How frequently are the honesty and integrity of a man disposed of by a smile or a shrug. How many good and generous actions have been sunk into oblivion by a distrustful look, or stamped with the imputation of bad motives, by a mysterious and seasonable whisper!”
~Sterne

Spread Spectrum – 1 – Background

Google+ Pinterest LinkedIn Tumblr +

The aim of this project is to use pfSense or OpenSense (open source firewall solutions) to both encrypt information in and out of your house and split it up across multiple connections.  This makes metadata regarding your internet activity practically useless.

 

(Infographic by Vikram Jaiswal, slideshare.net)

Spread Spectrum was originally invented by Hedy Lamarr in the 40’s to prevent jamming during the war.  

It has since been embraced both by modern wireless phones we use in our houses (DECT) and by corporations looking to improve their own security via products only available to big business, well out of reach of the public.

 

The aim of this project is to use pfSense or OpenSense (open source firewall solutions) to both encrypt information in and out of your house and split it up across multiple connections.  This makes metadata regarding your internet activity practically useless.

 

When you sign up with a VPN provider (such as NordVPN) and install their client software, the diagram at left shows what the connection looks like:

  • your home network (the square)
  • connects to the VPN provider’s servers (4-point star),
  • which then connects to the website on your behalf.
 
This is helpful and desired because your Internet Service Provider (ISP) can’t see what websites you’re going to.
 
You’re still leaking metadata, though – by looking at network packet sizes, frequency and fingerprint they know you’re going to a website with pictures and that you always do it at, say, 7:30a during the week, now able to surmise that it’s cnn.com with morning coffee.

 

The diagram at right (and thus the logo for the project) at right depicts five connections from your house converging on a given website. In this case, your home firewall (such as pfSense) is connected to all five VPN providers at once.  pfSense will fracture the traffic across all five connections.

  • this scrambles metadata from each connection
  • this system applies to the whole house, protecting every device and endpoint without the installation of VPN software (and ensuring it’s always turned on!)
  • Because it’s at the household level and across multiple simultaneous connections, it’s now impossible to analyze metadata.  Is this your phone looking for updates, your Windows 10 machine looking for updates or you visiting cnn.com? 
  • You can split up traffic across multiple providers too – go ahead and get Comcast, Centurylink DSL and Verizon 4g, get the cheapest lines they offer and then multiplex them into a single, fault tolerant line that’s faster than the overall additive bandwidth (due to compression)!

 

Is this level of security over the top, is it worth the work?  Ask yourself two questions :

  1. Why do businesses do this?
  2. Why can’t I?  Why do absolutely no residential grade devices or applications allow me to do the same thing businesses and our government have been doing for decades?

Can you monitor big businesses?  Oh hell no, not when they’re using this technology.  Can they monitor you?  Absolutely and they have been (I didn’t make up the metadata fingerprinting above on my own, that’s how it works).  The death of Net Neutrality will make this much, much worse.

With this system in place you can enjoy the same level of security and privacy with greater resilience (how often does resedencial Comcast go offline?) and you spend less money (buy the cheapest circuit they offer and aggregate them).

Share.

Leave A Reply

Secured By miniOrange