SoylentNews is people
SoylentNews
from the and-charge-for-bandwidth-consumed-by-ads dept.
Stuck with Comcast? You may get stuck some more!
Ars Technica , Gizmodo, ZDNet, and a host of others are reporting that Comcast claims that the FCC has no authority to limit or prohibit the internet provider from distributing web histories to advertisers.
From the Ars Technica article:
As the Federal Communications Commission debates new privacy rules for Internet service providers, Comcast has urged the commission to let ISPs offer different prices based on whether customers opt into systems that share their data and deliver personalized ads.
Comcast executives met with FCC officials last week, and "urged that the Commission allow business models offering discounts or other value to consumers in exchange for allowing ISPs to use their data," Comcast wrote in an ex parte filing that describes the meeting. (MediaPost covered the filing yesterday.)
AT&T is the biggest Internet provider offering such a plan. AT&T's "Internet Preferences" program reroutes customers' Web browsing to an in-house traffic scanning platform, analyzes the customers' search and browsing history, and then uses the results to deliver personalized ads to websites. With Internet Preferences enabled, AT&T customers can pay as little as $70 per month for 1Gbps fiber-to-the-home service, but those who don't opt into Internet Preferences must pay at least $29 a month extra.
[Continues...]
The Washington Post adds:
Consumer groups who oppose Comcast have said that Internet providers have a unique vantage point over everything an Internet user does online. For example, Netflix's intelligence about its users is largely limited to what customers do on its own platform, with little visibility into how those same people watch videos on Hulu or Amazon. (Amazon.com founder Jeffrey P. Bezos owns The Washington Post.) Internet providers, however, can detect when a subscriber visits all three sites.
Many analysts expect the FCC to finalize its privacy rules for Internet providers this year. But there are a lot of details to be hashed out, including whether Internet providers will be able to share subscriber data by default with marketers or whether they will be required to first obtain customers' explicit approval.
It's still unclear whether Comcast has actual, concrete plans to roll out a discount, data-driven Internet program. But what is clear is that the company has at least considered the possibility and wants looser rules for the industry that would permit such plans. A Comcast spokesman didn't immediately respond to a request for comment.
Gizmodo puts it succinctly: "Comcast has logged yet another tally in the competition for Shittiest Company In Existence."
(Score: 1, Interesting) by Anonymous Coward on Thursday August 04 2016, @05:41PM
http://www.privateinternetaccess.com/ [privateinternetaccess.com] has been reliable for us. We don't use it all the time but it's ne ver been down and we've never heard anything suspicious. Maybe it's a giant honeypot, I don't know. But apparently so is your ISP.
(Score: 2) by Celestial on Thursday August 04 2016, @05:50PM
I like IPVanish [ipvanish.com]. It's very fast, reliable, and easy to setup. Unfortunately, it's also expensive. $10 per month for two connections. I currently have two accounts for four connections at $18 per month (three month discount).
(Score: 2) by frojack on Thursday August 04 2016, @06:12PM
Without even looking at their how-to page, why would you need two accounts for 4 connections if its all going though your home router which would be the only thing directly connected to them?
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday August 04 2016, @06:20PM
Alternate locations?
(Score: 2) by maxwell demon on Thursday August 04 2016, @06:22PM
Of course only Celestial can tell, but I guess he's also using the internet when not at home, so he needs at least one further connection for that; and then his phone provider probably disallows tethering, so he needs separate connections for his different devices (laptop, phone, and possibly a tablet).
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Celestial on Thursday August 04 2016, @06:50PM
1. Home router.
2. My cell phone
3. Another cell phone
4. My notebook when travelling, (which is admittedly rare).
(Score: 3, Insightful) by linkdude64 on Friday August 05 2016, @12:16AM
Why would you recommend a VPN provider that responds to DMCA takedown notices?
This means it is a company based in the US, which means that a NSL (that is almost certainly in effect) completely invalidates any claims of privacy they could possibly make.
At least, that is my understanding of one important aspect when choosing a VPN provider.
(Score: 1, Interesting) by Anonymous Coward on Thursday August 04 2016, @05:58PM
I do use PIA all the time. They officially let you have 5 simultaneous links from different devices. In practice I put up about 10 different tunnels (with different end-points) all originating from my router and then each device behind my router gets a different tunnel. That makes it practically impossible to correlate my web browsing from my PC with my kid's browsing from her phone. I also switch end-points on a regular basis (my PC gets a new one every couple of hours).
Unfortunately more and more services are implementing vpn "block lists" - not just netflix, but a few months ago bank of america started blocking me from logging into my account on their website if a I use a VPN end-point inside the US (PIA's got thousands of end-points all across the globe and I can still get in through a canadian end-point). Even worse though is that BoA and other sites do not tell you why you are blocked, you just get a generic error message at some point in the authentication process. So you might spend an hour shopping on a website, but when it comes time to check out then they fail you, but they don't tell you they failed you because they don't like your IP address, you just get something meaningless. Really fucking shitty customer experience.
(Score: 2) by frojack on Thursday August 04 2016, @06:27PM
But even your VPN provider has to terminate somewhere.
Here we have a story about an corrupt up-stream harvesting your traffic,
With a VPN, the harvesting just moves a few states away to some company using a different corrupt upstream.
Pretty sure Snowden documented that just about EVERY VPN was totally compromised.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday August 04 2016, @06:34PM
> With a VPN, the harvesting just moves a few states away to some company using a different corrupt upstream.
Unlike ISPs, competition in the VPN market is intense. Most can not afford to sell their paying customer's data because just a wiff of it and users will leave en masse. That's how the free market is supposed to work when not supported by natural or artificial monopoly.
> Pretty sure Snowden documented that just about EVERY VPN was totally compromised.
This is about protecting your privacy from commercial exploitation, not nation-state adversaries.
(Score: 2) by frojack on Thursday August 04 2016, @06:51PM
This is about protecting your privacy from commercial exploitation, not nation-state adversaries.
Ah, I see. Encryption compromises have moral judgments built in. Who knew?!
No, you are mistaken. I've always had this sig.
(Score: 2) by Zz9zZ on Thursday August 04 2016, @07:50PM
Care to share how you would go about it? I have the exact same worries with VPNs and would welcome alternative suggestions, or at least VPN suggestions that seem more trustworthy. When it comes down to it there is no way to verify a VPN, so you just have to trust someone.
~Tilting at windmills~
(Score: 0) by Anonymous Coward on Thursday August 04 2016, @08:19PM
It's almost a total crapshoot. All you can know for certain is that your ISP is collecting your activity. Just need to research VPN's and find one that *might* actually be deleting all your traffic. Either way, all your eggs are still in one basket.
(Score: 2) by frojack on Thursday August 04 2016, @09:26PM
If i was in a position to know how the NSA goes about this, I would be prosecuted for posting it.
So you will have to google a bit and find some reading material.
A generic discussion exists here https://www.bestvpn.com/blog/7525/nsa-decryption-vpns-update/ [bestvpn.com]
But its a tad short on details. Others poo poo the idea and give long technical arguments why it
can't be so: https://nohats.ca/wordpress/blog/2014/12/29/dont-stop-using-ipsec-just-yet/ [nohats.ca]
Needless to say, the VPN company is in a position to inspect all traffic, and sell it on surreptitiously, perhaps unknowingly.
And the UPSTREAM of the VPN company Gets both sides of the traffic, encrypted incoming from the vpn clients, and possibly decrypted outgoing to the requested site.
Add to that the discussion the other day about binary blobs, and there is a lot to worry about and little to go on.
Question: Why has nobody decompiled a binary blob? Are they also encrypted?
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday August 04 2016, @08:15PM
> Ah, I see. Encryption compromises have moral judgments built in. Who knew?!
Risk assessment is not a moral judgment.
Nation-state adversaries have the resources to compromise VPN providers. Drag-netting traffic for advertising purposes is not lucrative enough to justify the resources necessary to do the same. You might as well be arguing that no one should lock their front doors because the military has tanks.
(Score: 2) by frojack on Thursday August 04 2016, @09:34PM
Nation-state adversaries have the resources to compromise VPN providers. Drag-netting traffic for advertising purposes is not lucrative enough to justify the resources necessary
A vulnerability, once in the wild, works equally well for both sides. This is why people arguing for backdoors for government because they personally "have nothing to hide" are so foolish and dangerous to have around.
You don't ALWAYS need a huge processing capability to crack some forms of encryption. All you need is access. And that gets easier once you can foist some malware over the wire into the user's internal network. Somebody has that router's internal interface bookmarked in their browser, and may have firefox remembering the password. There are a probably thousands of ways to do this, and most of them are plausibly deniable. Do some reading.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday August 04 2016, @10:49PM
> A vulnerability, once in the wild, works equally well for both sides.
Again, drag-net advertisers will not be breaking the law. The squeeze is not worth the juice.
Please graduate past your simplistic, black-and-white argumentation.
(Score: 2) by linkdude64 on Friday August 05 2016, @01:10AM
PIA is a US-operating company based in London which is almost certainly compromised by a National Security Letter or the British equivalent thereof, as Britain is in an even more dire privacy situation than us. Providers based in smaller countries are not beholden to DMCA or part of the Five/Nine Eyes system.