View Single Post
Old 15th April 2011 | Show parent
  #23
And, as I've mentioned before, there's nothing to stop any government from setting up proxies on a regular basis, moving them around to different IP addresses and such. For all you know you could be talking directly to them, not hiding from them. It's the standard man in the middle approach. You sit in the middle and make the client think it's talking directly to the server. You make the server think it's talking directly to the client, but you are actually decrypting the traffic of interest on that connection, then re-encrypting it for the session you hold with the real server, and vice versa. A proxy is perfectly situation for such man in the middle approaches.

You can avoid it but it requires going through generally at least three such proxies with separate encryption. So the first one can see where it came from but not what it contains, and the last one can see what it contains but not where it came from. But that kind of thing makes for much less robust connections and much slower transfers.