Is Comcast Intercepting Packets? 403
nihilist_1137 writes: "According this page, comcast is intercepting your packets to gain knowledge of your whereabouts and then reselling it to marketers." According to the linked message, "This allows them to not only log all http requests, but to also log the response. Maybe they want to profile their customer browsing history for
subsidiaries or resale to marketers. Maybe they want to do their part in
The War on Freedom. Maybe they just want passwords to porn sites. Apparently they aren't using it to maximize bandwidth, because it's not configured to serve cached data."
This has to be illegal (Score:4, Interesting)
Re:This has to be illegal (Score:5, Insightful)
Isn't tapping internet connections the same, legally, as a phone tap?
Probably, but this probably isn't "tapping internet connections." I'll bet you dollars to donuts that when Comcast gets called on this, they'll explain how they're only "capturing and keeping limited information" with "aggregate identification only" so that they can "optimize their network configuration" or something like that. The phone company doesn't tap converstations, but they sure as hell have a database of which line called which number, when, and for how long.
They might even be telling the truth. Not that we care - who wants to be the first to write an app that makes random requests to random domains constantly so as to screw up their database?
Tangent (Score:4, Interesting)
The phone company doesn't tap converstations, but they sure as hell have a database of which line called which number, when, and for how long.
Can someone explain why the Good Guys always have to keep the Bad Guy on the line for something like three minutes in order to trace the call, when all they should have to do is call up the Phone Company (on another line) and ask them to punch up the number of the person calling this number right now?
Re:Tangent (Score:2, Informative)
Because Hollyweird is out of date. That used to be true in the days of mechanical switches, but now...pfft.
Well, that, and it provides a lazy director three minutes worth of free suspense.
I recently saw the modern version of this old chestnut on Fox's 24, where the Good Guys (a powerful and secretive yet benevolent government organization, hm) were unable to track down the exact physical location of a cell phone before the desperate-to-found caller was cut off.
Re:Tangent (Score:2, Informative)
I recently read an interview with 24's creators. When asked how much law enforcement and intelligence agencies cooperated in the writing of the show, they said something like "We've got a great relationship with the government. We pay our taxes and they leave us alone." So don't expect enormous amounts of realism from that show (eg, people running around shouting classified info over cell and cordless phones.)
Re:Tangent (Score:2, Informative)
Re:Tangent (Score:2, Informative)
In the past, it used to be that someone had to go actually TRACE the path of the physical switches as they connected the outgoing trunk to the local line. Someone actually had to do this manually physically, which is probably the 3 minute thing, but thats ancient tech. Only backwards places like North Dakota uses that.
Re:Tangent actually explained. (Score:2, Informative)
It's still in practice but now it's seconds not minutes that it takes to trace a call that's trying not to be traced.
Re:Tangent actually explained. (Score:3, Informative)
Re:Tangent (Score:2)
Re:Tangent (Score:3, Insightful)
Or, more to the point, facts don't make for exciting cinema.
Re:Tangent (Score:2)
Movies are there for enjoyment, not factual accuracy.
I work for a phone company (Score:5, Informative)
I work for a phone company.
No, we sure as hell DON'T have a database. (atleast in Canada). There are only 3 times we keep track.
1. As per customer request (traffic studies, getting prank calls)
2. As per warrant (court order required!)
3. For long distance billing. (we need to know how much to charge you)
local calls are not recorded - we have to add an option in your line programming for that - after meeting one of the above requirements.
Re:I work for a phone company (Score:5, Informative)
Mostly because of one reason, Inter-State Inter-Lata rules and other smaller FCC phone line fair use rules. Qwest, Sprint, MCI and thousands of other businesses and sometimes counties own the phone lines and the switches. If I make a call, EVEN Out of country, and Go from Qwest owned phone lines to your Canada owned phone lines, Qwest and the Canadian owned company have to reach a agreement on what to charge for the usage, BY THE SECOND.
Third party companies house these charges. The company Qwest uses is called Telview, found at http://www.telveiw.com; it's called a TARIFF library, Telview makes their money by handling these charges and selling them to telecoms. EVERY digital switch in the world uses some system like this, or in conjunction with.
Now the database in play comes in not to track who you are calling so much. But because once your voice packet leaves Qwest lines it is not their propriety anymore and someone has to pay for the usage. Thus MCI can say you as a Qwest user, used X amount of trunk access on their lines, and charge Qwest X amount of dollars for those seconds. Qwest logs roughly about 140+ million phone calls a day, their system is considered by the FCC to be the definitively correct system, In audit type disputes The FCC will even use Qwest records as a third party advisor, because we track EVERYTHING, even all of the other telecoms, and almost all in the world. We just made it into Europe last summer. Anyway these millions and millions of minutes are charged at as low as -5 cent a minute to crazy 15+ cents a minute. It goes negative because of anti-monopoly issues regarding start up telecoms. Seconds are rounded and tracked to the nearest thousandth. On Qwest's system, an audit system HAS to be in place, this is part of FCC regulation crap, not to mention allows the FCC to more or less do their job. Generally that database doesn't have names in it. But the billing database that does have all your names in it if you subscriber to Qwest, private or not.... is a simple sql call away, it quite latterly lives in the same server farm... No stored procedures can link the two databases by LAW. Unless a search warrant is in place. Then with the officer there, we can link them. But the link has to be deleted also under the officer's super vision. Your records are tracked as up to two years, then deleted off, one month at a time. So two years ago to last month, we have no clue of whom you called, and are really glad to have a little more space.
The rule is if you can't use a blue box on your phone line, then you are traceable down to that specific phone. Digital Switch = Trackable.
p.s. For those who wonder, The system is Called NTU, Network Transaction Usage. We use Perl to gather data off the switches, not every switch is alike, including the os they run and the data needs to be parsed for the database. A HP/UX demon is used to process rules, and sort out how they should be poked into the database. While an oracle database floating on 36 partitions in a huge raid system is used to house the data while it lives. The machine NEVER goes down, even it does go down, monitor machines can quite literally mirror the drives and swap out so no data is ever lost. The coolest thing I've ever seen was my cowboy boss walk over to this multi-billion dollar a year machine and say, "Time to test the emergency backup units." These machines are located in other states altogether btw. Then he just pulls the power cord out of this rack mounted 8 by 8.
Re:I work for a phone company (Score:2)
That's right, for a measley $20K (I don't know how much...), I could know that you call Pizza Hut 13 times a month, and that right after calling Pizza Hut, you called some video store in a really bad section of town. Sure, I don't know exactly what transpired in those conversations, but I could probably guess. Tie that to some credit-card and bank transactions, and I got a really good idea.
In short "NO IT AIN'T ILLEGAL" and no, "all your data belong to us."
And our Judicial, Executive, and Legislative brances (for, by, and from "Big Business TM") will gladly bend you over for them!
Cheers!
Re:I work for a phone company (Score:2)
Re:This has to be illegal (Score:2)
a guy i know asked for something similar earlier today, but his request was...
My vision is a tool that you download a list of "categories" such as: "pr0n", "web e-mail", "environmentalism", "news", "hacking", "mp3", etc... and for each category there are thousands of URLs that are just continuously requested
i modified some spiders i had lying around and came up with a script that does google queries for terms you specify and then follows the searches returned. here [blackant.net] is the script. It currently does no error checking and i havent tested it that much, just wrote it this morning, but it could be easily modified to do random queries.
i wrote something that did random queries and created pages from that a few years ago. there are other people who've done similar, like JWZ's webcollage [jwz.org], which he also integrated into Xscreensaver [jwz.org], so running that screensaver will generate constant random traffic.
Re:This has to be illegal (Score:2)
Re:This has to be illegal (Score:5, Funny)
>random requests to random domains constantly so as to screw up their database?
You mean actually follow the links on a slashdot story?
Re:This has to be illegal (Score:2)
One of the ways any ISP can keep track of its customers' browsing habits is to log DNS requests. IF your ISP pulls this baloney on you, try using some other ISP's DNS servers.
Alternately, use dnscache [cr.yp.to] from the djbdns [cr.yp.to] package. It will go straight to the root servers in order to resolve domains, and keep a local cache for good performance. It also protects you from cache poisoning.
Re:This has to be illegal (Score:4, Informative)
Re:This has to be illegal (Score:2)
Re:This has to be illegal (Score:5, Informative)
COLLECTION, USE AND DISCLOSURE OF INFORMATION ON
SUBSCRIBER USE
Collection of Information: Comcast collects, uses and releases information on Customer use of the Service as necessary to render the Service, to otherwise undertake legitimate business activities related to the Service and to comply with law. Comcast may collect information in accordance with applicable law concerning Customer's use of the Service and customer preferences which are reflected in the choices that a customer makes among the range of services offered as part of the Service, the time that the customer actually uses the Service, the menus and features used most often by the Customer, and other information about a customer's "electronic browsing."
Use of Information: Collecting information contained in transmissions made by Customer through the Service directed at Comcast, its Underlying Providers, Internet web sites, or other service providers to which access is provided as part of the Service, is necessary to provide the Service. Comcast's detailed business records generally are used to help make sure customers are properly billed; to send customers pertinent information about the Service; and for accounting purposes. Customer information is also used to execute requests and orders placed by customers with advertisers, merchants, and other service providers; to understand customers' reactions to various features of the Service or the Internet; and to personalize the Service based on the interests of customers. Such information helps Comcast improve the Service and uncover unauthorized access to the Service or Customer data and may be provided to law enforcement agencies in the event of such unauthorized access.
Confidentiality of Information: Comcast considers the personally identifiable Customer information that is collected to be confidential. Comcast will disclose to third parties personally identifiable information that Comcast maintains related to customers only when it is necessary to deliver the Service to customers or carry out related business activities, in the ordinary course of business, for ordinary business purposes, and at a frequency dictated by Comcast's particular business need, or pursuant to a court order or order of any regulatory body having jurisdiction over matters which are the subject of this Agreement. Additional information regarding disclosure of personally identifiable information is described in the Privacy Statement which can be accessed through the Comcast High-Speed Internet Service home page.
Re:This has to be illegal (Score:5, Funny)
Of course they consider it "confidential". You get a lot more money when the information you're selling is confidential!!!!
Re:This has to be illegal (Score:2)
Uh huh. Like Phase 3: Profit!
Re:This has to be illegal (Score:3, Insightful)
If you shouted in public something you can hardly feel violated when others learn about it.
The internet is inherently non-private. If you want a private connection use crypto. Otherwise, work under the assumption that everyone else knows everything you do on the net.
Tom
Re:This has to be illegal (Score:3, Insightful)
This is absurd. Internet traffic is no more "non-private" than a telephone call. The fact that means exist for people along the traffic path to intercept communications doesn't mean that they're allowed to. If that were the case, all laws governing phone tapping would be moot since the tapping would not be technically possible.
Re:This has to be illegal (Score:2)
Watching the traffic over their network to analyze it is certainly not illegal.
Snarfing your passwords and reading your corporate mail.. that definately IS
legal fine print (Score:2)
Re:This has to be illegal (Score:3, Insightful)
It's a pretty safe bet that there's something in the Comcast service agreement authorizing them to do this.
I'm pretty sure someone is..... (Score:2)
Interesting Bit of Law... (Score:3, Insightful)
I wonder if it prevents, say, an ISP from blocking porn sites (because that would require monitoring traffic). Perhaps it would include shutting out rival IMs or even whole parts of your network...
Consider Joe Blow AOL Luser, who configures a gateway to AOL so that anyone can access their content. Now... if AOL is a "wire service provider" can they shut down his account? If so, how would they know without monitoring?
Just a thought...
I use Comcast, and... (Score:5, Funny)
...this is the worst service in the hist -- It's the best cable provider! Sign up today! [comcastonline.com] -- ory.
Re:I use Comcast, and... (Score:2)
It's like installing a video camera in your bedroom. Best be on good behavior.
Re:I use Comcast, and... (Score:5, Informative)
They've always been able to intercept your passwords, assuming they're over plain HTTP basic authentication, or some other insecure protocol (POP, FTP, etc).
And no, they can't compromise VPN traffic or SSL-protected traffic. Those are encrypted end-to-end. It's the same thing with S/MIME or PGP email. If you use a VPN, or HTTPS, or IPSEC, then you are safe from eavesdroppers anywhere on the net, including your ISP, or whatever evil proxies they have set up to trap your packets.
If you don't trust your ISP to be responsible with your unencrypted traffic, though, you should think about switching ISPs. And if your passwords are that important, then you shouldn't be sending them over insecure protocols.
Be a little more responsible... (Score:5, Insightful)
Re:Be a little more responsible... (Score:3, Interesting)
There are a good number of folks in the
Just a thought!
Shining some more light on this (Score:5, Interesting)
Re:Shining some more light on this (Score:2)
It looks to me like you're losing a lot of packets someplace. I'd call it into tech support, and try to (somehow) get it up to at least level 2 support to take a look.
Re:Shining some more light on this (Score:2, Interesting)
Re:Shining some more light on this (Score:2, Funny)
Re:Shining some more light on this (Score:3, Informative)
Re:Be a little more responsible... (Score:5, Funny)
You must be new here. Welcome!
Re:Be a little more responsible... (Score:2)
Re:Be a little more responsible... (Score:2, Insightful)
It would be quite different if "Comcast" and "is" were switched around.
Still, your point is valid. I am sure many of us have wondered about the people who decide what is and is not posted to the front page...
Isn't this just a normal Transparent Proxy??? (Score:5, Informative)
Much easier to setup on the client side and you catch people who leave out the proxy information.
The fact that the server has other capabilities doesn't mean that they are actually using this stuff. If someone can show me a link to the page where I can buy the marketing data, *then* i will believe you.
This is just speculation.
Re:Isn't this just a normal Transparent Proxy??? (Score:2)
But why bother reloading at all? just check that the connection came directly from your IP at the time. If it's being proxied, the connection the web server sees will -always- be from the proxy and not directly from your IP.
Actually you don't even need your own server to test this. There's a page at junkbusters that tells you (amongst other things) the IP you connected from. If the IP junkbusters gives you isn't the same as the one ifconfig thinks you have, then there's a proxy somewhere
Finally, in reply to another comment about traceroute.. http uses TCP port 80 (https uses a higher port, but since everything but the IP is encrypted and none of it can be cached, there's little point in proxying it) , traceroute uses UDP on some other port, and ping uses ICMP echo packets. Apples and oranges..
Copyright to the rescue (Score:4, Funny)
Re:Copyright to the rescue (Score:2)
Re:Copyright to the rescue (Score:2)
I wonder what would happen if I went to http://www.iexplicitlyprohibittherecordingofthisu
Whiner (Score:2)
No evidence that they're doing anything wrong, just that they are using tools that "allow" them to. Boo hoo, Comcast is using a transparent cache and they could abuse it.
Afraid they might actually do it? Then https and check your certs.
This is not a story... (Score:5, Informative)
Many ISPs do transparent caching. Transparent caching at ISPs is more than acceptable. It's not acceptable when major backbones do it, as has happened in the past.
The fact that they can log what you do is just a side effect. The same can be done WITHOUT transparent caching. The 'author' says they added hardware just for this. Well of course they did! They're just trying to speed up access without needing as big of a link needed without using transparent caching.
And at any rate, I'm surprised this got posted. It's just some guy posting to two mailing lists, which got denied at that!
Ultimately though, I feel ISPs should provide a means to remove you from having your link transparently cached. If they do that, then you can't blame them for trying to save bandwidth. The results of a transparent cache can be substantial!
Re:This is not a story... (Score:3)
So yeah, transparent caching is good, except that's NOT what this Comcast server is doing according to the poster.
Re:This is not a story... (Score:2)
Re:This is not a story... (Score:2)
At any rate, this guy's arguement is not much more than a troll, at least in my opinion.
In away, I dunno... (Score:2)
Re:In away, I dunno... (Score:2)
New service packages (Score:4, Informative)
I'm glad sprint just hooked up DSL in my area, I'm switching providers.
According to insiders at Comcast there will be three tiers of service. The current service will be called Silver and it will be 1500/128 for $49.95 plus modem rental. Yes that is true, they are planning on a $10 price increase within the next year after the transition is complete and the merger with AT&T Broadband Internet is finalized. Comcast doesn't want to mess with the rates right now until they get regulatory approval for the merger. But the S.O.P. at AT&T and Comcast is a price increase after a merger. Look at what Cable rates did after the Mediaone transition.
Gold service will be 1500/300 and will allow VPN access and something they are calling priority traffic. This is the old Pro service. The cost will be $99.95. If you are a gamer used to the old MediaOne performance, this Gold level should get you back close to the perf you had with the old system. And yes that means you will be paying double for the same service you had last year.
The new low price option is Bronze. Expected to be 128/64 or maybe 256/128 it should be priced at $29.95. This is the one that is most in the air. I haven't seen a bronze config file yet to see what they are planning.
Modem rentals will be $5 and may increase to $7.
What the? (Score:2)
Likely, they want to generate detailed customer profiles so that they can sell more targeted advertising (after all, highly targeted advertising is what sells for the most money). But even at that, it's an annoying practice that should be explained to the customers.
Even assuming they notified their customers (which I don't believe they did), though, it's going to be a hard sell to convince customers that their passwords (which are often not encrypted) as safe with them. They'd best stop this practice while they're ahead and no one has taken legal action. It reeks of a poorly-thought-out marketing/management decision.
Re:What the? (Score:2)
Also, if Comcast is indeed capturing packets (not just request logs), then the customer needs to know that their ISP is storing things like unencrypted passwords. There's a big difference between packet storage and request storage.
Evidence, please? (Score:5, Informative)
This allows them to monitor and change (or insert ads into) what you read.
Posh. Fear-mongering. Come back with some evidence -- and I'll be as against it as the next guy. And if they are actually inserting ads, then they'll probably be in court with CNN, Disney, etc, so forth, for modifying and distributing copyrighted material.
Interestingly, regardless of what IP you address the packet to, the Inktomi Traffic-Server reads the Host: field to determine where to send the packet. I sent several packets from my home machine to one of my office machines, inside the packet was "Host: www.comcast.net". Comcast illegally intercepted, misinterpreted and altered this packet, and sent it to www.comcast.com. So, you might say there's a bug in this evil Inktomi Traffic-Server thing.
Oh, shut up. That's how a transparent proxy works. I suppose the Linux facilities for transparent proxing -- available for years now -- are also evil?
Where's my clue-by-four...
Hold your horses... (Score:5, Insightful)
Number one, this guy just got transitioned. A lot of people all over the country have been going through the same thing, and not everyone is seeing the same thing as him. As 'hostman' from the MESH (Michigan Engineering Software and Hardware http://misc.eecs.umich.edu/) discussion email list wrote:
"This whole thread got me a bit peeved, so I went home and ran a few tests. I was unable to find any evidence of the packet modification described. It is possible the described issue is not an issue here in A^2, as we 'transitioned' from MediaOne's service, not @Home..."
Secondly, your ISP has the right to monitor traffic to ensure quality of service. Just because the caching part of the server is not currently running, it does not mean that they aren't phasing it into the system. At this point it's just speculation. They might even have more rights to monitor what you're doing, depending on your service agreement. Read it.
Lets get some REAL evidence of what's going on other than this hear-say. Someone show us some modified packet headers, and someone else reproduce those results, and MAYBE I'll believe it then.
Mod parent down, Score -1, (Far Too Rational) (Score:2, Funny)
If it weren't for jumping to conclusions, I doubt anyone whould get any excercise at all around here!
Re:Hold your horses... (Score:3, Interesting)
This might be "fixed" once they either kill the usenet servers entirely or set up new ones inside their network like a sane ISP. Most people on the net are assuming the former will happen (which won't save as much bandwidth, since the heavy usenet users are likely to get external services). Your best bet at this point seems to be to pray that Comcast sees the light with Usenet and just buys the old servers from @home. If you've lead a clean life they might even announce something one way or the other before the switch off date (coming RSN).
Proof? (Score:2)
Of course, ISPs have access to pretty much all network traffic (you think your packets magically transport themselve to and back from slashdot?). And it would not be difficult at all to log everything that passes through the network. (You certainly don't need an Inktomi system, although maybe it helps, I dunno.) Probability is that there's at least some ISPs out there monitoring their customers invasively. Maybe Comcast is in fact doing it. But this article is simply not convincing.
This could be a big oops for Comcast (Score:5, Interesting)
While IANAL, I work in the digital television middleware industry and have been involved in making sure that we do not inadvertantly let our customers run afoul of that precise law. It's not just the law, it's a good idea.
Re:This could be a big oops for Comcast (Score:2)
Re:This could be a big oops for Comcast (Score:2)
Your third party....
Charter cable has a transparent proxy too (Score:2)
Say Charter, if you are reading you could reimburse me for the two hours I spent figurng out this defect in my Charter user's internet service.
Alledgely Comcast Also Using Spyware (Score:4, Informative)
So now they can track you from your own (Windows) machine, and also through their transparent proxy.
Dear Valued Comcast Customer (Score:4, Funny)
for your money, Comcast is committed to make
your Internet connectivity a useful tool in
your daily life.
We are partnering with many industry leaders
to ensure that you get many advantages out of
our service. In order to server you better,
Comcast now automatically connects you with
your interests by analyzing your Internet
traffic and matching it with one of our
partners.
Concretely, what does this bring to our
Valued Comcast Customers ? if you shop online,
Comcast and its partners will send you
E-coupons[tm] to save big at your favorite
online grocer. Do you book airline tickets
online ? Comcast and Delta Airlines will send
you E-coupons[tm] for incredible savings, and
access to unlisted flights. Do you buy
antiques on Internet Auction sites ?
E-coupons[tm] will help you save %15 or more
on your purchases.
But it gets better : you don't have to wait
for your next Value Comcast Customer
E-newsletter[tm] to take advantage of these
tremendous opportunities : the savings start
right now !
After analyzing your Internet traffic, our :
automated PatnerMatch[tm] server is able to
send your first E-coupon
--8<--8<--8<-- :
1 free visit to
Madame Tinkertoys House of Leather
Corner of Bourbon and Toulouse
New-Orleans, LA
Authorization number : 5UCK-M3-PL3N7Y
--8<--8<--8<--
To use your E-coupon, simply print it out
and present it to our E-Partner, and you will
start enjoying incredible savings.
Thank you Dear Valued Comcast Customer for
using Comcast's services.
Proof? (Score:2)
I'm not a fan of Comcast (or for that matter cable modems in general) BUT I must ask - Where is your proof that they aren't caching any of the pages and only using it to gather marketing data? Once can configure a transparent proxy to completely mask its existance. I do this quite often with customers on their firewalls I don't give a crap about what they are browsing, I just try to get the most/$$ for THEIR bandwidth.
Re:Proof? (Score:2)
Step 2. Repeat download requests. If remote account does not have to download the data again, but the data is still received by local account, "transparent" proxy has served the data from its local cache.
Caveat: make sure data isn't being cached by someone else's proxy inbetween the two accounts.
Re:Proof? (Score:2)
Oh gosh, not again. (Score:2)
Like I care.
Just plain stupid. (Score:2, Interesting)
First off all your spending habit is normally kept in a database somewhere by your credit card company. How else can they bill you? What's the difference between that and this? Are you going to send your email over the net that's sensitive unencrypted?
Further more as many have pointed out without success this sounds just like a transparent proxy. Which is a perfectly valid network influstructure.
What is it with slashdot and the slashmob?
It's their wire, they can tap it (Score:2)
If their proxy isn't standards-compliant, that's somewhat annoying. It's somewhat likely that this actually *improves* anonymity, though, because web sites cannot necessarily track users by IP address. And this doesn't seem to affect SSL-encrypted traffic (which couldn't be proxied without the user agreeing, since SSL resists man-in-the-middle), which is all of the traffic which is at all hidden. This is like looking at people's postcards-- sure, it's not polite, but the things aren't even covered in anything.
I do wonder if this affects their common-carrier status at all, however. If they're doing non-trivial things to the traffic, they could be held liable for pages they pass on to customers.
They aren't logging packets! (Score:3, Funny)
...But, be on the look out for version 2.0 of this Comcast innovation!
The all new super ultra deluxe Dream [Packet] Catcher. Just like the Native American device only it captures packets and puts the user to sleep waiting for a reply to them.
Good (sarcasm on) (Score:2)
Rampant Paranoia (Score:2)
Crypto. (Score:4, Insightful)
When you send plaintext over the net, like HTTP reuqests..
YOU ARE SENDING PLAIN READABLE TEXT OVER A PUBLIC NETWORK.
Where is your expectation of privacy? That's right.. you don't really have one.
Passwords? HTTPS.. that's what the 'secure'part means you know.
Re:Crypto. (Score:5, Insightful)
Data on a switched network between two large ISPs is no easier to intercept than voice going between two large phone companies. In fact, I daresay it would be easier for me to tap my neighbor's phone than his cable modem (I could do it with a pair of pliers and some wire); it would, however, be illegal and IMO wrong for me to do so.
Bottom line: even though it may be *possible* for nefarious people to tap your phone, put bugs in your living room, or even implant a chip in your brain, you can still have an expectation of privacy. Not wrapping your house in tinfoil does not mean you're giving up your right to privacy, because your home is not a public forum. The wires between you and a web server do not constitute a public forum by any stretch of the imagination (even if the server happens to be hosting a public forum). Not using HTTPS does not consitute an abdication of privacy.
If you run a packet sniffer and look at other people's data, good luck convincing a judge that you weren't doing something bad under Section 2511 because the data wasn't encrypted.
"Hey, his front door wasn't locked, so I didn't really steal his TV..."
"Hey, the guy didn't use The Club, so this really isn't Grand Theft Auto..."
"Hey, she was wearing that short skirt; she deserved it..."
this poses interesting things... (Score:2)
Oh, SHUT the FUCK UP!!!! (Score:2)
This is just a stupid fucking email message that, once again, when placed under the magic Slashdot Out-Of-Proportiometer, has ballooned to mega-lotta-banner-ad size.
- A.P.
Comcast IS using a transparent proxy. Observe. (Score:2, Interesting)
$ telnet 1.2.3.4 80
Trying 1.2.3.4...
Connected to 1.2.3.4.
Escape character is '^]'.
get www.yahoo.com
Yahoo! -
501 Method Not Implemented [yahoo.com] Help [yahoo.com] Method Not Implemented
get to
Copyright
© 2002 Yahoo! Inc. All rights reserved.
Privacy Policy [yahoo.com] -
Terms of [yahoo.com]
Service
Connection closed by foreign host.
$ telnet 1.1.1.1 80
Trying 1.1.1.1...
Connected to 1.1.1.1.
Escape character is '^]'.
nmap ANY valid or invalid host and port 80 will be open. Yes folks, that IS a transparent proxy answering your calls.
Re:Comcast IS using a transparent proxy. Observe. (Score:2)
And what will happen if the request you make (say to a Linux box with some clever scripting) has the request header like a CodeRed infected box might send out? There are a lot of things they could be doing with this. One might be to quench worms like CR. IMHO, that much would be a good thing.
Of course there are many bad things that could potentially be done with such a thing. If it disassociates the HTTP Host: header from the original destination IP address, and tries to lookup that hostname and connect there regardless of what the IP was, that could be bad. What if you are requesting a page from a web site in an alternate DNS realm like the Open Root Server Confederation [orsc.net] ... such as http://chrono.faq/ [chrono.faq] or http://watch.gallery/ [watch.gallery] or http://baby.mart/ [baby.mart] or http://top-stories.news/ [top-stories.news]?
Experienced Inktomi Admin (Score:4, Informative)
That previous life was working with a large Regional Bell company... the mere mention of selling of consumer info (even just anonymized web logs) caused the blood to run out of their faces. I don't think it'll happen there, but I don't make promises for anyone else. It's quite the panacea of information, even if just used internally.
BTW, Novell's proxy cache is actually faster, easier and quite a bit cheaper. Squid, while free, will likely never reach the same performance levels.
Logs off the caching device (Score:4, Insightful)
The logs generated for this device is not anonymous. It's pretty much reads like an Apache log. Source and destination IPs for every request. I remeber wanting to get some sample data to see if we needed to take the Cache log into account for looking at out admin server traffic reports. Small town USA pretty much surfs over 50% porn.
At any rate. It's doubtful they use the cache box to collect internet traffic stats. Why? Well, basically, it's a money issue. Once you have the data great...except it's a freak'n huge sh*tload of data. If you want useful reporting you need to keep data for a year. Your're looking putting almost 500K into disk, CPU, and software. It's not worth it because you'd never recoup the money.
This does NOT mean your ISP doesn't sell your data. An ISP can make some serious cash by selling your data. ISP's can and DO enter into agreements with companies that collect data. However, the ISP wash their hands of the actual process. They let a 3rd party drop a Switch or a Bridge into a POP that directs traffic to a machine that will totally transparently collect data and start collecting checks.
Point is, the Cache is exactly what it appears. A Cache. It does collect data, but I've never heard of a National ISP use that data. They let a 3rd party company do all the work and collect the checks.
Non-transparent proxies are coming (Score:2, Informative)
Personally I approve of this because it will allow for a more efficient operation of many useful web services like content filtering, virus checking and ad stripping. An important part of this work will also be define a standard way for conforming OPES software to only invoke edge services after authorization from end-users and/or content providers.
hmm (Score:2)
3 Executive Campus, 5th Floor
Cherry Hill, NJ 08002
US
Netname: JUMPSTART-1
Netblock: 68.32.0.0 - 68.63.255.255
Maintainer: CMCS
Coordinator:
Zeibari, Greg (GZ64-ARIN) gzeibari@comcastpc.com
856-661-7929
Domain System inverse mapping provided by:
NS01.JDC01.PA.COMCAST.NET 66.45.25.71
NS02.JDC01.PA.COMCAST.NET 66.45.25.72
ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
"To report network abuse incidents please send an e-mail to
abuse@comcastpc.com. The e-mail should include a description of the incident, the source IP address and any log files, SPAM or any other applicable information. Incidents reported to any other e-mail address will not be investigated."
Record last updated on 15-Jan-2002.
Database last updated on 11-Feb-2002 19:56:34 EDT.
Re:hmm (Score:2)
Works for solution.com owned by Voveo Marketing Group Inc. http://www.voveo.com/
Envision a new breed of marketing...
At Vovéo we are bringing to life a vision for a new breed of marketing. One that begins with a belief that all marketing must work toward a single goal - results. Vovéo's marketing services drive results because they are highly adaptable, in-step with the front-lines, customer-centric, extremely focused, and tightly integrated. It is our integrated approach to marketing that stands in stark contrast to the traditional "stovepipe" mentality still prevalent in many organizations, where narrowly conceived departmental lines prevent the effective integration of all marketing disciplines.
Envision marketing with the 'technology advantage'...
Every agency has its specialty, ours is technology. Our roots are in technology - clients and employees alike. Since day one, clients have been relying on us for our ability to apply technology to the art of marketing, and for our expertise in the high technology arena. We creatively combine traditional and online techniques. And invent new tools and solutions that utilize technology to create the greatest possible marketing impact and efficiency. Vovéo is unmatched in its ability to deliver superior marketing services with the technology advantage.
Envision a new agency experience...
At Vovéo we are committed to a new agency experience. One that begins with a veteran team that acts as an extension to your own, and is lead by one who has walked in your shoes. Vovéo contributes valuable outside perspectives deeply rooted in experience. Add to that lightening speed of delivery; cost effective, innovative solutions that stretch your marketing dollars and respect your budgets - all with a realistic, practical approach.
Re:hmm (Score:2)
Sales Planning
We believe effective sales development begins with a thorough understanding and analysis of the sales process itself. Through this analysis we can determine the best possible mix of partner and direct sales resources.
In addition, the sales process analysis provides the blueprint for determining how marketing can best work to optimize sales effectiveness. Communications materials can be constructed to work in concert with all other sales efforts - ensuring that key decision makers and influencers receive highly targeted materials at the appropriate time.
Sales Coverage Models / Target Account List Development
Also critical to successful sales development is a clear understanding of where sales opportunities exist geographically. Vovéo is widely known for its geographic analysis techniques, whereby models are constructed to evaluate pockets of targeted business opportunities, leading to optimal placement and deployment of sales and partner resources. Combining the sales process and geographic analyses, Vovéo will develop a universe of target accounts that will become the focus for initial sales development activities.
Demand Creation / Sales Development
Vovéo is passionate in its belief that successful demand creation initiatives must be tightly integrated. The veteran staff at Vovéo is renowned for its ability to develop effective campaigns with precision messaging and creative design utilizing online and traditional tactics, while incorporating high impact, audience appropriate response mechanisms.
Whether it is a vertical market initiative, a partnership program to internal or external audiences, or a product specific campaign, Vovéo delivers high impact programs that help you achieve your sales development objectives.
Looks like a job for Orangatango (Score:2, Informative)
Copyright violation (Score:4, Interesting)
Comcast is engaged in the large-scale activity of making unauthorized derivative works (with that modified content and extra ads) of (copyrighted!) web sites for commercial gain . If a few of us web-smiths nail down the evidence solidly, the court ought to make us rich off the damages! Not to mention the fun we could have following the (M$, BSA, Scientology) precedents with ex parte orders for copyright violation search!
FUD? (Score:3, Insightful)
Something about this just smells like FUD to me.
Transparent Proxies (Score:3, Informative)
- we have all kinds of quality problems. There's a shitload of web apps out there that break with transparent caches, one way or the other, and often in subtile ways. There's even an RFC [faqs.org] about some of them.
- when metering traffic independently of the cache statistics we found that we actually did not save any bandwidth worth mentioning. The statistics for the caches of course say different, but interface counters don't lie
:-)
- customer satisfaction goes down the drain. The reason is, even if there is no problem with the caches, people blame any problem with internet and web site availability on the caches - and thus on us.
But, no, we have nothing in place to collect and evaluate logs. It's just much too much data right now to handle or even store it professionally. OTOH, given technological advances, this kind of storage and evalutaion probably will be trivial a few years from now. So the tendency is definitely dangerous.f.
Comment removed (Score:4, Informative)
Re:Inevitable (Score:2)
Luckily, I still have several small video stores from which I can rent 'adult' movies (like the uncut American Pie).
Re:That explains.... (Score:2)
Re:It's pretty much a done deal (Score:2)