Melon Farmers Original Version

Tech News


Latest

 2007   2008   2009   2010   2011   2012   2013   2014   2015   2016   2017   2018   2019   2020   Latest 

 

These protocols must be effective then...

Chinese national firewall blocks https when used with TLS 1.3 and Encrypted SNI.


Link Here9th August 2020
Full story: Internet Censorship in China 2020s...A new decade of Chinese internet censorship
The Chinese government has deployed an update to its national firewall, to block encrypted HTTPS connections that are being set up using the latest internet standards for encryption.

The ban has been in place since the end of July, according to a joint report published this week by three organizations tracking Chinese censorship -- iYouPort , the University of Maryland , and the Great Firewall Report.

In particular China is now blocking HTTPS+TLS1.3+ESNI.

TLS 1.3 is the latest encryption standard that can be used to implement https. Server Name Indication is used to specify which website is required when several websites are hosted using the same I address. By default it is unencrypted letting ISPs and snoopers know which website is being accessed even when using https. ESNI (Encrypted Server Name Indication) closes this loophole.

Other HTTPS traffic is still allowed through the Great Firewall, if it uses older versions of the same protocols -- such as TLS 1.1 or 1.2, or SNI (Server Name Indication). This rather suggests that these old encryption standards are now compromised.

Per the findings of the joint report, the Chinese government is currently dropping all HTTPS traffic where TLS 1.3 and ESNI are used, and temporarily banning the IP addresses involved in the connection, for small intervals of time that can vary between two and three minutes.

Note also that this news about Chinese censorship probably informs us about snooping capabilities in the UK. Presumably GCHQ and UK ISPs would be similarly blinded by HTTPS+TLS1.3+ESNI, whilst still being able to block and snoop on older standards.

 

 

Ticking bomb...

Warning: TikTok steals your passwords as they are transfered from password manager to an app via the clipboard


Link Here29th June 2020

TikTok says it will stop accessing clipboard content on iOS devices

A beta feature on iOS 14 showed what the app was up to

See article from theverge.com

 

Update: Others too!

29th June 2020. See article from arstechnica.com

TikTok and 53 other iOS apps still snoop your sensitive clipboard data Passwords, bitcoin addresses, and anything else in clipboards are free for the taking.

See article from arstechnica.com

 

Update: India bans 59 Chinese snooping apps

29th June 2020. See article from financialexpress.com

The Government of India on Monday banned 59 Chinese apps including TikTok and UC Browser which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order, news agency ANI reported. Majority of these apps were recently red-flagged by intelligence agencies over concerns that they were collecting user data and possibly also sending them outside of the country's borders.

Among the apps that have been banned are Tik Tok, Sharit, Kwai, UC Browser, Baidu map, Shein, clash of Kings, DU battery saver, Helo, Likee, YouCam makeup, Mi Community, CM Browsers, Virus Cleaner, Apus Browser, among others.

 

 

Handing your ID over to the highest bidder...

A very technical, but very interesting article, about how ebay and 30,000 other website use very sneaky and well hidden scripts that can see through your VPN and obtain a fingerprint identification.


Link Here26th May 2020

 

 

 

Updated: China proposes a new internet protocol...

Inevitably with baked in state central control


Link Here24th April 2020

The Chinese government and the Chinese telecommunications companies such as Huawei under its control are proposing a New IP addressing system for the internet to replace TCP/IP. The New IP system includes top-down checks and balances and such features as a shut up command that would allow a central controller to stop packets from being received or sent by a target New IP address. The China led proposal was first unveiled at the International Telecommunications Union (ITU) meeting in September 2019. The associated power point presentation and formal proposal have been made available by Financial Times.

In it, the Chinese government and its state controlled telecommunications service and hardware providers (i.e. Huawei) make the case that TCP/IP is broken and won't scale for use in the future internet which will include things like holographs and space-terrestrial communications. China argues that these new technologies on the old system would require complex translators and increase the overall cost to society.

The New IP proposal admits that TCP/IP has achieved relatively good security. However, China feels that this is still far away from what we actually require in the future. If the security is admittedly relatively good, what could possibly be missing? Apparently, the answer to that question is trust. The proposal reads:

As universal connectivity develops, a better security and trust model need to be designed and deployed to provide a stable, trustworthy, and long-term environment for people to use.

Let's be clear: Trust should have no part in this. Especially this type of absolute trust in centralized institutions -- that have repeatedly proven to be unworthy of such trust -- which is exactly what China is trying to force down the internet world's throat. Let's not forget that China is the same country that already forces real name and identification to be tied to all internet or phone services and also runs a censorship campaign against the open internet so large that it's called the Great Firewall .

NATO report warns against China's New IP system and its proposed Splinternet

Oxford Information Labs (Oxil) has prepared a research report for the North Atlantic Treaty Organization (NATO) that does not look kindly on the New IP proposal or the breakneck pace that it is being rushed through the approval process. The report authors from Oxil spoke with and provided an advance copy of the NATO report to Infosecurity. Oxil summed up the problem with New IP concisely:

New IP would centralize control over the network into the hands of telecoms operators, all of which are either state run or state-controlled in China. So, internet infrastructure would become an arm of the Chinese state.

The New IP model also takes pot shots at current centralized parts of the internet, such as the Domain Name System (DNS), and offers Distributed Ledger Technology (DLT) solutions under the guise of promoting a Decentralized Internet Infrastructure (DII) to address them. While that may sound like the holy grail of blockchain technology and true decentralization that real public blockchain technologies such as Handshake provide, what is being proposed by China is absolutely not that. Oxil notes that the proposed DLTs would undoubtedly be under Chinese government control -- bringing about that call for trust again. Oxil explained to Infosecurity:

It is not uncommon for language of 'trust' to replace 'security' in Chinese DII-related discussions. This is concerning because it indicates that the principle of 'security by design' -- at least in the Western context -- is not being adopted in DII's development. In the long-term this could negatively impact cybersecurity globally.

It doesn't matter how distributed or decentralized parts of a protocol seem on the surface, if there is a centralized command at the top that can issue shut up commands to devices supposedly connected to an open internet -- said devices aren't actually connected to an open internet, are they.

China will move towards using New IP with or without ITU approval Huawei is apparently already building internet infrastructure that utilices New IP as opposed to TCP/IP with partner countries, likely in Africa. Besides that, the Chinese proposal for a more top-down controlled internet has also seen support from Russia, Saudi Arabia, and Iran. While Huawei claims that this is an open process, and is open to scientists and engineers worldwide to participate in and contribute to, the fact that nobody really knows what's going on besides those involved in the process is telling. Robert Clark writing for LightReading calls New IP Huawei's real threat to networking and describes the situation aptly:

Huawei's important additional role here is as the major supplier to telcos in many developing countries. It is these governments that are likely the biggest enthusiasts for a manageable Internet without being hectored by Western governments about openness and freedom. And Huawei staff are on hand to help them build it.

That is to say, Huawei is already going ahead and building New IP systems with shut up commands and all -- in effect creating the very network islands that they want to use as a reason that TCP/IP won't work. In reality, those seeking to expand network functionality to new types of devices and services such as holograms or satellite comms and more internet of things devices have all the incentive in the world to make something that works with the existing TCP/IP world. In contrast, China and other countries that do not want true freedom on the internet are all too eager to create a form of the internet that gives them ultimate, centralized control. That China is proffering this New IP model to the free world as an improvement should be expected, and thoroughly ignored and lambasted.

Update: Opposed by European internet industry

24th April 2020. See article from zdnet.com

Ripe is the Regional Internet Registry for Europe, the Middle East and parts of Central Asia. It allocates and registers blocks of Internet number resources to Internet service providers (ISPs) and other organisations. The RIPE NCC membership consists mainly of Internet service providers, telecommunication organisations and large corporations.

RIPE is opposing a proposal to remodel core internet protocols, a proposal backed by the Chinese government, Chinese telecoms, and Chinese networking equipment vendor Huawei.

Named New IP, this proposal consists of a revamped version of the TCP/IP standards to accommodate new technologies, a shutoff protocol to cut off misbehaving parts of the internet, and a new top-to-bottom governance model that centralizes the internet and puts it into the hands of a few crucial node operators.

The proposal received immediate criticism from the general public and privacy advocates due to its obvious attempt to hide internet censorship features behind a technical redesign of the TCP/IP protocol stack. Millions of eyebrows were raised when authoritarian countries like Iran, Russia, and Saudi Arabia expressed support for the proposal.

In a blog post this week, RIPE NCC, the regional Internet registry for Europe, West Asia, and the former USSR, formally expressed a public opinion against China New IP proposal. Marco Hogewoning, the current acting Manager Public Policy and Internet Governance at the RIPE NCC said:

Do we need New IP? I don't think we do. Although certain technical challenges exist with the current Internet model, I do not believe that we need a whole new architecture to address them.

Any endeavors to revamp internet protocols should be left to the Internet Engineering Task Force (IETF), the international body that has been in charge of defining internet standards for decades. Such issues should not be left to the ITU, which is the United Nation's telecommunications body, and an agency where political influence rules, rather than technically-sound arguments.

In addition, RIPE is also concerned with the attempt to change the internet's current decentralized nature.


 2007   2008   2009   2010   2011   2012   2013   2014   2015   2016   2017   2018   2019   2020   Latest 


 


 
TV  

Movies

Games

Internet
Advertising

Technology

Gambling

Food+Drink
Books

Music

Art

Stage

melonfarmers icon

Home

Top

Index

Links

Shop
 

UK

World

Media

Nutters

Liberty
 

Film Cuts

Cutting Edge

Information

Sex News

Sex Sells
 


Adult Store Reviews

Adult DVD & VoD

Adult Online Stores

New Releases/Offers

Latest Reviews

FAQ: Porn Legality

Sex Shops List

Lap Dancing List

Satellite X List

Sex Machines List

John Thomas Toys