1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Most People Don't Realize Their ISPs Are Already Spying On Them

Discussion in 'General Security' started by lotuseclat79, Oct 3, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    Most People Don't Realize Their ISPs Are Already Spying On Them.

    The only real way to prevent ISP snooping on your Internet traffic is to encrypt your communications through an SSH tunnel, and to use another source for your DNS server like OpenDNS.

    Use of the XeroBank browser is one such tool that should help in this matter even though it is (paid), and the OpenDNS server has the following entries:
    nameserver 208.67.222.222
    nameserver 208.67.220.220

    Using the XeroBank browser would require a high-speed connection, so dialup users might not be able to use it. However, if you can get another account with SSH tunneling support that might be the way to go, otherwise, assume that all ISPs are going to spy on your Internet activity when it is not encrypted.

    Use of TOR and privoxy is also best utilized with a high-speed connection.

    -- Tom
     
  2. abloke

    abloke

    Joined:
    Jun 21, 2008
    Messages:
    198
    Hi Tom

    Thanks for your post. Am sure you have a lot of experience with computers
    and service providers. I'm sure that providers must have a general idea
    of the mail their clients receive/send.
    Is there any financial benefits for ISP's snooping at mail? Or should only
    big organizations like FBI & NASA be concerned?
    Considering how many people I know that use internet banking, will be very alarmed when they read your posting.
     
  3. calvin-c

    calvin-c Banned

    Joined:
    May 17, 2006
    Messages:
    1,098
    I'll admit that most people "don't know" that email is sent in clear, but that's not because they haven't been told-they just don't pay any attention. And I doubt that they'll pay any attention to this either-but you're welcome to try.

    Note that Internet banking doesn't (or shouldn't) rely on email. Personally, I wouldn't trust a bank that did that-just like I no longer trust a local bank that set up their online banking site so you had to use IE. (This was a couple of years back & I've been told that they've changed it since. Go figure-when IE was extremely insecure they forced you to use it. Now that it's actually improved, they no longer insist that you use it.)

    As for financial benefits, that mostly depends on whether or not the ISP's are willing to break the law. Long-term, an ISP that snoops will be put out of business so I doubt if very many do it. But until they get caught you'll probably never know. (What's the difference between an email that's never read & one that's read & ignored? None, IMO, so the only way you'll know is if they act on the email-and if they do that then they're quite likely to be nailed. So I doubt if they're doing it.)
     
  4. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    Hi calvin-c,

    If you think for one moment that my post is about "email in the clear" - you are mistaken.

    Every click, every web site you visit, etc. unless it is encrypted when it leaves your browser is fair game for ISP deep packet inspection on their DNS and Internet servers for which they keep a log of your web activities and sell the information (maybe not your personal identity), but that can be easily matched if a warrant is issued.

    Looking for a new job? A prospective employer can employ a PI to investigate your web surfing habits. Are you interested in privacy now?

    -- Tom
     
  5. Blackmirror

    Blackmirror

    Joined:
    Dec 5, 2006
    Messages:
    32,642
    Tom i use open DNS
     
  6. calvin-c

    calvin-c Banned

    Joined:
    May 17, 2006
    Messages:
    1,098
    I was responding more to abloke's post which did specifically mention mail than to yours, Tom. But some parts of my response do apply equally well to your post.

    Does anyone who knows beans about the Internet believe their ISP can't track what sites they visit? Unless, as you point out, they encrypt their datastream-and even then I wouldn't bet that the ISP couldn't figure it out if it was important enough to them.

    But that's the key. We already know they can so the question is whether or not they do. IMO predictions of this type basically falls into two realms: military & diplomatic.

    Military intelligence doesn't predict whether or not somebody *will* attack you, they predict whether or not they *can* attack you-and make plans in case they do.

    Diplomatic intelligence assesses the likelihood that somebody will attack you-or at least will *want* to attack you as it doesn't take into account nearly as much whether or not it's practical for them to do so.

    So, which is the more useful prediction to the average consumer? IMO it's the diplomatic type-I'm not all that concerned about what ISP's can do, I'm more concerned about what they will do (or are doing).

    Now the article you linked to makes two claims. First, that ISP's collect web-tracking data & second that they sell that data. Where's the evidence? IMO an ISP that does that will end up losing customers-and hopefully the ISP managers are smart enough to know that, too. (Given the current crisis that developed from, basically, a long history of dumb decisions by business managers I'm not *real* certain about that-but overall I still think most managers do think about the potential downside of their decisions before they make them.)

    The article also cites a study-why didn't they at least mention what study it is? There's lots of 'studies' out there-including one I just made which consisted of asking my co-workers if they knew ISP's could track their web traffic. Unanimously, they all agreed that they knew this. (Of course my co-workers are all IT staff. My 'study' was obviously biased-but how about the one cited in the article? Until we know what study they're talking about we don't know much, do we?)

    So I don't put a lot of faith in the article's claim that ISP's *are* doing this. I'll certainly agree that they could do it however. If that worries you then yes, you should encrypt your traffic. It doesn't worry me though.
     
  7. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    ISPs would have to expend lots of resources to break an encryption - and they are not in the business of doing that, i.e. it would not be profitable to use their computing bandwidth to do it.

    If you are in a country that snoops - like China is currently doing on Skype traffic - then you had better encrypt.

    -- Tom
     
  8. sireveris

    sireveris

    Joined:
    Oct 5, 2008
    Messages:
    22
    Is there an email service I can use that nobody can spy on? Because that's kind of creepy.

    Also- FF or IE? Or another one that's better?
     
  9. calvin-c

    calvin-c Banned

    Joined:
    May 17, 2006
    Messages:
    1,098
    Actually, if you're in a country that snoops then you're probably better off if you don't encrypt. I'm not familiar with everybody's laws of course, but I'd expect a country that snoops to also make encryption illegal-at least for their own citizens. Or, as the US tried to do a number of years ago, make *good* encryption illegal. (Don't remember now what they called the plan, but you could lock your house provided you gave the authorities the keys. Then all you needed to worry about was authorities would couldn't keep Soviet spies out of the CIA & FBI to keep your secrets safe. I wonder why that plan didn't pass?)

    In such a country I imagine that using encryption would be like people conspiring by getting together in public then putting a blanket over their heads so nobody can overhear. It works, as far as overhearing goes, but it does sort of attract attention.
     
  10. hewee

    hewee

    Joined:
    Oct 26, 2001
    Messages:
    57,791
    Who say Open DNS does not do the same thing. They are free to use by anyone but hey all that cost them so where are they getting all there money from?
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Don't Realize ISPs
  1. suttontaylor
    Replies:
    7
    Views:
    7,279
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/755733

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice