Winston Privacy Device - Which Technology?
-
Reimplementing TOR is also likely to be a questionable tactic from a legal standpoint if not a bandwidth consumption one. If Customer A performs illegal activity over this mesh which exits Customer B's device, and LEOs track it to Customer B, what happens? It may not be traceable back to Customer A, but who knows what they would decide to do with Customer B.
With TOR, the end user has to make a conscious decision to become an exit node, along with whatever potential legal liability that may bring in the future. With this, it's baked in, and with it targeting lower-knowedge end users, customers may not fully realize what they are getting themselves into.
-
Funny you should mention that. After running a Tor exit node for the past couple of years, I shut mine down permanently last weekend after getting fed up with the constant ToS violation emails from my VPS host and having to respond to a never-ending series of support agents, each more clueless than the last.
They would cut off my access and then force me to do this ridiculous dance with their support, where they provide me with no data whatsoever about who complained and then demand to know what action I will take to prevent these in the future. I would then explain that I run a Tor exit node and that they haven't given me anything to work with so there is nothing I can do. After several hours, they restore my access - only to have them yank it again a few days later with the same issue and a new clueless support agent who doesn't even have the sense to check the customer's history. Repeat ad nauseum for years.
I finally gave up. Thanks for the t-shirt though.
Back to Winston, he did say that only small packets are routed through their network while data went direct so that may or may not affect who gets blamed for criminal activity.
-
And what ISPs are these low tech targeted users of yours on - most if not all of them have antishare AUP in place..
Here this is comcast's wording
"use or run dedicated, stand-alone equipment or servers from the Premises that provide networkcontent or any other services to anyone outside of your Premises local area network"cox
"ou may not resell the Service or otherwise make the Service available for use to persons outside your dwelling (for example, through an open wireless home network)."AT&T
" For example, you agree that the Service is not to be used to trunk or facilitate public internet access ("hotspots") or any other public use of the Service, or for any high-volume purpose. All aspects of the Service, except that portion provided by third party providers, is copyrighted and property of AT&T."Pretty much residential ISP in the US is going to have a sim wording in their AUP.. Let alone all the other stuff that falls into the AUP that might be done but traffic your routing through their connection. Which they would be responsible for.
-
So why not use TOR and communicate it? Why use something new?
Great question. When we were first researching the market opportunity, we surveyed and interviewed over 1,000 potential buyers. We learned that few had ever used Tor and those who did typically stopped using it, citing performance or other inconveniences.
Further research indicated that the prevailing privacy model was built around the use case of spies or hiding criminal activity, much like a chain (ie: break one link, and the whole thing falls apart). What we discovered was that a new "consumer model" of privacy had emerged. This model is more like death-by-a-thousand-cuts, in which one incrementally gives up a huge amount of data about themselves every time they go online.
The privacy violators exploit this laziness on the part of the user, so our insight was that we wanted to turn that around as a kind of Jiu Jitsu. Our thinking is that if we can lower the bar and allow for effective privacy tools to exist with the common everyday browsers and apps that people are accustomed to using, then it would benefit a larger audience.
why did the techniques you adapted or built again (AFAIR) need another go? Why not implement e.g. TOR as your routing/vpn/mesh solution?
Tor is slow and overkill for people who have nothing to hide. Winston is not optimized to shield criminal activity, it is optimized for speed and convenience.
With your new mesh I'm in fear of: "Huh, are there even enough customers later, that you actually DO have a critical mass to route/mesh with to gain the privacy you say?"
That's based on the misunderstanding that IP address alone is sufficient to track users. It is an important source of information entropy which trackers exploit and so we should block it. But IMO it is not the most important one. In any case, as few as 30 nodes in a geographic region provides strong protection here because it invalidates the assumption that a single IP represents at most a related cluster of people.
-
most if not all of them have antishare AUP in place..
My understanding is that ISPs do that because of file sharing and freeloading. Traffic injection is a powerful security benefit and they do recognize that.
Case in point, we're actually in discussions with two major ISPs now about resale partnerships. I would not want to mislead anyone and suggest that ISPs care so much about their users' privacy based on principle, but offering a free market solution to the small percentage of customers who care enough to take advantage of it is a strong response to the Federal pressure these ISPs are under right now.
-
@KOM said in Winston Privacy Device - Which Technology?:
Back to Winston, he did say that only small packets are routed through their network while data went direct so that may or may not affect who gets blamed for criminal activity.
Correct. Large data transfers continue to take place over local transports, not p2p. If customers are worried about this aspect, we do allow them to switch off p2p routing and make use of the other privacy protections only (which are not weak, by any means).
I am curious if anyone has suggestions that are not as "all-or-nothing" as this. For instance, we have been talking about the possibility of allowing users to specify sharing policies (and shipping with thoughtful default ones), such as streaming, pornography, illegal content and other blocklists.
Another highly requested feature is to allow users to set up their own private named networks that they can share with friends and family only.
Still another is the ability to dial down the amount of traffic sent out on the network and take advantage of traffic shaping (one research study I've read indicated that as little as 3% false traffic is sufficient to hinder IoT device identification).
I appreciate the thoughtful discussion!
-
There is what you think the AUP says and what they care about, and what it says... And what the ISP can do to their users - like just freaking kill their service when they see 1 users overall usage jump up because they are routing other traffic over their connection.
Or some other "privicacy device" does something against users ISP AUP and the ISP cracks the whip on the user, etc..
Once you have the OK from the isp to do what your doing, then you can hawk you boxes to those users... But until then... Its sure could be a huge disaster for a lot of users..
And targeting "non tech" users makes it worse if you ask me... Atleast if the person is technical they understand what they are doing - and what it means, etc. like running a tor exit node... Billy bob facebook user is not going to run a tor exit node out of the blue... But grandma could for sure buy your box and plug it in it seems ;) Or atleast that is your goal?
-
We are in active discussions with two ISPs. There is strong interest in reseller partnerships and my personal experience has been that they want to be perceived as being any more anti-privacy than is already the case.
We have been using the device internally for about 17 months and have had quite a few field units out there since September (8 months) with zero reported issues from ISPs. That should perhaps be expected, given that it's impossible to discern the source of specific traffic.
-
@WinstonPrivacy said in Winston Privacy Device - Which Technology?:
few field units out there since September
There is a huge difference between a few in the field and 1,000 if not 10's of Ks of them on a ISP network that figures it out and gets freaking pissed ;)
You want to hawk your "security" box to the masses that don't understand it that is fine - route their traffic to your network..
But meshing these things and routing billy's traffic over karen's connection is BAD JUJU just waiting to hit the fan if you ask me.. Especially first time kevin moves any sort of kiddy you know what about thinking he is "safe" behind your security device..
given that it's impossible to discern the source of specific traffic.
Any ISP can for sure tell that billy is going to alot of crazy places for a home of 2 people ;) And can for sure tell something is up and take a closer look when lets say 1000 of their users usage just went up by 30% and is just all over the place vs just karen's typical streaming netflix usage..
So how is you state
As an example, let's say your iSP wants to record your internet activity (most do)
But then you say you have ISP that are saying it going to be ok to put these boxes on their network - which will prevent them from tracking their own users..
-
Any chance we can get instructions how to load PfSense onto the HW we purchased?
-
Um..... that seems very unlikely? Especially since reading back they are using ARM (MIPS?).
Just a spam comment 2 years later?
-
-
@stephenw10 Woot
-
-
@jwt It was more the non standard ARM hardware
-
@stephenw10 man you need to update your support contract ;) its expiring soon..
-
@nogbadthebad itβs not that different from the 1100β¦
-
@kom Check out iot inspector to see what lurks in your home https://inspector.engineering.nyu.edu/
-
@parry said in Winston Privacy Device - Which Technology?:
https://inspector.engineering.nyu.edu/
Not a fan of doing arp spoofing.. The tool might be the greatest thing since sliced bread for collecting info.. But arp spoofing to get devices to send traffic to some device on your network other than where it should go could be seen as "bad" as well.
Why can not not just take a sniff of their traffic and load it into the tool? Is that an option? I don't see it anywhere. I also see that the linux version was suppose to be ready back in may of 2020, covid kill work on this project?
Or better yet ability to do a span port and let the tool see all the traffic, without having to spoof any macs..
-
@johnpoz
Hey John, you ever worked at a University ;) Er nothing is quite as fast as you want it to be. I agree some of that stuff needs to be updated, but if you like shoot him a note about your ideas. These folks actually listen to others. Ironically there is a company in Germany called IoT Inspector https://www.iot-inspector.com/ that has absolutely nothing to do with the academic work.