Slashdot Mirror
Is Comcast Intercepting Packets?
nihilist_1137 writes: "According this page, comcast is intercepting your packets to gain knowledge of your whereabouts and then reselling it to marketers." According to the linked message, "This allows them to not only log all http requests, but to also log the response. Maybe they want to profile their customer browsing history for
subsidiaries or resale to marketers. Maybe they want to do their part in
The War on Freedom. Maybe they just want passwords to porn sites. Apparently they aren't using it to maximize bandwidth, because it's not configured to serve cached data."
The page says nothing about reselling it to marketers, simply that they are monitoring it. Let's not jump the gun.
+ Donald Gunth
+ Email: dgunth@quicktek.net
"Caffeine is the greatest lubricant ever created." -ESR
Isn't tapping internet connections the same, legally, as a phone tap?
Probably, but this probably isn't "tapping internet connections." I'll bet you dollars to donuts that when Comcast gets called on this, they'll explain how they're only "capturing and keeping limited information" with "aggregate identification only" so that they can "optimize their network configuration" or something like that. The phone company doesn't tap converstations, but they sure as hell have a database of which line called which number, when, and for how long.
They might even be telling the truth. Not that we care - who wants to be the first to write an app that makes random requests to random domains constantly so as to screw up their database?
Now wait a second. Before we all flip out and start bashing ComCast, lets realize a couple things.
Number one, this guy just got transitioned. A lot of people all over the country have been going through the same thing, and not everyone is seeing the same thing as him. As 'hostman' from the MESH (Michigan Engineering Software and Hardware http://misc.eecs.umich.edu/) discussion email list wrote:
"This whole thread got me a bit peeved, so I went home and ran a few tests. I was unable to find any evidence of the packet modification described. It is possible the described issue is not an issue here in A^2, as we 'transitioned' from MediaOne's service, not @Home..."
Secondly, your ISP has the right to monitor traffic to ensure quality of service. Just because the caching part of the server is not currently running, it does not mean that they aren't phasing it into the system. At this point it's just speculation. They might even have more rights to monitor what you're doing, depending on your service agreement. Read it.
Lets get some REAL evidence of what's going on other than this hear-say. Someone show us some modified packet headers, and someone else reproduce those results, and MAYBE I'll believe it then.
Depends. The only reason tapping phones is illegal [at least in most countries] is because of the explicit right and expectation of privacy.
If you shouted in public something you can hardly feel violated when others learn about it.
The internet is inherently non-private. If you want a private connection use crypto. Otherwise, work under the assumption that everyone else knows everything you do on the net.
Tom
Someday, I'll have a real sig.
Isn't this just a caching proxy? Track the requests to cache the popular sites. Others requesting the page don't need to go off the network to access it. Makes an attempt to make their network appear fast (even if it isn't)
This is absurd. Internet traffic is no more "non-private" than a telephone call. The fact that means exist for people along the traffic path to intercept communications doesn't mean that they're allowed to. If that were the case, all laws governing phone tapping would be moot since the tapping would not be technically possible.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
I wrote the initial post, and I stand by it.
Read the whole thread before flaming;
http://www.securityfocus.com/archive/82
Folks.. it shouldn't even have to be repeated, but it does.
When you send plaintext over the net, like HTTP reuqests..
YOU ARE SENDING PLAIN READABLE TEXT OVER A PUBLIC NETWORK.
Where is your expectation of privacy? That's right.. you don't really have one.
Passwords? HTTPS.. that's what the 'secure'part means you know.
I've worked at a national ISP that did a trail of this hardware. The goal is to take the heat off upsteam link. It's fairly useful in a small market were your upstream has to cross a LATA incurring long distance charges.
The logs generated for this device is not anonymous. It's pretty much reads like an Apache log. Source and destination IPs for every request. I remeber wanting to get some sample data to see if we needed to take the Cache log into account for looking at out admin server traffic reports. Small town USA pretty much surfs over 50% porn.
At any rate. It's doubtful they use the cache box to collect internet traffic stats. Why? Well, basically, it's a money issue. Once you have the data great...except it's a freak'n huge sh*tload of data. If you want useful reporting you need to keep data for a year. Your're looking putting almost 500K into disk, CPU, and software. It's not worth it because you'd never recoup the money.
This does NOT mean your ISP doesn't sell your data. An ISP can make some serious cash by selling your data. ISP's can and DO enter into agreements with companies that collect data. However, the ISP wash their hands of the actual process. They let a 3rd party drop a Switch or a Bridge into a POP that directs traffic to a machine that will totally transparently collect data and start collecting checks.
Point is, the Cache is exactly what it appears. A Cache. It does collect data, but I've never heard of a National ISP use that data. They let a 3rd party company do all the work and collect the checks.
Hollywood knows fuckall about facts
Or, more to the point, facts don't make for exciting cinema.
deus does not exist but if he does
I don't doubt that this could happen, but I would hardly worry about a post on a message board or mailing list. Yes, we need to be vigilant, but let us get some independant verification from a trusted source. Better yet, why doesn't one of you who has Comcast as a service provider write them a letter and ask? CC the FCC and the Better Business Bureau if you feel it necessary.
Something about this just smells like FUD to me.
I will terminate not only my Comcast@home subscription, but my cable television subscription as well
Unfortunately, Comcast is so big that they most likely won't care that one person drops their services. There are plenty of others, like myself, who would *love* to get Comcast@Home (or whatever they call it now) if Comcast bothered to make it available to me. Unless everyone were to drop their service at once, this would not be an effective means of protest.
and some sites which I visit are, by their nature, *CLASSIFIED* in content
If something is classified, why would be online in any form? Theoretically, every ISP probably is doing the same thing as Comcast here (if the allegations that they are indeed mining their cached content are true), so either way, this "classified" information is going to end up in someone else's hands.
In case of fire, do not use elevator. Use water!
This doesn't really make sense. There has to be trillions of packets created on the @home network. There are several problems because of this.
1. When you run a network capture, the log file is going to grow to 100s of gigs in minutes.
2. Sorting through 100s of gigs of log files is going to take massive processing power.
The only logical thing I could see them doing is being able to screen for keywords like "news" in real time.