Privacy

31921 readers

1008 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

166

The Next Generation of Cell-Site Simulators is Here. Here’s What We Know. (www.eff.org)

submitted 5 months ago by [email protected] to c/[email protected]

33 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 5 months ago (9 children)

Forgive my ignorance, but isn't preventing this type of man in the middle attack exactly what VPNs are for?

[–] [email protected] 10 points 5 months ago (8 children)

That's not how a VPN works. A VPN masks the information you are actually accessing by showing you query the VPN instead. To make a connection to a service you still need an address. This info is what they are using to identify your device.

Most traffic is already encrypted (httpS) so someone spying on you wouldn't know the content of your communication only who you contact. But without a VPN a man in the Middle could see who you are contacting. E.g. looking up pornhub. With the VPN it only shows you looking up the VPN.

[–] [email protected] 6 points 5 months ago (7 children)

Right, that's what I understood. So using a VPN, a CSS will be able to identify that my phone is active, but not the content I'm accessing, or who I am accessing it from, correct?

The previous comment said VPNs do nothing against this type of attack- were they just referring to identifying your device?

[–] [email protected] 0 points 5 months ago (1 children)

CSS wouldn't be used to spy on your network traffic; if they wanted your internet data, they'd have much simpler methods to collect it than CSS (and they wouldn't be able to decode most of that data anyways in normal cases).

or who I am accessing it from

What do you mean by that?

Suggesting that a VPN could mitigate stuff relating to CSS is like wearing a floating vest 24/7 when flying in a Boeing plane: you might feel a bit safer with it on, but it'd probably be smarter to have a parachute instead.

[–] [email protected] 1 points 5 months ago (1 children)

Ok, I'm missing something then.

What is CSS used for?

[–] [email protected] 2 points 5 months ago

CSS are used to establish whose phone (the therefore who) is in a location and whose phone (and therefore whomst) sent and received data at what times.

That information is what police will use as probable cause to get warrants against the services you use if not your person or home.

load more comments (5 replies)