You know who does creepier stuff with your data than Cambridge Analytica? Your ISP


#1

Originally published at: https://boingboing.net/2018/03/21/the-death-star.html


#2

It’s kind of painful watching the general public learn about this stuff.


#3

I’m kinda hoping A&A don’t do this.


#4

Suck it Comcast, I have an Algo VPN I route all my traffic through


#5

What is the endpoint?


#6

You pick a hosting provider like Amazon, Google, etc… I went with Digial Ocean which has a pretty good privacy policy.


#7

Well guys, the goods news is that PornHub runs TLS. So they can tell how much porn you’re watching, but not what kind of porn you’re watching.


#8

“… sucking up all your clicks…” careful how tightly your fontset kerns letters there


#9

My Swiss fibre internet provider’s policy on privacy and data collection is this.

Init7 does not sell customer or usage data to third parties for commercial purposes. Init7 generally saves as little data as possible and only as much as is necessary.

Customer and usage data is only saved if there is a legal obligation to do so (in accordance with the Law on the Surveillance of Postal and Telecommunications Traffic (BÜPF). A revised version of the BÜPF entered into force in 2018. This revised law unfortunately has a negative impact on the protection of privacy. However, the referendum to oppose it was unsuccessful.

I like it. It’s one of the reasons I’m their customer. The other reason is I’m getting blistering fast internet (almost 60 MB/s) without any unwanted tv and telephony bundles, at a reasonable price.


#10

I use MonkeyBrains in SF, I really hope those guys aren’t selling my stuff to anyone, I like them too much.

Also, this is your friend against (some) upstream spying: https://www.eff.org/https-everywhere

Also, also - does anyone know any good DNS privacy solutions? That’s the one thing I can’t figure out.


#11

HTTPS-Everywhere was good when it first came out, but there is such a push (especially by google) to make all websites use https that it’s becoming less of an issue. Plus, even if you are connecting via https, the ISP can still see which sites you are visiting and what parameters you are sending via URLs.

VPNs will encrypt your communications such that your ISP won’t be able to peek into what you’re doing at all. I’m waiting for the day when the consumer ISPs outlaw VPN connections. I’m sure they are already talking about how to deal with that scourge! The VPN discussed above, Algo, seems pretty hardcore. I use a commercial one, PIA, which sometimes shows up on sale in the BB Store. I buy a gift card from a retail store for US$50 then use that, along with a throwaway email address, to sign up for a year. I’m completely anonymous.


#12

This is incorrect. HTTPS handshakes with the server first, gets a cert, verifies, then transmits an encrypted request. Only the hostname, not any params, are sent in plaintext. I.e., your ISP knows you went to Wikipedia but not what article you requested.


#13

Thank goodness my ISP ain’t big enough to buy a mayor.


#14

Your ISP doesn’t have to be a big’un. Windstream has a monopoly here, and their local employees will sell anything to their burglar, identity thief, and/or real estate shark relatives. Our state rep is Capone family, the next state is giving their voters a choice between another Capone and a dimwit neocon. If we can get Chris Wray out of FBI, maybe we can get the ISP CEOS and the Congresscritters hauled in for criminal conspiracy and RICO. Reach for the stars, commentariat.


#15

Guess I’ll have to start leaving my VPN on all the time.


#16

Maybe use Tor? (Or a VPN but that just pushes the issue down the road to the next ISP)


#17

They won’t be that blatant. Instead they’ll “zero rate” popular sites like Netflix and give you a data cap for the rest.


#18

WTF is up with Cory trying to minimize this corporation’s actions?


#19

I’m not sure if he’s trying to do that… I read it more as trying to show how it’s less about Cambridge Analytica, and more about the entire system that’s been built around the data we produce online through social media. I think he’s trying to indicate that the legal uses of our data are just a step below the wankery of Cambridge Analytica, that the one made the other possible.


#20

Nice. Learn something new every day. I always thought the entire url string was plaintext. I was wrong.