Because the NSA monitors traffic going through the major nodes of the internet, they can know which IP address does what on your website, even if you are using HTTPS.
Is this true or false?
Asked
Active
Viewed 1,322 times
0
-
1Is what true or false? That the NSA is monitoring major nodes of the internet or that `they can know which IP address does what on your website`? If the latter, can you explain what the question means? – Neil Smithline Jan 18 '16 at 16:20
-
3NSA? Heck, Google analytics can gather more detail than just your IP, even if you use HTTPS. – schroeder Jan 18 '16 at 16:44
-
3short answer is "of course" the Internet needs to know where to deliver your traffic to – schroeder Jan 18 '16 at 17:00
-
1See [this interactive graphic](https://www.eff.org/pages/tor-and-https) for what information can someone see when HTTPS is used. You can click on the HTTPS and Tor button on the left side of the graphic to enable/disable HTTPS and Tor and see how they changes what information an attacker can see. – Lie Ryan Jan 19 '16 at 00:09
2 Answers
4
Any website owner can see what IP address is doing things on their website. This applies whether HTTPS is in use or not.
Any node operator (ISP, CDN provider, gateway operator) can see traffic passing through the nodes they operate. They can see both the apparent source of traffic, and the destination - they need to in order to be able to correctly route the data to the destination. This applies whether HTTPS is in use or not. They can't see the specific pages you visit, if HTTPS is in use.
Therefore, if the NSA wanted to see what a given IP address was doing, they could look at the data on a node which all the data from that IP passes through, and see what server you are connecting to. In order to find out precisely what pages you visited, they would need to look at the data on the web server, or on your machine. They could do this whether HTTPS was in use or not.
Matthew
- 27,233
- 7
- 87
- 101
-
A little correction: CDN providers can decrypt and intercept traffic passing through them, since you have to either give them your SSL private key or set up some form of [Keyless SSL](https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/) for them to be able to deliver your content through their network. – Lie Ryan Jan 19 '16 at 00:04
0
When you do a HTTPS request, the packets which transit on the network contains both the origin IP and the destination IP. Each owner of a node you transit by can see those packets, and read these information, even if they can't decrypt the message.
They might use the destination IP to guess which site you are connecting to (or use other techniques like DNS leaks), but they can't read what you're doing on the site: they need to access the webserver's logs to know that.
Benoit Esnard
- 13,942
- 7
- 65
- 65
-
-
@NeilSmithline: Right, I've tried to rephrase it to make it simpler to understand. Thanks for the feedback! – Benoit Esnard Jan 18 '16 at 17:23