply to a law that doesn't apply to the geographic region in which my server is present.
Also... what servers I know are in the UK (my employer for example)... we have also not been instructed by anyone to keep any records, and so we won't be :) And even if instructed, unless it's something we legally have to act upon we won't.
-
I'm imagining some sort of intercept and massive log at GCHQ or similar. Or am I wrong about this?
Seems to involve something called "Deep Packet Inspection (DPI)". http://www.ispreview.co.uk/story/2009/03/23/jrrt-slams-governments-isp-data-retention-database.html
-
YAnd as for logs, I personally am not being compelled to store log files nor make them available to anyone. But then, I'm hosted in the USA. But then... most sites are. Hardware is cheaper in the US, land (data centres) is cheaper in the US, bandwidth is cheaper, there are more telecomms peering points (the internet is faster and more resilient)... so not having a server in the UK I cannot be forced to comply to a law that doesn't apply to the geographic region in which my server is present.
Also... what servers I know are in the UK (my employer for example)... we have also not been instructed by anyone to keep any records, and so we won't be :) And even if instructed, unless it's something we legally have to act upon we won't.
It is the ISPs who are effected - my ignorance about how this stuff works doesn't allow me to go much further. :(
Still confused, might have to educate myself after I have finished my maturbate-a-thon.
If there was a picture of how it all interacts it would go in like hot butter into a shoe.
-
I'm imagining some sort of intercept and massive log at GCHQ or similar. Or am I wrong about this?
There are plans for a central database - which will store just about everything about you even, your sexual habits (confirmed to be on the 2011 census).
You are owned by the state, bitch, now which pipe do you stick it in, we need to fucking know, do you want to end up in court ?
:)
It's so fucking bad, it's actually funny, what a bunch of cunts.
-
can you believe "insect porn" actually exists
tricitybendix
Velocio
StandardPractice
gbj_tester
Matt
slaytanic1
-
Post a reply
About
Porn Sunday
Posted by
@tynan
It's all a tragic misunderstanding - it's actually Palm Sunday today. That still means you can treat yourself to a hand shandy, it's just an act of religious devotion not political protest