Mullvad VPN: Introducing Defense against AI-guided Traffic Analysis (DAITA)

ForgottenFlux@lemmy.world to Technology@lemmy.world – 727 points –
Introducing Defense against AI-guided Traffic Analysis (DAITA) | Mullvad VPN
mullvad.net

Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.

Through constant packet sizes, random background traffic and data pattern distortion we are taking the first step in our battle against sophisticated traffic analysis.

177

The Chinese Great Firewall (GFW) has already been using machine learning to detect "illegal" traffics. The arms race is moving towards the Cyberpunk world where AIs are battling against an AI firewall.

Careful criticizing China you will awake the Tankies.

You can conviniently block a whole instance from your account now, it reduces this kind of disagreement a lot.

Should you though?

I get it, it's annoying, but the entire "let's block people with opinions I don't like" is probably the single source of pillerization and increased extremism on the internet.

If I'm not allowed to have a discussion or disagreement with you, and get kicked out instead, I'll just go to places where they will talk with me and where it's chock full of other idiots like me who are much more extreme and in our safety bubble we can all continue not beat the same dead horse and circle jerk and make eachother more extreme because there are no dissenting voices, there are no voices or reason and calm, there are no cooler heads around.

This entire moderation where we simply started dumping people with who we disagree has made the world a.much, much worse place.

Granted, it sucks to have to deal with crazies and extremists, but at least whilst they're in the group we can all keep them grounded in reality.

If Iā€™m not allowed to have a discussion or disagreement with you, and get kicked out instead, Iā€™ll just go to places where they will talk with me

I actually tried to, and if it was possible to have rational and polite discussion, without straw man arguments, dog pilling, personal attacks and finally threats of violence, I would have continued to try. But sadly all of this happen, multiple times.

At some points I considered leaving Lemmy, thinking that this federation as a whole was not safe for debating. But then I started understanding patterns, either it was from the users from a specific instance, or it was communities from a specific instance that turned like that. Overall the pattern seem to be that if the instance mentions extreme political ideologies in its description or if the profiles of its admins do, then debating is not possible.

If they want to stay connected to people to avoid the circle jerk, they have to work on themselves too (ex: learning to debate politely), you can't except us to absorb all the damages to help them avoid radicalization. It's like walking towards a terrorist group with flowers while they are shooting around and expecting them to be inspired by your pacifism.

I do enjoy debating and questioning my own beliefs, but I am not on Lemmy to consume my mental health, so I need to take some actions to protect it.

not safe debating

Sorry, just to comment on this one: I really dislike that phrase, its use is part of the reason why we are where we are. You ARE safe, all the time. It's not like you talking in a lemmy instance puts you at risk of being shot in the head.

You may encounter assholes, and opinions that you don't like but that doesn't make you unsafe. Uncomfortable, mayby, for having to read information you oppose?

A black man driving and stopped by US police can claim he feels not safe. We lemmies are perfectly fine. I think many people need to grow a little thicker skin in that regard.

Uncomfortable, mayby, for having to read information you oppose?

dog pilling, personal attacks and finally threats of violence [...] I am not on Lemmy to consume my mental health

Not all violence is physical.

I think many people need to grow a little thicker skin in that regard.

Are you blaming me for not having a tick enough skin instead of blaming the behavior of attackers? Please reconsider that thought.

not all violence is physical

Yeaaahhh, no. Though there is verbal abuse out there, whenever people start talking about verbal violence they're basically tslkit about any opinion they don't like.

Blaming you for not having a thick enough skin instead of blaming the behaviour of the attacker

I would not blame you if someone hits you without provocation, but in my admittedly personal experience, people tend to talk shit, then get told off and claim violence, or they may hear an opinion they don't like and start talking about attackers, somehow.

Inciting violence In a group context very much is verbal and leads to violence.

Threats of violence are a type of violence because a sensible person has to react and prepare for the violence.

I'm not on the internet or lemmy to make the world a better place, I'm on here to kill time/enjoy myself/learn some things. I dont have the mental space to deal extremists, and particularly extremists that have a world view thats incompatible with itself if taken at face value, and I certainly dont have anything valid that I can learn from tankies, and as such, my block list has gotten quite large, and my general mood has increased because of it

This is my thinking for using .world. I donā€™t get all my news or interaction from Lemmy or the internet as a whole, and Lemmy is small enough that it has an almost zero impact on broader society. I respect those who try, but if my internet experience was antagonistic or frustrating Iā€™d probably just stop using it.

I also feel that conversations of that nature are best had in person, where thereā€™s a higher chance of changing minds. Iā€™ve no proof but it feels like internet discussions are taken less seriously and thus merely end before any opinion changing can occur.

You also have far less info on internet conversion on whether or not its being had in good faith, which is an extra hurdle on opinion change

Maybe, but your list is, in part, so large because we keep pushing people out to let them become extremists

I ā€œblockedā€ hexbear, because a mod didnā€™t take the time to use their brain, labeled me a ā€œpedophile apologistā€ and banned me from the entire instance. If they moderate based on ā€œI donā€™t care what actually happened, Iā€™m madā€ then Iā€™m not going to bother interacting with them.

Hexbear mods are paid to spread propaganda, not use their brain, two fairly exclusive activities.

And that's the problem from both sides. You both need to continue talking. I got banned from Reddit subs too for literally asking questions or wrong think.

People need to grow skin

I literally canā€™t. Even when an interaction would have happened outside of hexbear, their users canā€™t see my messages.

My blocking them was just to prevent me from seeing content I couldnā€™t interact with.

I was planning to, but ultimately didn't. I have handed out personal blocks to obvious trolls and a brunch of hexbear users that spammed gifs in every single thread though.

Not even grad? Wow.

Nope. I have filtered both grad and hexbear out of my feed though, I don't need their shit there. And don't forget that many instances already are defederated with them, so there's also fewer of them through that!

This operates under the assumption that there are good decent people on every instance, but instances like Hexbear and Lemmy.ml are inherently corrupt and run by people who want to sow misinformation and chaos to negatively impact western powers. I'm not saying the whole thing is a Chinese operation, but if it were then it would be run exactly the same way it is now.

All the more reason to walk around on hexbear and talk to people

I'm sure they will absolutely love that, let my go pick some out for you:

HERE

HERE

HERE

all fresh new "people" convos for you that are definitely not state sponsored or anti-nato in any way.

I don't think your whole thought process differs from a tankie. They think the same in a "my team is better, other one is sowing misinformation" way.

Lmao, Tribalism is certainly a problem with our society, but ignorance of people clearly acting against your interests is no solution.

Yeah, I don't block instances, just individuals that have proven to not act in good faith. I try to expose myself to as many diverse opinions as possible, but know if the people holding those opinions can back it up with facts, or are at least willing to consider the possibility that they're wrong, and I try my best to do the same.

Problem I see with this is that a lot of "I block people who act in bad faith" have hair triggers when it comes to what they consider bad faith. I see their comments all over the place where its a disagreement and 6 comments in they're claiming the other person is acting in bad faith and they're blocking them

Yeah, that certainly happens.

I personally have only blocked like 2 users. It takes a lot for me to do it.

I very well get what you're saying but a lot of people don't understand the difference between "has a valid opinion I disagree with" and "is a flame troll LLM" and just block anyone with an opinion they don't like, loudly proclaiming"you are a bad fatig actor!"

I think it really made the entire world a worse place to be in, everyone is in their own echo chambers now, nice and safely shielded from scary opinions that don't align with their warped world view.

Yup, and I don't know the solution here, but I'm honestly giving it a solid try. I intentionally place myself in online groups where people disagree with me to hopefully learn something from them and challenge their own preconceptions. I'm working on a ranking algorithm that should help highlight insightful content based on a web of trust (trick is to trust people who vote based on constructiveness, not agreement).

People point to media companies and politicians for the reason we're so divided these days, but really that finger should be pointed back at us, the people. Those politicians wouldn't be in power and media companies wouldn't optimize for divergent opinions if we vote them in and reward them.

I don't know the solution here, but I try to do my part. I live in a very conservative area, have libertarian views, and spend my time on leftist social media. I just hope it all balances out in the end.

Being able to block what you want is great, having other people decide what to block for you is not.

I would argue it's not. It caused people to become more and more extreme, locked in their own echo rooms where they just become more distant from a common center....

"let's block people with opinions I don't like"

I don't think a lot of them are actually people, but rather LLMs. Also, does it count as "people with opinions" when it's shills paid to spread authoritarian propaganda?

I do agree we should limit personal blocking, but that's because we need to collectively manage the Fediverse. There's no budget for countering misinformation campaigns, just us.

Instances blocking propaganda instances, on the other hand, is fantastic. It's what we need for the Fediverse to survive instead of going the way of Voat and other extremist communities.

While LLMs have become a problem recently, this problem existed since way before that

Because engaging in discussion with certain groups, does nothing but legitimize and amplify their messages of hatred and bigotry you fucking genius.

You don't engage in polite discussion with people that want you dead, that want to seize power and implement fascist authoritarianism, and who want to purge the "impure".

How you deal with it is by aggressively reacting to and putting down their bullshit, and denying them platforms which to spread their messages and hatred.

People like you, who want to wring your hands and play nice and polite with nazis and their ilk, are doing nothing but pushing their agenda for them. People like you are nothing but collaborators, and people like you will end up on the wrong side of the stick alongside everyone else once you've outlived your usefulness.

I eagerly await your reply of "oh well that just means you're intolerant and that makes you worse than the (insert authoritarian flavor of choice) that i want to politely talk with!"

I didn't vote on your post, but want to say that you're not going to convince many people with an antagonistic approach.

Well thats a condemnation of yourself, then. Not of me.

Cause if you cant see what engagement, and by extention, legitimization of their points due to that engagement, has done by this point.. Then honestly you're either blind and ignorant, or one of their agents trying to open the door with a soft approach..and I will always be antagonistic to them. If you find offense to that, then you just reveal that you're on the wrong side of that line.

Funny how you call everyone hateful while being so full of hatred. You literally talk about becoming violent once outlived my usefulness, yet other are the violent ones?

YOU, my man, are the problem hwre., you are the authoritarian here, not others.

Hence me talking to you because I prefer to keep the discussion going. Noone is beyond saving. Do some reading up on Daryl Davis, he would be a good influence on you.

Most extremists, like you, are not inherently violent, bad, or beyond saving. You're simply a bit lost and maybe need to do some talking, have someone listen to you and validate you. Some different points of view can be very helpful to get rid of that hate that you feel inside you

Yes, I'm the bad guy for being mean to nazis and not legitimizing their arguments with engagement.

and replying to a month old post so you can hide from the inevitable replies you'd get for your soft handed "plz wont you think of the nazi's and legitimize them with engagement and discussion" propaganda is fucking bullshit, and cowardice.

You were a nazi enabler a month ago, and you're a nazi enabler now. Now Fuck off.

Ahh the 'war only' no diplomacy strategy.

Your belligerence invites fascism, because anything you disagree with you will meet with violence. Even if your group starts off fighting the good fight ethically they will fall to fascism over time.

"OMG YOU'RE AGAINST NAZIS, THAT MAKES YOU EVEN WORSE THAN NAZIS"

Eat shit, Nazi Sympathizer. Your soft hands approach for opening the door for other nazis is blatant and obvious. as is you and your cohorts suddenly coming back to this thread month old thread immediately after the Orange Moussolini conviction just makes it all the more obvious.

1 more...
1 more...

Bullshit

You are the guy who gets in a disagreement, call your opponent a Nazi and then punch him, excusing yourself with "he was a Nazi"

You quite literally are the same as Nazis, just that you have a different reason for your behavior than they have.

So yeah, now fuck off, Nazi

Yes yes yes, you've been called out and now its everyone else thats the nazi.

Go dab your tears with your well read copy of Mein Kampf and take your bullshit elsewhere.

Stop making my points that you keep calling random people a Nazi just and only because you disagree with them.

You quite literally are the template of a violent extremist. You already said multiple times you don't shy away from commiting violence on those you think are Nazis and, you continuously call people Nazis because you disagree with them. That literally makes you a violent extremist, exactly the same as a Nazi, just on the other side.

I pity you for not being able to see beyond your hatred, and I worry that I see so ma h hateful people like you here.

Yep.

I'm such a hateful person cause I don't tolerate nazis.

And that causes you egregious offense, for some reason, So much so that you came back to a month old post immediately after the orange dick-tater was convicted to start trying your soft hand shit again. But you're totally not a nazi. You're just taking offense on their behalf, and demanding that they be accepted and legitimized. with incredibly suspicious timing.. But totally not a nazi. Noooo.

No, you don't hate Nazis. Look at this entire conversation. You hate people that disagree with you, and you like being violent so you justify your aggression with calling the other side a Nazi.

1 more...
1 more...
1 more...
1 more...
1 more...
2 more...
2 more...
2 more...
2 more...

Okay, which instances should I block to get rid of the tankies?

Lemmygrad and Hexbear are the most obvious ones, sadly lemmy.ml is also part of them in my experience despite not being obvious about it (you have to check the admins and mods profile to see the link) and having some good content when it's not about politics such as tech. There may also be some defederated by my home instance admins that I may not be aware of.

7 more...

HI WINNIE POOH! How have you been, have you had your daily dose of honey yet?

One day those tankies people here keep talking about are going to show up.

One day.

I always check under my bed each night to make sure there's no tankies.

After I blocked hexbear and similar instances I haven't scene them which is nice. Occasionally I'll see a Lemmy world one but that is pretty rare.

Iā€™d say they are more common on Lemmy.ml than Lemmy.world

Yup. I generally avoid communities on lemmy.ml and I'm much happier for it. I used to sub to several because that was the biggest instance, but now other instances (this one, mine, and some others) are big enough to replace the stuff I don't like there.

I don't like that the community is divided like this, but it's more pleasant I suppose.

Lemmy.ml was originally only federated with Lemmygrad.ml, so most people who stayed around in those days were quasitankie themselves

Lemmy.world has many tankies. You keep seeing them pretend israel is not committing Genocide and America needs to kill all student protesters Tiannenmen style. They are also called liberals

Lemmy.ml does not have many tankies.

I think our instance defederated with hexbear.

7 more...

I have some first hand experience with this. Brand new XMPP server, never before seen by anyone in the world, blocked within about 12 hours. Wireguard VPN on AWS lasts for a few hours on some networks, more on others. Never longer than a few days though.

From China?

I was there in 2017 or 2018 and set up a Shadowsocks server before I went with whatever the latest mitigations were that I could find at the time. My server wasn't completely blocked, but ended up getting throttled to hell after a few days.

7 more...

That's one of the reasons why I love Mullvad, they actually care about their customers, not just about their bottom line

I wonder how much of a bottom line they actually have given how cheap their service is.

I'm pretty sure they are profitable, considering they were founded in March of 2009. You can't really run a company without profits for 14 years, right? Just routing network traffic isn't that expensive after all. They are the only ones being honest about it, other VPNs charge way more because they only want to extract money from their customers.

Cheers. Network related stuff isn't my forte so I really have no idea about the costs. I just figured that the moment you start adding a decent amount of users the costs will go up, and ā‚¬5 seems like a really fair price.

It's actually the other way around, the more users you have the cheaper everything eventually becomes

Economy of scale?

Yes, there's no reason this wouldn't apply to a VPN provider. It's also the reason NordVPN or Surfshark is so incredibly cheap.

They have lots of users -> They can pay lots of money for advertising -> They get more users -> Everything becomes cheaper -> They can pay more for advertising

You get the point

7 more...

If only they didn't bend the knee to the five eyes and drop port forwarding

They got rid of port forwarding to improve the reputation of their IP ranges. That makes it less likely for Mullvad users to get blocked by CDNs like Cloudflare and Akamai when visiting websites. If you want port forwarding, just use AirVPN or rent a VPS and use that. Not sure what you're talking about, but Mullvad is based in Sweden, which is not a part of the five eyes alliance. It's a part of 14 eyes, but Sweden has very strong privacy laws, Mullvad even has an entire page about privacy legislation in Sweden: https://mullvad.net/en/help/swedish-legislation

They also have a page that explains how Sweden being part of the 14 eyes alliance doesn't really affect Mullvad: https://mullvad.net/en/blog/5-9-or-14-eyes-your-vpn-actually-safe

Their office was also raided by prosecutors last year, and they weren't able to seize any customer information, because Mullvad doesn't store anything about their customers: https://mullvad.net/en/blog/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised https://mullvad.net/en/blog/update-the-swedish-authorities-answered-our-protocol-request

you don't even have a "real" user account with them ffs. I think if they really wanted to fuck people over they'd have introduced mandatory email linked to accounts long ago

Yup, and you can pay using crypto or cash if you want, and you'll never need to let them know who you are, where you live, etc. All they care about is that your account number gets paid, and that's it.

5 eyes shit is dumb pop security anyway. As if the CIA can't rent colo space in Kazakhstan and market you some extra spooky VPN.

7 more...

No port forwarding really kills the utility though - I mainly use the VPN to do port forwarding (e.g. for video games, Plex, etc.) as my ISP is shit.

Like I'm not worried about state-level de-anonymisation, I just want to be able to share services remotely and have a minimum level of anonymity.

Port forwarding removed because hosting threatened to kick mullvad out. Lot of shit hosted through that. No hosting, no vpn, so needed to remove to continue operate.

Port forwarding means torrents. People using a VPN to torrent likely have much more traffic, especially those that seed (which is why they want port forwarding). Not enabling port forwarding means mullvlad can operate at a higher profit to cost ratio, and less risk.

That's what mullvlad say. It's not necessarily the reason why they don't offer port forwarding.

It was always possible for them to continue allowing port forwarding. They could use separate servers for those that want port forwarding, stopping any impact port forwarding had on those customers.

Humā€¦ this was one of the original reasons I signed up with them. I totally missed them dropping support. Iā€™m not mad about it because I donā€™t torrent much anymore, but itā€™s still a pretty lame excuse.

I want all my services supporting maximum fuckery at all times as a matter of general principle.

Any alternatives that you know of?

Torrenting works fine with Mullvad in my personal experience, and will pretty much up to my current ISP speed limits (which is 200Mbps download).

Can't really guarantee you that it will be as good if you're hosting your own seedbox over their VPN (then again if you're doing that you should probably pay for a proper seedbox hosted elsewhere) but if you've downloade something and the just leave it seeding, it seems fine.

I canā€™t honestly say Iā€™ve ever had much trouble with it either. No trouble receiving files at leastā€¦ there wasnā€™t much outbound traffic, but that could just have been a lack of interest :-)

Iā€™m happy with Mulvadā€™s service and now that the initial shock and indignation is wearing off Iā€™ll probably stick with them.

Besides I read about their new traffic obfuscation and Iā€™ve got to give that a try. We need proactive innovation like that, now more than ever.

I personally like AirVPN. Pretty good speeds depending on the server. You can port forward and have up to 5 devices connected simultaneously. Make sure you're using the Wireguard protocol.

Only issue is that Eddie (their GUI) kinda sucks. Works okay on Linux, and probably same on Windows. The Android one just really sucks.

I personally just download the wireguard configs to use.

ProtonVPN has it, and Wireguard support.

Thank you. Itā€™s good to know I have a few options.

You should be using a seedbox to torrent in this age. Let the company run their business, if they don't want to be a part of the group that allows torrents, so be it.

If so easy to fix issue, why not make company and fix it?

There are plenty of other options in the market, including ones with port forwarding. It's a very saturated market.

That sounds strange given that Mullvad works fine for torrenting in my personal experience and even up to quite a good speed (it can use the full 200Mbps download speed from my ISP)

Also modern NAT will do deep packet inspection on common well known protocols to automatically adjust the port of your machine listed on any "here I am" protocol messages being sent out from your side to be an actual port on the VPN Router and to have an internal association of that port in the Router with the actual port in your machine so that connections of that port can be sent to your own machine and the actual port in it that are used.

It's only the pure listenner services (such as webservers and e-mail servers) were the port is pre-defined by convention and not a variable one sent out on any "here I am message" that require explicitly configured port-forwarding on the VPN Router side, plus because the port is fixed by convention for each type of service (such as port 25 for SMTP and port 80 for HTTP), off all the clients connected by VPN to that VPN Router at any one time, only 1 will be able to get that specific port.

You need port forwarding to connect on torrents. Your able to torrent because everyone you torrent from has port forwarding enabled. If you want to access more seeders, and more commonly leechers you need port forwarding. This is useful for people using private trackers that want to maintain a ratio.

I can download at the maximum rate my ISP supports and I can seed after downloading (probably only to those clients which my own client has connected to).

However I cannot seed in a brand new session during which I did not download that specific torrent (as I just tested).

I expect this is because, as I explained, the NAT implementation actually tracks which IP addresses your client connected to and through which VPN Router port that went so that subsequent connections from those IPs to that port get sent to the right port in your own machine, but it doesn't support uPNP/NAT-PMP port forwarding so the bitttorrent client cannot configure on that VPN Router a static port-forwarding so that it can listen for connections from any random client.

So if I understand it correctly it totally screws self-hosted seedboxes and if you want to give back to the community you have leave it seeding immediatelly after downloading and it's not going to be seeding anywhere as fast since its limited to peers connected to during the dowload stage.

ProtonVPN has it though, which is what I'm using now.

How does port forwarding help with videogames?

I host a server, I forward the port, my friends can connect to the open port on the VPN side.

My ISP does not offer port forwarding.

Someone else pointed out Tailscale; I've had luck with free tier VPS+WireGuard.

I have an Oracle one which has worked well. Downside is I did link my CC, because my account was getting deactivated due to inactivity (even using it as a VPN and nginx proxy for my self hosting wasn't enough to keep it "active"). But I stay below the free allowance, so it doesn't cost.

That said: as far as anonymity goes, it's not the right tool. And I fully appreciate the irony of trying to self-host to get away from large corporations owning my data...and relying on Oracle to do so. But you can get a static IP and VPS for free, so that's something.

Alternative maybe i2p or tor network. Or make vpn to anon vps and host from there.

I love these guys. Let's see if somebody can just bootstrap the FOSS framework directly on TCP to work on the internet without a VPN. Fantastic project

Those words sound cool and mean literally nothing

Bootstrapping See the Application section specifically.

FOSS = Free/Open Source Software TCP = Transmission Control Protocol VPN = Virtual Private Network

These words mean a lot actually. Pretty basic terms when it comes to the internet.

That means the same as fossing the tcp so it bootstraps your privacy.

See I can sound like a bot too. Or a journo.

I think they meant the comment as a whole doesnā€™t really make sense, itā€™s a bunch of technical terms kind of shoved together. If you understand it can you explain what it means?

Yes, the individual words have meanings, as words tend to do. Those words, in that order, form a NCIS, two people typing on the same keyboard, level word salad that has so little real world relevance that it tips soundly into the absurd.

I'm afraid just generating random traffic from your IP address won't do anything against traffic flow analysis. Because most internet traffic is point to point, people who are interested in the flow, just follow the traffic moving between various points. So if you're sending extra traffic to other random sites, it doesn't interfere with point-to-point flow analysis.

In the context of a VPN, because all of your traffic is encrypted, you have to work harder to determine what traffic is going where. Because all traffic is going from your network to another virtual network. So an outside observer just sees the size and frequency of traffic but not the destinations. In this context since they don't see the destinations, it makes sense to add random traffic flows, because that'll obscure the signal that the observers are looking for.

Considering that VPNs are Point-to-point too (home->VPN), I was wondering if one could use DAITA with TCP directly instead of having to use a VPN. Imagine if TCP had DAITA baked in.

Even if you baked in variable packet size into TCP. It would be trivial for anybody monitoring network flow, to see you who you're talking to. There would be no ambiguity.

The only reason this makes sense for a VPN, is there's a lot of traffic bundled together, so a third party doesn't actually know where your traffic flow is going.

Consider the example if you ran your own personal VPN endpoint. So you were the only user on the VPN. Even with randomized traffic flow injected into your VPN connection, it would be trivial for any third party who's monitoring traffic flow to know that traffic is yours. Because you're the only VPN connection talking to the VPN server. This thought experiment applies when you don't have a VPN at all.

If I were to send packets to a single entity over time, I'd have no use for DAITA. I agree with you on this.

However, let's say that I run a bunch of VPN endpoints across VPSes, and the entity trying to track me doesn't know about all of these IP ranges. I could be renting from a colo, the cloud and even a a bunch of friends who have their ports open. If I were to mix this in with my usual internet traffic, it becomes significantly harder for third-parties to figure out what I'm doing connecting to all of these different IPs. A state actor could put the resources behind it, but the average third-party will have a hard time with it. I can certainly see use-cases for it.

I think we're mixing up vocabulary.

Every IP you talk to is visible to anybody monitoring your network. The sale of net flow data is commonly acknowledged by ISPs. So every computer you talk to is common knowledge for sale.

In your scenario, let's say you have five VPN connections set up to go to five endpoints that you control. But if nobody else is using those same endpoints. Your net flow data still exposes exactly what you're doing. There's no ambiguity. Your traffic is plainly obvious to anybody observing the network. Even if those VPN connections are adding randomized traffic onto the links.

Except that I will not necessarily be connecting to the exact same IPs over time, just going to do so in specific ranges which the VPS/colo owns. There's plenty of people who are going to be renting VPSes and will have their traffic originate from the same IP range as mine, which means that if everybody using TCP had their traffic anonymized like so, the third party wouldn't actually know that MigratingToLemmy specifically was connecting to AWS at a certain time and from a certain location, so to speak. This hypothesis doesn't include correlation through other data in the threat model. But it could definitely prevent correlation with traffic across locations, which is similar to what Mullvad states

I'm sorry no. This will not help you avoid flow analysis

I think you both are talking past each other. You said "But if nobody else is using those same endpoints." but @MigratingtoLemmy@lemmy.world said "Thereā€™s plenty of people who are going to be renting VPSes and will have their traffic originate from the same IP range as mine". Reading this thread, it seems like you both have different network setups in mind.

Thanks for pointing that out. I tried to address that. When I responded about net flow analysis. Having the same IP range as other people does not let you hide in the crowd. The net flow data will identify exact IPs.

Hypothetically, what if everybody in the world were using mixnets to obfuscate destination/origin, and then mullvad's DAITA to obfuscate traffic timing and size. Would netflow analysis be able to defeat that?

What is a mix net? Something like TOR? An onion overlay Network where the routing goes between multiple hops before it exits the network?

Let's go through a few scenarios first

Scenario A: you have a link to a common VPN endpoint, that other people use. On this link you generate traffic, a consistent 1 megabyte per second up and down.

There is now ambiguity about what traffic goes into the VPN, and goes to you. And outside observer would not be able to deduce what traffic is yours just by size and timing.

This is the gold standard. You remove all possible signal data.

Scenario B: everyone is using a onion overlay network, and their traffic has a little padding added, and a little extra timing added at every link. This would reduce the probability and outside observer could deduce the entire end to end flow of your traffic. But the type of your traffic could defeat whatever level of obscuring is happening. Imagine you have a real time connection to an network, and you're typing out Morse code.... - - - - sort of thing. Imagine each of those packets has a different size. If I'm observing the network for long enough, I'm going to notice the Morse code type of packets, with the timing and the size go through the onion network. There will be some ambiguity. But enough traffic over enough time would give me high confidence that you're the source of the traffic. Because the extra obscuring traffic has a probability, but not a guarantee, of masking the shape of your traffic.

So scenario a is the gold standard, scenario b would be better then nothing. Having a global onion network has its own issues, now you have to trust many nodes instead of one node. All this is down to your threat model and how much effort you're willing to do.

1 more...
1 more...
1 more...
1 more...
1 more...
1 more...
1 more...
1 more...
1 more...
1 more...
1 more...

Err... Like.. a 2009 Java applet? Those were built straight on TCP. And the lack of security let anyone else in the same LAN cafe steal your password.

The closest thing I can think of that goes for the vibe you're talking about is I2P

1 more...

How about defense against dhcp option 121 changing the routing table and decloaking all VPN traffic even with your kill switch on? They got a plan for that yet? Just found this today.

https://www.leviathansecurity.com/blog/tunnelvision

Don't you control your dhcp server?

The Option 121 attack is a concern on networks where you donā€™t.

Exactly where youā€™d want a VPN. Cafes, hotels, etc.

True that. Hadn't thought of that as it's not my typical VPN use case.

I'm not sure what a VPN provider could do about that though, they don't control the operating system's networking stack. If the user or an outside process that the user decides to trust (i.e. a dhcp server) adds its own network routes, the OS will follow it and route traffic outside of the tunnel.

The defenses I see against it are:

  • Run the VPN and everything that needs to go through the VPN in a virtualized, non-bridged environment so it's unaffected by the routing table.
  • Put a NAT-ing device in between your computer and the network you want to use
  • Modify the DHCP client so that option 121 is rejected

Edit: thinking about it some more, on Linux at least the VPN client could add some iptables rules that block traffic going through any other interface than the tunnel device (i.e. if it's not through tun0 or wg0, drop it). Network routes can't bypass iptables rules, so that should work. It will have the side effect that the VPN connection will appear not to work if someone is using the option 121 trick though, but at least you would know something funny was happening.

Of course but you don't control rogue dhcp servers some asshat might plug in anywhere else that isn't your network

I swear the defense against the dark arts teacher just keeps getting weirder and weirder.

I can tell you that this exists way before AI, I wish that there was more awareness earlier but it's good that now its starting

So it's like a VPN-busta-busta?

What if they have a VPN-busta-busta-busta though?

Then we have to wait til they drop the legendary VPN-quad-busta

I use Mullvad really good, love how they don't care who you are and can actually maintain complete anonymity even in payment.

Propably going to be banned soon for some stupid reason if gets popular, like free speech is allowing the terrorists make bears cry or something.

Windscribe had something similar already? Not exactly this, but they had a feature to add other random traffic to your network specifically to work against systems like these.

Soā€¦ Tor?

Not just tor. Tor plus random traffic.

Let's say across your VPN you always sent one megabyte per second of traffic even if you had nothing to say. And then everybody connected to the VPN endpoint did the same thing. Then it gets very difficult to actually follow the traffic flows of the encrypted packets. You don't see a large chunk of data passing through the network

Tor does this to and is much better than a VPN

It does not generate random traffic on your link to Tor.

No but people generate random traffic

The point is that for a state actor which can watch (or at least buy detailed traffic data for) both ends, a certain pattern of packets happenning from your side to a known Tor entry node and the exact same pattern between a specific server being watched and a known Tor exit node on the other side will indicate that it's your machine connecting to that end server, the more such patterns spotted the higher the level of confidence.

This is quite independent of how much your data is mixed with other data inside the Tor network and how many nodes it has been routed around, because this kind of analysis doesn't care about the IP address your machine is sending requests to or the IP address the watched server is receiving request from, it only cares about your pattern of data requests and responses matching that server's pattern of received requests and returned responses.

Whatever protocol is in the middle is wholly irrelevant. At best if the website is heavilly used and you're lucky, the specific end node (be it the router on the other side of your VPN connection or the exit node of your Tor connection) sending your requests to that server might have other users also sending requests to that server hence you're all disguising each other's pattern, but this is to do with popularity of the service more than the protocol itself being good at defeating this kind of analysis.

Edit

This is not entirelly true - if the protocol changes the exit node between requests to the server then it can disguise your pattern. However given that changing the IP address from were the request comes breaks all the keep-alive performance optimizations in HTTP since v1.1, performance would be horrible at least for web browsing in modern websites (which have tons of additional content associated with a typical webpage).

/Edit

It's all there in the Mullvad post (so you need to actually read it) and it helps if you have a background in IT Security and Cryptography since there are kinds of attack using similar mathematical principles in other areas (such as the statistical analysis of unchained symetrical encryption protocols to derive the text from the encrypted text based on the probability of the words and letters occuring in a specific pattern or the power consumption analysis of cryptographic microchips such as those in smartcards to derive the encryption keys based on the way power was drawn by the ALU during encryption and decryption, a weakness which was funnilly enough also defeated by adding noise in the form of junk operations).

It's all pretty obvious, really ;)

I just think VPNs are over hyped. At the end of the day if someone is monitoring both sides it was game over a long time ago. Also there is no way to know what is on the other side of a VPN.

What would be interesting is a paid I2P or Tor exit proxy.

Oh yeah, people thinking that VPNs are the end-all of Privacy and Security against eavesdropping in the Internet aren't really informed enough to understand that there are quite a lot more attack vectors than just a person's IP address.

That said no-logging VPNs do remove one from the "low lying fruit" category for things like legal companies sending "gimme money because we detected you infringing our copyright" letters to people doing file sharing using things such as bittorrent. This is because they remove the easy way for such companies to get a person's information when detecting file sharing from a specific IP address: one thing is getting the target by a process as simple as sending an e-mail to a local ISP demanding the identification of a user using a certain IP at a certain time due to copyright infringement (using the laws made for just that purpose during the last couple of decades in several countries), a whole different ball game is to first having to get a Court Order in an altogether different jurisdiction to force the VPN provider to install some kind of wiretap-equivalent to catch such a user at a later time for a case of Copyright Infringement - it costs way too much, takes way too much time and has way too much risk of being laughed out of court (methaphorically speaking) to be worth it for a case of non-commercial Copyright Infringement, especially if there is an overabundance of easier targets.

As with everything else in this world, VPNs are good tools for certain jobs, not some kind of silver bullet for Privacy and Security against eavesdropping.

My philosophy is that a VPN is strictly better then your ISP logging all your traffic, and is part of basic data hygiene.

Tor is much better than a VPN privacy wise. However, you are limited on speed and stuck with TCP.