View Single Post
Old 7th March 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

You mentioned HTTPS protocol, paran0iaX. This uses SSL or TLS for encryption, and can be used with an unauthenticated browser -- and is most commonly used that way. SSL or TLS use a blend of random numbers and certificates for managing authentication and keys, and certification authorities to manage trust -- the latter limits (but does not eliminate) man-in-the-middle attack vectors.

Of course, in order to use HTTPS, both the browser and the server need to use it; most popular browsers do, of course, but webservers must be configured to do so in order for you to use it.

The encryption is limited to the content of the packets, not the packet headers ... so someone scanning the traffic will still see the IP addresses and port numbers of both end-points. This means that someone scanning your traffic will know that you (or someone in your dorm room) is downloading porn from a particular site. Even when using HTTPS, any unencrypted URLs on a protected page (such as embedded images) will not be encrypted and will be sent in the clear -- client browsers can pop up a warning, but many people disable the warning the first time it happens, and never know about it when it happens again.

HTTPS is not useful for general websurfing, and is of no help hiding you from the RIAA or MPAA when using bittorrent, either.
Reply With Quote