Yeah there was a cool paper on Delay Response method by AbdelRahman Abdou with Department of Systems and Computer Engineering, Carleton University called “CPV: Delay-Based Location Verification for the Internet”.
The other method I mentioned, checking packet size and general direction, would require accessing data along multiple stops before reaching the other endpoint with which to compare the sizes of encrypted data packets and use that to identify what is traveling where, which either has not been demonstrated or the companies utilizing it haven’t admitted to it, yet. It’s not a stretch to think it’s happening, though, with massive companies like AWS and CloudFlare or telecom giants like AT&T.
I imagine they could compile large datasets of ping times and server locations and do some extrapolation. I don’t think it ever goes past a best guess but they’d have an idea (if what this person said actually happens).
Companies dont really need to know where you are. They just need to know where you aren’t. If you are not within a certain threshold of response time to certain cdn servers, then its reasonable to assume that you are outside their contractually obligated broadcast region.
This…sounds a bit like bs. Can you share a more detailed writeup? At best you could get a radius, but that wouldn’t really be helpful
Yeah there was a cool paper on Delay Response method by AbdelRahman Abdou with Department of Systems and Computer Engineering, Carleton University called “CPV: Delay-Based Location Verification for the Internet”.
The other method I mentioned, checking packet size and general direction, would require accessing data along multiple stops before reaching the other endpoint with which to compare the sizes of encrypted data packets and use that to identify what is traveling where, which either has not been demonstrated or the companies utilizing it haven’t admitted to it, yet. It’s not a stretch to think it’s happening, though, with massive companies like AWS and CloudFlare or telecom giants like AT&T.
I imagine they could compile large datasets of ping times and server locations and do some extrapolation. I don’t think it ever goes past a best guess but they’d have an idea (if what this person said actually happens).
Companies dont really need to know where you are. They just need to know where you aren’t. If you are not within a certain threshold of response time to certain cdn servers, then its reasonable to assume that you are outside their contractually obligated broadcast region.