Autosave: 2024-12-13 17:06:15

neuron/4ea828ea-ea63-4ab0-9a8a-7a45236e138e/Architecture_of_the_World_Wide_Web.md

@@ -0,0 +1,56 @@
+---
+tags: [world-wide-web, internet]
+created: Friday, December 13, 2024
+---
+
+# Architecture of the World Wide Web
+
+## Terms
+
+<dl>
+<dt>web</dt>
+<dd>a set of resources delivered over the Internet using the HTTP protocol</dd>
+
+<dt>web resource</dt>
+<dd>any information that can be accessed using the web (document, image, video)</dd>
+
+<dt>web server</dt>
+<dd>a software program on a computer that hosts web resources</dd>
+
+<dt>web browser</dt>
+<dd>an application used to acccess web resources on web servers</dd>
+
+</dl>
+
+## The web is _distributed_, _addressable_, and _linked_
+
+### Distributed
+
+There is no centralised organisation or system that decides the content that can
+be published. Any computer connected to the Internet can run a web server and
+the person running it can make available any content they wish.
+
+### _Addressable_
+
+Every resource on the web has a unique address that includes both its location
+and how to access it (URL):
+
+![](static/web-url.png)
+
+- scheme
+  - specifies the [Application Layer](Application_Layer_of_Internet_Protocol.md for
+    accessing the resource. In the example this is HTTP but it could be FTP or another
+    protocol, always bracketed with a colon
+- authority
+  - comprises the [DNS](Transport_Layer_of_Internet_Protocol.md) hostname of the
+    server containing the resource. This could also be an
+    [IP address](IP_addresses.md) and could also include a port number
+- path
+  - the location of the resource on the web server, organised hierarchically and
+    analagous to a file path
+- query
+  - a modifier of the resource returned to the client. Its usage varies accross
+    sites but is typically deterimined by backend implementation details
+
+> Note a URL does not have to always contain _all_ this information. Consider an
+> index page.

neuron/4ea828ea-ea63-4ab0-9a8a-7a45236e138e/HTTPS.md

@@ -0,0 +1,40 @@
+---
+tags: [world-wide-web, internet, encryption]
+created: Friday, December 14, 2024
+---
+
+# HTTPS
+
+The problem with standard, unencypted HTTP requests is that the data can be
+captured in transit and be observed or modified by malicious actors.
+
+HTTPS is the solution. It encrypts the entirety of the HTTP request and response
+(URL, headers, body).
+
+It utilises two types of encryption to send messages securely:
+
+- symmetric encryption
+  - a single shared key between client and server to encrypt the messages sent
+    between them
+- asymmetric encryption
+  - two keys are used: a public key to encrypt the data and a private key to
+    decrypt it. The public key can be shared freely so anyone can encrypt and
+    send data to a peer but only the peer can receive and decrypt it
+
+The encryption protocol used is TLS - the **Transport Layer Security Protocol**.
+Previously SSL (Secure Sockets Layer) was used but has been deprecated over
+security concerns.
+
+## How communication over HTTPs works
+
+- An initial handshake is shared between client and server, agreeing that
+  communication will be encrypted. This is public. "Client hello" and "Server
+  hello". Some random numbers are exchanged at this point.
+- The server sends a digital certificate to the client along with its public
+  key. The client checks that the certificate is valid.
+- If valid, the client encrypts a string of bytes using the public key and sends
+  it to the server. This is called the "premaster secret".
+- This is decrypted by the server.
+- The premaster secret, along with the random bytes from the handshake is then
+  used to compute a shared secret key (symmetric) which is used to encrypt all
+  subsequent messages for the duration of the session.

neuron/4ea828ea-ea63-4ab0-9a8a-7a45236e138e/Network_packet_analysis_tools.md

@@ -0,0 +1,12 @@
+---
+tags: [networks, procedural]
+created: Friday, December 13, 2024
+---
+
+# Network packet analysis tools
+
+- `tcpdump`: View raw packet data (`tcpdump -i wlan0 -XX` for full packet
+  contents)
+- tshark: Wireshark's CLI for detailed packet analysis (`tshark -i wlan0 -V`)
+- `nethogs`: Monitor per-application network usage
+- `iftop`: Show bandwidth usage per connection

neuron/4ea828ea-ea63-4ab0-9a8a-7a45236e138e/What_can_the_ISP_see.md

@@ -0,0 +1,76 @@
+---
+tags: [internet, encryption, privacy, TOR]
+created: Friday, December 13, 2024
+---
+
+# What can the ISP see?
+
+## Plain HTTP
+
+The ISP can see all content exchanged: DNS lookups, IP address of the server you
+connect to, requests and body content.
+
+## Just HTTPS
+
+With HTTPS alone, the content of the messages is encrypted but the ISP can see:
+
+- DNS queries
+- IP addresses you connect to
+- Traffic patterns and metadata (when, how often, amount of data exchanged etc)
+
+## HTTPS and encrypted DNS server
+
+With HTTPS and an encrypted DNS server (e.g. Quad9) the DNS queries are hidden
+but the IP addresses are not. So they could still derive your DNS lookups from
+the IPs you end up connecting to.
+
+## HTTPS and VPN
+
+The ISP only sees the encrypted traffic to the VPN server. Your real IP and
+destination IP is hidden.
+
+However the VPN provider can potentially see DNS queries, depending on their
+policy. Although a good VPN provider will encrypt DNS lookups like an encrypted
+DNS server.
+
+The VPN can also still see what IPs you are connecting to. You are basically
+swiching trust from the ISP to the VPN provider. However reputable VPNs do not
+have your billing and identity info (and payment can use cryptocurrencies) and
+don't keep logs. Many also have policies about refusal to cooporate with
+authorities in different juristictions. Also the VPN doesn't know your real IP.
+
+## HTTPS, VPN, and encrypted DNS
+
+DNS queries hidded from both ISP and VPN. Traffic is fully encrypted and routed
+through VPN.
+
+## Fingerprinting
+
+Note that none of the above stops fingerprinting. Even with full encryption
+there are methods of determining online behaviour through encrypted packet
+analysis and usage patterns.
+
+A way round this is to use SOCKS proxies which add hops or to use TOR. TOR
+effectively solves the "have to trust VPN provider" problem.
+
+With TOR:
+
+- Traffic routed through 3+ nodes
+- Each node only knows previous and next hop
+- No single node knows both source and destination. Even Tor nodes can't see the
+  full path
+
+It also uses:
+
+- Fixed packet sizes
+- Timing obfuscation
+- Traffic padding
+
+Which makes pattern analysis and fingerprinting much harder than just a VPN.
+
+Furthermore there is also the following protection from VPN weaknesses:
+
+- No single provider to trust/compromise
+- Decentralized network
+- Free to use and no account needed
+- No permanent exit node like with VPN

neuron/4ea828ea-ea63-4ab0-9a8a-7a45236e138e/index.md

@@ -13,12 +13,16 @@ computer science.
 
 ![not-by-ai-badge](static/not-by-ai-alternative--light.svg)
  
-**Build ID:** d06d7699-6cc3-4470-a1d4-b6201bdeb808
+**Build ID:** 4ea828ea-ea63-4ab0-9a8a-7a45236e138e
 
-**Published:** Tue 10 Dec 2024 17:25:16
+**Published:** Fri 13 Dec 2024 17:06:14
 
 ### Recent edits 
 
+- [[Architecture_of_the_World_Wide_Web]] 
+- [[Network_packet_analysis_tools]] 
+- [[What_can_the_ISP_see]] 
+- [[HTTPS]] 
 - [[Bauman_quote]] 
 - [[fbbfbc32-political-accommodation-inveigelment-surveillance-capitalism]] 
 - [[a247fa9b_surveillance_capitalism_not_necessary]] 
@@ -27,13 +31,9 @@ computer science.
 - [[AWS_SQS_SDK]] 
 - [[a771a6d9_attributes_of_internet_enclosure]] 
 - [[JavaScript_module_types]] 
-- [[0716531c_rewilding_the_internet]] 
-- [[f6564af9_AOL_and_early_internet_enclosure]] 
-- [[Weaving_the_Web_Berners_Lee]] 
-- [[Pacman]] 
 
 
-### All notes (501) 
+### All notes (505) 
 
 - [[0716531c_rewilding_the_internet]] 
 - [[241fe1a3_the_Web_versus_modem_BBSs]] 
@@ -68,6 +68,7 @@ computer science.
 - [[Appending_to_files_in_Python]] 
 - [[Application_Layer_of_Internet_Protocol]] 
 - [[Application_state_management_with_React_hooks]] 
+- [[Architecture_of_the_World_Wide_Web]] 
 - [[Arithmetic_Logic_Unit]] 
 - [[Arrays]] 
 - [[Assembly]] 
@@ -231,6 +232,7 @@ computer science.
 - [[Grep]] 
 - [[Ground]] 
 - [[Guide_to_YAML]] 
+- [[HTTPS]] 
 - [[HTTP_request_types]] 
 - [[Half_adder_and_full_adder]] 
 - [[Handle_multiple_endpoints_single_lambda]] 
@@ -333,6 +335,7 @@ computer science.
 - [[Network_debugging]] 
 - [[Network_fundamentals]] 
 - [[Network_hosts]] 
+- [[Network_packet_analysis_tools]] 
 - [[Network_protocols]] 
 - [[Network_requests_in_Python]] 
 - [[Network_scanning]] 
@@ -503,6 +506,7 @@ computer science.
 - [[Voltage_sources]] 
 - [[Weaving_the_Web_Berners_Lee]] 
 - [[What_are_disks]] 
+- [[What_can_the_ISP_see]] 
 - [[What_is_memory]] 
 - [[Whole_numbers]] 
 - [[Why_computers_use_binary]] 

zk/Architecture_of_the_World_Wide_Web.md

@@ -0,0 +1,56 @@
+---
+tags: [world-wide-web, internet]
+created: Friday, December 13, 2024
+---
+
+# Architecture of the World Wide Web
+
+## Terms
+
+<dl>
+<dt>web</dt>
+<dd>a set of resources delivered over the Internet using the HTTP protocol</dd>
+
+<dt>web resource</dt>
+<dd>any information that can be accessed using the web (document, image, video)</dd>
+
+<dt>web server</dt>
+<dd>a software program on a computer that hosts web resources</dd>
+
+<dt>web browser</dt>
+<dd>an application used to acccess web resources on web servers</dd>
+
+</dl>
+
+## The web is _distributed_, _addressable_, and _linked_
+
+### Distributed
+
+There is no centralised organisation or system that decides the content that can
+be published. Any computer connected to the Internet can run a web server and
+the person running it can make available any content they wish.
+
+### _Addressable_
+
+Every resource on the web has a unique address that includes both its location
+and how to access it (URL):
+
+![](../img/web-url.png)
+
+- scheme
+  - specifies the [Application Layer](Application_Layer_of_Internet_Protocol.md for
+    accessing the resource. In the example this is HTTP but it could be FTP or another
+    protocol, always bracketed with a colon
+- authority
+  - comprises the [DNS](Transport_Layer_of_Internet_Protocol.md) hostname of the
+    server containing the resource. This could also be an
+    [IP address](IP_addresses.md) and could also include a port number
+- path
+  - the location of the resource on the web server, organised hierarchically and
+    analagous to a file path
+- query
+  - a modifier of the resource returned to the client. Its usage varies accross
+    sites but is typically deterimined by backend implementation details
+
+> Note a URL does not have to always contain _all_ this information. Consider an
+> index page.

zk/HTTPS.md

@@ -0,0 +1,40 @@
+---
+tags: [world-wide-web, internet, encryption]
+created: Friday, December 14, 2024
+---
+
+# HTTPS
+
+The problem with standard, unencypted HTTP requests is that the data can be
+captured in transit and be observed or modified by malicious actors.
+
+HTTPS is the solution. It encrypts the entirety of the HTTP request and response
+(URL, headers, body).
+
+It utilises two types of encryption to send messages securely:
+
+- symmetric encryption
+  - a single shared key between client and server to encrypt the messages sent
+    between them
+- asymmetric encryption
+  - two keys are used: a public key to encrypt the data and a private key to
+    decrypt it. The public key can be shared freely so anyone can encrypt and
+    send data to a peer but only the peer can receive and decrypt it
+
+The encryption protocol used is TLS - the **Transport Layer Security Protocol**.
+Previously SSL (Secure Sockets Layer) was used but has been deprecated over
+security concerns.
+
+## How communication over HTTPs works
+
+- An initial handshake is shared between client and server, agreeing that
+  communication will be encrypted. This is public. "Client hello" and "Server
+  hello". Some random numbers are exchanged at this point.
+- The server sends a digital certificate to the client along with its public
+  key. The client checks that the certificate is valid.
+- If valid, the client encrypts a string of bytes using the public key and sends
+  it to the server. This is called the "premaster secret".
+- This is decrypted by the server.
+- The premaster secret, along with the random bytes from the handshake is then
+  used to compute a shared secret key (symmetric) which is used to encrypt all
+  subsequent messages for the duration of the session.

zk/Network_packet_analysis_tools.md

@@ -0,0 +1,12 @@
+---
+tags: [networks, procedural]
+created: Friday, December 13, 2024
+---
+
+# Network packet analysis tools
+
+- `tcpdump`: View raw packet data (`tcpdump -i wlan0 -XX` for full packet
+  contents)
+- tshark: Wireshark's CLI for detailed packet analysis (`tshark -i wlan0 -V`)
+- `nethogs`: Monitor per-application network usage
+- `iftop`: Show bandwidth usage per connection

zk/What_can_the_ISP_see.md

@@ -0,0 +1,76 @@
+---
+tags: [internet, encryption, privacy, TOR]
+created: Friday, December 13, 2024
+---
+
+# What can the ISP see?
+
+## Plain HTTP
+
+The ISP can see all content exchanged: DNS lookups, IP address of the server you
+connect to, requests and body content.
+
+## Just HTTPS
+
+With HTTPS alone, the content of the messages is encrypted but the ISP can see:
+
+- DNS queries
+- IP addresses you connect to
+- Traffic patterns and metadata (when, how often, amount of data exchanged etc)
+
+## HTTPS and encrypted DNS server
+
+With HTTPS and an encrypted DNS server (e.g. Quad9) the DNS queries are hidden
+but the IP addresses are not. So they could still derive your DNS lookups from
+the IPs you end up connecting to.
+
+## HTTPS and VPN
+
+The ISP only sees the encrypted traffic to the VPN server. Your real IP and
+destination IP is hidden.
+
+However the VPN provider can potentially see DNS queries, depending on their
+policy. Although a good VPN provider will encrypt DNS lookups like an encrypted
+DNS server.
+
+The VPN can also still see what IPs you are connecting to. You are basically
+swiching trust from the ISP to the VPN provider. However reputable VPNs do not
+have your billing and identity info (and payment can use cryptocurrencies) and
+don't keep logs. Many also have policies about refusal to cooporate with
+authorities in different juristictions. Also the VPN doesn't know your real IP.
+
+## HTTPS, VPN, and encrypted DNS
+
+DNS queries hidded from both ISP and VPN. Traffic is fully encrypted and routed
+through VPN.
+
+## Fingerprinting
+
+Note that none of the above stops fingerprinting. Even with full encryption
+there are methods of determining online behaviour through encrypted packet
+analysis and usage patterns.
+
+A way round this is to use SOCKS proxies which add hops or to use TOR. TOR
+effectively solves the "have to trust VPN provider" problem.
+
+With TOR:
+
+- Traffic routed through 3+ nodes
+- Each node only knows previous and next hop
+- No single node knows both source and destination. Even Tor nodes can't see the
+  full path
+
+It also uses:
+
+- Fixed packet sizes
+- Timing obfuscation
+- Traffic padding
+
+Which makes pattern analysis and fingerprinting much harder than just a VPN.
+
+Furthermore there is also the following protection from VPN weaknesses:
+
+- No single provider to trust/compromise
+- Decentralized network
+- Free to use and no account needed
+- No permanent exit node like with VPN