Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.
Through constant packet sizes, random background traffic and data pattern distortion we are taking the first step in our battle against sophisticated traffic analysis.
The Chinese Great Firewall (GFW) has already been using machine learning to detect “illegal” traffics. The arms race is moving towards the Cyberpunk world where AIs are battling against an AI firewall.
I have some first hand experience with this. Brand new XMPP server, never before seen by anyone in the world, blocked within about 12 hours. Wireguard VPN on AWS lasts for a few hours on some networks, more on others. Never longer than a few days though.
Still waiting for Defense Against the AI Dark Arts to drop
DAIDA
And Dumbledore’s AIrmy for when they forbid DAAIDA as an anti-terrorist measure
?
Harry Potter reference.
No port forwarding really kills the utility though - I mainly use the VPN to do port forwarding (e.g. for video games, Plex, etc.) as my ISP is shit.
Like I’m not worried about state-level de-anonymisation, I just want to be able to share services remotely and have a minimum level of anonymity.
How does port forwarding help with videogames?
Opens up your NAT for matchmaking
I host a server, I forward the port, my friends can connect to the open port on the VPN side.
My ISP does not offer port forwarding.
Someone else pointed out Tailscale; I’ve had luck with free tier VPS+WireGuard.
I have an Oracle one which has worked well. Downside is I did link my CC, because my account was getting deactivated due to inactivity (even using it as a VPN and nginx proxy for my self hosting wasn’t enough to keep it “active”). But I stay below the free allowance, so it doesn’t cost.
That said: as far as anonymity goes, it’s not the right tool. And I fully appreciate the irony of trying to self-host to get away from large corporations owning my data…and relying on Oracle to do so. But you can get a static IP and VPS for free, so that’s something.
Zerotier could also work for you
I love these guys. Let’s see if somebody can just bootstrap the FOSS framework directly on TCP to work on the internet without a VPN. Fantastic project
Those words sound cool and mean literally nothing
Err… Like… a 2009 Java applet? Those were built straight on TCP. And the lack of security let anyone else in the same LAN cafe steal your password.
The closest thing I can think of that goes for the vibe you’re talking about is I2P
How about defense against dhcp option 121 changing the routing table and decloaking all VPN traffic even with your kill switch on? They got a plan for that yet? Just found this today.
I doubt it would matter in some environments at all.
As an example a pc managed by a domain controller that can modify firewall rules and dhcp/dns options via group policy. At that point firewall rules can be modified.
I swear the defense against the dark arts teacher just keeps getting weirder and weirder.
I can tell you that this exists way before AI, I wish that there was more awareness earlier but it’s good that now its starting
I use Mullvad really good, love how they don’t care who you are and can actually maintain complete anonymity even in payment.
Propably going to be banned soon for some stupid reason if gets popular, like free speech is allowing the terrorists make bears cry or something.
Windscribe had something similar already? Not exactly this, but they had a feature to add other random traffic to your network specifically to work against systems like these.
So… Tor?