Just through where is your Internet traffic being routed?

What exactly are you asking?

"So, for example, if a user typed in a web address whose domain name had previously been linked to illegal activity - eg dodgysite.com -"

I thought I'd check ...

dodgysite.com is up for sale at $2295.

I wonder if it has been linked to illegal activity and, if not, if the owner now has a claim for defamation against the BBC.

Owain

I am asking just through where is your Internet traffic being routed?

You don't have any control over that. It will depend what arrangements your ISP has made with others and with other, global, networks. Once the traffic leaves your ISP's network that's the last it sees of it or knows of it.

Well it goes from my router to a DSLAM in my local exchanbge, and then its muplixed down some opticak fibre into NTS core ATM network and persent to my IDPs intercae in some dark oiffice, and thnce by a lot more fibre to wherever it needs to ago changing constantly as links go up and down.

And what more any responses are likely to come back via an entirely different route.

You hand off at the earliest possible opportunity on to a foreign network in the sure certainty that they will do exactly the same to you.

In the absence of some unexpected double meaning, I doubt a judge will be easily convinced that suggesting something will live up to its name is defamation.

Hmmm, I am not sure they should revel stuff like that.

The only reason for governmental secrets is to protect the private interests of those who ride the gravy train and the existence of such secrets works against the interests of the people and their democracy.

The term National Security can best be understood with reference to the following sentence ... I visited a farmyard recently and the national security came half way up the wellies.

I have a good idea but trace route won't tell you.

Running namebench on the Alexa dataset will tell you a lot.

John

That does not compute try using different words or a new way to express the meaning. Alexa cannot answer you current question, sorry. Brian

One of my cow-orkers claims that because he used a proxy / vpn, even his isp can?t tell what sites he is visiting.

This seemed a little far fetched, but now I am wondering if it is correct??

Alexa probably gets confused when you ask about the other Alexa! Try using google instead. Namebench is a tool for analysing DNS servers and Alexa is a list of the most popular web sites. A common way of using Namebench is to ask it to test the Alexa list. By comparing the results you obtain from your service provider with the "correct" answers you will discover to what extent your internet service is being filtered by DNS poisoning (or protection, depending on your point of view).

John

It is essentially correct.

Basically you set up an encrypted channel between you and the VPN server and that does the conversations itself.

the stage beyond that is onion routing, which is a network of VPN servers which pass your request around between them until one of them decides to issue a request on your behalf.

IIRC there are linux distros that have it all set up and ready to use.

If he is using an encrypted VPN and it is set up so that DNS lookups are sent through the VPN as well as the actual browsing, then there is no way for his service provider to know what he is doing. However, this just moves the problem elsewhere. How much does he trust the VPN service provider? How likely is it that those who like to monitor things perhaps concentrate their efforts on VPN providers? He could of course set up a virtual machine in a data centre somewhere and VPN to that, but it would have to be paid for. Being untraceable is not that easy.

John

That is why onion routing is in play.

Requests are run around a ring of VPNs and with enough traffic the 'my packet in, to remote server X' relationship is almost impossible to detect and certainly to legally prove.

The second point is that if you want to deep packet inspect you must do it on the far side of the VPN where traffic is unencrypted BUT the tendency now is to use HTTPS everywhere so THAT blows up too.

So to reiterate:

Using a VPN means that YOUR ISP doesn't know who you are connecting to and what is in each packet.

Using HTTPS means that no one else knows what is in each data packet either.

Using onion routing means that no one can even make a fair guess whom your packets are destined for. Let alone the contents.

Its trivial. £120 a year...Less than you pay for an internet connection.

Not with emails, no. With web traffic its not that hard if you really want to do it

The cost is trivial, but the payment process itself makes it more likely that you can be traced.

Indeed, but there are still pitfalls such as browser fingerprinting that need to be avoided. There are a few USB bootable linux distributions that make it easier to get everything right.

John

Hence onion routing