PTA Wants a Watch on Encrypted VPNs

PTA has asked not to use any encrypted VPN (virtual private network) for any kind of data transfer and if it is necessary to use that, get it enrolled with the authority first.

If you do not know already, be sure that PTA monitors what you are doing with your internet connection. Either you are on a mobile internet connection or on your home based broadband: PTA wants you to not to hide your data from Government; and this is for national security.

Keeping up this monitoring, PTA has asked all ISPs and cellular networks to notify their customers about using encrypted virtual private networks.

Customers are asked to provide information regarding any encrypted Virtual Private Networks(EVPNs) used by them. Customers will have to provide following information to their respective ISPs by Friday July 29, 2011:

  • Purpose for which EVPN(s) is/are being used
  • Customer premises IP address(es)
  • Remote end IP address(es)

The issued letter by PTA (attached at the end of the post) clearly states that authority had already prohibited using all such mechanisms, including Encrypted VPNs which conceal communication to the extent, that prohibits monitoring.

Seems like this is the time when PTA has thought of taking action, so make sure to take necessary measures in this regard if you are using an EVPN, or you may face the legal consequences.

And for those who do not know what exactly a VPN is:

A virtual private network (VPN) is a mechanism for providing secure, reliable transport over Internet. The VPN uses authentication to deny access to unauthorized users, and encryption to prevent unauthorized users from reading the private network packets. The VPN can be used to send any kind of network traffic securely, including voice, video or data.

Secure VPNs use cryptographic tunneling protocols to provide confidentiality by blocking intercepts and packet sniffing, allowing sender authentication to block identity spoofing, and provide message integrity by preventing message alteration.

Usages-of-Enerypted-VPNs-PTA


  • Kashif

    someone tell them it’s not possible for you to watch it . and we won’t tell you voluntarily :p
    what is the purpose of VPN anyway if they are going to inform others

    • Ammar

      I second that.

      • Ahmed

        Is it PTA or Etisalat of UAE ? They are willing to give freedom to Pakistanis of going to porn sites without any monitoring/blockage but they want to monitor VPNs. In next step they will either block use of it or will held users of VPN accountable for anything against government. They have no time to block porn but everything that Etisalat is doing in UAE, PTA is following that. Be it VoIP blockage using SIP protocol or any voice communication using Messengers…everything is illegal according to PTA.
        I feel “adam-bayzar” and public enemies sitting in PTA who want to take us backward when world is using VoIP, VPN, and Messengers.

  • Salam, ahsan bhai kase ho app, ec post ke to moje kuch sumj nahi i.

    • Walikum Assalam, Bro VPN is something you can say a by-pass route. Suppose if some website is blocked by your ISP, suppose Google, so whenever you will try access Google.com, your ISP will not allow you that, you will be denied automatically.
      And when you use a VPN, you get connected with a remote server, and all your data first goes to that server and then the web, same for receiving.

      So now if you have connected a VPN and try to access Google.com your ISP will consider that you are connecting some other website, not Google. So you will be able to open Google. This is just one example and this is how VPN works.

      Now that data transfer via VPN can be encrypted, you can say, key protected, so only you or the other party which you are sending the data has the key and can decrypt it, while in normal data transfer, anyone can infiltrate and can steal your data. That is what we call packet sniffing, ARP poisoning.

      Now PTA wants no one to use encrypted VPNs so that it may be able to track the data, as to monitor encrypted data is not an easy task, almost impossible in most of the cases.

      I think this clears a bit.

      • Saad malik

        Excellent explanation…God bless u.

        • Thank you Saad and Qamar. Pleasure is all mine.

  • Qamar

    thanks for such detail. infomatec :)

  • Mani

    It’s really sad to see we’re going to dark ages again with no freedom of expression and freedom of information, no security and no privacy:(

    • Kashif

      +1

  • Shahid Saleem

    What we all want to know is: does this affect ssh traffic? What about ssl traffic? Both can be used to send encrypted traffic and both are COMMON on the internet.

    Will we wake up one day to find https:// only working for famous sites like Google, Yahoo, Amazon?

    • I don’t think so it will affect SSH traffic, lets confirm it from PTA first, but I wonder do they have anyone to answer such queries?

      I think direct tunnelling is banned not official secure protocols.

      Share your point, what do you think?

      • Shahid Saleem

        Sometimes I proxy over ssh to view youtube videos that are not visible from outside America. Given the relative low level of understanding of such things by the PTA (and also ISP — ISPs are directed to stop this traffic), I only fear worst case scenario. Heavy users of ssh will be in trouble.

        Many ssh clients can become SOCKS5 servers, too.

  • Pakistani munda

    when pta cant monitor and block porn sites, then how they will monitor vpns?

    • Shahid Saleem

      It is much easier to track VPNs, especially when you have packet inspection systems which they have. Most VPN traffic is very easy to detect. Same way as illegal telephone exchange traffic is easy to detect.

      • Ahmed

        You can use illegal telephone exchanges by many ways without use of VPN when your ISP would think you are doing voice chat on skype. There are gateways backed by Skype. PTA actually has put public money in something that it can’t monitor/control. Those who are arrested must not be having their home work before starting this otherwise with new methods PTA can’t sniff you.
        But by doing all this PTA has deprived user from use of VoIP and voice communication which is actually illegal for all Pakistanis but everyone still uses that. Lets go to stone age with PTA.

      • Asad

        my qustion is how thy detect vpn traffic???
        via IP address or udp 500 port?

        • Shahid Saleem

          deep packet inspection. it looks INSIDE every packet and can determine what kind of traffic it is.

          It doesn’t matter if you change the port because the packets look all the same.

          and yes, PTCL and probably PTA and ISI (since ISI is handling blockage these days) have already bought such hardware devices years ago and deployed them. AGAINST US.

  • Sam

    No,Its not even Possible from PTA to Track the Users down using the VPN.
    Not ISP can figure out that his Customers are using VPN or Not.

    Now VPN Technology is Revolutionized .

    Now VPN came with Traffic Filtering,No Logs Stored and Double Layet Encryptions.

  • najeeb

    PTA has blocked all VPN(s) in Pakistan, there are some VPN which is running, It will be block as time as far passing.

  • Neha

    hy i use proxies and vpns to access lecture videos on youtube. is it illegal? can i get into any problem due to it?