Steganography is extremely far from undetectable, unfortunately. And trivial to find out once you know its there; if we ever allow a framework to be put in place to intercept communication at a large scale, it will be the inverse of the cat and mouse game we have with encryption : very hard to improve, very easy to detect.
And I’m aware of the many funky things we did. At some point people tunneled DNS queries through HTTPS, to get through wifi captive portal that only allowed HTTPS traffic until authenticated.
Just to be clear, I’m aware of the issues of detecting stealth data, and even detecting encryption against seemingly random data. It’s kinda fascinating to detect the difference, too; some people have looked into that. But the point is, if you’ve already agreed on “banning encrypted communication that can’t be listened to easily”, you can basically just say “this is gibberish, decrypt it or get to jail”. I also know that this sounds insane and throw away the “innocent until proven guilty” principle, but we’re slowly creeping toward a world where our device scans all our document and communication to notify of issues to a central authority, where black box in large networks are already present, and so on.
It’s been slowly creeping toward that. Finding way to hide traffic on public networks can only go so far if the listener can just stop you if it detect what looks like encrypted content.
And, since this is kind of a heated discussion, I’ll reiterate: it would be batshit crazy to go this way. But I would have found batshit crazy to have our own devices spy on us and report suspicious activities to third parties years ago, and yet here we are.
Anything encrypted is blocked. Boom, done.
Is it stupid? Yes. Never stopped lawmakers.
How do you know if something is encrypted?
https://en.wikipedia.org/wiki/Subliminal_channel https://en.wikipedia.org/wiki/Steganography
Or for more practical implementations: https://blog.frost.kiwi/ssh-over-https-tunneling/ (granted, this one uses normal looking encryption to hide hide maybe unwanted encypted traffic) https://nurdletech.com/linux-notes/ssh/via-http.html
Steganography is extremely far from undetectable, unfortunately. And trivial to find out once you know its there; if we ever allow a framework to be put in place to intercept communication at a large scale, it will be the inverse of the cat and mouse game we have with encryption : very hard to improve, very easy to detect.
And I’m aware of the many funky things we did. At some point people tunneled DNS queries through HTTPS, to get through wifi captive portal that only allowed HTTPS traffic until authenticated.
Just to be clear, I’m aware of the issues of detecting stealth data, and even detecting encryption against seemingly random data. It’s kinda fascinating to detect the difference, too; some people have looked into that. But the point is, if you’ve already agreed on “banning encrypted communication that can’t be listened to easily”, you can basically just say “this is gibberish, decrypt it or get to jail”. I also know that this sounds insane and throw away the “innocent until proven guilty” principle, but we’re slowly creeping toward a world where our device scans all our document and communication to notify of issues to a central authority, where black box in large networks are already present, and so on.
It’s been slowly creeping toward that. Finding way to hide traffic on public networks can only go so far if the listener can just stop you if it detect what looks like encrypted content.
And, since this is kind of a heated discussion, I’ll reiterate: it would be batshit crazy to go this way. But I would have found batshit crazy to have our own devices spy on us and report suspicious activities to third parties years ago, and yet here we are.
I knew HTTP would make a return without its brother TLS someday!