UK ISP TalkTalk Caught Monitoring Its Customers 139
An anonymous reader writes "The UK ISP TalkTalk has been caught using a form of Deep Packet Inspection technology to monitor and record the websites that its customers visit, without getting their explicit consent. The system, which is not yet fully in place, ultimately aims to help block malware websites by comparing the URL that a person visits against a list of good and bad sites. Bad sites will then be restricted. TalkTalk claims that its method is totally anonymous and that the only people with visibility of the URL database itself are Chinese firm Huawei, which will no doubt help everybody to feel a lot better (apply sarc mark here) about potentially having their privacy invaded."
Twas ever thus (Score:5, Insightful)
Doesn't really sound any different to what the search companies store. Sans encryption, nothing you do on the Internet is private. Caveat Browsor. Or, erm, something.
Re: (Score:3, Informative)
In the UK it is illegal to monitor a person priate converstaion on the phone, unless you have a judges authority. Also it's against Human Rights. Maybe Talk-Talk customsers should report them to the police.
Re:Twas ever thus (Score:4, Informative)
Re: (Score:2)
Actually in UK law the digital economy act practically requires by law that isp's are to monitor their users and notify certain bodies of any possible illegal activity. TalkTalk and BT are the only people attempting to stand up to this. I guess TalkTalk are a little more two faced than we thought.
No they won't report it to the UK government. Only the Chinese!
Re: (Score:2)
"by comparing the URL that a person visits against a list of good and bad sites"
If their aim is to just block bad sites why would they have to log anything at all? /dev/null.
Just re-direct all traffic to bad IP's to
Re: (Score:2)
"by comparing the URL that a person visits against a list of good and bad sites"
If their aim is to just block bad sites why would they have to log anything at all? Just re-direct all traffic to bad IP's to /dev/null.
Playing the devil's advocate, if you found that someone visited known "bad" sites then looking at other sites they visited would probably be a good way to discover other "bad" sites.
Re: (Score:3, Interesting)
If it's malware they're trying to stop and not anything else then they gain little.
Foolish people who click "OK" to popups asking them to install anything and everything constitute an almost perfectly random search.
Better to just get a list of sites which serve malware from one of the companies which track such things and re-direct traffic for them into a hole.
this seems less innocent the more I think about it.
Re: (Score:2)
Re:Twas ever thus (Score:4, Informative)
How is them trying to warn users they area about to visit a malicious site anything like recording activity for the purposes of relaying to the government? There is nothing two faced about this, it is good for the customer.
This is just the usual BS sensationalism. According to TFA, the data being recorded is anonymous:
Our scanning engines receive no knowledge about which users visited what sites (e.g. telephone number, account number, IP address), nor do they store any data for us to cross-reference this back to our customers. We are not interested in who has visited which site - we are simply scanning a list of sites which our customers, as a whole internet community, have visited. What we are interested in is making the web a safer place for all our customers.
This is the type of thing we should be encouraging rather than discouraging, if it reduces the number of idiots infecting their machines, which it will slightly. I think the ISP should enable this type of warning by default, with the option to opt out for those who actually want the very slight improvement in latency.
Re: (Score:2)
I agree that it is good in the way that TalkTalk present it, but I'd always be dubious about a) a company's real intentions and b) how they could change it in future so that what it does now isn't quite what it will do then.
Overall, most of the population probably need this kind of help, since they're not familiar enough with what can happen and assume that the web is fairly safe. In reality, there are a good number of things that could go wrong depending on how anonymised, automated and separate their syst
Re: (Score:2)
Okay but can I opt out?
I'm one of those people who can't get ADSL because of my phone line, so I have to use Virgin. If they started doing what TalkTalk are doing I would have no way out of it other than using Tor or a VPN service for everything. I'm sure Tor would have problems if thousands of users suddenly started using it and VPNs are not free.
Re: (Score:3, Insightful)
No, a LOT more two faced. Anyone with even the slightest networking knowledge knows that any ISP such as this, who runs their own DNS server can simply drop the bad domains into the DNS servers and have them point to one of their own servers which will present a "This site has been blocked for... " page.
A simple example of something similar (in implementation) are the "not found" redirects that many ISPs are doing now, that bring you to one of their customized search pages.
They dont need to monitor what
Re: (Score:2)
Actually in UK law the digital economy act practically requires by law that isp's are to monitor their users and notify certain bodies of any possible illegal activity.
As you've said, it's ironic for a company that have said this [talktalkblog.co.uk]:
Also, maybe I'm being dumb, but can someone explain to me how knowing the number of people visiting a website is going to help identify malware?
Re: (Score:2)
No!
At no point does anything in the Digital Economy Act require ISPs to monitor their users. In fact, if not done anonymously that could well be illegal under European Law (see the Phorm case). The only people that ISPs are obliged to notify of anything under the DEA are subscribers when the ISP has received a Copyright Infringement Report about it.
If you're going to bring up the DEA, I suggest you read up on it first. As it happens, I've spent most of the last few days writing up a guide to the relevant pa
Re: (Score:1, Insightful)
As for monitoring users for illegal activity, well, that is entirely fine.
No it's not. What is illegal and what is not, is more and more defined by corrupt politicians and lobby groups.
Re:Twas ever thus (Score:5, Insightful)
They should indeed report them. It was not "ever thus" and quite demonstrably so because we've only had mass electronic communication relatively recently and in a form that is easy for third-parties to record en masse for substantially less time than that.
Each time a new frontier opens in the eternal war between the rulers and the ruled, a land-grab ensues where governments and corporations try to make the public accept something as inevitable or right whilst at the same time the public realizes just because they've allowed the government to make them do something in other areas, that doesn't mean it was right.
It's vitally important at times like this to defend our rights as forcefully as possible. We did a lot of damage to Phorm when this was tried previously. In fact, Phorm turned into a ugly business black hole that no-one wanted to touch, with a reputation as down the toilet as SCO and I pity the people associated with it (except I don't). Clearly someone hasn't learned their lesson and we need to burn down a few more companies before we finally establish our right to privacy.
So let's make them regret this.
Re: (Score:2)
How about reading TFA? This is not an invasion of privacy at all. It doesn't record any personal data.
If they have access to URLs they have access to anything sent via a GET HTTP request. Are you suggesting that there aren't any websites that collect personal data via GET requests?
Re: (Score:2)
Oh noes! Wait a second, your ISP already has access to everything you do online, as well as your real life name, address, bank account number, etc. Why would you suddenly start caring about them having access to that which they already have access to? If they really wanted to do something nefarious with this information, they could.
If you are actually submitting "personal data" that you don't want other people to see or record outside of an encrypted connection, you're an idiot.
Re: (Score:2)
Re: (Score:2)
Do you work for TalkTalk or something? Why are you bullshitting so much?
Actually if you look at my comment history you'll see that I do this kind of thing regularly on Slashdot, because people are always sensationalising and bullshitting themselves without actually reading TFA or thinking.
As you point out they probably are already recording sites that have been visited etc. But when they want to do something that could actually be beneficial to the world, you complain.
Yes, I don't think this will make things 100% secure, but it will help make them more secure. It would be simil
Re: (Score:2)
I'm not saying that companies won't do these things, but I have seen a lot of Slashdot discussions where people get things completely wrong, working themselves into a frenzy over nothing. I'm just trying to point out how this might not be as bad as the sensationalists are trying to make out.
The Phorm thing does make it more likely that they were trying to screw people over here, I wasn't aware of that until someone else mentioned it.
The personal attack was an emotional response to you saying I'm just bullsh
Re: (Score:2)
Forgot to mention, this isn't about privacy, this is about collecting anonymous data. They already have the capability to invade peoples' privacy silently if they really wanted, this is about a public system that they purport to only collect anonymous usage statistics. If they're lying, then it's fine with me to hang them from the rafters, but if they're telling the truth then everyone needs to chill the fuck out.
Re: (Score:2)
Is that because TalkTalk are recording telephone calls as well? Or perhaps you are suggesting that TalkTalk should be reported for this because there are lots of other unrelated things that they are not doing? Murder would be pretty high up the list I guess, drug running, terrorism....
Re: (Score:2)
Probably better (and more general) to go with caveat usor, "let the user beware".
Re: (Score:2)
Yeah, that works. :-)
Re: (Score:2, Insightful)
Re: (Score:3, Funny)
Because Latin keeps the proles out
Re:Twas ever thus (Score:4, Insightful)
It is English.
http://www.oxforddictionaries.com/view/entry/m_en_gb0131000#m_en_gb0131000 [oxforddictionaries.com]
As well as being Latin of course.
Re: (Score:2)
quare? malo Latine loqui, tu gleba stolide!
The difference should be obvious (Score:4, Insightful)
My ISP is often a matter of little choice, if I want to access the internet, I MUST go through an ISP.
I never ever have to go to google or any other domain. It is trivial to avoid any domain I wish, just put it in hosts file with local ip.
Especially since Google doesn't know my personal details. My ISP does.
Comment removed (Score:5, Informative)
Re: (Score:2)
That's fine for geeks who actually take care of their computer, but I welcome moves like this by ISPs to actually make an attempt to stop the proliferation of malware and botnets on machines where the user is clueless. This service is like the "immunise" option in Spybot: S&D, but you don't need to clog up your hosts file or update it every few weeks.
For users that want a direct connection for whatever reason then yes I think voting with the wallet is a good option. I have been saying above that TalkTal
Re: (Score:2)
It is fine to offer it as a service, but to opt people in without consent, or even notice is not fine.
Re: (Score:2)
Even when it's not recording any personal information? I think it's vastly preferable to opt the clueless in and let those who care opt out. Leaving the ignorant to secure themselves against things they don't even know exist is really unhelpful. It would be like an email client that comes with no spam filter. Spam filters in Hotmail and Gmail technically have to sift through the contents of your personal emails, but nobody complains about that. To me this seems like a very similar situation.
It would have be
Re: (Score:2)
Yeah I think that's a bit silly, though they might just want usage statistics like how many dodgy/valid/unknown sites people try to visit per month to be able to judge whether it's worth having the filter in place at all.
Re: (Score:2)
Well, you need to at least collect the unknown URLs to put into the good or bad database after they scan them, that might be where the "recording URLs" bit comes in.
Seriously, there have been so many stories like this where the comments are murderous and insane, then you find out after RTFA or someone posts a more informed comment that things weren't so bad after all. Then again there have been other comments that mention scummy things TalkTalk have done before so maybe they do have nefarious plans for this
Re: (Score:2)
"Especially since Google doesn't know my personal details."
That's what you think ;)
Re: (Score:2)
if I want to access the internet, I MUST go through an ISP.
That's true, but it shouldn't be. When are we going to start growing a mesh network that doesn't depend on ISPs? Almost everywhere I go there are several wifi hotspots, and they're almost always private and protected. We should be able to give access to the internet without giving access to our whole computer or data we are transferring ourselves.
Sometimes I miss the old BBSes.
Re: (Score:3, Insightful)
Very true, and yet within ten minutes there will still be several hundred posts in this story decrying the evil wiretappers of the man and how this is breach of basic civil liberties.
So here is a question (and it's only half devil's advocate) :
If you send your data to a private company who has not signed any kind of contract to say that they will keep the data private: why wouldn't they look at it?
Comment removed (Score:5, Informative)
Re: (Score:3, Interesting)
That's a very cool site, best description of the data protection act that I've read. It still leaves me wondering how the DPI that TalkTalk performed would breach it though. If they pass URLs to a third party without anyway to lookup who requested each URL then it doesn't count as personal data under the act. I also see that any personal data they did pass on would have been legal as long as it was correct and TalkTalk actually told people what they were doing (not that they did).
Why would wiretapping legis
Re: (Score:2)
Re: (Score:2)
I only actually read the article after I replied to you but from the description it does look like just a list of URLs that is being passed over so it probably wouldn't be personal data. There are some corner cases though and TalkTalk have just opened up a huge can of worms as URLs can and do include things like user names.
Expectations of privacy seem to differ wildy. I don't consider myself to be paranoid but I assume that any data being routed across a network can (and will be) freely inspected by any int
Re: (Score:3, Insightful)
http://www.example.com/account.php?e=myaddress@example.net. Bang. Personal data right there.
Unless they have a way that can guarantee email addresses, account numbers etc are stripped out of the URL, of course...
Re: (Score:2)
a) I'd be concerned about that site and avoid using it anyway, b) that site would be making it a lot easier for you to hack it and c) who is to say that the email address (or thing that looks like an email address) in a URL is related to the URL fetcher? Who's to say it is even real?
Re: (Score:2)
wiretapping legislation specifically forbids monitoring of telephone communications except in specific circumstances
The circumstances are more specific than most people think. Basically, unless you are a police force carrying out a criminal investigation, then you are on very shaky legal ground when intercepting communications. From The laws relating to monitoring your employees [out-law.com]:
An employer who controls the system will be open to a civil action from either party to the communication if it intercepts communications without either:
* reasonable belief that both parties to the communication consent to the inte
Re: (Score:2)
If you send your data to a private company who has not signed any kind of contract to say that they will keep the data private: why wouldn't they look at it?
Did your phone company sign a contract that says they won't listen to your phone calls?
Re: (Score:2)
A more appropriate comparison would be "did your phone company sign a contract not to look at the numbers that you call" given that we are talking about URLs here.
Re: (Score:2)
Except that most phone numbers can't be looked up in slow-time to find out the content that the caller probably saw. It'd be more like "did your phone company sign a contract not to look at the new replacement they have for phone numbers where you dial a number followed by a descriptive string that may or may not give them access to a perfect transcript of what was told to you" (since they'll only get the fetches, not the posts).
Re: (Score:3, Insightful)
> Sans encryption, nothing you do on the Internet is private.
Even with encryption, your ISP can log every IP address you access, I would hardly call this a private activity!
So I would correct: nothing you do on the Internet is private, only semi-private with encryption, except if you are using either
1) encryption + TOR or
2) steganography.
And (1) is quite easy to detect for your ISP, so you would be "noticed": in some country this could be dangerous..
So the only really private communicatio
Re: (Score:2)
Re: (Score:2)
Well, *I*'m not paranoid, but I think that Chinese's users should be, and if you quit using Internet then censorship has won..
Re: (Score:2)
This actually has some nasty security implications, as it happens. If you visit a non-public part of a website that has a hard-to-guess URL, normally there's no easy way for potential attackers to know. However, if you do it from a Talk Talk broadband connection, now both TalkTalk and Huawei (which is owned by the Chinese government) know it's there, and anyone with access to this information can try and find security vulnerabilities in it which they'd otherwise have difficulty exploiting.
Also, I can confir
Re: (Score:3, Interesting)
Actually, thinking a bit more, it's worse than that. If you know the URL of a Facebook image, even a private one, you can view the image (there's no access protection on static content like image files) and you can link it back to the Facebook account of the person who posted it. Unless someone's taken special care, this information is very likely to be in TalkTalk's logs.
Re: (Score:2)
I never knew this. How is this not huge news? I don't know why I am surprised/dismayed/appalled.
Re: (Score:2)
If you're relying on Facebook for decent security you're going to be disappointed.
What would be news is if a facebook image url can be derived given known public parameters.
Ironic (Score:1, Informative)
Ironic this, seeing as how TalkTalk have been pushing back against almost the same things in the Digital Economy Act. Shame really the did look like they might be good guys.
Re:Ironic (Score:5, Informative)
Ironic this, seeing as how TalkTalk have been pushing back against almost the same things in the Digital Economy Act.
They are against the act because as itis currently written it favours smaller operators, as some of its rules such as the automatic disconnection for copyright violation only apply to ISPs with at least 40,000 customers. They are not fighting the act to protect anyone's privacy, they are fighting the act because it could make their services look less competitive.
Shame really the did look like they might be good guys.
No they didn't, not if you look into their (recent) past. They were one of the big three ISPs connected to the "ex-" spyware outfit Phorm in 2008/2009 and their past sales techniques including line-slamming (using people's details gleaned from other sales activity to switch their landline provision to them without permission) and apparetnyl deliberate ignorance of the Telephone Preference List have left a lot to be desired. See http://en.wikipedia.org/wiki/TalkTalk#Data_pimping [wikipedia.org] and http://en.wikipedia.org/wiki/The_Carphone_Warehouse#Data_protection [wikipedia.org] respectively for links to more info.
Re: (Score:2)
Talk Talk good guys??!! The first time I ever heard of them was several years ago when one of their salesmen phoned me to get me to switch my phone service to Talk Talk from BT.
I told him he was breaking the law by cold-calling me because I was registered with the Telephone Preference Service. He then had the nerve to lie that Talk Talk was a subsiduary of BT, and as I was a BT customer he was therefore entitled to ring me.
I did not know at the time whether his claim was true or not, but I told him to f#%k
End-to-end encryption (Score:5, Insightful)
It's the only way to be sure. I know of at least one German university which also filters all external web traffic through a proxy which blocks URLs, also supposedly to reduce malware infections. The road to hell is paved with good intentions. The same technology which is installed to fight malware is also ideally suited to work as censorship infrastructure. Once it's in place, the operators will undoubtedly be confronted with the question why they only filter malware and not other "illegal" content. Once they've succumbed to that, the list of URLs to block will grow to include "unruly" opinions, videos of police, etc.
End-to-end encryption. Now.
Re:End-to-end encryption (Score:5, Informative)
http://zfoneproject.com/ [zfoneproject.com] for all
Re: (Score:3, Funny)
It's the only way to be sure.
No, nuke it from orbit.. THAT'S the only way to be sure.
Re: (Score:2)
Why? What kind of evidence do you have for such a ludicrous assumption?
Re: (Score:2)
Evidence matters not when living inside a tinfoil fort you are.
Re: (Score:2)
So, do you have any examples of universities, operating in a democracy, on their own initiative, deciding to block "'unruly' opinions, videos of police, etc."?
Oh, and do we get some kind of motive, or is it just the restless spirit of history deciding to possess the living from time to time?
Re: (Score:2)
What many times before? Please provide evidence, not assertions.
I can provide a counter-example. Many ISPs in the UK already block access to sites known to host child pornography -- remember the controversy a while back when they blocked Wikipedia? So they've been blocking one type of illegal content for a long time now, and yet somehow they have managed not to slip one single step further down the alleged slippery slo
Re: (Score:2)
I suppose the biggest reason why we "shoot the messenger" (Ha! As if it's not just created in the messenger's mind!) is that there's typically no evidence presented by the Tinf
Data protection (Score:4, Insightful)
Isn't passing personal information out for Europe without expressed permission a breach of the Data Protection Act? Though lets face it, peoples biggest privacy concerns here are their porn viewing habits. Perhaps some porn sites should set up shop that show up in the URL history as stocks and shares or Technology News.
Anna.Techsupport032a2.jpg, Anna.Techsupport032a3.jpg
Re: (Score:3, Funny)
Isn't passing personal information out for Europe without expressed permission a breach of the Data Protection Act? Though lets face it, peoples biggest privacy concerns here are their porn viewing habits. Perhaps some porn sites should set up shop that show up in the URL history as stocks and shares or Technology News.
Anna.Techsupport032a2.jpg, Anna.Techsupport032a3.jpg
There was once a porn site that had a very similar URL to an ADSL comparison site, presumably for that reason. It was particularly annoying when I was trying to find the ADSL site at work...
Re: (Score:1)
Re: (Score:2)
What just like the valid uk computer hardware store http://www.overclockers.co.uk/ [overclockers.co.uk] vs the gay porn site. http://www.overcockers.co.uk/ [overcockers.co.uk] Or at least it used to be years ago when i made an accidental typo infront of my boss at the time :/
At least he did see the honest mistake and saw the funny side of it
Heh. I think the site in question was adslguide.org.uk or something. The porn site was the same but with co.uk or .com or something more usual. This was about ten years ago, the site seems to have adslguide.com now, no idea if the porn site is still around.
Re: (Score:2)
There was once a porn site that had a very similar URL to an ADSL comparison site
One of the following was NSFW.
alternate.com
alternate.es
No, I won't check which one's which nor whether they're still up. :)
Re: (Score:2)
They both resolve to hardware comparison / shopping sites. If you see either of them as something different then you need to check your machine for trojans.
Re: (Score:2)
Yes, that's probably why Talk Talk aren't, in fact, passing personal information out.
I don't see what the fuss is about... (Score:1, Insightful)
.. Huawei are usually the ones *buying* the stolen corporate data.
Just another reason for normal people to use encryption on everything and look suspicious for not wanting to be spied on.
Deep deep packets (Score:2)
Re: (Score:2)
Re: (Score:2)
Why do you think there is such an interest in phones having IP addresses in stead of an ADC?
Why do you think giving phones IP addresses makes them any easier to monitor than they are already?
Re: (Score:2)
At least in America all of those pretences went out the window with the PATRIOT act.
The Data Protection Act covers collection of personal data just fine whether digitally or on paper.
It's you [insert tinfoil insult here] people that are fucking stupid when you start bleating about issues like this. It's like the boy who cried wolf. Even when there are serious breaches of privacy going on (and this doesn't count - it is recording anonymised data and therefore isn't even covered under the data protection act,
Re: (Score:2)
I don't think I need to worry about the opinion of someone who thinks that encrypted digital communications are easier to snoop than analog telephone lines.
Re: (Score:2)
I don't pretend to have a good grasp of the situation, but you thinking that such things as laws are going to stop naughty people from doing naughty things isn't exactly well thought out either. And with all the "terror" excuses recently both the US and UK governments have taken liberty with the law in the name of security. Laws alone are a poor safeguard against this kind of stuff. It's like putting up a sign on your frontdoor saying "my door is unlocked, but if you open it and steal anything, I shall be v
Re: (Score:2)
Link to anything, ANYTHING that actually backs up any of these wild assertions, please. I'm British, £10bn is a lot of money, and I think you're talking bullshit.
There are upgrades to the BT network. About f***ing time. We're only about 40 years behind the rest of the world in terms of telephone infrastructure.
These upgrades have led to a rise in cost (but only for BT at the moment - other places aren't passing them on, e.g. completely independent phone companies that you are utterly free to use, o
tsk tsk (Score:2, Interesting)
Such A Shame, Talk Talk. It's My Life, you Dum Dum Girl !
Name change (Score:2, Funny)
(You may want to sit down before reading on, or at least steady yourself against something)
(Ready?)
Maybe they should change their name to Watch Watch instead.
Re:Name change (Score:5, Funny)
Maybe they should change their name to Watch Watch instead.
Actually, I thought StalkStalk was a better option.
Monitoring traffic, not customers (Score:5, Interesting)
The thing is, if you ignore the sensationalist headline and look at what there doing, it's just a list of websites that are accessed over their network, which they're using to create an opt in filtering system.
Oh no, an ISP actually doing something useful for it's customers, whatever will we do!
Stories like this are what annoy me about the press (slashdot included).
Re: (Score:1)
Re: (Score:2)
if you ignore the sensationalist headline
what you actually have is an organisation in a position of trust clandestinely checking up on the websites its users visit.
Whatever their intentions might be, they did this without asking and attempted (though not very effectively) to conceal their actions by passing the information to another part of the operation which did the follow-up accesses. If they were convinced their actions were on the side of right, they would have announced their programme and made their customers aware of what they were doi
Re: (Score:2)
I agree absolutely - from reading the article (I know - a completely unfashionable and unforgivable thing to do here on /.) I take this to be very specifically a malware checker, that checks a given site/URL for malware, either directly or uses the cached result of the last check if it was checked within the last 24 hours.
Is this not very similar to the google safe site service that's built into Firefox and other browsers?
Oh, and I love the justification for claiming that it records what customers do... "Th
Re: (Score:2)
The thing is, if you ignore the sensationalist headline and look at what there doing, it's just a list of websites that are accessed over their network, which they're using to create an opt in filtering system.
While possibly selling that info to advertisers as well? I mean who is to say what they're doing with it. Of course they'll make some concession and tell you that its good for you.
Shut one's eyes tight or open one's arms wide, either way, one's a fool!
Re: (Score:2)
How, exactly, does deep packet inspection help ISPs to block access to known child porn websites?
If they know about the website, all they have to do is block access to it. There's no need whatsoever for them to examine the content of my communications, if all they're trying to do is block access to certain IP addresses.
Huawei has been mentioned before. (Score:4, Informative)
The company has been mentioned previously here on /. for its questionable relationship with the Chinese government.
http://tech.slashdot.org/story/10/05/28/1228224/Chinese-Networking-Vendor-Huaweis-Murky-Ownership [slashdot.org]
Re: (Score:1)
Very old, all that. H// has a chequered history:
Sued by Cisco for nicking their IOS software (settled out of court, but H// withdrew all routing gear and made software changes).
Sued by Motorola (last week) for passing on trade secrets (no idea how valid, but it appears to be a follow on from a case last year, also involving another company called Lemko)
Anecdotally, I've heard of their engineers opening up competitor equipment to take pics while onsite at a customer premises.
Internally, I know they ha
Re: (Score:2)
Remarkable that only at the end of the comments (as now, reading +3) I see a comment like this.
Personally I don't see too much problem with the ISP keeping these logs - your traffic passes through them after all, and there may be reasons (legal, technical, whatever) for them to keep such logs.
That a third party, a foreign third party in a jurisdiction not known for its great human rights record nonetheless, has access to this databases is far more worrying. If it is as anonymous as the ISP says it is no i
Makes me feel comfortable (Score:2)
There's nobody I'd rather have looking at my internet history than a Chinese company.
Except maybe the North Korean government.
Re: (Score:2)
Well then, good news, they already are. At least - every time you mention them on /.
Hey TalkTalk! It's My Life! (Score:3, Funny)
Don't you forget! [youtube.com]
Really, this story is Such A Shame [youtube.com].
How Much of the URL? (Score:3, Insightful)
"Chinese firm Huawei" (Score:2)
Re: (Score:2)
Really? Then why not post your details on 4chan or somewhere and offer a small reward for time spent to the first person to gain control of your network/box?