440
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 28 Dec 2024
440 points (99.1% liked)
Technology
60212 readers
3363 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
That's not exactly how it works. There is no specific core, all web traffic doesn't go through one centralized location; it gets routed through the most direct route on each if these routers' routing tables
Also, I'm pretty sure they can't do shit about encapsulated data, such as VPN traffic.
You can't even truly read what's inside of an SSL packet. They probably want to fuck with the routes around torrent trackers.
There are always ways around, tor, retro share, i2p. I kind of wish we'd find a harder to track version of torrent.
Torrents are already very hard to block. You don't actually need a tracker, because all modern torrent clients support DHT (distributed hash table). You only need some way to get the initial hash for a torrent, so that's where trackers are still useful, but once you're connected to the swarm, you can only be blocked if the entire swarm is blocked.
Tracking though... It's too easy to get IP addresses for the entire swarm and I don't see how you could ever fix that. Tor doesn't really solve that issue either, it just moves it to places where you won't get in legal trouble or to people who don't mind getting in legal trouble, a bit like VPN providers.
I wonder what the legality would be of seeding the binary difference between the wikipedia.zim and a copy of the wild robot. But I digress... We could probably bolt on something I2P like to torrent, have everything pass through multiple nodes. I fear the best we could ever work out would be plausible deniability.
sure, large encrypted data streams, in 5GB increments are impossible to detect
impossible to detect? No, extremly hard to identify what it is? yes.
Who cares if they can see it's 5 GB stream, they have no way of knowing whether or not it's a pirated movie versus a backup from a home server or a data stream.
In fact some vpns are actually starting to implement data buffering where it makes every request is the same size regardless of what it is to protect against AI Assisted traffic analysis
Plus, people are fighting detection too. Where "normal" VPN protocols are recognized and blocked, like China, people are trying to make them indistinguishable from normal HTTPS traffic.
Yeah, if they wanted to setup deep packet inspection on that level. I'd imagine it would require billions of dollars in compute resources. And it would still suck.
Well "some vpn's" deserve all our business.
if you were looking for a recommendation, I use mullvad, their version is called DAITA, it randomizes the packets to help defend against it
There are a lot of industries where huge amount of data is moved all the time (health data, VMs, anything actually). Even small startups can do that and it's cheaper than ever.
Heck a tiny regional bank I worked at with less than 2 dozen locations was constantly flinging data between its Primary and DR datacenters, and they were too small for any dedicated fiber so that was just over standard ISPs (with some locations technically on residential plans because the ISPs didn't offer any better options than that in the small towns the bank supported)
Well, Cloudflare.
My point is, if you're blocked traversing the routers across the sea you're not reaching those other continents. That's a bit of a simplistic way of looking at it, given satellite internet and stuff but my point is it is not that incredibly hard to block the routes. Especially with BGP. BGP on the internet also has some bodies regulating route ASN reputation, so those could be potentially null routed.
Anyways, I clearly have no clue what I'm talking about so I'll stop there.
You can poison the routes within the BGP core to send traffic into a black hole. Basically, just tell everyone you have the best path, and they will send traffic to you.
There have been instances of this at the international level with adversary nations “accidentally” routing all traffic through them first. It can be done to a degree that it makes life difficult. They won’t be able to prevent you from finding a VPN that pops you out near a router that refuses the poisoned routes however- not without a global agreement at least.
Tell that to the Chinese and North Koreans
I can't. I don't speak chinese, or korean.