Author Topic: actuall security of the internet  (Read 3104 times)

0 Members and 1 Guest are viewing this topic.

Offline gr33n

  • Serf
  • *
  • Posts: 44
  • Cookies: 2
    • View Profile
    • Gr33nion.com
actuall security of the internet
« on: March 08, 2013, 07:06:28 am »
I was wondering how things like ssh and ssl are actually secure if everything has to pass through an ISP could the ISP just do a MItM attack and then be able to see what you are actually looking at?
So in the form of a government censoring the Internet you wouldn't be able to have anyway around that other than making your own connections worldwide correct?
Like for example if the Australian government censored the Internet even if I did get to some website securely through ssl my government could still see what I am doing because they would know the "secret" ssl password thing and be able to view what I am viewing stop the people who are viewing things that they don't like?

I am also worried I have this completely wrong and I look like an absolute fool hahah but I will ask anyway :D

Thanks, Gr33n.

Offline DaNePaLI

  • Peasant
  • *
  • Posts: 55
  • Cookies: 12
  • Forever n00b
    • View Profile
Re: actuall security of the internet
« Reply #1 on: March 08, 2013, 08:14:47 am »
I am not a security guru but I would like to share my understanding on the subject matter.

If you are using http or other publicly known for being insecure protocols (such as ssh v.1), the ISP can easily dissect every packet from your network to ISP. Then, the job of ISP becomes way easier. Moreover, there are several attacks such as DNS cache poisoning, misconfiguration in ISP's equipments/setups that can be planted by outside hackers who can then intercept your packets.

If you are using TLS, then I would say you are quite safe unless either your browser trusted certificate is messed somehow or the attacker(s) have control over the Certificate Authority. Please note that SSL/TLS is nothing but an additional security layer for transmitting data. It allows only the two ends (source and destination) to see the data. However, it does not ensure other form of attacks in either the server or in your system. The use of TLS basically ensures two main things: it ensures that you are talking with the right machine at the other end, and it ensures that no one can eavesdrop and gain access to the data you are sending/receiving.

That is to say, the ISPs can at most gather what I would like to call meta-information about your packets such as source, destination, and amount of traffic, and nothing more. Hence, I find the possibility of reading your data to be thin. Of course, if you are more paranoid and can't trust your ISP, you could employ the encrypted tunnels/vpns to proxy all your traffics.

Btw, I don't think SSL has any such secret password thing. SSL is based on the public key cryptography and employs two asymmetric keys (Public and private keys). The idea here is that anything encrypted with a private key can only be decrypted by the public key and vice-versa.