This is basically the relationship my wife has with Verizon, itâs pretty fucked up, but she wonât let Verizon screw us on that phone bill!
The company says customers donât need to worry about future privacy
invasions because it âmade several changes to our advertising programs
that have provided consumers with even more options.â
Translation: âWe got caught this time, but that just means that we have incentive to come up with a slightly different method for tracking every little move that our captive markets make. We have to do thisâour advertisers depend on it.â
I think that comes to about 5.26 minutes of revenue (from 2015 numbers).
If I am not mistaken, this was a deep packet insertion of a user ID field âX-UIDHâ into the HTTP header. Nothing happened on the userâs computer itself, everything was done on the network providerâs side of the cable. While this procedure had the effect of a cookie (tracking the user), and was popularly called so, it technically wasnât one, but something rather sneakier (using technical terms).
Edit: I think with 1.35 M $ they got off cheap. They have been tampering with the content of peopleâs communications. In some jurisdictions, that might be regarded as a felony.
Pretty much my thoughts. This happens in every market, a company will toe the line of what they can get away with and when they get caught they apologize⌠and start all over again with a new method.
She might have had a similar experience as me. I work for a company that sells industrial equipment, some of which has to make automated phone connections through Verizon Wireless for maintenance and monitoring. Shit was not working, so I emailed support. The answers were polite and vacuous. I badly needed an answer to that technical question and kept pressing on. It took me unreasonably long (like, 5 or six mails in both directions) to realize that the replies came from a fucking chat bot. 
Edit: I ended up telling our marketing guy to tell the customers that Verizon was unreliable and if they want their equipment to work they need to go through another operator.
1.35m seems hardly punitive to a company this size. Maybe 1.35b. Like enough that the shareholders are pissed thereâs no profit for two quarters. Câmon FCC, lets be real.
Thatâs what I was thinking. Make the fine hurt the company and they will change. If itâs just a minor annoyance for them, they wonât care and will try again.
TheâŚwonderful peopleâŚwho provide the means to implement this âfeatureâ prefer the term âHTTP Header Enrichmentâ. A search for that term will bring up documentation from various carrier-switching-widget vendors extolling its virtues(This, from Cisco, is particularly blatant about exactly who is being âenrichedâ here.).
As you note; absolutely nothing needs to happen on the client, the modifications are made by the carrier to traffic between the cellular device and the remote host. Only viable defense is to force all traffic from the phone through a VPN so that the telco never actually gets to see anything except the tunnel.
âLets all just agree that mistakes were made, and, rather than playing the blame game, letâs move onâŚâ, says any politician or corporation caught with its body parts where they shouldnât be.
Or âLook forward, not backwardâ as our now-outgoing Change Candidate said RE: any minor little âtortureâ hijinks that may have occurred in moments of patriotic excess.
Came to say the first part, and to scoff at the second. Weâre in 'Merica, bub, and if youâre a corporation or U.S. Govât entity, then thatâs exactly what you do.
It greatly pisses me off that this is the new norm.
EDIT: [quote=âfuzzyfungus, post:10, topic:74712â]
Only viable defense is to force all traffic from the phone through a VPN so that the telco never actually gets to see anything except the tunnel.
[/quote]
Related: <a href=VPN client android at DuckDuckGo>DuckDuckGo search for âVPN client Androidâ. Iphone users need to contact Cory so he can best formulate the correct search termsâIâm not sure how to correctly capitalize the name.
The other advantage of the âtunnel everythingâ approach is that you can, if you control the VPN host, run more robust tools for monitoring and filtering what goes in and out.
The situation is a little better than it used to be; but mobile devices are still fairly poor for control of potentially malicious ads and scripts; and (barring certain suitably hacked over Android ROMs) pretty much useless at observing what various âappsâ are up to. And, even to the degree the tools are available, running an entire paranoid-network-edge-device on your phone isnât exactly easy on RAM or battery life. The VPN host, on the other hand, is perfectly suited to running whatever filtering, logging, and rewrite tools you want running border security.
This topic was automatically closed after 5 days. New replies are no longer allowed.
