News - Privacy Alert: ITU secretly approves Deep Packet Inspection
Quote:
Standard even includes provision for decrypting encrypted traffic.
Read more.
Re: News - Privacy Alert: ITU secretly approves Deep Packet Inspection
Quote:
The standard even includes provision for bypassing encryption, by allowing the capture of exchanged keys.
That's not how asymmetric key encryption works, knowing the public key doesn't help you at all. The session key is encrypted by said public key so can only be read by the private key holder i.e. the website.
Re: News - Privacy Alert: ITU secretly approves Deep Packet Inspection
Quote:
Originally Posted by
watercooled
Quote:
The standard even includes provision for bypassing encryption, by allowing the capture of exchanged keys.
That's not how asymmetric key encryption works, knowing the public key doesn't help you at all. The session key is encrypted by said public key so can only be read by the private key holder i.e. the website.
I was about to say the same thing. It's no good without the private keys. I've even had to explain this to fellow sysadmins before when they sent me an SSL certificate to use on a site and refused to handover the private key... because it was private. Facepalm.
Re: News - Privacy Alert: ITU secretly approves Deep Packet Inspection
This is a pretty interesting explanation on why it will not work if you have strong enough encryption...
Skip to 2:30, http://www.youtube.com/watch?v=YEBfamv-_do
Re: News - Privacy Alert: ITU secretly approves Deep Packet Inspection
Quote:
Originally Posted by
watercooled
That's not how asymmetric key encryption works, knowing the public key doesn't help you at all. The session key is encrypted by said public key so can only be read by the private key holder i.e. the website.
+1 :) sounds like we need to post the whole Alice and brian with the message in the locked box and a pair of padlocks :)
even if you can see the padlocks you dont have the keys!
Re: News - Privacy Alert: ITU secretly approves Deep Packet Inspection
Yeah, so it turns out that in this case Mallory is an idiot.
Re: News - Privacy Alert: ITU secretly approves Deep Packet Inspection
From ITU website:
Quote:
WCIT 2012, Dubai, United Arab Emirates, 3-14 December 2012:
Conference sends strong signal affirming right to freedom of expression online
The World Conference on International Telecommunications on 4 December supported the importance of Article 19 of the Universal Declaration of Human Rights, affirming the right of all people to freedom of opinion and expression...
Just look at how these morons patronize us... Of course, this begs the question who these clowns think they are and why would they think we need them to affirm any of our basic human rights?
Quote:
Tunisia’s proposal to include in Article 1 of the International Telecommunication Regulations (ITRs) an explicit reference to the right to freedom of opinion and expression generated some debate.
Yeah, right. Tunisia! Of all the world's 'leading democracies'...!!! If they'd actually have two brain cells to share between them, they would've noticed even the name 'International Telecommunication Regulations' sounds overly ambitious at the very least, if not plain daft and offensive to the rest of humanity, and that they won't move past discussing possible article 1 until they realize that.
I wonder how much do these pointless conferences cost us, and if we could save a pretty penny by executing the Douglas Adams plan before they held another?