218

Mullvad VPN: Introducing Defense against AI-guided Traffic Analysis (DAITA) (mullvad.net)

submitted 1 week ago by ForgottenFlux@lemmy.world to c/privacy@lemmy.ml

10 comments fedilink hide all child comments

Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.

Through constant packet sizes, random background traffic and data pattern distortion we are taking the first step in our battle against sophisticated traffic analysis.

top 10 comments

sorted by: hot top controversial new old

[-] kbal@fedia.io 49 points 1 week ago

Good for Mullvad. Long overdue, as they say. Wish I could still be a customer. Whoever induced them to turn off port forwarding did the world a disservice.

[-] fizzyvelcro@lemmy.world 16 points 1 week ago

Bad customers apparently

[-] kbal@fedia.io 15 points 1 week ago

The possibility that some of those bad customers might've had the specific objective of permanently crippling the service as they successfully did is often under-appreciated.

[-] Scolding0513@sh.itjust.works 1 points 1 week ago

lol exactly. the feds have been proven to be CP distributors, it was proven in a court of law actually

[-] delirious_owl@discuss.online 8 points 1 week ago

Oh, I know AI can't identify me because I constantly get banned from my accounts by machine learning algos

[-] schwim@lemm.ee 2 points 1 week ago* (last edited 1 week ago)

Anyone have an eli5 explanation of how AITA works? What patterns could be captured and how would that lead to identification or data siphoning?

[-] Spotlight7573@lemmy.world 10 points 1 week ago* (last edited 1 week ago)

One example:

By observing that when someone visits site X, it loads resources A, B, C, etc in a specific order with specific sizes, then with enough distinguishable resources loaded like that someone would be able to determine that you're loading that site, even if it's loaded inside a VPN connection. Think about when you load Lemmy.world, it loads the main page, then specific images and style sheets that may be recognizable sizes and are generally loaded in a particular order as they're encountered in the main page, scripts, and things included in scripts. With enough data, instead of writing static rules to say x of size n was loaded, y of size m was loaded, etc, it can instead be used with an AI model trained on what connections to specific sites typically look like. They could even generate their own data for sites in both normal traffic and the VPN encrypted forms and correlate them together to better train their model for what it might look like when a site is accessed over a VPN. Overall, AI allows them to simplify and automate the identification process when given enough samples.

Mullvad is working on enabling their VPN apps to: 1. pad the data to a single size so that the different resources are less identifiable and 2. send random data in the background so that there is more noise that has to be filtered out when matching patterns. I'm not sure about 3 to be honest.

[-] schwim@lemm.ee 2 points 1 week ago

Thanks very much, I believe I understand that part now, like a fingerprint to associate to site components like pulled in js, css, etc. I still don't understand, though, how they associate that to a particular user of a VPN. Does each request done through a VPN include some sort of identifier for each of us or is AI also doing something to put these requests in a particular user's bucket?

[-] Spotlight7573@lemmy.world 3 points 1 week ago* (last edited 1 week ago)

I think it was more targeting the client ISP side, than the VPN provider side. So something like having your ISP monitor your connection (voluntarily or forced to with a warrant/law) and report if your connection activity matches that of someone accessing a certain site that your local government might not like for example. In that scenario they would be able to isolate it to at least individual customer accounts of an ISP, which usually know who you are or where to find you in order to provide service. I may be misunderstanding it though.

Edit: On second reading, it looks like they might just be able to buy that info directly from monitoring companies and get much of what they need to do correlation at various points along a VPN-protected connection's route. The Mullvad post has links to Vice articles describing the data that is being purchased by governments.

[-] Scolding0513@sh.itjust.works 1 points 1 week ago

lol. and yet they wont support multi hop on Android. how quaint.

this post was submitted on 07 May 2024

218 points (97.4% liked)

Privacy

29157 readers

531 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml

tmpod@lemmy.pt

TheAnonymouseJoker@lemmy.ml

Yayannick@lemmy.ml

ranok@sopuli.xyz