this post was submitted on 05 Nov 2023
48 points (98.0% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54716 readers
244 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Depending on your threat model, if you know your ISP is tracking everything, then a reputable VPN doesn't add risk. If you have guaranteed observation and recording at your ISP level, which is most people: then using a VPN, paid with cash or crypto, probably gives you more privacy. At worst case it's the same level of observation.
In your scenario, using a browser with encrypted hello, using fully encrypted DNS, the only thing the ISP would see is your connection to the web server. If that web server, like cloudflare, serves multiple things, then it may obscure who you're talking to.
That being said, if somebody is observing enough of the network, they can look at network traffic flows, and determine what other service you're actually speaking with. IE unique traffic patterns to play a game, watch a video, interact with a app. Those can get exposed by the size of packets and frequency of packets transiting.
The main difference between a VPN, and an encrypted socket, for traffic flow analysis, is the VPN traffic gets all lumped together, so a third party doesn't know which pattern belongs to which stream. So if you're streaming videos, well doing other stuff on the VPN, it becomes harder to identify your traffic flow.
The browser traffic flow analysis is much easier, because each individual stream of data is observable by the ISP.
But how easy is it to actually make up what's going through a socket? If my ISP sees 1TB of data being continuously downloaded (from another IP address that they don't already know what its usually involved with) maybe I'm downloading some illegal movies, maybe I'm retrieving a hard drive backup, right?
Torrent traffic that doesn't go through a VPN is probably easy to make up, it's tons of packets from 50+ addresses, but if it's a Usenet download from one address, or SSH traffic from a seedbox, that should be more complicated to figure out right?
It's unlikely anyone is going to do traffic analysis to catch piracy.
Whistle blowing, human rights reporting, political opposition gets the traffic analysis heuristic identification attack.