you guys realize if you're using some kind of encrypted

>>56933652
> you guys realize if you're using some kind of encrypted shit like tor or https your isp can still see everything you are doing if they want

Explain?

ur dumb

that is all

>>56933652
no, they only can see that you're using it but not the encrypted data itself.

>>56933652
There isn't one.

People complaining about privacy online are idiots

you guys realize if you're using some kind of lock on your door the thieves can still break in if they want

so what's the point?

>>56933679
By putting more locks on the door, you're telling thieves how much more valuable your shit is compared to the neighbors.

All they can see is what servers you connect to

>>56933679
Damn those thieves must be maths geniuses with supercomputers.

>>56933696
So what you understood is that the problem is with the conspicuousness of locks, not with the fact that there thieves, eh?

Interesting mindset.

>>56933679
God this is bad.

ISPs can't "break in" to the "locks".

It's encryption. The ISPs can't break into shit.

you guys realize OP is a fag your isp can still see everything you are doing if they want

>>56933716
There will always be thieves and poor people, best defence is security through obscurity. If you don't show that you have anything worth taking then why would they single you out?

>>56933750
You're now arguing a different point. We are not talking about being singled out because of appearances, we are discussing whether or not ISP's have the power to break encrypted packets mid stream.

Thanks for playing.

>>56933750
>best defence is security through obscurity
Security through obscurity is not security at all. It is just naivete.

>>56933764
They don't have to, they can just give the data to the NSA who should be easily capable of doing so.

>>56933773
Not an argument.

>>56933789
>Not an argument.
Kill yourself.

>>56933789
So, we have gone from "your ISP can see through your shit" to "Your ISP can give it to the NSA.. because reasons.."

No really, you've been great.

>>56933789
>Not an argument.
Of course. OP's "they can take what they want, so let us just give up and surrender" is an argument, but "security through obscurity is not security" is not an argument.

>Security by obscurity is discouraged and not recommended by standards bodies. The National Institute of Standards and Technology (NIST) in the United States specifically recommends against this practice: "System security should not depend on the secrecy of the implementation or its components."

>>56933821
Irrelevant.

>>56933842
>Irrelevant.
Not an argument.

File: IMG_20161005_214643_235.jpg (130KB, 1080x884px) Image search: [Google]

130KB, 1080x884px

>>56933821
Never said the op was an argument either.

File: man_in_the_middle_attack_cartoon.png (31KB, 924x907px)

31KB, 924x907px

>>56933663
>>56933701

>>56933764
How can you actually protect from ISP's breaking encrypted packets?

>>56933894
You should read up on what diffie helmann is, retard.

>>56933924
By encrypting them.
Seriously nigga this is a solved fucking problem.

>>56933932
I mean other then using HTTPS.

>>56933952
Encrypt it some other way. For example, throw it into a AES-256 encrypted container and send that, giving the other party the password outside of monitored communications. Like snail mail, or in person.

Diffie hellmann solves this problem with the need to have a secure line of communication to share passwords hence why it is used in HTTPS.

>>56933652
This is fal... umm... this depends on how well the server is configured.
What they know for certain is what sites you connect to, since your DNS queries are most likely unencrypted and they certainly need to know the IP of the server you're connected to.
However if the server on the other side is properly secured (that is it doesn't reuse a common set of Diffie-Hellman parameters) then even intercepting all communication between you and the server doesn't allow the ISP to decode any data in a reasonable amount of time*.

>>56933894
To pull off a man-in-the-middle attack you need to create a full reverse-proxy. That part is simple. The difficult part is creating a trusted TLS certificate for that proxy. So it has to be signed by a known trusted CA (Certificate Authority). The whole point of the trusted CAs is to make this kind of an attack difficult. Last time I checked, ISPs aren't on the trusted CA list. And even if they were, pulling off a stunt like this is the fastest way to get your status as a trusted CA revoked.

*EVERYTHING can be decrypted given enough time. All we can do is ensure that time is measured in years or centuries, not in miliseconds.

>>56933894

You need to leave the basement and learn the bare minimal about security before posting shit made by people that know even less that you.

>Diffie hellman
>SSL authentication or how they prevent mitm attacks.

You ISP is not nsa idiot.

>>56934209
How much personal information are ISPs capable of gathering in your opinion?

>>56934337
Anything that's in the contract you had to sign in order to get their service.
Other than that anything that's sent over unsecured connection. However this implies they have the capability of monitoring and filtering massive amounts of data not based on the TCP header but based on the contents. They're more likely to inject additional ads into a page than store the pages contents.
Frankly it's much easier for facebook and google to get your personal information as it's presented to them in a format much easier to parse.

>>56934389
Changing the DNS server to OpenNIC would be beneficial too, right?

>>56933660
He's trolling to get {You)'s.

>>56933652
Who is this hot bitch?

>>56933652
I really hope this is bait.