Comcast, AT&T, Verizon Pose a Greater Surveillance Risk Than Facebook (theguardian.com) 65
An anonymous reader writes: "Comcast, AT&T and Verizon pose a greater surveillance risk than Facebook -- but their surveillance is much harder to avoid," writes Salome Viljoen in an opinion piece for The Guardian. From the report: "Facebook isn't the only company that amasses troves of data about people and leaves it vulnerable to exploitation and misuse. As of last year, Congress extended the same data-gathering practices of tech companies like Google and Facebook to internet providers like Comcast, AT&T and Verizon. Because service providers serve as gatekeepers to the entire internet, they can collect far more information about us, and leave us with far less power to opt out of that process. This means that the risks of allowing our internet providers to collect and monetize the same type of user data that Facebook collects -- and the potential that such data will therefore be misused -- are much, much worse. Your internet provider doesn't just know what you do on Facebook -- it sees all the sites you visit and how much time you spend there. Your provider can see where you shop, what you watch on TV, where you choose to eat dinner, what medical symptoms you search, where you apply for work, school, a mortgage. Everything that is unencrypted is fair game. But internet providers don't just pose a greater surveillance risk than Facebook -- their surveillance is also far harder to avoid. 'Choosing' not to use an internet provider to avoid surveillance is not really a choice at all. As of 2016, only about half of Americans have more than one option for broadband internet. In rural areas, this number drops to just 13%.
Pose? (Score:5, Interesting)
How about "already are a greater surveillance risk than Facebook "?
Re: (Score:2)
This is silly, "can" isn't the same as "do" and we have plenty of power to "opt out".
Facebook does collect tons of info about it's users. ISP's don't typically store everything all of their users do [gizmodo.com.au]. Sure, maybe the NSA is hoovering up a ton of data and sticking it in storage somewhere, but the amount of storage to just store http URLs being requested over the long term, let alone the contents of all
Re: (Score:2)
Depends on what country you are in, Australia's recent metadata laws [infosecuri...gazine.com] collect all, no warrant required to look up.
The trouble with using encryption when such sweeping items become the norm is that using encryption places you as a target. Even if you have nothing to hide simply not wanting to be passively stalked can mark you as a person of interest for further scrutiny. Which could be a less than fun position to be put in.
Even not using the internet at all would not render you immune. It is one piece of a f [wikipedia.org]
Re: (Score:1)
"As of 2016, only about half of Americans have more than one option for broadband internet. In rural areas, this number drops to just 13%."
That's the bit that I always find so curious. I have a choice of dozens of ISPs and mobile phone providers and no longer have a land line, here in an Australian city (I use fixed wireless internet to avoid the debacle called the NBN).
Why does "the land of the free" have so little choice?
Lack of government regulations requiring sharing of equipment, I suspect? So everyone
Re: (Score:2)
And yes, monopolies are bad.
But too many in the US seem to be blind to this corporate oligopoly which is what the U.S. internet has become.
And it must be said: it has become so with the aid of the US government. Not just lack of regulation, but mis-regulation. And Trump's administration has not helped in this area. In fact it has made things worse.
When you don't have competition, you MUST have regulation. One or the other. Today, we effectively have neither.
And
Re: (Score:1)
Both Jane Q. Public and AC make good and interesting points, now that I reply 8 days later... (oops).
As an outsider it has fascinating reading - over the years - how various US voters happily vote for parties whose policies will literally hurt them, total cognitive dissonance.
Or maybe it's utter wilful ignorance, it's hard to tell, really.
I think a quote from the US president best sums it up, "Sad".
Re: (Score:2)
If you actually read the link I posted in the comment you responded to, you'll find it debunks the over-inflated claims in your link by citing the actual law and an actual ISP's data collection. The Australian data collection law was claimed to require ISPs to collect everything, but in reality only requirs the ISP to track when you connect and disconnect to the ISP, primarily so they can always associate an IP address with a customer account. That's it.
Re: (Score:2)
Apologies for not reading your link, I had skipped it assuming it was american seeming as NSA etc mentioned.
I hope that is the reality, a lot of the ISP's claims of added expenses make little sense if that is the case.
Re: Pose? (Score:2)
"Unless requested by law enforcement, at which point they will literally capture all of their traffic."
So you acknowledge that the problem here isn't the ISPs per se, like with the companies who spie on is for money (Facebook, Google "Analytics" etc.), but instead the government?
Re: (Score:2)
Further, this is not about what they "can" do, or what they "might" do, they are d
Re: (Score:2)
Your eff page says "could do". Basic alarmism.
Don't use AT&T. Don't use Verizon. Or use encryption. If you're actually concerned, use encryption. If you can't be bothered to even use encryption, then you obviously aren't actually that concerned.
Re: (Score:2)
"Don't use bad ISPs." is your answer? God, you really are living in a utopia. That isn't an option here.
Fair game... (Score:5, Interesting)
Finally, the summary gets to the core. All the rest is fear-mongering. More, and increasingly more, services are encrypted. The one which isn't, and needs to be, is DNS, which traffic they could snoop to see who you're talking with. But, some trusted VPN or TOR or other solution [opendns.com] will get around even that, if someone cares.
With so much content being cloud hosted (AWS/Azure/GCloud), it's getting hard to tell who someones talking to just by IP, which is all the ISPs have left if traffic is encrypted.
Re: (Score:1)
I never encrypt because my life is an open book and I want everyone to know about my goat fetish.
Re: (Score:1)
TBH, I do think that people should start using the most disgusting, but legal, media for steganography. Just force all those bastards to get fucked up looking at the nasty pictures all day while they try to decipher them.
I really hope somebody creates goatsenet for all our secure communications needs.
Re: (Score:2, Interesting)
I long for a bittorrent or blockchain based system that gives you a local copy of the 1 million most used domain names and their corresponding IP addresses. I talked to the Dutch name registrar about this idea, and all the .nl name + IP pairs would only be 1.5 gigabytes. The .com top 1 million list would be 6 gigabytes.
It would not only offer more privacy, it would speed up the browsing experience too.
Re: (Score:2)
That sounds about the right size for APKs hostfile, which is essentially what is being suggested.
Comment removed (Score:5, Informative)
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
You're confused.
HTTPS and Encrypted DNS does not help against ISP (Score:3)
ISPs can still see the hostnames of the sites you visit, that is sent in clear text because of Server Name Indication (TLS SNI). That is plenty of information.. So encrypted/signed DNS still only give you part of a solution.
Re: (Score:2)
I had an ATT support person tell me that "given the number of devices connected to my DSL box, maybe I should go for a faster plan". So it's a bit more than what you send unencrypted over the Internet.
Now I have a router and they see 1 device. And everything goes to the Sonic VPN, because Sonic understand that and gives me a free VPN to bypass the ATT "fair game".
Re: (Score:2)
Re: (Score:2)
I'm not sure that I should need to explain this here, but...
Each device connected directly to the modem uses DHCP to get an IP address from your ISP's servers. They didn't get the information from snooping on you - your devices deliberately and intentionally contacted them to check in.
Re: (Score:2)
My ISP lets me choose between 4 static or unlimited dynamic IPs. And they get no more access my router than any other Joe Internet has.
But you already knew I don't live in the US...
Re: Fair game... (Score:2)
Re: (Score:2)
There are technical solutions, but unless they are automatic, or at least extremely simple, the general public will not use them. I think that a right to privacy should not be restricted to people with substantial computer skills.
I see a number of dangers form the compilation of personal data from large numbers of people and I would want that to stop for everyone even if I were savvy enough to protect myself.
I completely agree that encryption is a big part of the solution, I just think that it needs to be
Hmmm (Score:2)
Congress extended the same data-gathering practices of tech companies like Google and Facebook to internet providers like Comcast, AT&T and Verizon.
Why on earth would it behoove Congress, outside of the campaign contribution [theverge.com] factor, to ease the path for other internet providers to evolve into top flight data collection outfits?
Perhaps campaign contributions are but the penultimate incentive, and government exploitation of the collected data is the end game.
Elon will come to the rescue (Score:2)
As of 2016, only about half of Americans have more than one option for broadband internet. In rural areas, this number drops to just 13%.
As of 2020, SpaceX could be providing high speed satellite internet for competitive pricing. And I sure as hell trust Elon a lot more than Comcast or Facebook.
Please note that SpaceX satellites will be low earth orbit (very close to Earth), so latency will not be a problem. As opposed to current satellite internet, which suffer from high lag due to their satellites being geosynchronous (far far away from earth).
Re: Monopoly (Score:2)
"The monopolists need to be regulated to avoid market harms."
Sure, but the real question is how to regulate them. You can either try and think up all the ways they can make their customers umhappy and add regulatioms preventing them from, or you can require all last-mile infrastructure owners (usually telcos) to allow other companies (usually ISPs) to offer services over the infrastructure (at the price they use as an input cost for their own retail products) , and let the market do the rest.
Well duh! (Score:2)
So what are you going to do about it?
Ajit Pai will save us! (Score:1)
Ajit Pai has our back. Protecting all that is near and dear to us on the internet.
https://www.youtube.com/watch?... [youtube.com]
Why I'm pushing Congress critter (Score:2)
the spin begins (Score:2)
Trying to lessen the impact of Facebook's criminal activity by saying "Comcast, AT&T and Verizon are a worse threat". I hope Salome got paid in Bitcoins.
Because they're worthless.
Re: (Score:2)
When I stopped playing Eve:online, I had about 12 billion ISK in funds and about twice that in materiel and ships. If I sold it all on one of those dubious sites that allow newbies to buy virtual assets from older players, I'd have a couple of thousand dollars.. theoretically. If you want to pretend that your dogecoin is worth anything at all, then I'm fine with that.. as long as you understand it's a fantasy and that it will, one day, be involved in a high-speed head-on collision with cold, heartless reali
Use a VPN (Score:2)
And that's not even their business model! (Score:2)
They are more than welcome to provide a cheaper or free tier of service supported by data harvesting if they want. Given that my bill seems to go up every year, I reject the potential assertion that the
Don't use their DNS, use Tor or VPN (Score:2)