Can the NSA see through SSL browsing?

Discussion in 'privacy technology' started by myerbiz, Jun 17, 2013.

Thread Status:
Not open for further replies.
  1. myerbiz

    myerbiz Registered Member

    Joined:
    Jun 17, 2013
    Posts:
    4
    Location:
    Canada
    They can see originating IP address I suppose but not the details of traffic.
    How do they read emails if the pages are SSL'ed?

    Are there any private 'Internet Exchange Points' that exist outside of the main ones?
    I thought there was a project one in the works by a private company.

    Also, what about a open source program on the PC that encrypts all in/out traffic and networks with other users of the same program to have a total
    independent network? is that peer software? The media should recommend this tech as a way around...
     
    Last edited: Jun 17, 2013
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Maybe they have needed certificates ;)

    Please explain.

    Well, there are Freenet and I2P. Tor hidden services can work like that too. You can also establish P2P VPN connections (through Tor, if you like) and network them to create your own private darknet. And you can create bridges between all of those networks.
     
  3. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    It's easy: they ask the server operator to hand them over the data. No need to sniff the traffic from you to the server.
     
  4. myerbiz

    myerbiz Registered Member

    Joined:
    Jun 17, 2013
    Posts:
    4
    Location:
    Canada
    What if the account data was opened from the TOR, etc.. ?
     
  5. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    TOR has nothing to do with data storage on a server. TOR makes sure that the destination server doesn't know exactly who accessed it. But as soon as you store something there (an email for instance), it can be accessed by others (NSA, for instance).

    So, to recapitulate:
    1. TOR is for anonymity, so the server doesn't know who you are.
    2. SSL is for secure transfer of data (the transit from you to the server).
    3. Encrypting your data (i.e. mails) makes sure that only the recipient (or you) can read it.
     
  6. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    While (hopefully) this may be improving, just because you have an SSL connection to your email provider, it doesn't mean server to server transportation is encrypted.

    STARTTLS can *try* to deliver via encryption server to server, but if just one server says "nah man, send it plain text" you are no longer protected.

    You also have no say in what servers do with each other.

    And this disregards that PRISM may be in the companies themselves, before encryption.

    PD
     
  7. myerbiz

    myerbiz Registered Member

    Joined:
    Jun 17, 2013
    Posts:
    4
    Location:
    Canada
    does TOR reveal your IP across all the TOR computer/servers?
    how is it that one TOR can see the previous TOR's network?
     
  8. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    So true. :rolleyes:
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    I don't understand what you're asking. Please rephrase.
     
  10. JimmySausage

    JimmySausage Registered Member

    Joined:
    Apr 11, 2010
    Posts:
    53
  11. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    SSL, is safe.
     
  12. JimmySausage

    JimmySausage Registered Member

    Joined:
    Apr 11, 2010
    Posts:
    53
    Is your statement unequivocal?
    A man in the middle attack can not happen?
    Getting possession of a companies security certificates is impossible?
    I'm not so sure.
     
  13. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Its safe if everyone that used it was a computer that did not make mistakes. SSL is safe, people are retarded. *Clarification*.
     
  14. Justintime123

    Justintime123 Registered Member

    Joined:
    Jun 15, 2013
    Posts:
    95
    According to Shields UP fingerprinting SSL,HTTPS,TLS can be overcome by using HTTPS Proxy Appliances.

    "Any corporation, educational institution, or other Internet connectivity provider who wishes to monitor every Internet action of its employees, students or users—every private user ID & password of every social networking or banking site they visit, their medical records, all “secure” eMail . . . EVERYTHING—simply arranges to add one additional “Pseudo Certificate Authority” to their users' browsers or computers. It's that simple.

    Because the impersonation is perfect, neither the browser nor the user can readily detect that they do not have a securely encrypted direct connection to the remote web site. Their browser shows every facet of a standard secured SSL connection—all the locks and pretty colors and everything we have been trained to look for and check for are present . . .

    And it's all a lie.

    Instead of connecting to the remote web server, the browser is “securely” connected only to the local Proxy Appliance which is decrypting, inspecting, and logging all of the material sent from the browser. It inspects all content to determine whether it abides by whatever arbitrary policies the local network is enforcing. It's users have NO privacy and NO security. Or perhaps it just silently logs & records everything for possible future need. Either way, it has obtained full access to everything the user enters into their web browser."

    https://www.grc.com/fingerprints.htmhttps://www.grc.com/fingerprints.htm

    A case in point: Blue Coat Systems, Inc.
     
  15. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Hence my comment, only people who know how to correctly use it will be safe to use it.
     
  16. myerbiz

    myerbiz Registered Member

    Joined:
    Jun 17, 2013
    Posts:
    4
    Location:
    Canada
    why isnt each TOR data protected from the next TOR?
     
Loading...
Thread Status:
Not open for further replies.