DAITA: Defense Against AI-guided Traffic Analysis

greywolf0x1@lemmy.ml

cebbinghaus@lemmy.world

Once again mullvad proving they are the only good VPN

uranibaba@lemmy.world

OVPN.com ain't bad either.

seven_phone@lemmy.world

It will all end with us back on dialup speeds once the counter-DAITA throughput machine learning de-obfuscation analysis of defense against AI guided traffic analysis of proxy anomised packets starts. I think I might just read a book.

jet@hackertalks.com

Imagine a future where you and your VPN connection maintain 10mbps of constant, uniform traffic at all times. That solves the problem too, if the noise is aways high, you can't see the signal

seven_phone@lemmy.world

jet@hackertalks.com

Sure, but one of the benchmarks of a good cryptographic algorithm is to reduce the amount of meta information you can get from a random sampling. Most of the timing attacks are looking for traffic activity to pattern match ultimate source and receiver. If the encrypted tunnel is always exactly 10mbps of cryptographic traffic, then it would be much harder to identify

excessshiv@lemmy.dbzer0.com

If they provided port forwarding I would also use them...

yingwu@lemmy.dbzer0.com

If Mullvad only allowed port forwarding...

yingwu@lemmy.dbzer0.com

This is to be honest a huge barrier for me.

seven_phone@lemmy.world

Yes as with almost everything the ability to do a thing is just a function of how much you want to do it.

snotflickerman@lemmy.blahaj.zone

Hey they did support it until they were getting difficult legal requests because some users were abusing it, and getting turned away by different hosting providers.

They shut it down to protect the rest of us who use it without abusing it.

https://mullvad.net/en/blog/removing-the-support-for-forwarded-ports

Unfortunately port forwarding also allows avenues for abuse, which in some cases can result in a far worse experience for the majority of our users. Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.

The result is that it affects the majority of our users negatively, because they cannot use our service without having services being blocked.

I know the port forwarding thing can be a deal-breaker for some people, but it's not Mullvad's fault that they needed to remove this to be able to continue providing quality services for the rest of their customer base.

This is sadly one of those "this is why we can't have nice things" type deals because when enough people abuse it, it becomes a problem. I have no ill will towards Mullvad for taking it away when it became financially and legally foolish to continue doing so.

sturlabragason@lemmy.world

Agreed!

They have a “Why privacy matters!” guide I keep sending to people;

https://mullvad.net/en/why-privacy-matters

theimpressivex@lemm.ee

They did at one point, but they removed it due to constant abuse.

jimjam5@lemmy.world

Now I’m curious if the vpn I use will consider a similar approach going forward (PIA).

apex32@lemmy.world

How are other VPN services able to do port forwarding without having this problem?

sunzu2@thebrainbin.org

dependencyinjection@discuss.tchncs.de

What’s the benefit of port forwarding when using a VPN?

yingwu@lemmy.dbzer0.com

osrsneedsf2p@lemmy.ml

Seems like it will cost Mullvad more for bandwidth. Great feature overall, very similar to Monero's Dandelion++