reply on: Who is more trustworthy: your ISP or your VPN? \ stacker news ~privacy

pull down to refresh

202 sats \ 2 replies \ @optimism 19h \ parent \ on: Who is more trustworthy: your ISP or your VPN? privacy

Packets are the atomic data containers that you use to communicate over the internet.

Packet logging is simply the act of capturing that data at the transport level. Often packets are logged, processed and discarded ¹. Much of this originates from the EU - of which both Belgium and Austria happen to be member states. To the best of my knowledge, the main body of text covering this is Directive 2006/24/EC.

For example, the 2005 comms law in Belgium (only available in Dutch, ugh) dictates a ton of information that needs to be stored by Belgian operators based on usage (including usage that fails.) This includes for example timestamps of sessions, with IP and port information. In practice, most (allegedly all) Belgian ISPs consistently fail to do this because it's too much data to store except for the KYC parts, which you avoid by ordering through a middleman internationally. ↩

100 sats \ 1 reply \ @Scoresby OP 18h

But if it's https aren't they encrypted? I'm sure there us meta analysis one can do on them, but I have been under the impression that encryption prevents some of it.

Now, there is also maybe the risk that they are storing the packets until encryption is broken...but I'm not too worried about that.

102 sats \ 0 replies \ @optimism 18h

Very good questions!

But if it's https aren't they encrypted?

The traffic is, but on all popular OSs (win/android/ios/macos), you have to manually configure encrypted DNS for your DNS lookups to not be in cleartext and the IP address that you're communicating with is too (and it's trivial to reverse-lookup) so your ISP can easily find out where you're going.

there is also maybe the risk that they are storing the packets until encryption is broken

There were some allegations that specific traffic, like all tor traffic, gets logged for later correlation, but I can't remember if I've seen direct evidence of that. Wouldn't surprise me though if that were the case.

But for the majority of traffic this wouldn't be feasible. I.e. an X post with 3 million views would be stored 3 million times, including all the megabytes of bloat surrounding the actual few 100 characters... Now imagine a 7GB youtube HD video. A Netflix series everyone binge watches... and so on.

Footnotes