💾 Archived View for bbs.geminispace.org › u › Addison › 14353 captured on 2024-05-26 at 16:04:25. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-05-12)
-=-=-=-=-=-=-
AES operates on 16-byte blocks, so at best your "size signature" is only good to a resolution of modulus 16 bytes. This isn't unique to Gemini though. At best a snoop will be able to see how many requests you're making that are within 16 bytes of each other in size. Clients often have to re-attempt requests anyway, and may drop connections before receiving a full response; so now a snoop will have to gauge the mod-16 issue on top of determining which payloads are complete or not. You could easily write a client that opens several connections at once and only completes some of them, and requests other pages at the same time.
Additionally, a paranoid capsule owner could include random junk in their responses, or a meaningless/repeated meta header ("lang=en-US;" repeated n times). I don't think there's even a size limit on those.
For me personally, this is far less of an issue than the analytics ever one of my network-connected devices is likely spewing across the ether (why do smart TVs need microphones in the remote?). I don't even really care enough to do something about that though.
Jan 25 · 4 months ago
TLS 1.3 already has a mechanism for padding responses for this reason, you're better off using that than trying to implement something gemini-specific.
— https://datatracker.ietf.org/doc/html/rfc8446#section-5.4
Great point about TLS 1.3. Clients and servers could both use that to mask content length.
🚀 ElectricalDance · Jan 26 at 13:02:
What you are describing is basically what High latency mix network used to do in the early 90. In short, you could send them a PGP encrypted e-Mail and they would store it and then forward it after a certain time (few hours usually). You can search Mixnet, cypherpunk remailer if you want more information about this.
TLS was never built to do this. It’s was created against "trivial" interception between you and the sender and to secure online shopping.
Surveillance in Gemini — Adversary can tell very specifically which one gemini page a user is requesting, based on the size of server response. There is no need to decrypt the channel to learn which page is transmitted there, the only thing that matters is the size of that message. The same thing works all the way around, if someone has submitting a picture or a text to the gemini forum, adversary can see corresponding portion of encripted traffic going from specific user. Again, there is no...
💬 nikhotmsk · 6 comments · 3 likes · Jan 25 · 4 months ago · #privacy