[LINK] Brandis rushes to release telco metadata for civil proceedings

Frank O'Connor francisoconnor3 at bigpond.com
Fri Dec 23 10:49:34 AEDT 2016 

Sorry, fired that off before I replied.      :)

> On 23 Dec 2016, at 9:43 am, Christian Heinrich <christian.heinrich at cmlh.id.au> wrote:
> 
> 
> On Thu, Dec 22, 2016 at 5:48 PM, Jim Birch <planetjim at gmail.com> wrote:
>> The biggest user segment in Australia are people who want to access the
>> more extensive content on US Netflix, but there are other people who want
>> to hide their connections for various reasons.  In terms of metadata
>> collected by the Australian government, this should show a single encrypted
>> connection to single overseas ip address (which they may know as a vpn
>> provider) but not all the stuff you browse or access.
> 
> This is the core issue, their offering is for geolocation rather than privacy.
> 

I won’t go into the specific technicalities … BUT:

1. Establishing a connection between a server in Kazakhstan and a user in Australia, and

2. Repackaging the original HTTPS data packets, including the packet headers, and bundling them into new packets in a real time encrypted data stream, which are decryoted at the othe rend, have different IP and other packet header information assigned to make the requests/conduct the session

… does a heap to ensure a private connection.

The server at the other end takes over the TCP/IP application requests or data receipt (and remember TCP/IP is a stateless protocol … simply opening and closing connections to pass data) and repackages the results of same for transmission back to the user

And if you factor in ’double hop’ or even ‘triple hop’ VPN services …. where the connection is handled by two or three remote servers sequentially … and I can point you at any number of VPN services and servers that offer this extra level of security/tunnelling/concealment … you can factor in even grater levels of privacy.

The point is that the VPN server removes the initial IP address and origin identifying information as it reconstructs the packets so that it is effectively the client for the transaction, and then passes the network results back to the user at the other end of the data socket. And if that’s not concealing identity … then what is?

Just my 2 cents worth ...

More information about the Link mailing list