Joined: 10 Nov 2008 Posts: 2 Location: Scottsdale, Arizona
Posted: Mon Apr 06, 2009 9:10 pm Post subject: Re: [UK] Encrypting traffic totally so that ISP cannot see?
Off the top of my head, the easiest thing that I could think of is if you had a VPN connection to an offshore VPN endpoint. If you really wanted to go crazy, buy an ISP connection in some less restrictive country, set up a gateway to gateway VPN connection to that offshore VPN endpoint and voila! All network traffic is encrypted. Depending on your paranoia (I don't mean that in a mocking way... there is good reason to be paranoid of stuff like this even if you're absolutely innocent), you need to choose a sufficiently strong encryption algorithm and bit strength. 512 or 1024 bit TLS would make me feel secure. Furthermore, make sure that the offshore government doesn't have equally draconian privacy invasion practices (extremely unlikely).
However, once again depending on your level of paranoia and belief of various conspiracy theories, there are allegations of various government organizations having sufficient CPU power and decryption methods to crack live streams of astonishingly highly encrypted data. Rumor at various hacker cons is that the US can decrypt 128 bit TLS at OC-3 speeds... and I think that was several years ago (or was it OC-192 speed? Doubtful...). Furthermore, you can be absolutely sure that your ISP will see that all data from your network is encrypted and pointed at a single node offshore somewhere. They could conceivably flag that account for further surveillance. Any government inquiry could cause your account to be on the top of a short list of "suspicious" accounts and your government might even contact that foreign government to see if they would cooperate to eavesdrop on your traffic as it leaves that network in unencrypted form. Your only hope is to go off the grid, dig a bunker and grow your own food.
If you'll excuse me, I have to go. I need to buy a shovel and some seeds.
Encrypting data is not the answer to privacy. You could use something like PGP or GPG to encrypt your mail but your ISP will still be able to see who you send emails to. Even this has its issues as your friends would have to use it to encrypt emails to you. For your web traffic, if it is encrypted then your ISP will still be able to see the addresses you go.
The previous post about VPN is a reasonable approach but absolutely impractical. At the moment no one offers these services and I doubt they ever will as they would need more than double the bandwidth to operate.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum