[LINK] https/metadata
Kim Holburn
kim at holburn.net
Tue Dec 6 15:15:27 AEDT 2016
> On 2016/Dec/06, at 2:39 PM, Bernard Robertson-Dunn <brd at iimetro.com.au> wrote:
>
> A somewhat technical question.
>
> If you use https, the contents of your interchange are encrypted.
> However, the fact that you have gone to a particular IP address is still
> in the clear.
https creates an encrypted connection with an IP address before any data is transmitted. In this case the only "metadata" as such is a connection between 2 IP addresses and a destination port number. Since there can be a number of virtual servers on one IP, it may not be enough data to identify the website you visited. But probably previously there was also a DNS request, possibly to your ISP's DNS servers. What are ISPs being asked to save of these requests?
If you use a VPN connection (correctly), all your traffic goes through the VPN connection and is in general not visible to your ISP, except if your DNS requests are still pointed at your ISP, in which case they may be able to see what sites you are interested in.
> So if you go to www.nastysite.com and use https, the metadata would
> still show that you have had a session with that website.
>
> Correct?
>
> However, if you create a VPN first e.g. via tor, the fact that you have
> visited www.nastysite.com (using http or https) would not be visible in
> your metadata.
>
> Correct?
>
> Thanks.
>
> --
>
> Regards
> brd
>
> Bernard Robertson-Dunn
> Sydney Australia
> email: brd at iimetro.com.au
> web: www.drbrd.com
> web: www.problemsfirst.com
> Blog: www.problemsfirst.com/blog
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
--
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list