dslreports logo
The Modern ISP Is A Privacy Nightmare
At least according to one researcher...
Forget dopes who leave your social security numbers on a company laptop at a bar, or phishing scams: University of Colorado law professor Paul Ohm believes the modern ISP, thanks to new technological developments like deep packet inspection, poses the greatest privacy threat to American consumers. Sure, NabuAD may have been beaten back this week, but Ohm believes the desire to make a revenue stream out of tracking absolutely everything you do online will be too great for ISPs to resist. From Ohm's Paper, The Rise and Fall of Invasive ISP Surveillance:
quote:

ISPs, faced with changes in technology, extraordinary pressures to innovate, and murky ethical rules, will continue aggressively to expand network monitoring. The AT&T, Comcast, Charter, NebuAd and Phorm examples will prove to be not outliers but the first steps in a steady expansion of industry practices. Unless some force—regulatory or non-regulatory—intervenes, the inevitable result will be ISPs conducting full-packet capture of everything their users do, supposedly with their users’ consent.
Ohm believes that absolutely everything you do online will eventually be tracked, stored and monetized -- unless someone steps up to broaden privacy and wiretap laws, with a more impartial government agency like National Institute Of Standards And Technology playing a central role. As Wired notes, government at the moment is primarily interested in weakening wiretap laws, though Congress has recently shown they're at least marginally interested in protecting privacy in the ISP/user relationship.
view:
topics flat nest 

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert

Mod

Encrypt everything

We need to move to an all-encrypted internet.

keyboard5684
Sam
join:2001-08-01
Pittsburgh, PA

keyboard5684

Member

Re: Encrypt everything

Well, maybe, but think of it this way. Can the government come to your house and put some clips on your line and listen to your phone calls or better yet at the co? Not without a warrant however they do (not officially) do that once it hits the data/voice transport after your CO.

Can the NSA break your encryption, probably. Yes, I know the whole theoretical amount of time it takes someone to crack 128 bit encryption but if the government knows how are they going to tell you?

Really you cannot stop the government from listening in. You can stop them from prosecuting you for doing something wrong unless they had a warrant from the beginning.

Also, I think the technology already has you beat. Maybe you can get around it and I can but most people cannot. This means the major part of the internet traffic will be tracked, then the info (surfing habits, etc) will be sold.

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

Noah Vail

Premium Member

ISP's as Pirates?

Everything that comes about as a direct result of my efforts is my creation; whether I copyright it or not. That includes my purchase and credit histories, things that indicate my personal interests, and anything I have openly or privately communicated.

Any company who profits on my creation
without paying me the royalties I am due
is pirating my created material.

As such, they are every bit as subject to RIAA style fines, as the folks I see accused of piracy here.

NV
EPS4
join:2008-02-13
Hingham, MA

EPS4

Member

Re: ISP's as Pirates?

You agreed to it, though. The ISP will send you the little slip attached to your bill informing you of the change to the terms of service, and by continuing to use the internet you agree to the change. After all, the company reserves the right to change these terms at any time. Best you can hope for is that if you're on contract the change will be enough to let you out. (And then you can go back to dialup, since all other broadband ISPs are also doing it!)

SillyRabbit
@tds.net

SillyRabbit

Anon

Re: ISP's as Pirates?

said by EPS4:

You agreed to it, though. The ISP will send you the little slip attached to your bill informing you of the change to the terms of service, and by continuing to use the internet you agree to the change. After all, the company reserves the right to change these terms at any time. Best you can hope for is that if you're on contract the change will be enough to let you out. (And then you can go back to dialup, since all other broadband ISPs are also doing it!)
Many states do NOT allow you to agree to something like this just because they post it. It's kind of like an insurance comapny writing you a check and on the back it says " By cashing this check, you agree that this matter is settled.". It doesn't fly. You should have to actively agree to something like this. Nope, nope, nope. It's obvious you are on the dark side!!!
EPS4
join:2008-02-13
Hingham, MA

EPS4

Member

Re: ISP's as Pirates?

But that's how they propagate changes to the TOS already, isn't it?

I'm not sure what you mean by the "dark side", though...

kontos
xyzzy
join:2001-10-04
West Henrietta, NY

kontos to Noah Vail

Member

to Noah Vail
said by Noah Vail:

Everything that comes about as a direct result of my efforts is my creation; whether I copyright it or not. That includes my purchase and credit histories, things that indicate my personal interests, and anything I have openly or privately communicated.
That's a pretty warped view of Copyright. By your logic, you would argue that you own the copyright to my reply to your post. I mean this post is a direct result of your effort of writing that crazy rant.

Kylemaul
Lovin' My Firefox
Premium Member
join:2001-03-30
Puyallup, WA

1 edit

Kylemaul

Premium Member

Re: ISP's as Pirates?

Warped but valid nonetheless. This is really how warped the concept of copyright has become, especially when it comes to the **AA's. And you have warped it one step further by saying that your work is now under NV's copyright. I believe his point was that your post would still be under your copyright, regardless of whether or not it is in response to another post.

Now THAT's twisted.

edit: Almost as twisted as the brand obfuscation going on as a result of the Olympics.

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

Noah Vail to kontos

Premium Member

to kontos
said by kontos:

That's a pretty warped view of Copyright. By your logic, you would argue that you own the copyright to my reply to your post. I mean this post is a direct result of your effort of writing that crazy rant.
Your post would be better defined as a collaboration, as is this one. You are as due royalties as any columnist, lecturer or artist is.

That is, you are due royalties on the material that others have profited on. My expectations are more lenient than those who expect a royalty payment for copying a page from a music book for use in a free church production.

I guess to be more in harmony with those who profit from copyright laws, I could demand payment for any reproduction of a creation of mine.

NV

Kylemaul
Lovin' My Firefox
Premium Member
join:2001-03-30
Puyallup, WA

Kylemaul

Premium Member

Re: ISP's as Pirates?

said by Noah Vail:

I guess to be more in harmony with those who profit from copyright laws, I could demand payment for any reproduction of a creation of mine.
Where do I send my 2 cents again?

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

1 recommendation

Noah Vail

Premium Member

Re: ISP's as Pirates?

said by Kylemaul:

Where do I send my 2 cents again?
Since I didn't provide my expressed, written permission for you to auto-quote me, I'm going to have to fine you $175,000 per word of infringement; against my undeniable calculations of lost income.

My attorney will be in touch.

NV
wentlanc
You Can't Fix Dumb..
join:2003-07-30
Maineville, OH

wentlanc to keyboard5684

Member

to keyboard5684

Re: Encrypt everything

Probable Cause is required for anyone to tap your communications. You cannot turn on a tap, and filter the data for info and sell it. The ISP does not have probable cause, and thusly is tapping your data illegally.

An we're not talking about people doing bad things. They are tapping everyone, all of the time.

cw

SLD
Premium Member
join:2002-04-17
San Francisco, CA

SLD

Premium Member

Re: Encrypt everything

There is a difference between the Gov't and a private business' rights.
SilverSurfer1
join:2007-08-19

SilverSurfer1 to wentlanc

Member

to wentlanc
said by wentlanc:

Probable Cause is required for anyone to tap your communications. You cannot turn on a tap, and filter the data for info and sell it. The ISP does not have probable cause, and thusly is tapping your data illegally.

Probable cause is a very weak standard. It is vague and nebulous and essentially allows pretty much any excuse that sounds even remotely reasonable for wiretapping. BTW - Judicial review is not necessary for "probable cause." Probable cause is nothing but an excuse to snoop by law enforcment for no other good reason than because they want to.

maartena
Elmo
Premium Member
join:2002-05-10
Orange, CA

1 edit

maartena to keyboard5684

Premium Member

to keyboard5684
said by keyboard5684:

Well, maybe, but think of it this way. Can the government come to your house and put some clips on your line and listen to your phone calls or better yet at the co? Not without a warrant however they do (not officially) do that once it hits the data/voice transport after your CO.
A warrant? You never heard of the Patriot Act, did you?
Local police needs a warrant. The government however, they don't need no stinking warrant.
Can the NSA break your encryption, probably. Yes, I know the whole theoretical amount of time it takes someone to crack 128 bit encryption but if the government knows how are they going to tell you?
We have long moved past 128 bit encryption. My company uses 1024 bit encryption, which requires a few million computers to run for a year or two to crack the code.

Terrorists use encryption to send their important messages, and they probably change RSA key just about every month or so, or right before any important communications.
Really you cannot stop the government from listening in. You can stop them from prosecuting you for doing something wrong unless they had a warrant from the beginning.
Excactly. With the current Patriot Act, the NSA doesn't even need a warrant. If they think there is a slight possibility that you could have something to do with something slightly related to terrorism, even if you don't know it yourself (like donating to an orphanage in Syria, which in turn has given money to terrorists in the past - and now you are "connected"), and the NSA can just listen into your phone, cell phone, and internet connections, "just in case".
Also, I think the technology already has you beat. Maybe you can get around it and I can but most people cannot. This means the major part of the internet traffic will be tracked, then the info (surfing habits, etc) will be sold.
Being a sysadmin, I can tell you that it is SO easy to put an e-mail tap on someone without the person knowing it and without even anyone else knowing about it but you. Your colleague sysadmin may be able to find it if they know where they are looking, but if you removed the tap before they look, no one will ever know.

I have the dignity and the respect for my employment to not do so, unless specifically asked by management (which I have been in the past), but there are sysadmins out there that do not have ethical standards. Word of the wise: Do not piss off your sysadmin.

cho0b
join:2006-09-26
united state

cho0b

Member

Re: Encrypt everything

said by maartena:

Terrorists use encryption to send their important messages, and they probably change RSA key just about every month or so, or right before any important communications.
LOL, What terrorists? Is it the Al-Qaedas?! Or are you talking about the American government? I get the two confused so much..
iansltx
join:2007-02-19
Austin, TX

iansltx to keyboard5684

Member

to keyboard5684
If you're ot satisfied with 128-bit, try 256-bit encryption. It squares the amount of time needed to break the code, so you're probably safe...

anony 101
@comcast.net

anony 101 to nwrickert

Anon

to nwrickert
We need to move to an all-encrypted internet.
We're getting there.

maartena
Elmo
Premium Member
join:2002-05-10
Orange, CA

maartena

Premium Member

It's quite simple...

If you are worried about privacy, you have two options.

1) Use encryption with everything you do. (Which includes the need for decryption everywhere)

2) Unhook from the internet.

footballdude
Premium Member
join:2002-08-13
Imperial, MO

footballdude

Premium Member

easy

The solution is easy. Don't buy anything from an internet ad, ever. Don't even click on an internet ad to see where the link takes you. If you know someone that buys something from an internet ad, punch them directly in the face.
EPS4
join:2008-02-13
Hingham, MA

EPS4

Member

Re: easy

I've always wondered why internet advertising is such a giant market, when I myself have never purchased anything from an internet advertisement and have clicked on ads less than ten times in the whole time I've been on the internet (over ten years at least), and now I block most ads with Adblock Plus... but SOMEONE must be clicking on them.
wentlanc
You Can't Fix Dumb..
join:2003-07-30
Maineville, OH

wentlanc

Member

Re: easy

Yes, SOMEONE is clicking on them. Those are called morons!

I don't get it either, but there are people with obsessive shopping habits. I'm reminded of the scene from Full Metal Jacket where the DI saks Private Pyle "If it wasn't for dickheads like you, there wouldn't be any thievery in this world, would there?"

cw

maartena
Elmo
Premium Member
join:2002-05-10
Orange, CA

maartena

Premium Member

Re: easy

said by wentlanc:

Yes, SOMEONE is clicking on them. Those are called morons!
I would not go that far. Many of those ads, especially on respectable sites such as major news sites, point to companies you are wanting to do business with anyways.

Say you know you are going to need a new mobile phone in the next few days and you want to change from your current provider to a new one. There pops up the Verizon ad with a good deal. I would probably click on it as I know it will lead me to Verizon, and I am currently in the market for a new plan.

SLD
Premium Member
join:2002-04-17
San Francisco, CA

SLD

Premium Member

Re: easy

Some will, I will not, even if it is due to pricipal. Adwords however are a different story.

telcolackey5
The Truth? You can't handle the truth
join:2007-04-06
Death Valley, CA

telcolackey5 to wentlanc

Member

to wentlanc
said by wentlanc:

Yes, SOMEONE is clicking on them. Those are called morons!
I think the company that has one of the largest market caps in the US would highly disagree with you.

cho0b
join:2006-09-26
united state

cho0b to EPS4

Member

to EPS4
said by EPS4:

I've always wondered why internet advertising is such a giant market, when I myself have never purchased anything from an internet advertisement and have clicked on ads less than ten times in the whole time I've been on the internet (over ten years at least), and now I block most ads with Adblock Plus... but SOMEONE must be clicking on them.
You don't need to click on an ad to help out the company advertising. Heck, plenty of stuff you do online helps out advertisers and you and most people probably don't even know it!
Search something in google? It gets filed away along with your IP and all your other searches forever and ever and ever. This might seem like a waste of server space, but the data as a whole is immensely helpful to advertising companies and other companies down the line.

A few years from now (or sooner!) you will be driving down the street and your GPS enabled cell phone will receive an advertisement for your favorite coffee shop that you just so happened to be driving by. Heck, they might even toss in a coupon as incentive, hurray!

Sounds like a big conspiracy, right? Well, as with most other things in our privacy free world, things are worse than you or I could ever imagine.
goahead
join:2008-09-03

goahead to footballdude

Member

to footballdude
said by footballdude See ProfileIf you know someone that buys something from an internet ad, punch them directly in the face.
[/BQUOTE :


best comment ever

telcolackey5
The Truth? You can't handle the truth
join:2007-04-06
Death Valley, CA

telcolackey5

Member

Re: easy

Shh.... don't say that too loud as the forum you are typing in is funded by internet ads.
telcolackey5

telcolackey5

Member

Do no evil ?

quote:
Ohm believes that absolutely everything you do online will eventually be tracked, stored and monetized
I know a company that does this better than any ISP on the planet... not only that they have world wide capability.

Doctor Four
My other vehicle is a TARDIS
Premium Member
join:2000-09-05
Dallas, TX

Doctor Four

Premium Member

Re: Do no evil ?

Google, perhaps?

chronoss20081
Premium Member
join:2008-03-29

chronoss20081

Premium Member

one solution

arkea

or along that lines

cross operating system
, into and out of your dbase its encrypted in it , even if the dbase encrypts this allows for nasa level ( and if you know what that means you get a candy bar ) encryption.

pnh102
Reptiles Are Cuddly And Pretty
Premium Member
join:2002-05-02
Mount Airy, MD

pnh102

Premium Member

Stop The Presses

quote:
University of Colorado law professor Paul Ohm believes the modern ISP, thanks to new technological developments like deep packet inspection, poses the greatest privacy threat to American consumers.
Wow. A global, public network that allows anyone who accesses it to see what others are doing with it not being safe for privacy? Who knew!
SuperWISP
join:2007-04-17
Laramie, WY

SuperWISP

Member

An alarmist attempt to grab attention

Ohm's paper is an alarmist attempt to grab attention at the expense of ISPs. As Richard Bennett points out in the comments on Ohm's blog entry, Google/Doubleclick is a far, far greater threat to privacy than ISPs, because its stated purpose is to compile dossiers on Internet users. ISPs cannot even access most of users' private data, because any e-commerce or banking Web site worth its salt uses SSL. But Google, via gmail, can read every bit of your e-mail and will use it for targeted advertising, profiling, and who-knows-what-else. Social networking sites, such as Facebook and MySpace, also target ads, and give themselves license -- in the "fine print" of their agreements -- to do much more invasive things which they may or may not have tried yet.

Ohm is trying to encourage folks to extend their ill will toward utilities -- especially gas and electric companies, which unlike ISPs are actually monopolies -- to ISPs. His fearmongering is not only misleading and defamatory, but also dangerous in that it distracts consumers from the true threats to their privacy.

•••••

IM1811
join:2001-08-20
Haverstraw, NY

4 edits

IM1811

Member

New Yorkers have an Advocate: Assemblyman Brodsky

Westchester Assemblyman Richard Brodsky has drafted a bill, now gathering support in Albany, that would make it a crime — punishable by a fine to be determined — for ISP's to use personal information about consumers for advertising without their consent. Already, major corporate dollars are being spent to portray Assemblyman Brodsky’s bill as an election year effort to get votes, but after being in Albany since ‘82, New Yorkers know better.

The story is that new companies are creating really slick methods to follow you around the web, and selling your data to anyone who wants to pay them for it. The problem here is that you won’t even know they are doing it, nor will you benefit from it, with the exception of having ads placed based on your web browsing history. ISP’s will make a real killing on your click history. They can share your account history based on your clicks. As to who would buy the data besides marketers, Brodsky warns that it would be just a matter of time before the data would be sold for a large profit to heavy hitters. Insurance companies or banks could and would buy this click history, either directly or as part of an optimized data mining program. This is the mother of all Privacy issues.

New Yorkers should E-Mail Assemblyman Brodsky and show him your support. Tell him he’s the Privacy Champion and to keep up the good work.

Draft Bill:
»assembly.state.ny.us/leg ··· n=A09275
E-Mail Brodsky
»assembly.state.ny.us/mem ··· 2&sh=con