Jump to content
Not connected, Your IP: 54.234.233.157
bobber6

Dutch government’s new internet tap plans , worse than the NSA

Recommended Posts

The dutch government are planning to give their spy agencies the right to legally look into and record all communication methods, without need for a warrant.

The responsible minister said : "we do not intend to monitor all the AMSIX traffic all the time......

( AMS-IX (Amsterdam Internet Exchange ,one of the biggest in the world.)

this article points out some of the consequences.

 

Question to staff:

If this becomes law, what could this mean to vpn anonymity?

Air uses the dutch exchange , could the vpn encryption be compromised if all internet traffic will be siphoned off ?

Share this post


Link to post

Dutch government to press ahead with ‘Big Brother’ legislation

So , the news today is that this proposal will become law,

"The new rules will require telecom firms to record all communications routed through them which will then be collected and analysed. In effect, the security services will have access to all fixed link and internet traffic."

 

Staff , could you please reply ?

Share this post


Link to post
Guest

in_zps7ec6f4ad.gif

 

... for replies

Share this post


Link to post

EDRi-gram news.- FYI.

 

State of play of internet freedom in the Netherlands 

 

Dutch EDRi member Bits of Freedom is diligently watching a set of broad tendencies, such as the dominant positions of a handful of tech giants, the Internet of Things, and the idea that technology cannot be neutral. Bits of Freedom is also working hard to prevent the occurrence of a number of very real threats to your internet freedom. Here’s an update on three topics currently debated in the Netherlands.

 
 
 
Edit: Link Bits of Freedom.

I have nothing to hide, but that's nobody's business!

Our society is run by insane people for insane objectives. I think we're being run by maniacs for maniacal ends and I think I'm liable to be put away as insane for expressing that. That's what's insane about it.
John Lennon
The further a society drift from truth the more it will hate those that speak it.
George Orwell

Share this post


Link to post

it has been  nearly one month  since I asked staff  to reply.

I must say  I am disappointed with the lack of response.

The link from Snapz to the bits of Freedom article is revealing as well,

This bill will give the most far-reaching power to the intelligence and security services to tap citizens’ communications,

 

Anybody can be put under surveillance as soon as the Dutch secret service learns that they have previously been under surveillance by a foreign service, regardless of whether this person would be considered dangerous under Dutch law.

 

And some more VPN traffic related hacking powers they will get
 

The non-specific interception power includes mandatory cooperation from (to be selected categories of) “providers of communication services” — a term that is defined in a way that includes not only providers of public electronic communications networks and services, but also providers of closed networks, and includes telcos, access providers, hosting providers and website operators

 

I do realize it might be technically complicated to answer my question in detail, ( about the consequences this new law will have on our encrypted VPN traffic )  but nearly 4 weeks should be sufficient time to come up with some sort of reply.

Share this post


Link to post

A month is a long time to wait for an answer. All i wanted to know if it is now advisable to avoid Netherland servers - yes or no.

Share this post


Link to post

A month is a long time to wait for an answer. All i wanted to know if it is now advisable to avoid Netherland servers - yes or no.

It is probably not a simple yes or no , one third of air servers are located in the Netherlands..........

Share this post


Link to post

A month is a long time to wait for an answer. All i wanted to know if it is now advisable to avoid Netherland servers - yes or no.

First thing first, what made you think that the Dutch government, or any other one was not already spying on you in every way they can? Their word? Lol. You may as well ask the kid with chocolate on their hands and face if they stole your candy bar. They will likely say no and you would be just as foolish to believe them.

 

Even if they do everything in their power to break the encryption, they simply cannot. You have been lied to if you believe anyone can. Read this article about 128 bit AES and how long it would take to crack a single key.

http://www.eetimes.com/document.asp?doc_id=1279619

 

Now remember that if you take 128 bit and add one single bit to it, you just doubled the possible keys. But you can use 256 bit AES here. It would take trillions of years to break a single 256 bit AES key. And no, that is no exaggeration. If anything I am understating the difficulty.

 

*Edit* I wanted to clarify why I said trillions instead of many hundreds of trillions of years. Computers get faster and more capable as time goes on. And that is why I only estimate trillions of years. But the odds are Moore's Law will eventually break. (It already has, but many are still in denial and I do not want to fight over this.) Moore's Second Law is however quite true even today. (It is in the same link as the first one.)


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

Thanks for the post. Nice to know we have strong encryption in place when using Air that appears to be uncrackable and secure.

Share this post


Link to post

Just how big is the number of the possible keys in AES 256? It is 1.1 * 10^78. And for those of you that do not understand the "power of" symbol I just used there, let me show you the long form.

110,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000. No, there are no typos here. That gobbledygook number is the total number of keys in 256 bit AES. And on average you have to try half of them each and every time you attempt to guess the key. So to do this even once would take far more time than anyone reading this will live, and in fact it is highly unlikely that the English language will even exist if it was ever accomplished. Hell, our sun will have burned out billions of years before then. And that is just to guess one single key.

 

AirVPN forces PFS (Perfect Forward Secrecy) every hour, so even if someone guessed your key a year or a million afterwards, it was only used for an hour. And then it was a whole new key.

 

Here is an off topic question for you guys (and gals). Why are we taught to count to ten on our fingers? Why not 1023? Yes, that is right. Using just ten digits and no fancy tricks you can easily count to 1023 and still have the option of zero. How do you do this? Simple. Count in binary.  Each digit is multiplicative. So your first digit is 1, the second is two, the third is four, the fourth is eight, the fifth is sixteen.

 

So how do you reach 23? (For example.) You use the fifth digit since it is the largest that will not exceed the goal of 23. Now the next largest that will not exceed 23 is the third digit counting four. That brings you to 20. Now just the first and second together make three, bringing you to the solution of 23.

 

Spend some time experimenting with this to understand binary and you will soon see how massive 256 bits truly is.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

There is a common misconception that you need to break encryption in order to tap traffic. This is not entirely true.

From the Snowden documents, it seems that at least in the UK and the US they keep connection states, which means

what source IP and port was connecting to a given destination IP and port.

 

Just one example how things are effectively done without cracking encryption:

https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/

 

Sooner or later more governments will start doing the same. As always, if you are a government target, a VPN alone is not enough,

there are different approaches for that, compartment of your work environment with Tor and multiple VPNs.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

There is a common misconception that you need to break encryption in order to tap traffic. This is not entirely true.

From the Snowden documents, it seems that at least in the UK and the US they keep connection states, which means

what source IP and port was connecting to a given destination IP and port.

 

Just one example how things are effectively done without cracking encryption:

https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/

 

Sooner or later more governments will start doing the same. As always, if you are a government target, a VPN alone is not enough,

there are different approaches for that, compartment of your work environment with Tor and multiple VPNs.

I am not sure I can agree with your statements here. If the encryption holds, the user does not use cookies or disclose information freely, and the site(s) in question do not utilize triangulation to determine where you are then you are entirely free of any and all spying.

 

"what source IP and port was connecting to a given destination IP and port" is irrelevant when you connect to the VPN.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

 

A month is a long time to wait for an answer. All i wanted to know if it is now advisable to avoid Netherland servers - yes or no.

First thing first, what made you think that the Dutch government, or any other one was not already spying on you in every way they can?

I am not so naive no ,but once they get the legal right to do so things do change ;for one  , they can take you to court ; (copyright holders anyone ?)

Anyway i was just curious to hear what Air staff has to say about this.

You have been lied to if you believe anyone can decrypt vpn

Thanks , but again, i'd like to get answers from the horses mouth so to speak.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...