Technology

60469 readers

4695 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

518

Platforms Systematically Removed a User Because He Made "Most Wanted CEO" Playing Cards (www.eff.org)

submitted 22 hours ago by [email protected] to c/[email protected]

59 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 9 points 21 hours ago* (last edited 21 hours ago) (2 children)

Do protocols solve the problem of every hop in between you and the destination has to pass through what amounts to someone else's private property? Some private servers owned by who knows who on the way between that we have no idea whether they're inspecting every packet that comes through or not.

Because that's the bigger issue, and I'm not even sure it's one we can solve, because it's pretty important to how the internet functions.

A protocol still has to be supported and passed through private corporations walled gardens.

Who else remembers Comcast illegally using Sandvine to throttle bittorrent traffic specifically? Pepperidge Farm 'members.

https://torrentfreak.com/comcast-throttles-bittorrent-traffic-seeding-impossible/

[–] [email protected] 12 points 19 hours ago (1 children)

Do protocols solve the problem of every hop in between you and the destination has to pass through what amounts to someone else's private property?

Yes. End-to-end encryption solves that.

[–] [email protected] 5 points 16 hours ago

Not even necessarily end-to-end, just encryption. And possibly encapsulation within an already allowed protocol, like it's extremely common with HTTP these days.

[–] [email protected] 4 points 21 hours ago (1 children)

That's what integrity checks are for, so that no one along the path can edit what you say before it actually gets published.

[–] [email protected] 7 points 21 hours ago* (last edited 21 hours ago) (2 children)

That's rather missing the point, an integrity check doesn't solve the fact that to communicate with anyone, you have to do it through giant corporations pipes.

An integrity check doesn't help when an ISP have straight blocked your protocols traffic, like Comcast previously did with bittorrent.

Can we stop sucking down the preachings of an idiot like Jack Dorsey? We don't actually have net neutrality, so it's totally within their current rights to just block traffic they don't like.

[–] [email protected] 11 points 18 hours ago

Almost any protocol can be wrapped in any other protocol. You could, say, use bit torrent by encoding the packets and embedding the data in valid png files, then transporting them over http. As long as both sides understand the wrapping it'll work just fine.

I've even seen http tunneled over DNS queries in order to completely bypass firewalls.

[–] [email protected] 1 points 20 hours ago (1 children)

Could always use a vpn or tor

[–] [email protected] 6 points 20 hours ago* (last edited 20 hours ago) (1 children)

https://www.malwarebytes.com/blog/news/2021/12/was-threat-actor-kax17-de-anonymizing-the-tor-network

Given the number of servers run by KAX17 the calculated probability of a Tor user connecting to the Tor network through one of KAX17’s servers was 16%, there was a 35% chance they would pass through one of its middle relays, and up to 5% chance to exit through one.

This would give the threat actor ample opportunity to perform a Sybil attack. A Sybil attack is a type of attack on a computer network service where an attacker subverts the service’s reputation system by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. This could lead to the deanonymization of Tor users and/or onion services.

Given the cost and effort put into this and the fact that actors performing attacks in non-exit positions are considered more advanced adversaries because these attacks require a higher sophistication level and are less trivial to pull off, it is highly likely this is the work of a high-level (state-sponsored?) threat actor. As for who is behind this group, neither Nusenu nor the Tor Project wanted to speculate.

A spokesperson for the Tor Project confirmed Nusenu’s latest findings and said it had also removed a batch of KAX17 malicious relays.

“Once we got contacted, we looked through all the relays in the network and identified several hundred relays that are very likely belonging to the same group and removed them on November 8.”

VPN's also by definition still use the same corporate pipes as anything else.

[–] [email protected] 8 points 20 hours ago (1 children)

Nothing in this world is ever 100% complete, but decentralization and protocols are extremely good combat measures. It is possible to poke holes in almost anything. But that does not mean it's not worth trying.

[–] [email protected] 3 points 20 hours ago* (last edited 20 hours ago) (1 children)

Woosh. We're decentralizing everything except the hardware and everyone's like bUt iTs dEcEnTrALiZeD!

[–] [email protected] 5 points 20 hours ago (1 children)

Meshtastic and reticulium.

[–] [email protected] 3 points 19 hours ago (1 children)

Now that's an answer I can get behind.

[–] [email protected] 2 points 19 hours ago

I love the idea, but it's definitely nowhere near ready yet for prime time. And the data speeds are incredibly slow. Using it definitely is possible, but it would be absolutely nothing like the internet we are currently used to.