Also, for now, lets leave the political bashing out of this and avoid Armageddon analogies.
What Just Happened?
The bottom line for all of this is: it is now legal for your internet service provider (ISP, the technical term for AT&T, Verizon, T-Mobile...) to collect, store, and sell data regarding your internet usage. This includes but is not limited to: Web browsing history, App usage history, Content of communications such as messages, emails and online chats.This is ofcourse in addition to the social security number of the consumer and bank information, so technically anyone that buys this data could know is was specifically you. Not to mention, they can now also sell your geo-data (the GPS data from your phone).
What Really Changed Though?
Under the FCC rules the companies needed your permission to sell this information. Now they don't take a look at this excerpt from the FCC press release explaining what data the companies need your permission in order to collect and sell:
Will they though?
Yeh man, probably they will. When FCC was first putting together the bill CTIA (The Wireless Association, a lobbyist group representing AT&T, Verizon Wireless, T-Mobile USA, and Sprint) claimed "Web browsing and app usage history are not 'sensitive information" and pushed very hard against the legislation. Since this data allows advertiser to engage in targeted marketing like never before, you can bet there will be quite a market for your data.Also, here is what we know for sure the companies are already keeping:
- Comcast: Believed to retain IP addresses that connected to BitTorrent for 180 days.
- Verizon: IP address assignment (What IP belonged to which user) are retained for 18 months.
- Qwest/Century: Same logs as Verizon, up until one year.
- Cox: Same as Qwest.
Inconvenient, But I Have Nothing to Hide...
Maybe, but we have seen time and time again that private companies often fail to stop hackers from gaining access to their database. Do you really trust an advertising company to protect your internet usage history and even content of communications? What someone gains access and leaks everything? What if someone decides he dislikes a comment you have made, finds the leaks and decides to dox you?For example, angry users are already making plans to purchase the internet search history of Senator Mitch McConnell and Paul Ryan.
Ok, What Now then?
Lets break this down by application:Protect your Browsing Data:
Luckily, there are different options that provide different levels of security. Lets go from easiest to hardest:Incognito Browsing
Does NOT help for shit, you are just asking your computer not to remember the you went to that porn website. The Version/AT&T/T-Mobile server knows its is you and can now legally store this information.HTTPS
If you glance at your URL bar you will probably find that the website begins with either http or https. These are different protocols that your computer is using to communicate with the blogger internet server. HTTPS is quite a lot more secure, it encrypts most of the data being transferred but the server will still know which websites (and which pages in that websites) you went to. Basically, the content of your messages, as well as username and password are now probably encrypted, but the URL and your GPS location are still transparent.The good thing about the HTTPS is that you can probably set-up your PC to always use is it in under a minute. First and foremost, latest versions of Firefox, and Chrome have https enabled by default and now warn users when the websites use insecure http login (meaning, your ISP can see your username and password).
Most importantly, the "Electronic Frontier Foundation", a non-profit digital rights group, have released an firefox / chrome extension called "HTTPS Everywhere" which will make sure you are always have this essential level of protection.
Still confused? Check out this HTTPS ON, HTTPS OFF Gif from the Electronic Frontier Foundation:
TOR
Sadly, things get complicated fast, as seen in the GIF above, even with HTTPS everyone can still tell which websites you are visiting (and which pages in these websites). The only way to make sure no one knows the name of that site you go to late at night is to use TOR.Here is an excellent step by step guide courtesy of the DarkNetMarketsNoobs sub-reddit.
Also, check out this TOR ON, TOR OFF Gif (again from the Electronic Frontier Foundation):
Protect your Phone Messaging Data: WhatsApp Vs Telegram:
While Telegram was traditionally seen as a more secure messaging app, the fact that it does not encrypt messages by default (which whatsapp does), in addition to recent vulnerability concerns and the fact that it does not use any well known encryption standard causes most to prefer whatsApp.Btw, unrelated, but Snapchat can legally store anything sent via it's app so keep it PG.
Conclusion
Remember how we left out the political bashing at the beginning? Well here it comes.This issue is beyond partisan alignment, it has the potential to hurt all Americans and the only reason it was passed now is the current political climate being too chaotic for us have the sufficient bandwidth to tackle such issues. Meredith Baker, the current CEO of CTIA (the wireless lobby group responsible for pushing this repeal) is a republican that was appointed by president Obama as the a member of the United States Federal Communications Commission. I suspect that neither the democrats nor the republicans really understand much of the legislation, and dount how much they would care if they did. Your only option is to educate yourself, protect yourself, and when the fight for net neutrally comes (and this is definitely the next item on the CTIA agenda) make sure your voice is heard.
Great article!
ReplyDeleteWhat are your comments about the following describing WhatsApp and possible backdoor compromises of the program?
https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages
Yeh, but its a feature rather than a bug. In other words, it was put in place to allow government surveillance. As we learned recently, hiding what you are doing from the government could be pretty problematic.
Deletehttp://money.cnn.com/2017/03/07/technology/wikileaks-cia-hacking/
Is there a gif that shows what is looks like with a VPN?
ReplyDeleteNo, but in a way VPN is the same as TOR. Your ISP will see the VPN server as the site you are contacting to and your location. The ISP of the VPN server will also know it is you, and he can know what sites the VPN server is connecting to. But there is no way to know which sites you requested and which sites come from other users of the same VPN server (unless the VPN server company rats on you).
DeleteBasically, all the data, including the site URL will be encrypted for your ISP server. But the VPN server will know everything about you, so avoid free ones.
IPVanish is an expensive one but keeps no logs whatsoever. But for anyone not planing to overthrow the government Hotspot Shield and KeepSolid VPN Unlimited and more than enough (the 1 year subscription has good value, and speed is excellent)
Gambling problem gambling - DrmCD
ReplyDeleteAs of 2021, the largest online 충주 출장샵 gambling company 상주 출장마사지 is known 의왕 출장마사지 to the gambling industry. It has partnered with a team of professional software development Rating: 3.8 · 부천 출장마사지 1,200 안양 출장샵 votes