It's Your Data: Empowering Consumers to Protect Online Privacy

Discussion in 'privacy general' started by ronjor, Mar 10, 2016.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
     
  2. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    So, probably at least two dangerous loopholes:
    • Other purposes including marketing and no mention of choice there.
    • Opt-out for affiliate sharing/use
    Lets keep an eye open.
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Well, ISPs would just lie. Right? How would their customers know?
     
  4. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Might get really really lucky and either a whistle-blower, or some other investigation, would discover it. Not enough to hang one's hat on, but...
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
     
  7. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    490
    Location:
    Earth .... occasionally
    What ISPs Can See

    There is an extensive article on this at Teamupturn , here .
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    It's a decent article. But a little vague about VPNs.
     
  9. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592

    As Mirimir stated its somewhat vague. I took the time to read through it and I feel pretty comfortable with how shallow their attacks are. Any of the top VPN providers mentioned around here would easily beat the obvious. Having a tunnel encrypted and foregoing use of the ISP's dns, shielding all queries to the encrypted tunnel, and such are effective methods. Most use the private dns of the tunnel provider so that eliminates one main ISP attack vector. Compartmentalize, chain, multi providers, throw TOR in for good measure, etc......!

    Most concerning for users short of Pro configuration, is the area of site fingerprinting which exists even after multi stage tunnel setups because it comes from beyond the exit node. Expansive counter measures involve random padding throughout the tunnel so that returned signatures never quite match what the ISP would be sniffing for. Padding requires more bandwidth because your tunnel passes data 24/7 and is rotating all the time to make it impossible to know when YOU actually are using the tunnel, as compared to another chunk of data being "padded" through. i.e. - is the current bandwidth actually a tunnel being used or is it padding? Keep them guessing.
     
  10. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    490
    Location:
    Earth .... occasionally
    I just tossed that article into the stewpot for the hell of it .

    I agree , it is vague , and most of it is old news to people who take an interest in these things

    But for me it highlighted the huge disparity between the number of people complaining about unwarranted invasion of their privacy ,
    by TLAs and others , and the much smaller number who are actively doing something about it
    ( eg. paying a few dollars a month for a quality VPN , and learning how to use it effectively ).
     
  11. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    You make some good points there.

    Part of this may be the notion that "THEY" congress should address this and my personal need to attend to this situation should be un-needed. While that is likely true in a "Cinderella" world, it isn't how it really works. So, you either learn and attend to this protecting yourself or you go down in flames.
     
  12. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,149
    Location:
    UK
    Yep, well put. Rather painfully, I'm adjusting to the pointlessness of "should" and "ought" in the face of what is. And yes, I've participated in what's laughingly called consultation about legislation - again, manifestly pointless.

    It's true, I'll admit it - I naively thought that post-Snowden, they'd be somewhat contrite and the bulk surveillance would have been curtailed - as it "should" have been if they were concerned with either effectiveness or constitutionality or the HRA or a zillion other things about living in a civilized democracy. Not so. And notice the "they".

    Look after yourself.
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Mao. Power. Gun. Or encryption, anyway, which some have called munition.
     
  14. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    https://www.dslreports.com/shownews/FCC-Votes-For-New-Broadband-Privacy-Rules-Lifeline-Reform-136626
    https://www.fcc.gov/document/fcc-proposes-broadband-consumer-privacy-rules

     
  15. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,517
    Location:
    USA - Back in a real State in time for a real Pres
    All wishful thinking. Only those not born have privacy.
     
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Or imaginary ;)
     
  17. kls490

    kls490 Registered Member

    Joined:
    Aug 15, 2015
    Posts:
    17
    Location:
    Mid Atlantic Region (USA)
    More FCC rules that 'supposedly' provide some benefit to consumers? Yeah, right! It's no different than the "Do Not Call Registry". It isn't worth the paper it's written on, IMO. :p
     
  18. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    FWIW, came across a/the "proposal" from the American Cable Association, Competitive Carriers Association, CTIA, National Cable & Telecommunications Association, and USTelecom:
    https://www.ncta.com/sites/prod/files/Letter-PrivacyPrinciples-3-1-16.pdf
    Which basically boils down to: we should not be required to allow consumers to opt-in or opt-out of either affiliate sharing or third-party sharing.
     
Loading...