it was easier for botler since it send requests to all users of the channel. Detecting bits that simply sit there and monitor all data might be harder. Although this might be a violation of the TOS on some networks.
I've been wondering the same thing. But would it be so hard to detect? Presumably the information would have to be sent to some server sometime. While I personally don't really monitor outgoing traffic, I think some people do. So they should have noticed something by now?
There are possible ways to mask that, though they'd likely still draw attention.
Assuming that any given endpoint was already a surveillance target, the advantage here is that the traffic cannot be used (or is less readily used) to determine contacts -- who's talking to whom.
even better, but I know there were huge efforts to detect these type of transmission and block them entirely. If you're with comcast you probably know about it. Many providers use deep-packet inspection now! :(
The point still stands. The server can use any number of heuristics to try and figure out traffic source but (1) it is still an approximation, since they can all be spoofed, and (2) the more strict you make the detection logic, the more regular users are affected as well.
This is true, but the connection request only comes on one channel.
The sniffer can be set up to follow an advertiser though, which makes it jump to the next channel in the sequence as soon as the time window for sending a connection request after the advertisment is gone. It picks up connection requests virtually every time in this mode.
Both this and encrypted communication interpretation works a lot better than the commenter above you claims. They've either not tried this sniffer, and are only making claims based on assumptions, or they haven't learned how to use it properly.
It's definitely not as good as commercial sniffer hardware, but it's perfectly fine 90% of the time, and the price is two to three orders of magnitude lower.
If you're not actively targeted, it's much less likely they're logging all of your traffic (or even new TCP connections or UDP 'connections') as it's expensive to do that for every customer in a non-sampled manner (like with Netflow).
May be somewhat of a philosophical argument if you are limiting it to viewing the content of packets. However, there is still a ton of data that can be leaked that could be considered sensitive - volume of transactions, where they are routing from/to, the frequency distribution of that volume. Also, there is also the possibility for manipulation of transmissions - blocking/dropping them altogether causing service outages/censorship, delay/deprioritization that could affect markets, etc. At the nation-state level, this provides a lot of useful opportunities for bad actors.
I understand their motivation as sending traffic that is expected to be secure to the wrong person is worse than knowing ones traffic is visible to all hops.
So his device basically detects any "peer-to-peer-like" traffic, regardless of protocol, and caps it, simply because there's a lot of it?
How is this fundamentally different from the current, pretty-clearly-evil techniques employed by ISPs like Comcast to look inside customers' packets and make value judgments about them? I admit I don't know exactly what the device in question does, but how is this possibly a good thing for the Internet at large?
doesn't this just solve a piece of the mess? it is the communications channels being monitored, so email, chats, voip, whatever messages would still be easily tapped into.
they control the pipes, the endpoints do not matter much.
They are allowed to look into the traffic only as much as they need to in order to maintain quality service. They notice stuff like botnets and piracy because both of these activities have the potential to generate abnormal amounts of traffic. Another reason they are likely to notice these things is because a third party will often notify them about the activity. They would have to monitor your connection/activity in a way that's highly unethical and possibly illegal in order to detect anything that isn't overly noisy.
And yet a number of recent privacy breaches where apps were collecting and transmitting data they had no business in were discovered by sniffing the traffic.
> Every time somebody tries to get fancy and _think_ about the bits inside the packets their network is supposed to be moving they screw up.
How do you propose we do security otherwise? (Apart from delegating it to other parties so they think about the bits)
reply