On 10/04/2016 08:20 PM, Eric Oyen wrote:
actually,Yes, SSL was born as a tunnel between your client and a service provider server for that reason, far different from vpn though. Problem is it's becoming increasingly easy to trick and/or program clients to overlook the fact that there is a man in the middle attack in progress on that session. Sometimes nefariously, sometimes legitimately as part of the service delivery path of said service or given employer. No one really does certificate validation and authentication on public-ish services, and most times even private *secure* ones, so the value of ssl without validation atop it is pretty useless. Better than nothing and secure in theory.
there are other reasons for using an encrypted tunnel besides bit torrent. How about secure banking? or perhaps secure purchasing? mayhap even more secure email access.
A vpn though, something like ipsec or openvpn would only be used in such cases if you were going to join your work or hosted services network, not so much to google for gmail security or buying on ebay with paypal. A vpn to egress another country does nothing but play hide and seek for anonymity, .govs (now multiple) will just mitm the session anyways, or save it later when they can decrypt it.
And yes, if there is a torrent I want to get (and it is perfectly legal too), I don't want my ISP pulling bandwidth throttling or bitching at me for supposedly downloading copyrighted materials when they aren't (yes, I have had this actually happen).This is why I've considered routing all my traffic out over vpn, but real usage is pretty miserable doing that even for just http traffic usage let alone more real-time protocols. I can use torbrowser with the vpn proxy for anything I want to keep more anonymized.
-eric
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss