1. Forum
  2. DOVE-Net
  3. Debate

  • Re: bandwidth profiling

    From Khelair@VERT/TINFOIL to mark firestone on Wednesday, March 11, 2015 06:09:07
    Re: Re: CNN Breaking News
    By: mark firestone to KHELAIR on Wed Mar 11 2015 09:14:00

    I am interested. BTW, I'm also "The Doctor" on here... just so no one thinks I have TWO whole users... (:

    Gotcha. :)
    Well to explain a little bit more fully before I go on the duckduckgo search for some supporting articles, it has a lot to do with the exchange profiles between a couple of sites. Say, for instance, that you're communicating with facebook. That initial burst of information, to receive the login page, and then to send back credentials for verification, and the pauses/responses from your browser, etc, during login, are identifiable. Even if they don't necessarily pinpoint who you are or your credentials, they can pinpoint what you're doing. For instance, if you're connecting via 'tor', at the entry point they can see when a connection to log in to facebook goes, primarily based on the byte length of these transactions, provided they're not scrambled with enough other traffic.
    The same theory goes farther when you're logging in to other services, and there are ways (especially on e-commerce sites) that will pinpoint you to your real name if you try to use them too much even through a method like tor. Of course, if you're running a global entrypoint, or even mixing your traffic with sufficient other torified traffic, you're going to be a lot better off. The whole moral behind the story is that computers give us the power to compare average compression/noncompressed/encrypted (both ways) sizes of streams, compare them to the amount of bytes and response times of common servers, etc, and those features haven't gone unutilized. Just unsuspected by a lot of people. ;)
    First hit I've got is https://www.cert.org/flocon/2012/presentations/jones-from-bandwidth-to-beacon-d etection.pdf which seems to have a bit on the theory behind it, but isn't the layperson language kind of article that I was looking for. Let me know if this doesn't help and I'll talk to the guy that first exposed me to the article and see if I can find a little better something.
    Always wanted to meet the doctor, by the way. Any time you want to show off a tardis, I'll be more than happy to give you my coordinates. ;)

    ---
    Borg Burgers: We do it our way; your way is irrelevant.
    þ Synchronet þ Tinfoil Tetrahedron BBS telnet://tinfoil.synchro.net