[HN Gopher] Indian ISPs: We already give govt full access to web...
___________________________________________________________________
Indian ISPs: We already give govt full access to web traffic
Author : instagraham
Score : 278 points
Date : 2022-11-10 09:40 UTC (13 hours ago)
(HTM) web link (entrackr.com)
(TXT) w3m dump (entrackr.com)
| bheadmaster wrote:
| GNU Net [0] seems more relevant than ever:
|
| "The Internet is broken."
|
| "The conventional Internet is currently like a system of roads
| with deep potholes and highwaymen all over the place. Even if you
| still can use the roads (e.g. send emails, or browse websites)
| your vehicle might get hijacked, damaged, or long arms might
| reach into its back and steal your items (data) to use it against
| you and sell it to others - while you can't even notice the
| thievery nor accuse and hold the scroungers accountable. The
| Internet was not designed with security in mind: protecting
| against address forgery, routers learning metadata, or choosing
| trustworthy third parties is nontrivial and sometimes
| impossible."
|
| [0] https://www.gnunet.org/en/
| eternalban wrote:
| Thanks. Great bib!
|
| https://bib.gnunet.org/
| [deleted]
| naring2 wrote:
| this is just a bad analogy. the internet is not transporting
| anything like a road would. the whole system works by copying
| "your data" every step along the way.
|
| they are not thieving your precious bits, they are copying them
| as they are transmitting them. this s also why you cannot even
| notice the "thievery".
|
| furthermore, this analogy is mangling together data legitimacy,
| security, and property rights all into one big ball of "be
| worried, the internet is _stealing you_ because it wasn't
| designed with safety in mind"
| npteljes wrote:
| Sending postcards could be a more apt analogy. Even if a bit
| outdated, still a widely familiar activity, and postcards can
| be copied. And they are just as open to people in between as
| HTTP packets are.
| pessimizer wrote:
| > the internet is not transporting anything like a road
| would.
|
| Comparing the internet to a highway system is a common and
| useful thing to do. Your objections are strange.
|
| > they are not thieving your precious bits,
|
| If I look over your shoulder at the ATM and learn your PIN,
| is it not clear what I mean when I say that "I've stolen your
| PIN?"
|
| > mangling together data legitimacy, security, and property
| rights all into one big ball
|
| Is entirely intentional, because these are things to be
| worried about on the internet.
| bheadmaster wrote:
| If you happen to come up with a better analogy, I'm sure the
| GNU Net development team will appreciate your input: gnunet-
| developers@gnu.org
|
| GNU Project is community-driven, after all.
| thr83away wrote:
| mdp2021 wrote:
| An important point is whether legislation exists which allows
| such "monitoring".
|
| Edit:
|
| I would also like to add, one of the latest news was about
| malicious access of administrative data in Australia - which
| surely has in general more funds to invest in security than
| others. I would be concerned about personal data being copied in
| more repositories (multiplying chances of malicious access).
| mathieuh wrote:
| Isn't that why countries passed non-specific laws? E.g. in the
| UK we have the Snoopers' Charter:
| https://en.wikipedia.org/wiki/Investigatory_Powers_Act_2016, I
| believe in the US the Patriot Act did something similar.
| pessimizer wrote:
| That's an important thing to note, so you can recognize it
| where you live i.e. under what obscure interpretation, of
| what strangely written law, passed under what conditions,
| enabled unlimited network surveillance in the countries that
| have it? Who in your country supports similar legislation?
| nisegami wrote:
| >An important point is whether legislation exists which allows
| such "monitoring".
|
| One thing that people from the "global north" need to remember
| is that in most of the world, laws are just loose guidelines.
| hulitu wrote:
| It is the same in the "global north". See Assange Swedish
| cases.
| UltraViolence wrote:
| The real canary in the coalmine was actually a movie from 1999
| called "Enemy of the State."
|
| The plot for the movie was actually based on an account from an
| NSA employee who tipped one of the producers or director (I
| forget which) of the mass surveillance the agency was involved
| in.
|
| To me this movie is iconic just because it predicted events so
| vividly almost a quarter of a century ago.
| a4isms wrote:
| Digression:
|
| If you like "Enemy of the State," you absolutely must watch
| "The Conversation"[1] if you haven't already. You may decide,
| as many have before you, that it exists in the same universe as
| "Enemy of the State," and that Gene Hackman's character in
| "Enemy of the State" is an older, even more cynical Harry Caul
| from "The Conversation."
|
| [1]: https://en.wikipedia.org/wiki/The_Conversation
| varispeed wrote:
| Predicted or inspired... Imagine a young, going to be
| politician, kind of person watched it and thought "Hmm, this is
| not a bad idea at all!" and then climbing the political ladder
| lobbying for these kind of measures.
| 0x445442 wrote:
| Even before that, Sneakers "predicted" the NSA spying on its
| own citizens. I use quotes because it happens too often to be
| happen stance IMHO.
| i_am_jl wrote:
| I remember watching Enemy of the State in theaters with my dad.
| I remember thinking it was a cool movie, but sort of
| unrealistic and over-the-top, like James Bond.
|
| Now I think it's unrealistic because Will Smith and Gene
| Hackman survived the first 25 minutes of the film.
| jphsnsir wrote:
| Don't all ISPs do this? They can be stubborn and lose connecting
| with the rest of the net.
| openasocket wrote:
| I'm confused, are they actually getting the plaintext content of
| HTTPS traffic, or are they just harvesting connection metadata?
| Not that bulk metadata collection isn't bad, but getting access
| to unencrypted data would be much worse.
| azalemeth wrote:
| Many, if not most, nations have similar provisions to this. I
| think it's wrong and just over the top. However, encrypting
| everything and using multi-hop routing wherever possible at least
| will add noise to this sort of dragnet surveillance. Personally,
| I've taken steps to obsfucate my traffic since similar
| legislation was introduced in the UK.
| raxxorraxor wrote:
| It is most often old people scraming at the cloud/internet. I
| hope the next generation is more aware about the severely
| negative foundations the current generation gifts to us in
| their cynicism shortly before their end of life.
|
| But seriously, to me this is a sign that a state is never the
| friend of its people. There are no sensible security arguments
| without also looking at the dangers of dragnet surveillance.
| The US isn't different, the EU isn't different.
| [deleted]
| kurmouk wrote:
| Could you possibly share the tools you use to obfuscate your
| traffic?
| _trampeltier wrote:
| I did start with Yacy. First I would bould something thet
| search a list on Google or so and the just follow links
| forever. Finally I just found Yacy a P2P search. I did run it
| for a couple of years.
|
| https://yacy.net/
| danuker wrote:
| I would guess Tor, I2P, Freenet, GNUNet.
|
| But also configuring or avoiding certain other software:
| https://spyware.neocities.org/articles/index.html
| roenxi wrote:
| Snowden released his trove back in 2013. At that point it
| became obvious that anyone with power to surveil would use it.
|
| I suppose the news here is that the response was so relaxed
| that governments started doing it publicly and explaining the
| tech.
| altcognito wrote:
| It was obvious before Snowden.
|
| https://en.m.wikipedia.org/wiki/Room_641A
| mitchell_h wrote:
| https://en.wikipedia.org/wiki/ECHELON
|
| This started in the 60s! I remember hearing about it in the
| mid 90s on random internet forums.
| Neil44 wrote:
| But how... I mean presumably they don't install a root cert on
| every client device?
| willis936 wrote:
| The internet doesn't run on pre-shared keys. Asymmetric
| encryption is weak against wiretapping.
|
| Otherwise there wouldn't be illegal dragnets (Room 641A, DITU,
| PRISM).
| stevewatson301 wrote:
| They can intercept the unencrypted section of encrypted
| connections, such as TLS ServerName, and the source and
| destination of every IP datagram which already provides a lot
| of information to profile individual citizens.
|
| QUIC moves to a model where everything except the Connection ID
| is encrypted[1], but it is also apparently being blocked in
| India[2]. The mandated transition to IPv6 in India[3] would
| also take away the need to track 5-tuples to identify
| individual customers, easing the scaling of monitoring.
|
| [1] https://datatracker.ietf.org/doc/html/rfc8999
|
| [2] https://github.com/kelmenhorst/quic-censorship/issues/2
|
| [3] https://dot.gov.in/ipv6-transition
| AgrMohit wrote:
| The blocking being observed might be one off issues. I can
| use QUIC just fine on Reliance Jio's network.
|
| This page [1] shows I am using HTTP/3 which unless I am
| mistaken requires QUIC to work.
|
| [1] https://cloudflare-quic.com
| lakomen wrote:
| How would ipv6 "take away the need to track 5-tuples" and
| what does that even mean? That sentence doesn't make sense
| stevewatson301 wrote:
| NATing IPv4 traffic requires maintaining a 5-tuple of
| connection state[1], which means the ISP must log these
| 5-tuples to be able to track citizens individually.
| Further, if there's another layer of NAT (such as a free
| WiFi service in an airport or a WiFi router in a citizen's
| home), cooperation is needed at that NAT layer too.
|
| IPv6 obviates the need to maintain these 5-tuples since it
| has a larger IP address space. Each citizen can then be
| assigned an unique IP address which makes it easier to
| distinguish traffic without the cooperation of each NATing
| layer.
|
| [1] https://support.huawei.com/enterprise/en/doc/EDOC110005
| 5044/...
| huggingmouth wrote:
| Wouldn't people just continue using consumer-grade
| routers which operate their own nat anyway? Even with
| ipv6, the traffic generated by all hosts behind a single
| isp subscription would appear to originate from a single
| ipv6 host, no?
| staringback wrote:
| I highly doubt any consumer grade router is using NAT66.
| You shouldn't use NAT whatsoever with IPv6 and doing so
| is just asking for client's network functionality to
| break.
| staringback wrote:
| > Each citizen can then be assigned an unique IP address
|
| You don't understand how IPv6 works.
| stevewatson301 wrote:
| The feedback is fair enough given my phrasing. Of course,
| IPv6 can't give you a fixed IP address everywhere you go;
| because that's determined by network topology and IP
| assignment.
|
| All I'm saying is that there's better segregation of the
| traffic from each IP resulting in easier analysis without
| the cooperation of NATing layers.
| ljlolel wrote:
| You would want to use NAT with ipv6 if you want to hide
| somewhat your traffic-- say at university as one example.
|
| Couldn't reply to other comment
| staringback wrote:
| No you wouldn't. You would use temporary privacy
| addresses in your SLAAC prefix (this is the default for a
| few operating systems)
| 2Gkashmiri wrote:
| like the other commenter said, they have IP address information
| which they "can" corelate from say logs from reddit and pin
| point which anonymous user posted something. or where a
| particular email was sent from, they find the email, they can
| trace it back to the sender and looking at logs, can find where
| and which device that was from.... ipv6 is very prevalent in
| india and you don't need a wifi AP level monitoring as you can
| do on a per-device basis
| praveen9920 wrote:
| This came as a surprise to me considering when the Indian court
| orders to take down particular content of particular site, ISPs
| still uses dns blocking instead of more granular blocking which
| resulted in blanket site blockings of popular sites
| rand0mx1 wrote:
| Most Indian ISPs employ Deep-packet Inspection to block
| websites
| praveen9920 wrote:
| Not all of them have the capabilities of course
| lakomen wrote:
| Ok so how is it different from what the USA does?
| Sakos wrote:
| Probably not at all. Still worth reporting and talking about.
| It's not okay if the US or India or any other country does it.
| I'm not happy that most comments here are so resigned, "well,
| yeah, everybody does it".
| sremani wrote:
| India is neither a 'Nation of creed' like US or a National-
| Security state like Russia or Pakistan. It is a nation of
| insurgencies though, so look elsewhere if Privacy to holy to
| you, cause it ain't going to be India's forte.
| ozim wrote:
| Worth talking because there are still people who argue that
| TLS and HTTPS is hassle that is not needed.
| hulitu wrote:
| You do realize that they are talking about "https" and
| "tls" trafic , do you ? The only use i see for those
| protocols is to identify you.
| Ptchd wrote:
| It's probably not as bad as what the USA is doing today...
| balaji1 wrote:
| As many have mentioned, this is probably very common in every
| country.
|
| But there is always the next target(s) to go after, to keep in
| check, in a pop culture sense. So one way is to see this
| (article and this HN post) as a hit piece.
| Anunayj wrote:
| People really underestimate the full scale of this, specially
| today with so many sites using cloudflare without strict ssl
| reverse proxy connection, Cloudflare Endpoints in India are
| INSIDE ISP networks [1], what this means is the ISP (and
| therefore by extension the government) sees EVERYTHING going out
| of cloudflare servers over http in plaintext. Worse ISP will also
| modify that content so you get the "This site has been blocked in
| India under diretions from [...]" over https! cause that's what
| cloudflare saw when it did it's (insecure) http request
|
| 1. https://github.com/captn3m0/hello-cloudflare
| dvno42 wrote:
| If I'm understanding you correctly, you are saying that the
| origin servers only listen on HTTP and that is where the ISP
| intercepts. Is it not common practice for the origin servers to
| also being using HTTPS? Afaik there's no simple way for the end
| user to know this though.
| NavinF wrote:
| People who run the origin servers often use a CDN to do TLS
| termination because they are too incompetent to do it
| themselves. Not having to enable TLS is a major value-add for
| certain types and you'll see this advertised prominently by
| every CDN
| roody15 wrote:
| Do you honestly believe the US government doesn't have the same
| access to cloudflare data within the states?
| JumpCrisscross wrote:
| > _the US government doesn 't have the same access to
| cloudflare data within the states?_
|
| Yes. There is almost certainly access. But it's partial and
| adversarial, not automatic as in India.
| somenameforme wrote:
| PRISM [1] didn't end when the media stopped reporting on
| it. If anything it's likely only become more emboldened
| given people's tepid response. This [2] is one of my
| favorite documents that was leaked. It's a user manual,
| "User's Guide For PRISM Skype Collection", for NSA agents
| spying on Skype "peer to peer" connections in real time.
|
| It even includes a helpful FAQ like agents wondering why
| they might receive copies of the same message multiple
| times. What happens there is when somebody they're spying
| on logs in via another device, their resync process
| involves everything being sent right on over directly,
| automatically, and in real time to the NSA again. They can
| even spy on video/audio in real time, with some promises to
| agents frustrated about audio falling out of sync with
| video - that they were working on a technical solution.
|
| The companies at the time participating in PRISM were
| Apple, Google, Microsoft, Facebook, and others. That's
| undoubtedly been long since expanded.
|
| [1] - https://en.wikipedia.org/wiki/PRISM
|
| [2] - https://www.aclu.org/sites/default/files/field_docume
| nt/Guid...
| JumpCrisscross wrote:
| PRISM is a good example of the difference between America
| and India. One, there's vocal and empowered opposition,
| opposition granted relief by the courts from time to
| time. Two, there _was_ opposition-MUSCULAR involved
| hacking Google and Yahoo 's clouds. Three, there is a
| warrant process. It's broken. It needs reform. But it
| exists.
| somenameforme wrote:
| What empowered opposition or successes? Many seem to have
| confused the highly publicized 'telephone metadata
| collection is unconstitutional' ruling with PRISM. That
| was related to other domestic spying bills - section 215
| of the Patriot Act and its subsequent renewal under
| another spying act, the "USA Freedom Act." These
| cases/acts had nothing to do with PRISM.
|
| Numerous cases have been filed against the NSA in regards
| to PRISM, with nothing even remotely close to success.
| They are invariably thrown out because the NSA acting
| illegally or unconstitutionally can only be challenged by
| somebody with standing. You only have standing if you can
| prove you have been surveilled and affected because of
| such. Nobody can prove standing, so it's impossible to
| legally challenge a likely illegal program. Great system
| we have.
| xfer wrote:
| Do you see a green lock with message saying "your access is
| restricted" in the US?
|
| Do you see any TLS connection resets based on SNI? If not,
| most(all?) indian ISPs already visibly do far more than
| average American ISP.
| themitigating wrote:
| No where in the parent's comment did they mention the US.
| What's the point of your comment?
|
| It's like if we were discussing a serial killer and you were
| like "don't you think other people have killed?"
|
| The second reply to this post and someone is already
| redirecting the conversation to a country not mention in the
| story. Are you upset because you think India is being singled
| out? No where on the article or the comment does it imply
| that.
|
| On HN there are a massive amount of discussion about US
| government spying already, it's not something that people
| aren't aware of.
| kshacker wrote:
| The parent comment is valid. The GP comment specially
| highlighted the Indian networks as different so that
| factoid being challenged (in efficacy rather than
| implementation) is a pretty valid stance.
| gsatic wrote:
| pfft it's India. Ppl with access to sensitive data get paid
| peanuts. So you too can see "everything" by giving the right
| person a bag of nice mangoes.
| MichaelZuo wrote:
| Does cloudflare mention this anywhere?
| switch007 wrote:
| It's unethical of CloudFlare et al to offer such a feature.
| petya0812 wrote:
| neets wrote:
| What is India turning into China lite?
| user_7832 wrote:
| Well if you look at the Snowden/Five Eyes/9 Eyes etc by that
| logic USA/Aus/France etc are already "turning" into China
| (except, of course that this has been going on forever and no
| one really paid too much attention to Snowden). Not blaming you
| as mainstream media also often paints Snowden negatively but
| something to be aware of.
| m33k44 wrote:
| This happens because the Indian government does not yet have the
| infrastructure of NSA and or GCHQ :) They have to demand for the
| information instead :)
| [deleted]
| mritun wrote:
| Yes they do, mainly because it's the law.
|
| That it's a misguided law is open for debate, but I don't believe
| there is any state in the world that doesn't monitor and control
| tele-communications (internet is regulated as tele-communications
| WW).
| mdp2021 wrote:
| It is the details of the law that count here.
|
| "Rights of investigation" and "capillary monitoring" are poles.
| quietbritishjim wrote:
| The level of surprise does seem overblown. This bit stuck out
| to me:
|
| > ... access to this data is so accessible remotely that
| physically visiting an internet provider's premises is no
| longer required for government agencies.
|
| They were expecting government agents to have to physically
| visit the ISP's offices? Were they perhaps going to get their
| data on a floppy disk?
| stevewatson301 wrote:
| The model where law enforcement officers have to visit ISP
| facilities reduces the duration and scope of surveillance.
| Throw in a process where you need to get court approval into
| the mix, and this provides some level of oversight into the
| surveillance machinery. (Though abuses are certainly possible
| with this model, see [1]).
|
| [1] https://www.eff.org/deeplinks/2021/05/foriegn-
| intelligence-s...
| Lealen wrote:
| They weren't asking for floppy disks, they were sending their
| people to connect directly to infrastructure.
|
| One of examples: https://en.wikipedia.org/wiki/Room_641A
| quietbritishjim wrote:
| Ah ok that does make a bit more sense.
| yardstick wrote:
| Just because data can be made accessible remotely doesn't
| mean it should be.
|
| Airgapped systems are also still a thing.
|
| On-site access would also make it harder to abuse the data at
| scale.
|
| I'm not surprised that the data is accessed remotely. But I
| can also understand scenarios where it makes sense to require
| physical access, and not because of long gone floppy disk
| drives or other ancient hardware.
| mdp2021 wrote:
| On the other hand, if your purpose is automated analysis of
| data, you will probably create an automated update of the
| records - a direct connection.
| nix23 wrote:
| Data diods are also a thing (physical oneway traffic) but
| that so many are unaware of it is mindblowing.
|
| https://owlcyberdefense.com/learn-about-data-diodes/
| 0x445442 wrote:
| I've wondered about this for a while now with all the social
| media banning. The FCC requires one to have a license to
| broadcast over the airwaves and from what I understand these
| regulations stem from a limited number of frequencies. But I
| wonder if the FCC would have been created if that physical
| constraint did not exist. Was the FCC more about the
| constrained physics or controlled information?
| triceratops wrote:
| Constrained physics.
|
| The FCC doesn't regulate content on cable TV.
| Technologically, there's no reason cable radio couldn't have
| existed.
| 0x445442 wrote:
| But I was talking about airwaves, and they do regulate
| what's on those. It's not just physics.
|
| https://en.wikipedia.org/wiki/Federal_Communications_Commis
| s...
| adrian_b wrote:
| Yet there was a time, not long ago, when many countries had
| written in their constitutions, among the fundamental rights of
| their citizens, the rights of secrecy for both their written
| correspondence and their telephone conversations.
|
| Such rights were included even in the constitutions of many
| communist countries, despite the fact that there it was a
| routine activity for the secret police to open all suspect
| private correspondence and listen to many telephone calls.
| Nonetheless, they had to be careful to not get caught, because
| the official version was that their activities were illegal and
| even anti-constitutional.
|
| Unfortunately, now almost everywhere such rights have been
| weakened or completely eliminated, without any good
| justification and without the opposition that such changes
| deserved.
| hulitu wrote:
| > Unfortunately, now almost everywhere such rights have been
| weakened or completely eliminated, without any good
| justification and without the opposition that such changes
| deserved.
|
| What do you mean "without any good justification" ? It is for
| your own good to protect you from terrorists (the bad ones
| specifically), hate speech (anything which is against the
| official narative) and child porn. /s
|
| Why would change deserve opposition when it is for your own
| good and the change is in better [1] ? /s
|
| [1] See Monty Python's Life of Brian - Ex-lepper scene.
| LatteLazy wrote:
| And US and UK and Australian and basically all countries at this
| point.
| mtgx wrote:
| sidcool wrote:
| Use VPNs. Most are quire expensive from Indian standards.
| hunglee2 wrote:
| I think we must all agree that national governments have a duty
| of care towards their citizens.
|
| From the Indian govt perspective, the dominance of the Internet
| by foreign owned businesses means that the country is vulnerable
| to malfeasance should those foreign governments mean India harm
| or come to decide - _over the head of the government_ - what the
| Indian people want or need.
|
| This is about national sovereignty and national security. We have
| seen how those values trump privacy concerns for individuals in
| any country, including the US, so must accord the same
| understanding for other nations also.
| raxxorraxor wrote:
| I agree that most western democratic nations are a very bad
| example when it comes to defending their own values. But
| government should simply not have the ability to monitor
| citizen communication. It was a problem in the past and it
| should not be a problem in the future.
| hunglee2 wrote:
| > But government should simply not have the ability to
| monitor citizen communication.
|
| What if the citizens were agents of the enemy?
| ruminator1 wrote:
| How is violating someone's privacy caring for them? "Forfeit
| your rights so your rights can be protected"
| hunglee2 wrote:
| the use case most commonly cited by government(s) is national
| security.
|
| for example, the government might suspect a citizen to be an
| agent of the CCP. Would you defend that individuals right to
| privacy, vs the nations right to security?
| kitchi wrote:
| So rather than blanket surveillance, wouldn't it make more
| sense for the government to build a case against a suspect,
| and then issue a warrant to track their behaviour etc?
|
| Unless the assumption is that all citizens of a country are
| potentially enemies of the state and we are all highly
| trained spies operating under deep cover for years...
| hunglee2 wrote:
| the question would be 'building a case' - how would do
| you this if you didn't conduct some sort of profiling?
| The entire purpose of national security apparatus is to
| identify enemies of the state _before_ they are able to
| act. Do you think this is always unjustified? Genuine
| question, don 't know the answer myself!
| instagraham wrote:
| This government's police agencies have used Israeli spyware to
| plant incriminating evidence on journalists and activists.
| "National security" has come to mean "anything critical of the
| government".
|
| Loose terms like "national security" are like good times that
| breed weak leaders. I think we must all agree that citizens
| have a right against persecution.
|
| What track record does this government have that suggests they
| will do no wrong with their internet history logs?
| hunglee2 wrote:
| "National security" has come to mean "anything critical of
| the government".
|
| Yes this is true!
|
| Hence government needs to invest in indoctrination in order
| to better convince the people of the justness of their
| actions. Singing the national anthem, waving the flag,
| inventing enemies without and within - it's pretty easy to
| build the 'cognitive infrastructure' required to carry the
| day
| evnix wrote:
| we need a decentralized list for holding key pair signatures.
|
| it could something like adblocker list, No more central CA.
| 2Gkashmiri wrote:
| 5 days ago i wrote about UK govt doing scans of all websites
| hosted in UK for "security" reasons and i was downvoted for "
| Stop lying and not relevant, you clearly came here with an
| agenda"... i guess we really do have an agenda when the
| government has access to full internet web traffic and they can
| pick and choose their targets with impunity
|
| https://news.ycombinator.com/item?id=33470079#33470409
| mdp2021 wrote:
| And in some countries we are starting to see "Adopt electronic
| payment: simple and safe" - which implies, "create tracks" -,
| as generic anonymous advertisement... Even on the electronic
| billboards of motorways!!!
| dspillett wrote:
| Looking at that, I'd suggest the downvotes are from being
| technically wrong (the "Scanning for vulnerabilities won't help
| you find critics. If you wanted to look for critics, you would
| scan for critics." argument - there are better/easier ways to
| achieve what you are talking about a government trying to
| achieve so why would they go to that effort?). Maybe some
| considered the comment concerning India on a thread about the
| UK was pulling things off-topic, though as not all voters
| replied with clarifying comments we'll never know.
|
| The lying/agenda thing seems to just be one comment. Try not to
| assume that one angry reply represents a larger chunk of HN's
| readership. The Internet is full of bus-stop boxers, it is best
| to not let them wind you up overly.
| 2Gkashmiri wrote:
| oh no, not that. >Try not to assume that one angry reply
| represents a larger chunk of HN's readership.
|
| you get to have a thick skin when you are on an anonymous
| public platform. i accept that....
|
| i live in a place where i have to actually assume malice on
| part of the government because the government "is" hostile
| against me. Again, this isn't some tin-foil conspiracy but as
| you might've guessed from my handle, its yeah...
|
| So that comment earlier and the current article about ISPs
| tracking users, this is primarily to catch critics and
| dissenters.
| dspillett wrote:
| _> So that comment earlier [was that] this is primarily to
| catch critics and dissenters._
|
| I was suggesting that the downvotes there, complained about
| above, where people disagreeing with this possibility, on
| the basis that it would not offer a practical amount of
| extra information (considering the effort involved) than
| already being gleaned with other methods they are already
| using. Not generally how downvotes should be used IMO, but
| it happens.
| syntaxing wrote:
| Curious how this works technically, does the Indian government
| have control over ca certs and every ISP uses them to MiTM it?
___________________________________________________________________
(page generated 2022-11-10 23:02 UTC)