Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Privacy AT&T Businesses Communications Facebook Network The Internet Verizon

Comcast, AT&T, Verizon Pose a Greater Surveillance Risk Than Facebook (theguardian.com) 65

An anonymous reader writes: "Comcast, AT&T and Verizon pose a greater surveillance risk than Facebook -- but their surveillance is much harder to avoid," writes Salome Viljoen in an opinion piece for The Guardian. From the report: "Facebook isn't the only company that amasses troves of data about people and leaves it vulnerable to exploitation and misuse. As of last year, Congress extended the same data-gathering practices of tech companies like Google and Facebook to internet providers like Comcast, AT&T and Verizon. Because service providers serve as gatekeepers to the entire internet, they can collect far more information about us, and leave us with far less power to opt out of that process. This means that the risks of allowing our internet providers to collect and monetize the same type of user data that Facebook collects -- and the potential that such data will therefore be misused -- are much, much worse. Your internet provider doesn't just know what you do on Facebook -- it sees all the sites you visit and how much time you spend there. Your provider can see where you shop, what you watch on TV, where you choose to eat dinner, what medical symptoms you search, where you apply for work, school, a mortgage. Everything that is unencrypted is fair game. But internet providers don't just pose a greater surveillance risk than Facebook -- their surveillance is also far harder to avoid. 'Choosing' not to use an internet provider to avoid surveillance is not really a choice at all. As of 2016, only about half of Americans have more than one option for broadband internet. In rural areas, this number drops to just 13%.
This discussion has been archived. No new comments can be posted.

Comcast, AT&T, Verizon Pose a Greater Surveillance Risk Than Facebook

Comments Filter:
  • Pose? (Score:5, Interesting)

    by ebonum ( 830686 ) on Friday April 06, 2018 @07:21PM (#56395523)

    How about "already are a greater surveillance risk than Facebook "?

    • they can collect far more information about us, and leave us with far less power to opt out of that process.

      This is silly, "can" isn't the same as "do" and we have plenty of power to "opt out".
      Facebook does collect tons of info about it's users. ISP's don't typically store everything all of their users do [gizmodo.com.au]. Sure, maybe the NSA is hoovering up a ton of data and sticking it in storage somewhere, but the amount of storage to just store http URLs being requested over the long term, let alone the contents of all

      • Depends on what country you are in, Australia's recent metadata laws [infosecuri...gazine.com] collect all, no warrant required to look up.

        The trouble with using encryption when such sweeping items become the norm is that using encryption places you as a target. Even if you have nothing to hide simply not wanting to be passively stalked can mark you as a person of interest for further scrutiny. Which could be a less than fun position to be put in.

        Even not using the internet at all would not render you immune. It is one piece of a f [wikipedia.org]

        • "As of 2016, only about half of Americans have more than one option for broadband internet. In rural areas, this number drops to just 13%."

          That's the bit that I always find so curious. I have a choice of dozens of ISPs and mobile phone providers and no longer have a land line, here in an Australian city (I use fixed wireless internet to avoid the debacle called the NBN).

          Why does "the land of the free" have so little choice?

          Lack of government regulations requiring sharing of equipment, I suspect? So everyone

          • Because there is no competition.

            And yes, monopolies are bad.

            But too many in the US seem to be blind to this corporate oligopoly which is what the U.S. internet has become.

            And it must be said: it has become so with the aid of the US government. Not just lack of regulation, but mis-regulation. And Trump's administration has not helped in this area. In fact it has made things worse.

            When you don't have competition, you MUST have regulation. One or the other. Today, we effectively have neither.

            And
        • If you actually read the link I posted in the comment you responded to, you'll find it debunks the over-inflated claims in your link by citing the actual law and an actual ISP's data collection. The Australian data collection law was claimed to require ISPs to collect everything, but in reality only requirs the ISP to track when you connect and disconnect to the ISP, primarily so they can always associate an IP address with a customer account. That's it.

          • Apologies for not reading your link, I had skipped it assuming it was american seeming as NSA etc mentioned.

            I hope that is the reality, a lot of the ISP's claims of added expenses make little sense if that is the case.

      • by pots ( 5047349 )
        Well you're obviously not an American, and the situation is clearly not the same everywhere as it is here, but Slashdot is frequently American-centric and this is one such instance. The summary pretty specifically mentions an American law from March of 2017 which eliminated virtually all privacy protections pertaining to ISPs, not only on what they could collect but what they could do with the data which they had collected.

        Further, this is not about what they "can" do, or what they "might" do, they are d
        • Your eff page says "could do". Basic alarmism.

          Don't use AT&T. Don't use Verizon. Or use encryption. If you're actually concerned, use encryption. If you can't be bothered to even use encryption, then you obviously aren't actually that concerned.

          • by pots ( 5047349 )
            Oh for gods' sake, I said that the EFF page listed possible consequences. That was published before the law was passed, what the hell else do you expect? It's "alarmism" if they're limited to predicting the future based on past behavior? Apparently it isn't good enough unless they have a crystal ball.

            "Don't use bad ISPs." is your answer? God, you really are living in a utopia. That isn't an option here.
  • Fair game... (Score:5, Interesting)

    by msauve ( 701917 ) on Friday April 06, 2018 @07:27PM (#56395551)
    "Everything that is unencrypted is fair game."

    Finally, the summary gets to the core. All the rest is fear-mongering. More, and increasingly more, services are encrypted. The one which isn't, and needs to be, is DNS, which traffic they could snoop to see who you're talking with. But, some trusted VPN or TOR or other solution [opendns.com] will get around even that, if someone cares.

    With so much content being cloud hosted (AWS/Azure/GCloud), it's getting hard to tell who someones talking to just by IP, which is all the ISPs have left if traffic is encrypted.
    • by Anonymous Coward

      I never encrypt because my life is an open book and I want everyone to know about my goat fetish.

      • by Anonymous Coward

        TBH, I do think that people should start using the most disgusting, but legal, media for steganography. Just force all those bastards to get fucked up looking at the nasty pictures all day while they try to decipher them.

        I really hope somebody creates goatsenet for all our secure communications needs.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      I long for a bittorrent or blockchain based system that gives you a local copy of the 1 million most used domain names and their corresponding IP addresses. I talked to the Dutch name registrar about this idea, and all the .nl name + IP pairs would only be 1.5 gigabytes. The .com top 1 million list would be 6 gigabytes.

      It would not only offer more privacy, it would speed up the browsing experience too.

    • Re:Fair game... (Score:5, Informative)

      by svanheulen ( 901014 ) on Friday April 06, 2018 @08:07PM (#56395705)
      The good news is that encrypted DNS already exists and there are plenty of servers to choose from even. https://en.wikipedia.org/wiki/... [wikipedia.org] https://github.com/jedisct1/dn... [github.com]
      • by msauve ( 701917 )
        Point to a broadly supported RFC [ietf.org] with service available from a wide range of trusted organizations, and not some unique solution (which I've already linked to), and then you can legitimately claim that "encrypted DNS already exists."
        • And which "trusted organizations" would those be? And where's an implementation? I linked to an actual usable DNSCrypt client. And there are plenty of "trusted organizations" running DNSCrypt servers: https://dnscrypt.info/public-s... [dnscrypt.info]
          • by msauve ( 701917 )
            "And which "trusted organizations" would those be?... there are plenty of "trusted organizations""

            You're confused.
      • ISPs can still see the hostnames of the sites you visit, that is sent in clear text because of Server Name Indication (TLS SNI). That is plenty of information.. So encrypted/signed DNS still only give you part of a solution.

    • I had an ATT support person tell me that "given the number of devices connected to my DSL box, maybe I should go for a faster plan". So it's a bit more than what you send unencrypted over the Internet.

      Now I have a router and they see 1 device. And everything goes to the Sonic VPN, because Sonic understand that and gives me a free VPN to bypass the ATT "fair game".

      • Er... huh?
      • I'm not sure that I should need to explain this here, but...

        Each device connected directly to the modem uses DHCP to get an IP address from your ISP's servers. They didn't get the information from snooping on you - your devices deliberately and intentionally contacted them to check in.

    • There are technical solutions, but unless they are automatic, or at least extremely simple, the general public will not use them. I think that a right to privacy should not be restricted to people with substantial computer skills.

      I see a number of dangers form the compilation of personal data from large numbers of people and I would want that to stop for everyone even if I were savvy enough to protect myself.

      I completely agree that encryption is a big part of the solution, I just think that it needs to be

  • Congress extended the same data-gathering practices of tech companies like Google and Facebook to internet providers like Comcast, AT&T and Verizon.

    Why on earth would it behoove Congress, outside of the campaign contribution [theverge.com] factor, to ease the path for other internet providers to evolve into top flight data collection outfits?

    Perhaps campaign contributions are but the penultimate incentive, and government exploitation of the collected data is the end game.

  • As of 2016, only about half of Americans have more than one option for broadband internet. In rural areas, this number drops to just 13%.

    As of 2020, SpaceX could be providing high speed satellite internet for competitive pricing. And I sure as hell trust Elon a lot more than Comcast or Facebook.

    Please note that SpaceX satellites will be low earth orbit (very close to Earth), so latency will not be a problem. As opposed to current satellite internet, which suffer from high lag due to their satellites being geosynchronous (far far away from earth).

  • So what are you going to do about it?

  • Ajit Pai has our back. Protecting all that is near and dear to us on the internet.
    https://www.youtube.com/watch?... [youtube.com]

  • To make it that intel world does NOT need a warrant unless data and stream are encrypted. By doing this, I have no doubt that most ppl will be concerned and encrypt everything. Oddly, Russia, and china are grabbing everything that unencrypted, and few object.
  • Trying to lessen the impact of Facebook's criminal activity by saying "Comcast, AT&T and Verizon are a worse threat". I hope Salome got paid in Bitcoins.

    Because they're worthless.

  • The ISP can then see some nice encryption.
  • It's one thing for Facebook to do it - it's their model and was never a secret that it was how they could provide service for "free" - but ISPs are a subscription service. You pay a monthly fee for service! If I'm paying for a service, there's no excuse for harvesting and selling my data on top of that.

    They are more than welcome to provide a cheaper or free tier of service supported by data harvesting if they want. Given that my bill seems to go up every year, I reject the potential assertion that the

  • About the best you can do to frustrate their data-collection methods.

Adding features does not necessarily increase functionality -- it just makes the manuals thicker.

Working...