Author Topic: April1st, US has voted to allow everyones internet browsing data,freely for sale  (Read 1986 times)

0 Members and 1 Guest are viewing this topic.

Offline technix

  • Super Contributor
  • ***
  • Posts: 1293
  • Country: cn
  • From Shanghai With Love
    • My Untitled Blog
That is such a ridiculous thing to pass.  The simple idea that your ISP can be allowed to do this,  or possibly even modify your  traffic to inject ads (which I imagine is the goal here) is completely infuriating.  I guess this is going to be good for the VPN industry...  until they make those illegal.  Can't win.
China Telecom began injecting ads to EVERY unencrypted HTTP session back in 2014 (?) and I immediately moved my home network (mostly) onto an IKEv2 tunnel.
 

Offline metrologist

  • Frequent Contributor
  • **
  • Posts: 475
  • Country: 00
Any idea if this service can help or hinder the issue?

https://noiszy.com/

 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 3131
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Any idea if this service can help or hinder the issue?

https://noiszy.com/
That's more or less what I have suggested as a countermeasure against tracking - generate fake traffic to obscure the real data.

Something else to take note is that many ad blockers also block a lot of the tracking.

Offline technix

  • Super Contributor
  • ***
  • Posts: 1293
  • Country: cn
  • From Shanghai With Love
    • My Untitled Blog
Any idea if this service can help or hinder the issue?

https://noiszy.com/
That's more or less what I have suggested as a countermeasure against tracking - generate fake traffic to obscure the real data.

Something else to take note is that many ad blockers also block a lot of the tracking.
Have you ever used Wireshark?

Cookies can be blocked, but packet sniffing cannot. The ISP can associate the sniffed packets with specific subscriber and pinpoint who is doing what at when. In China the police have made arrests based on sniffed packets and its associated subscriber. (Keep in mind that in China there is thoughtcrime and merely speaking of thoughtcrime contents warrants capital punishment.)
« Last Edit: April 01, 2017, 06:14:34 PM by technix »
 

Offline dunkemhigh

  • Frequent Contributor
  • **
  • Posts: 783
Quote
in China there is thoughtcrime and merely speaking of thoughtcrime contents warrants capital punishment

There is in the UK now too, though the punishment tends to be rather less severe. At the moment.
 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 3131
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Any idea if this service can help or hinder the issue?

https://noiszy.com/
That's more or less what I have suggested as a countermeasure against tracking - generate fake traffic to obscure the real data.

Something else to take note is that many ad blockers also block a lot of the tracking.
Have you ever used Wireshark?

Cookies can be blocked, but packet sniffing cannot. The ISP can associate the sniffed packets with specific subscriber and pinpoint who is doing what at when. In China the police have made arrests based on sniffed packets and its associated subscriber. (Keep in mind that in China there is thoughtcrime and merely speaking of thoughtcrime contents warrants capital punishment.)
The ad blockers break a lot of tracking by not making connections to known tracking domains in the first place. It's not foolproof by any means, but it is a very easy first step.

And by generating a lot of harmless "noise", it would greatly increase the effort required to find useful information by any means of tracking.

Offline dunkemhigh

  • Frequent Contributor
  • **
  • Posts: 783
Quote
break a lot of tracking by not making connections to known tracking domains in the first place

Whilst that's true, it is targeting the wrong thing. Your browser (and only browsing) is sent to those domains just so a record can be made of where you were sent from - there is no other way to get that info. But now the ISP can SEE direct from your GET packet where you are going. Indeed, the ISP is actually sending you there so must know. There is no need for a spy domain workaround. You cannot block it (except by using a VPN, and the VPN operator will then be in the same position as your ISP - he knows exactly where you are going because he's sending you there).

The only issue now is that instead of the spy domains having the info, your ISP does (and the ISP info is far FAR better than that detected by the spy domains). The question is only: how much does the ISP charge for access to that info.

But, as alluded to above, the spy domains only capture your browsing stuff. The ISP will ALSO get everything: FTP, VPN, VoIP, ICMP, there is no destination and no protocol the ISP won't see.
 

Offline technix

  • Super Contributor
  • ***
  • Posts: 1293
  • Country: cn
  • From Shanghai With Love
    • My Untitled Blog
Quote
break a lot of tracking by not making connections to known tracking domains in the first place

Whilst that's true, it is targeting the wrong thing. Your browser (and only browsing) is sent to those domains just so a record can be made of where you were sent from - there is no other way to get that info. But now the ISP can SEE direct from your GET packet where you are going. Indeed, the ISP is actually sending you there so must know. There is no need for a spy domain workaround. You cannot block it (except by using a VPN, and the VPN operator will then be in the same position as your ISP - he knows exactly where you are going because he's sending you there).

The only issue now is that instead of the spy domains having the info, your ISP does (and the ISP info is far FAR better than that detected by the spy domains). The question is only: how much does the ISP charge for access to that info.

But, as alluded to above, the spy domains only capture your browsing stuff. The ISP will ALSO get everything: FTP, VPN, VoIP, ICMP, there is no destination and no protocol the ISP won't see.
That is why every website need to mandate TLS now. With TLS your ISP knows that you decided to visit a website (through sniffing the DNS packets) but have zero clue on what you are actually doing there (actual HTTP traffic encrypted.)
 

Offline Rick Law

  • Super Contributor
  • ***
  • Posts: 2032
  • Country: us
...
...
That is why every website need to mandate TLS now. With TLS your ISP knows that you decided to visit a website (through sniffing the DNS packets) but have zero clue on what you are actually doing there (actual HTTP traffic encrypted.)

You are right about that, but, unless you are using Linux, chances are, your OS is also spying on you.  Both Windows and Andriod are blabber mouths saving every move you make and reporting it back home.  If you have a microphone on your system, at least Google could/would eavesdrop.  Microsoft could be doing the same thing as well.
Source: https://www.theguardian.com/technology/2015/jun/23/google-eavesdropping-tool-installed-computers-without-permission

Even if we get FTC to stop all the selling of info, now corporations are getting so big that they really can sell it within just the companies of the corporation and/or affiliates.  Either Microsoft or Alphabet Corp (Google's parent) has income bigger many countries.  Furthermore, I have no confidence in either the politicians nor the bureaucrats understanding enough or caring enough to do the proper thing.

Perhaps the best solution Sherman (anti-trust) Law.  We need 5 baby-googles like we had 7 baby-bells when old-AT&T was broken up, or when Standard Oil was broken up into (according to wiki) 34 baby companies.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf