If all traffic went trough https, would your isp still be capable of seeing the information? could they intercept the handshake for https?
>>55373093
>If all traffic went trough https, would your isp still be capable of seeing the information?
Probably not.
>Could they intercept the handshake for https?
Probably not.
The government on the other hand can do both.
No. Only if they manage to get a valid certificate singed for the website you're visiting they could man in the middle you (if the cert is invalid your browser will warn you).
>>55373138
>>55373139
Is this why 38 said the government can do both?
(thanks for your replies)
>>55373093
no, unless the site was signed by a compromised certificate authority.
all they would see would be ip addresses of the websites you visit
dont tell me we are starting to do the mistrusting your ISP thing i dont think i have the energy to deal with that level of stupid
>>55374009
and the all dns traffic
>>55374022
you should always assume your isp is compromised - what's the harm in that?
>>55373138
The isp no. They need the private certs. Governments are rabid for private certs.
>>55374078
>compromised
see this is what i mean i cant deal with this its enough to make me want to kill puppies
YOU ARE NOT IN ANY KIND OF COMPRESSIBLE POSITION YOUR ISP JUST WANTS YOUR MONEY THAT IS ALL THEY CARE ABOUT
>>55374140
you should always assume your isp is compromised - what's the harm in that?
>>55374140
this. snitching on customers is bad for business.
>>55374182
it make you look like a paranoid idiot who is up to something thats the harm in it
The entire fucking point of https is that the information is encrypted
>>55374195
so when you use https for your online banking should we assume you're "up to someting", since plain http would suffice - your isp won't spy on you in your world.
>>55374140
This 99% isp's want moonies.
>buy product
>forced upgrade to b8 costumers to latest and greatest
>"give us moonies it's now pay to play"
The greatest "services" con in history.
>>55374140
Your ISP is compromised. THEY don't care about you, which is why they'd rather let the NSA have their way with your data than face national security charges
>>55374246
>Notify me three more times
lel
>>55374195
>it make you look like a
but since you claim they don't monitor the traffic, no one will actually see that it looks suspicious. so which one is it?
>>55374243
no that is a perfectly fine use for HTTPS but using it all the time is just idiotic
>>55374248
>your ISP would rather stay in buisness and not break the law
no shit? this makes perfect sense your ISP is not some political rebel they are a government accredited business who must follow the law even if the law is scummy
>>55374140
You are completely fucking retarded. Some ISPs now maintain a secondary revenue stream in Big Data, and almost all of them have a long history of bending over for any and all law enforcement.
Does 'Room 641a' mean anything to you? Because it should, if you're going to say anything about this topic ever.
>>55374341
>no that is a perfectly fine use for HTTPS but using it all the time is just idiotic
why?
if you claim they don't monitor your traffic - then use http everywhere
if they monitor and you need to protect your banking data from them by https why not everything else as well?
as far as your "argument" goes my point still stands
you should always assume your isp is compromised
>>55374367
>bending over for any and all law enforcment
yes because they HAVE TOO if you are doing something that illegal that law enforcement is asking your ISP about it of course they are going to give up any and all information they havei think thew answer here is not to do illegal thingfs in the first place or is that too hard for you criminal?
>>55374385
because there are people besides your ISP that might want your banking info?
>>55374428
The FBI should use Room 641a against you, man, because you are just criminally stupid. If the last ten years have proved anything, it's that you don't need to do anything wrong to end up on watch lists and/or have your data mined by intelligence agencies.
Congratulations, this might be the worst argument I've ever heard on 4chan, which is the rough equivalent of being a 500-pound kid at fat camp.
>>55374428
>because there are people besides your ISP that might want your banking info?
and they should have access to my browsing info? some of which has my telephone, address, names of friends, relatives, habits, schedule, etc...? even looking for tickets can give someone you mentioned a hint that my house will be empty at particular time.
look you made a mistake way up there in the thread and now you're just trying to win an argument just for the sake of it, so you don't look like a fool. but you do for sticking with it actually.
the point still stands - you should always assume your isp is compromised
>>55374536
do you honestly think everyone on the planet is out to get you? are you one of those people that fly the rebel flag and think that black people should still be enslaved? stop inconveniencing yourself over paranoia
>>55374477
wow the FBI is sure busy tracking a random loser from 4chan
>>55374594
Intelligence agencies mine literally all data from literally all people, you unwashed troglodyte. Have you been living under a rock since before Snowden? It's a matter of public record at this point.
>>55374594
>do you honestly think everyone on the planet is out to get you?
if no one is intercepting the traffic what do you care what format it is in?
I won't even comment on the rest of that entry.
not only you did not present a coherent argument you actually managed to dig yourself deeper. I see no point in discussing it further with someone having cognitive dissonance.
for the rest of you - assume your isp is compromised - there is no harm in it and maybe even once in a million it may save you some trouble.
The ISP still see the DNS requests if you don't use your own DNS server
>>55374299
I like you.
I like Nala..
>>55374594
>are you one of those people that fly the rebel flag and think that black people should still be enslaved?
How the hell did you jump to this conclusion? Someone that says they want freedom online probably wants freedom IRL too and therefore probably isn't in favor of slavery.
Serverowner can clearly see what you requested in clear fucking format (at least I can on apache2 for my clients). I see their ip, their full url request, everything. If the gov asked me "hey what did this ip do" I could give them the logs. ISPs see the domainname.domainending and that is all. Well put one and one together.
>>55374230
but the isp can see which sites you visit, right?
>>55374009
They would see the domain name and subdomain, those are sent in the clear.
For example, opening this thread would send 'boards.4chan.org' in the clear during the handshake.
>>55376018
>>55376129
They can, by way of seeing the IPs you're connecting to. They can't see the URL you're connecting to.
>>55375011
sure but with ssl they wouldnt see anything but 4chan.org, i.e they wont see this threads title
>>55373093
Nigger do more than that to avoid being tracked
Free software operating system and firmware this includes libreboot, spoof fonts for each connection made, self drstricting cookies, use a DNS server that won't track your shit, disable scripts and most elements, encrypt your hard drive, desoder your microphone and webcam, use free firmware for router and such, use a VPN, use a means to see if your computer was opened and tampered with, search for bugs, setup a means to destroy your computer if needed. Don't be retarded, never use same usernames or passwords, use different word choices and such depending on your sites, hell use browsers in virtual machines. never use social media, never buy online.
Even then you are probably not safe
>>55377436
This is just what to do to start of course
You'll have to do much more to have even a small sense of security
>>55377436
Or we could just move to the mountains and not have electric and internet. Never can be too careful, anon
>>55377672
I am tempted to honestly
>>55373093
The data, no, not without an MITM which risks a visible warning, even with a valid certificate, because of certificate pinning on major sites with CT telemetry or HPKP.
The metadata, yes. ClientHello and ServerHello are in the clear in current TLS versions. Not so in TLS 1.3.
(Disclaimer: I'm on the IETF TLS WG)
>>55377353
they can't see the full url, but as >>55376185
said, they can see the whole domain.
>>55373139
just accept the certificate, bro.
Actually what this shit about "use other dns". Even if you use other dns, your request goes at least once through the nearest routingserver from your isp.
>>55378190
just get a direct connection to your nearest internet exchange point and get rid of any isp
????
profit
>>55373093
no and no. If the CA is controlled by the government, the government can do MITM though.
