Just wanted to put out there that I may be interested in
joining/following a research effort for this when I have some time during the
summer, it would be a good way to flex some statistical tools.
Now for just a little bit of a rant.... (Sorry for the slightly off topic but I just think it has to be said)
> posts leave me a bit worried
> about the cavalier attitude of some NZNOG posters to privacy of the> internet.
I don't see how anyone can see the "internet" as private at all. Who knows who's private network the traffic is going to traverse to get to it's destination. The core philosophy of the internet in some ways is, "Just get it there". Making sure you got what you want and protecting it from prying eyes is up to you. Yes network operators should do there best to minimize information leakage, and have policies that limit and oversee what information people have access to, and to make sure actions are ethically reasonable. But that is a far cry from having privacy.
The people that set up snooping on tor end nodes is a good example of this, if you want payload privacy there is cryptography. Even been tempted to think of an internet pipe is a private communication channel is a very very bad idea from a security standpoint. I am not sure ever expecting to have privacy of your source and destination is reasonable, which scares me a lot because of the amount of information you can gather from these side channels.
Things get real blurry real fast...
What about if I collected this data by watching peers on a torrent tracker?
How about things like transparent proxies?
I am not sure that the "law" works to well in this domain in the large. It is good for localized enforcement, but it cannot be assumed to hold for all the destinations of your packets. If we wanted to help users with privacy we would give them end to end crypto. But I am not sure the people that want legal wiretaps would like that all that much...
Sorry for the rant guys, security just strikes a nerve sometimes ;)
Regards,
Bry