Image from christianmeichtry's Flickr photostream. Creative Commons license

The talk starts with explaining the properties of Satellite ISPs. Due to the nature of satellite communication, high latency, high downstream bandwidth, the ISPs often use performance enhancing proxies. Often the satellite ISPs use asymmetric links, using a local uplink in combination with the satellite downlink, but symmetric communication, where the uplink also is sent via the satellite is possible too.

The performance enhancing proxy on the local machine has to breaks some of the basic TCP/IP properties to enhance performance, in this also breaking some of the basic security measures.

The downstream from the ISP is relayed to all users without encryption. This means that everybody in the footprint of the satellite can sniff all downstream traffic generated by all users. This opens the possibilities of all kind of abuse scenarios and as satellite ISP subscribers control what is sent over the channel it provides satellite broadcast for the masses.

So how can we use these providers for anonymous communication? Broadcasting provides anonymity because all messages are delivered to all recipients without the recipient having to know the sender. This is impractical in wired unicast networks, but highly practical on broadcast based networks. These are not only satellite, but also Wifi, DOCCIS, WiMAX, 3G.

Because of the nature and cost of the equipment involved in generation broadcasts in other media, satellite ISPs are most suitable for this type of communication.

One of the ways to send an anonymous message is to email it to a satellite ISP subscriber. Anybody sniffing the message can receive the message, but it is also possible to send a packet to a satellite ISP customer and sniff the packet as it is sent.

Encryption of the return traffic can help, but as always cryptography is hard to implement right. E.g. is Diffie Hellman key exchange is used, the ISP subscriber can force the shared key to always be one. Alternatively since an ISP subscriber has access to the decryption software and thus knows the algorithm and the key used, he could request data that, when encrypted, returns to plaintext. Since most encryption algorithms are symmetrically this is not hard to do, but initialization vectors and the addition of encrypted IP headers may make this hard, but not impractical.

All the well intended, but known, technical and geo-location info presented by the numerous “what is my IP” sites tends to draw away attention from what you’re after and it doesn’t really play well with tools like ‘curl’ or ‘wget’.

There used to be a simple site I used, which just returned just your IP address located at http://www.whatismyip.org/, but this one also grew a lot of fat. Yesterday, I once again found myself looking for an external IP address, on a server with ‘curl’ and ‘wget’, and decided it was time I rolled what I was looking for myself. This turned into an extremely simple mod_python based scriptlet, which provides a no frills “What’s My IP” service, returning nothing more than a “text/plain” response with your current IP address.

This service is running on my recently upgraded employee rack server at Schuberg Philis at  http://ip.yppy.eu/. For me it provided useful and I hope other people also find this ‘less is more’ service of use. And yes, I will keep it clutter free.