Slashdot Mirror
Telstra Denies Selling BigPond Customers' Data
Red Wolf writes "The Age reports that allegations that Telstra sells email addresses of BigPond customers have been denied by the telco. Melbourne-based IT worker Mark Edwards had doubts in this direction when he began receiving unusually large amounts of spam at his bigpond email address. Edwards grew suspicious because some of the spam being issued to him was also addressed only to a number of users within the bigpond.com domain, indicating that the unsolicited mass emailings were being sent to lists of BigPond users."
Telstra have a history of standover tactics (see Here, for instance).
I really hope they get busted under our new privacy laws. I have a telstra email address that I've never used that gets spammed constantly. If telstra didn't sell my details, then something very fishy is going on.
I'm not Seth.
I know what you mean... at my workplace, we implemented Telstra's ADSL the first week it was available at our exchange... for about 14 months, there was no alternative either. But now we're with iiNet. Same speed, but cheaper and 6 times the download allowance. One other major reason we swapped was the spam the account's email address was receiving. Interesting to note, that since we have our own domain, this email address was NEVER, and I mean NEVER, submitted to a mailing list, a newsgroup or anywhere it may be gathered by spammers. The account name was also random enough that a dictionary attack shouldn't have worked. The address was never used to send mail, or reply to spam, but by the end of our 18 month contract, we were recieving about 6-10 spam emails per day. I realise this is not a lot for an active email address, but this wasn't used at all. The only reason I even looked at the mail box was to get Telstra mailouts regarding outages, updates etc. Not selling customer details eh? ---- All extremists should be taken out and shot.
Tempus fugit sub anesthesia.
Bitching about poor service doesn't hit a company nearly as hard as taking your business elsewhere.
.
Agreed. However, did you read the Whirlpool link I posted?
Telstra makes it *very* difficult to change to a different service. This is a typical case. It's happened to people I know
Even if that doesn't happen, there's a delay of 2 or 3 weeks without net access while you change. It's annoying, but I will change.
I'm not Seth.
I've got a bigpond email account that I only ever put on my CV. I've used this for two years and I have never once received spam on this account. If Telstra are selling email addresses then they are only selling some of them.
My yahoo account however.....
This has nothing to do with selling email addresses. I'm a Bigpond user. When I surf porn sites I get DELUGED with spam, without having to provide any identifying information.
The Bigpond referrer details identify your user name. You have a default eMail account which is username@bigpond.com. Therefore, any site which analyses its visitor logs can identify a pool of valid Bigpond eMail addresses.
Mate, if you don't want the junk mail, stop wanking so much!
Uh, I don't live in America, where it seems everything is for sale. In New Zealand, and indeed the rest of the "Western world", we have privacy acts that say data may only be used for the purpose it was explicitly collected for.
This university had an internal web search thing where you could find people's email addresses given a surname (only accessible from within the university), and they decided that since they didn't mention anything about this on the enrolment form, they had to take it down to comply with our privacy act.
I sincerely doubt any university in New Zealand, or even Australia or Europe, would ever consider selling its users email addresses to spammers. Especially since NZ internet users have to pay for international traffic. Why sell addresses that will result in you paying 5 to 8 cents per megabyte of data received?
If you want a large ISP in WA, I recommend WestNet. They're a bit too big to still be really caring, but their reliability is a notch above iiNet's.
If you want an excellent quality smaller ISP in WA, choose ArachNet. They also have excellent colocation terms, and this bloke can sell you a dandy little rack box to colocate with (review coming soon). I use ArachNet myself. There are others.
If you want reliable DSL in Oz and damn the cost, try Request or Optus (nice picture). Everyone else has to go through Telstra to get their DSL (and these two will also if they have no DSLAM in the exchange), which costs you a big reliability hit.
Telstra account for your data as the sum of both directions. Most Oz ISPs will bill you for the max of in and out, or just bill you for in, but no, not Telstra. As a 'phone company, they're not too bad (their service actually works). As a "competitive" ISP, they suck.
Got time? Spend some of it coding or testing
Telstra certainly IS crap, and ALL the CHEAPER resellers use the Layer2 offering which relies on Telstra DSLAMS and hence Telstra's support and reliability of same. Doh. The only other major DSLAM-level provider is XYZ/Optus, also used by Connect and RequestDSL, and that pricing is as business grade as the service, which is extremely good - it's just not affordable for a lot of people. Pricing start at around $300/mth for a 1.5Mbps connection, with a couple of gigs of data ( 2-3Gb ). Add extra data at 10-15c/MB and you're talking mega-dollars even for small business, and it's definately out of home user territory.
Then there's those Layer2-based providers. They're great, but suffer greatly at Telstra's hand - when support is required, Telstra services their own retail customers before the Layer2 providers' wholesale business.
One word: Monopoly.
I wish there was an uglier-sounding word that means the same thing, 'cause it sure would apply in this case.
If your mail server follows the early SMTP RFCs it might well do this :
%telnet bastardface.com 25
RCPT TO: <aardvark@bastardface.com>
550 Address unknown locally
RCPT TO: <andrew@bastardface.com>
250 Recipient ok. [andrew@bastardface.com]
RCPT TO: <apple@bastardface.com>
550 Address unknown locally
[... do your whole dictionary]
QUIT
all usually without ever hitting the logs
you get a nice big list of valid addresses all at the same domain and no-one is any the wiser until it stats filling up their inboxes
I know this because it happened to us when someone followed the wrong RFC
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
%echo matt@bigpond.com.au | /www/bin/get_mx
extmail.bigpond.com
%telnet extmail.bigpond.com 25
Trying 144.135.24.8...
Connected to extmail.bigpond.com.
Escape character is '^]'.
220 bigpond.com service ready (identifier 29/4290323)
helo numpty
250 bigpond.com
MAIL FROM:
250 ok
RCPT TO:
550 recipient unknown
so you run your dictionary attack against the server
MAIL FROM:
250 ok
RCPT TO:
550 recipient unknown
RCPT TO:
550 recipient unknown
until you some 250s
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Not Always - The fibre belongs to telstra, however there are other DSL providers, notably Nextep and RequestDSL that have their own DSLAM's - This allows for much faster and better troubleshooting when network issues occur.
:)
They also take into account things like overheads in their speeds, so a 1.5M/256k connection is actually data rate, not line rate. Telstra calculates on the line rate, then there are whetever low level protocol overheads are used, then telstra's PPPoE layer - Eurgh.
I work for D2P - we sell/lease managed network servers, and also resell Nextep broadband. With Linux powering our servers, and Nextep providing our network, we managed to win ATUG SME provider of the year. Good stuff