I was wondering if a VPN would add any kind of security or privacy if one is connecting to a host with a client/browser that supports DNS over HTTPS and that host supports encrypted client hello. Is there a way for the ISP or anything in between to shape traffic or even know what is being accessed? The only thing that should be visible is traffic between two IP addresses right?

  • joaojeronimo@feddit.nlOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    But how easy is it to actually make up what’s going through a socket? If my ISP sees 1TB of data being continuously downloaded (from another IP address that they don’t already know what its usually involved with) maybe I’m downloading some illegal movies, maybe I’m retrieving a hard drive backup, right?

    Torrent traffic that doesn’t go through a VPN is probably easy to make up, it’s tons of packets from 50+ addresses, but if it’s a Usenet download from one address, or SSH traffic from a seedbox, that should be more complicated to figure out right?

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      It’s unlikely anyone is going to do traffic analysis to catch piracy.

      Whistle blowing, human rights reporting, political opposition gets the traffic analysis heuristic identification attack.