Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Encrypted traffic
November 11, 2005, 12:53 am
rate this thread
I was thinking about the scenarios under which encrypted network
traffic is most useful. I understand that in a university network it is
very important. But if I am connecting to a web site from home or
telnetting to a server from home how much does it buy.
In this situation, the network packets will go to the nearest gateway
(where the ISP will log it, parses it and collects data) and then
routes it until it reaches the company's gateway and the server. So the
only possiblity here some one in my ISP or the company sniffs the wire.
The company (say yahoo) will anyway have the information if they want.
Even in the ISP's case the packets go through the servers for
processing and so the admin there has to look at them.
Dont get me wrong, I understand security and am paranoid. I was just
reading an old vulnerability in SSH1 where the password length can be
known by sniffing the wire and it got me thinking. What exactly are the
scenarios under which I will definitely benefit from using encryption.
And should I hold it against yahoo or some service for not using
Just wanted to start a conversation and look at scenarios I am missing.
Re: Encrypted traffic
It depends on your threat model - what are you trying to protect against?
What are you protecting yourself from? Are you worried about spies from
country $FOO finding the secret war plans? A competitor gaining the recipe
for those chocolate chip cookies? The instructor (or Mommy) finding out
that you're surfing to that pr0n site with the pictures of the Chihuahua
wearing an eye patch and the Great Dane wearing fishnet stockings? Or is
it the cops (or worse, a three letter entity) interested in your illegal
activities? Then again, maybe nobody even cares. Your call.
A lot depends on the network topography. Is the local network coax or
token ring, or twisted pair using a hub (everyone locally may have a
chance to sniff the packets as they go whizzing by), or twisted pair
using a switch, or fiber (packets harder to sniff). Who has access to
the media and where? How interested are they in what you are doing?
How much effort (and money) are they likely to put into the task?
If the information is desired, anyone who has access to the media between
your computer and the computer at the other end of the connection CAN
look at it. You have to decide if you think that they may want to, and
take appropriate action.
Before/during World War Two, all German military communications hardware
used to have a small sign in plain sight of the user that read 'Feind h<F6>rt
mit!' (also seen posted as "Feind hoert mit!") which means "The Enemy is
Listening". The German Luftwaffe [WW2] Signals Command took it even
further with "Aller Funkverkehr ist Landesverrat" which means "All radio
traffic is high treason". Information you don't spray to the four winds
is harder to intercept, and less likely to be exploited.
If someone isn't protecting your information that you consider sensitive,
don't let them have the information in the first place.
You're posting from google, using a Comcast address. Your comcast news
server has more than 20 newsgroups with the word 'privacy' in the name.
Re: Encrypted traffic
Sorry for late response. I did not expect any replies to my mail.
I pretty much answered my own question. Encryption is for end to end
security and privacy. The logging done at various levels/nodes in the
internet is what you are trying to protect against. Like you said, it
depends on the threat model I am trying to address. That is probably
why yahoo and other email services only encrypt the authentication part
and leave the rest in plain text. You use encryption because you want
to protect yourself against determined entities.
Moe Trin wrote: