Yeah I don’t buy it.
Instead of tapping individual connections, you now only have to tap the traffic to/from the VPNs exit nodes. Then you correlate incoming packets with outgoing packets (e.g. based on size, timing, etc) and you know the origin of the traffic.
Bonus is that it acts as a filter, people using a VPN want to hide their traffic so you specifically want to watch those people.
themoonisacheese@sh.itjust.works 1 year ago
…they can’t really? Only the domain name is visible to the ISP, and criminals are either stopped by https or won’t care about a VPN.
m_f@midwest.social 1 year ago
Everything’s visible for HTTP, and in fact some ISPs inject their own ads into HTTP content. HTTPS is harder for malicious actors, but your ISP can tell when you’re visiting pornhub.com, and will happily provide that to the government. With encrypted SNI it’s somewhat harder, but if you’re visiting an IP address of 1.2.3.4, and that IP address is solely used by pornhub.com, it’s not hard to guess what you’re up to.
themoonisacheese@sh.itjust.works 1 year ago
Yes, I’m aware. IP addresses are come colocated to hell and back, and every site uses https. I’m sure your ISP is getting some real interesting data watching you visit the same 4 sites.
Tuss@lemmy.world 1 year ago
Not all isps are bad.
Mine have their own free vpn service which encrypts all traffic and hides your IP. So even if the government want anything on you they can’t give it to them.
On top of that they are notorious for not giving the government anything. They also have competitive pricing.