An Anonymous Coward writes:
Is it just me or have ISP (Internet Service Provider) terms and conditions gotten a lot more one-sided about what you can't do and what they can do?
I was considering switching to the new Vodafone Connect broadband and phone service as there are some nice discounts for existing Vodafone customers (and I've had enough of BT's high prices for FTTC) but reading through the text of their Acceptable Use Policy (AUP) has caused me to think again. I'm sure a lot of the text in the agreement is fairly standard, and to be honest it's been a while since I switched providers, but some of these terms seem rather overreaching. For example:
2.7. You must not use the Vodafone Connect Services to access, download, send, receive, store, distribute, transmit, upload or in any way deal with material or data that we deem:
i. to be offensive, threatening, defamatory, racist, abusive, harassing, invasive of privacy, obscene, harmful, indecent or menacing;
Those words cover one hell of a lot of territory... sorry, did you deem my use of the "H" word offensive? What if I'm in a private chat with a friend and he calls me a "####" so I tell him to "#### off"? Use your imagination, we could be covering offensive, abusive, obscene and indecent right there (if not more).
Further on there's a section titled "Actions we may take" (where "we" is Vodafone) and this one really got my attention:
[More after the break...]
4.1. We may, at our sole discretion, run manual or automatic systems and monitoring in order to ensure that you remain compliant with the terms of this AUP at all times (for example we may scan for open mail relays, or open proxy servers). By accessing the internet via our Vodafone Connect Services you are deemed to have granted us permission to access and monitor your computer systems and networks.
So just by using their service I've given permission for them to access and monitor all my systems and networks! Well, given that they bought Cable & Wireless they do have a history of working closely within the surveillance system. Funny though, that they deem it acceptable to "access and monitor" my systems when earlier in the AUP it states:
2.11. Without the explicit permission of the relevant operators you may not run "scanning" software which accesses remote machines, networks or other computer systems.
Of course, they've got the usual "we can change this document at any time without explicitly telling you, and continuing use of the service means you agreed to any new conditions we've set" (See section 1.3) and finally you better not ever get a virus (goodbye Windows users):
2.13.You must ensure that your computer systems and network are not configured in such a way that others are able to exploit them in order to disrupt the internet or any other third party network. This includes but is not limited to ensuring that your network cannot be exploited as an open mail relay, open proxy server, or as a component of a wider network used in denial, or distributed denial of service attacks by third parties.
yes, well, I found that Comcast had handed out hardware that has hardcoded lookups to their own and 220.127.116.11.
Why they would give customer habits to google for free is somewhat beyond me, so I have to think that it isn't being provided as a concurrent lookup resource that the cable modem does without the customer devices actually seeing the responses, is actually a value add for comcast. Since the field is grayed out and cannot be changed, I have to think it's not for my benefit.
So, what happens on that particular piece of business hardware is that DNS traffic leaving the unit also goes elsewhere. Client traffic gets the results expected. Comcast profits from the unexpected behavior, and google too, I would imagine. Being the type that null routed 18.104.22.168 and 22.214.171.124, it shocked me to see this on the modem management's ipv4 info page.
It didnt even matter that I prevented the devices in my home from reaching those IPs. Comcast reached them for me.
fuck the cloud
You're assuming they are routing the 126.96.36.199 to Google's machines, and haven't for instance just routed them to their own machine(s) which is logging all your DNS queries. Doing that would net them all their own queries on modems they supplied and anyone who had their own and set it to Google's servers.
A company like Comcast is not likely to be giving Google a free lunch. They are getting paid for that data in some way or perhaps just hi-jacking it for themselves.