Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Is Comcast Intercepting Packets?

timothy posted more than 12 years ago | from the wherefore-and-through-whom dept.

Privacy 403

nihilist_1137 writes: "According this page, comcast is intercepting your packets to gain knowledge of your whereabouts and then reselling it to marketers." According to the linked message, "This allows them to not only log all http requests, but to also log the response. Maybe they want to profile their customer browsing history for subsidiaries or resale to marketers. Maybe they want to do their part in The War on Freedom. Maybe they just want passwords to porn sites. Apparently they aren't using it to maximize bandwidth, because it's not configured to serve cached data."

Sorry! There are no comments related to the filter you selected.

First post i hopes. (-1)

Fecal Troll Matter (445929) | more than 12 years ago | (#2992160)

Dedicated to Ralph Jew Hater Nader.

Re:First post i hopes. (-1)

Ralph JewHater Nader (450769) | more than 12 years ago | (#2992374)

Thank you for your first post. I am proud to say that our combined efforts have finally alerted the Slashdot readers to a terrible threat: the zionist threat. We must fight the good fight. Kill all the jews! Execute the niggers! Only then will the world be safe from the subhuman races!

Remedy (-1)

The Lyrics Guy (539223) | more than 12 years ago | (#2992162)

The Black Crowes - Remedy

Baby, baby why can't you sit still?
Who killed that bird out on you window sill?
Are you the reason that he broke his back?
Did I see you laugh about that?
If I come on like a dream?
Would you let me show you what I mean?
If you let me come on inside?
Will you let it glide?

Can I have some remedy?
Remedy for me please.
Cause if I had some remedy
I'd take enough to please me.

Baby, baby why did you dye your hair?
Why you always keeping with your mother's dare?
Baby why's who's who, who know you too?
Did the other children scold on you?
If I come on like a dream?
Would you let me show you what I mean?
If you let me come on inside?
Will you let it slide?

Not ALL packets (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2992163)

This first post came through after all.

first post! (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2992167)

Damn nihilist! you post a shitload of shit!

I was gonna go look at some pr0n but got to /. instead (Malda...I'm looking at you!)

www.y2khai.com

That explains.... (0, Offtopic)

JayHerrick (469525) | more than 12 years ago | (#2992175)

...my 50% drop in bandwidth when Comcast switched off the @Home network.

Re:That explains.... (1, Redundant)

earlytime (15364) | more than 12 years ago | (#2992212)

but if they're using a "transparet" proxy, wouldn't that speed up your connection? duh?

seriously, i doubt comcast's stopgap measures are up to par with @home's network. Hopefully they'll get it together soon enough... But i the meantime, my roadrunner connection is just a little faster that usual ;-)

This has to be illegal (4, Interesting)

Marx_Mrvelous (532372) | more than 12 years ago | (#2992176)

Isn't tapping internet connections the same, legally, as a phone tap? It's nto legal for the phone company to listen in on your conversations to sell to advertisers, it can't possibly be legal to sniff packets to sell to marketers!

Re:This has to be illegal (5, Insightful)

bourne (539955) | more than 12 years ago | (#2992215)

Isn't tapping internet connections the same, legally, as a phone tap?

Probably, but this probably isn't "tapping internet connections." I'll bet you dollars to donuts that when Comcast gets called on this, they'll explain how they're only "capturing and keeping limited information" with "aggregate identification only" so that they can "optimize their network configuration" or something like that. The phone company doesn't tap converstations, but they sure as hell have a database of which line called which number, when, and for how long.

They might even be telling the truth. Not that we care - who wants to be the first to write an app that makes random requests to random domains constantly so as to screw up their database?

Tangent (4, Interesting)

volpe (58112) | more than 12 years ago | (#2992284)

I know I'm going off on a tangent here, and it's off-topic, but please bear with me.


The phone company doesn't tap converstations, but they sure as hell have a database of which line called which number, when, and for how long.

Can someone explain why the Good Guys always have to keep the Bad Guy on the line for something like three minutes in order to trace the call, when all they should have to do is call up the Phone Company (on another line) and ask them to punch up the number of the person calling this number right now?

Re:Tangent (1)

bourne (539955) | more than 12 years ago | (#2992294)

Can someone explain why the Good Guys always have to keep the Bad Guy on the line for something like three minutes in order to trace the call...

I always figured that the database wasn't real time. Either it doesn't update until the call completes (at which point it logs "Start Time - Source - Dest - Duration" as one line) or it logs it on subsidiary (CO) equipment that isn't accessible to Ma Bell in real time.

Disclaimer: I pulled that theory out of my butt.

Re:Tangent (1)

dirty (13560) | more than 12 years ago | (#2992295)

Cuz the phone company won't give the number w/o a warrant. That's how I think it works at least.

Re:Tangent (2, Informative)

djmoore (133520) | more than 12 years ago | (#2992312)

Can someone explain why the Good Guys always have to keep the Bad Guy on the line for something like three minutes in order to trace the call, when all they should have to do is call up the Phone Company (on another line) and ask them to punch up the number of the person calling this number right now?

Because Hollyweird is out of date. That used to be true in the days of mechanical switches, but now...pfft.

Well, that, and it provides a lazy director three minutes worth of free suspense.

I recently saw the modern version of this old chestnut on Fox's 24, where the Good Guys (a powerful and secretive yet benevolent government organization, hm) were unable to track down the exact physical location of a cell phone before the desperate-to-found caller was cut off.

Re:Tangent (2, Informative)

dachshund (300733) | more than 12 years ago | (#2992366)

I recently saw the modern version of this old chestnut on Fox's 24, where the Good Guys (a powerful and secretive yet benevolent government organization, hm) were unable to track down the exact physical location of a cell phone before the desperate-to-found caller was cut off.

I recently read an interview with 24's creators. When asked how much law enforcement and intelligence agencies cooperated in the writing of the show, they said something like "We've got a great relationship with the government. We pay our taxes and they leave us alone." So don't expect enormous amounts of realism from that show (eg, people running around shouting classified info over cell and cordless phones.)

Re:Tangent (0, Redundant)

Sloppy (14984) | more than 12 years ago | (#2992315)

Because it makes the movie more exciting.

Re:Tangent (2, Informative)

synx (29979) | more than 12 years ago | (#2992355)

hollywood bullshit. With modern switches the phone system doesnt have to "trace" worth shit. It just _knows_ these things. There are limits, but with ANI and ANI2, the phone number comes down the wire with the signaling/setup.

In the past, it used to be that someone had to go actually TRACE the path of the physical switches as they connected the outgoing trunk to the local line. Someone actually had to do this manually physically, which is probably the 3 minute thing, but thats ancient tech. Only backwards places like North Dakota uses that.

Re:This has to be illegal (0)

Anonymous Coward | more than 12 years ago | (#2992300)

One of the ways any ISP can keep track of its customers' browsing habits is to log DNS requests. IF your ISP pulls this baloney on you, try using some other ISP's DNS servers.

Re:This has to be illegal (2)

bourne (539955) | more than 12 years ago | (#2992358)

One of the ways any ISP can keep track of its customers' browsing habits is to log DNS requests. IF your ISP pulls this baloney on you, try using some other ISP's DNS servers.

Alternately, use dnscache [cr.yp.to] from the djbdns [cr.yp.to] package. It will go straight to the root servers in order to resolve domains, and keep a local cache for good performance. It also protects you from cache poisoning.

I work for a phone company (5, Informative)

Anonymous Coward | more than 12 years ago | (#2992339)

"The phone company doesn't tap converstations, but they sure as hell have a database of which line called which number, when, and for how long."

I work for a phone company.
No, we sure as hell DON'T have a database. (atleast in Canada). There are only 3 times we keep track.

1. As per customer request (traffic studies, getting prank calls)

2. As per warrant (court order required!)

3. For long distance billing. (we need to know how much to charge you)

local calls are not recorded - we have to add an option in your line programming for that - after meeting one of the above requirements.

Re:This has to be illegal (0, Offtopic)

Anonymous Coward | more than 12 years ago | (#2992363)

"I'll bet you dollars to donuts that..."

Mmm... DONUTS!

Re:This has to be illegal (4, Informative)

gmhowell (26755) | more than 12 years ago | (#2992245)

I probably signed some BS license agreement that gave them the right to do that. Doesn't matter. With spamcop, spamassassin, and all of that (plus the fact that they STILL don't have a working email address for me) they can't send me spam. And with caller id, I haven't spoken to a salesman since I stopped answering blocked numbers. And, finally, with my hosts file, I don't even see 90% of the ads anymore.

Re:This has to be illegal (2)

jerw134 (409531) | more than 12 years ago | (#2992264)

Actually, you did. Take a look at Section 5 of the new improved Comcast HSI TOS. It's pretty interesting.

Re:This has to be illegal (5, Informative)

hex1848 (182881) | more than 12 years ago | (#2992268)

Its all in the terms of service: [comcast.net]

COLLECTION, USE AND DISCLOSURE OF INFORMATION ON
SUBSCRIBER USE

Collection of Information: Comcast collects, uses and releases information on Customer use of the Service as necessary to render the Service, to otherwise undertake legitimate business activities related to the Service and to comply with law. Comcast may collect information in accordance with applicable law concerning Customer's use of the Service and customer preferences which are reflected in the choices that a customer makes among the range of services offered as part of the Service, the time that the customer actually uses the Service, the menus and features used most often by the Customer, and other information about a customer's "electronic browsing."

Use of Information: Collecting information contained in transmissions made by Customer through the Service directed at Comcast, its Underlying Providers, Internet web sites, or other service providers to which access is provided as part of the Service, is necessary to provide the Service. Comcast's detailed business records generally are used to help make sure customers are properly billed; to send customers pertinent information about the Service; and for accounting purposes. Customer information is also used to execute requests and orders placed by customers with advertisers, merchants, and other service providers; to understand customers' reactions to various features of the Service or the Internet; and to personalize the Service based on the interests of customers. Such information helps Comcast improve the Service and uncover unauthorized access to the Service or Customer data and may be provided to law enforcement agencies in the event of such unauthorized access.

Confidentiality of Information: Comcast considers the personally identifiable Customer information that is collected to be confidential. Comcast will disclose to third parties personally identifiable information that Comcast maintains related to customers only when it is necessary to deliver the Service to customers or carry out related business activities, in the ordinary course of business, for ordinary business purposes, and at a frequency dictated by Comcast's particular business need, or pursuant to a court order or order of any regulatory body having jurisdiction over matters which are the subject of this Agreement. Additional information regarding disclosure of personally identifiable information is described in the Privacy Statement which can be accessed through the Comcast High-Speed Internet Service home page.

Re:This has to be illegal (3, Insightful)

tomstdenis (446163) | more than 12 years ago | (#2992286)

Depends. The only reason tapping phones is illegal [at least in most countries] is because of the explicit right and expectation of privacy.

If you shouted in public something you can hardly feel violated when others learn about it.

The internet is inherently non-private. If you want a private connection use crypto. Otherwise, work under the assumption that everyone else knows everything you do on the net.

Tom

Re:This has to be illegal (2)

mindstrm (20013) | more than 12 years ago | (#2992334)

The phone company keeps track of who you call and when.. is that illegal?

Watching the traffic over their network to analyze it is certainly not illegal.

Snarfing your passwords and reading your corporate mail.. that definately IS

Re:This has to be illegal (0)

Anonymous Coward | more than 12 years ago | (#2992372)

Recent rulings have for some reason made a distinction between real mail (i.e. snail mail) and e-mail. A letter sent in an envelope is considered private and can't be opened by an employer- even if it's mailed from the company- while e-mail can be read by anyone who so chooses.

Inevitable (1)

serps (517783) | more than 12 years ago | (#2992177)

This kind of stuff was bound to happen, if recent history is any indication. Thing is, what can you do about it?

(This is an honest question, since I don't know, myself)

Re:Inevitable (4, Informative)

danheskett (178529) | more than 12 years ago | (#2992211)

First, get a friend on a trusted network. Use something like FreeSwan or MS-PPTP and tunnel all traffic throught that box. If you are really desperate let me know and you can use my box for it.

Second, start looking around and reading up on IPSEC. IPSEC is a true life-saver - when and if it ever gets implemented virtually the entire packet (minus header information) will be encrypted for virtually all web traffic - the FBI, Carnivore, your ISP, AOLTW, MS, all of them will be *screwed* unless they start planting more and more backdoors.

Finally, write you're senators and reps, but start first at the local level. Get the pressure moving up the chain. It helps.

Re:Inevitable (1)

natslovR (530503) | more than 12 years ago | (#2992218)

Simple -> Go back to reading newspapers and buying your porno from the Adult 'bookshop' on the corner.

Re:Inevitable (2)

gmhowell (26755) | more than 12 years ago | (#2992260)

No adult bookshop in my town. I have to go to the live showings;)

Luckily, I still have several small video stores from which I can rent 'adult' movies (like the uncut American Pie).

Re:Inevitable (1)

Sloppy (14984) | more than 12 years ago | (#2992227)

Thing is, what can you do about it?

If you don't trust the data path between you and whoever you want to talk to, then you use encryption. (From here on, I am just adding padding because the lameness filter thinks I have less than 8.9 characters per line?!)

Re:Inevitable (1)

base3 (539820) | more than 12 years ago | (#2992230)

ZKS Websecure [freedom.net] . It's not the product it used to be, not after 9/11 (though ZKS claims it was market forces that killed freedom.net). Not by a long shot. But it will prevent your ISP from monitoring your browsing habits. The downside? Your ISP will also know you're using an anonymizing proxy, and if the tinfoil hat brigade (of which I am a proud member) is right, they'll watch you even more closely.

Re:Inevitable (0)

Anonymous Coward | more than 12 years ago | (#2992329)

As for myself, and hopefully enough other people to make a difference, I'd cancel the service immediately.

While the only other "broadband" service I qualify for in my area is IDSL at 144kbps, I would gladly take that over cable as my privacy means that much to me.

Either that, or I could tunnel a PPTP or other encrypted connection to my office....

Huh? (1)

BadlandZ (1725) | more than 12 years ago | (#2992179)

Is it just me, or does anyone else have a hard time taking the sources and content as proof of anything other than another conspiracy theory?

Then again, some of the conspiracy's out there HAVE to be true don't they. Law of averages and all that....

Re:Huh? (1)

Theodore Logan (139352) | more than 12 years ago | (#2992232)

Then again, some of the conspiracy?s out there HAVE to be true don't they. Law of averages and all that....

In that case we better start making up some good ones.

Re:Huh? (0)

Anonymous Coward | more than 12 years ago | (#2992241)

There is no such thing as the law of averages. That's like saying a normal die would will eventually land on 7 because of the law of averages. It is not even a possibility.

Re:Huh? (1)

essdodson (466448) | more than 12 years ago | (#2992318)

I'm still looking for any credibility in this article, I've yet to find any. Have you guys had better luck than I have?

"Dear Slashdot,
My ISP is operated by the Nazi party and they are going to come after me for being a Jew. I can prove this due to their use of a bandwidth saving transparent proxy. Help me!"

Wonder if they'd post that?

I'm pretty sure someone is..... (2)

os2fan (254461) | more than 12 years ago | (#2992180)

My three hotmail accounts get quite different traffic in terms of spam. Much of it started by the inclusion of my name, and the URL for my "home page" in the same message. Certianly wasn't browsing: they think I OWN it!!!! Yeah, right.

Isn't this what people want (0)

Anonymous Coward | more than 12 years ago | (#2992181)

Don't people want targetted ads?

facp (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2992188)

first ac post!
huzzah!

Interesting Bit of Law... (3, Insightful)

alfredw (318652) | more than 12 years ago | (#2992189)

... quoted in the article...

I wonder if it prevents, say, an ISP from blocking porn sites (because that would require monitoring traffic). Perhaps it would include shutting out rival IMs or even whole parts of your network...

Consider Joe Blow AOL Luser, who configures a gateway to AOL so that anyone can access their content. Now... if AOL is a "wire service provider" can they shut down his account? If so, how would they know without monitoring?

Just a thought...

Re:Interesting Bit of Law... (1)

antistuff (233076) | more than 12 years ago | (#2992324)

Joe Blow doesn't know how to configure a gateway to AOL so anyone can use thier service. If he did then he would be joe hacker, not joe blow.

CON-firmation? (1)

Fyndlorn (88381) | more than 12 years ago | (#2992191)

WHats going on here. This seems unbelieveable! Has anybody independently confirmed this, or some any real work to prove this isn't a hoax?

Tingly Feeling (1)

craig_bush (245989) | more than 12 years ago | (#2992192)

I feel the hair on the back of my neck standing up.

Re:Tingly Feeling (1)

looseBits (556537) | more than 12 years ago | (#2992235)

I wouldn't worry about it too much. It is probably just some techie at Comcast sniffing for porn. You know how much everyone loves free porn.

But if it is a corporate conspircay, it's probably juat the company trying to collect porn for distibution at their next shareholder's meeting (I would definitly buy stock in the company if that were the case).

I use Comcast, and... (5, Funny)

leviramsey (248057) | more than 12 years ago | (#2992197)

...this is the worst service in the hist -- It's the best cable provider! Sign up today! [comcastonline.com] -- ory.

Re:I use Comcast, and... (2)

Boone^ (151057) | more than 12 years ago | (#2992234)

Hehe.. the humor is appreciated but it's scary to think what companies can do with http logging software and a google-in-a-box. Intercepting passwords, compromising secure company VPN traffic...

It's like installing a video camera in your bedroom. Best be on good behavior.

Be a little more responsible... (5, Insightful)

Spamuel (246002) | more than 12 years ago | (#2992199)

I can't believe Slashdot would link to a unsubstantiated Usenet posting written by a "J Edgar Hoover", and put this as front page news. These are pretty serious allegations to be throwing around without any proof.

Re:Be a little more responsible... (3, Interesting)

psychosis (2579) | more than 12 years ago | (#2992231)

I do agree, but the editor didn't make any additional comments substantiating the claim... Even the submittor left his/her comments to a relaying of information.
There are a good number of folks in the /. audience that may not be regulars in the circles this was posted to, but have an interest/ability in/to investigating this further, and providing more evidence in either direction...
Just a thought! ;)

Re:Be a little more responsible... (0, Flamebait)

gmhowell (26755) | more than 12 years ago | (#2992273)

FortKnox and the other heavy submitters have been busy having lives outside of /., so the eds are only getting submissions from the 90% of /. that matters to them.

Shining some more light on this (5, Interesting)

$carab (464226) | more than 12 years ago | (#2992278)

I am a recent (unwilling) convert to Comcast from MediaOne. The net speed has fallen roughly 50%, and I am seeing an increase in 404 errors. My speed did max out about 200k(!) more when I set my MTU to 1500 from 750. Fewer packets=Less to log? Anyway, I've recorded traceroute and ping attempts on google right here [lfay.net] . As you can see secondary bounce is extremely hard to get through, this is consistent for most sites I tracert. BTW...my upstream is capped at about 120k, so that image will get swamped quickly. Then, there is the suspicious bounce through 68.42.244.50..Very close to the server reported as being the offender. As you can see, ping requests get through easily. Draw your own conclusions from this, but I think that J. Edgar Hoover might be on to something here.

A little more credence (1)

notLee (558256) | more than 12 years ago | (#2992289)

The post at interesting people was by Dave Farber former FCC Chief Technologist [slashdot.org]

Re:Be a little more responsible... (5, Funny)

Anonymous Coward | more than 12 years ago | (#2992296)

I can't believe Slashdot would link to a unsubstantiated Usenet posting written by a "J Edgar Hoover", and put this as front page news.

You must be new here. Welcome!

Come'on have a heart, mod parent up.... (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2992327)

ROFL

Ok, now that is funny. That's the kind of trolling I can get behind.

Re:Be a little more responsible... (2)

bricriu (184334) | more than 12 years ago | (#2992351)

Ok, so playing off this... anyone have any quick & easy ways to test this sort of thing?

Isn't this just a normal Transparent Proxy??? (5, Informative)

tupps (43964) | more than 12 years ago | (#2992200)

Both Cable Internet Providers and I am sure many other ISP's in Australia use Transparent Proxies.

Much easier to setup on the client side and you catch people who leave out the proxy information.

The fact that the server has other capabilities doesn't mean that they are actually using this stuff. If someone can show me a link to the page where I can buy the marketing data, *then* i will believe you.

This is just speculation.

Re:Isn't this just a normal Transparent Proxy??? (1)

bitbin (49066) | more than 12 years ago | (#2992237)

exactly... where does the article get this information from:

"Apparently they aren't using it to maximize bandwidth, because it's not configured to serve cached data."

Re:Isn't this just a normal Transparent Proxy??? (1)

jc42 (318812) | more than 12 years ago | (#2992290)

Testing for caching is fairly straightforward. For example, I have login accounts on several remote machines where I can put up web pages. To learn whether my home ISP is caching, I login to one of my remote accounts and to a tail -f on the server's access_log file. Next, I fetch a page using the browser at home. I see the GET appear on the remote server's log. I hit the Reload button. I see a second GET appear on the remote server's log. I conclude that nobody along the route has cached the page.

Maybe I hit Reload a few more times, to cover the remote possibility that caching is done only on a string of requests for the same page.

There are lots of ISP behaviors that can be detected easily if you have access to logs on a few remote machines.

Re:Isn't this just a normal Transparent Proxy??? (1)

Sloppy (14984) | more than 12 years ago | (#2992350)

I see the GET appear on the remote server's log. I hit the Reload button. I see a second GET appear on the remote server's log. I conclude that nobody along the route has cached the page.

Uh... I wouldn't trust that test. I think reloads pass something in the header that says, "I don't want to read from cache." I know my local squid (which isn't transparent, but I don't think that matters) intentionally cache-misses when I reload.

A better test would be to load the page with another browser.

(And of course, make sure you're not POSTing anything (e.g. cookies) but you probably already know that.)

Back the Scare-Mongering Truck Up (1, Insightful)

beee (98582) | more than 12 years ago | (#2992201)

The page says nothing about reselling it to marketers, simply that they are monitoring it. Let's not jump the gun.

Copyright to the rescue (4, Funny)

Anonymous Coward | more than 12 years ago | (#2992202)

My packets are copyrighted, so legally they can't copy and resell them without my written authorization.

Re:Copyright to the rescue (0)

Indras (515472) | more than 12 years ago | (#2992325)

My packets are copyrighted, so legally they can't copy and resell them without my written authorization.

Even lost packets?

One more reason to go with DSL (1)

base3 (539820) | more than 12 years ago | (#2992203)

with your local phone company, if you can. While local phone companies may suck in some ways, you can bet they're acquainted with the defintions of such terms as "wiretap" and "common carrier" and are more likely to only try Comcasting you when presented with a valid subpoena or warrant.

It's the difference in culture between the telecommunications and entertainment industries, I think.

Whiner (2)

Sloppy (14984) | more than 12 years ago | (#2992206)

No evidence that they're doing anything wrong, just that they are using tools that "allow" them to. Boo hoo, Comcast is using a transparent cache and they could abuse it.

Afraid they might actually do it? Then https and check your certs.

This is not a story... (5, Informative)

DaSyonic (238637) | more than 12 years ago | (#2992213)

I think the fact that this was mailed to bugtraq yet it apparantly got denied is proof of that...

Many ISPs do transparent caching. Transparent caching at ISPs is more than acceptable. It's not acceptable when major backbones do it, as has happened in the past.

The fact that they can log what you do is just a side effect. The same can be done WITHOUT transparent caching. The 'author' says they added hardware just for this. Well of course they did! They're just trying to speed up access without needing as big of a link needed without using transparent caching.

And at any rate, I'm surprised this got posted. It's just some guy posting to two mailing lists, which got denied at that!

Ultimately though, I feel ISPs should provide a means to remove you from having your link transparently cached. If they do that, then you can't blame them for trying to save bandwidth. The results of a transparent cache can be substantial!

Re:This is not a story... (3)

Sabriel (134364) | more than 12 years ago | (#2992341)

Many ISPs do transparent caching. Transparent caching at ISPs is more than acceptable.
The post says "Apparently they aren't using it to maximize bandwidth, because it's not configured to serve cached data" ...

So yeah, transparent caching is good, except that's NOT what this Comcast server is doing according to the poster.

Re:This is not a story... (0)

Anonymous Coward | more than 12 years ago | (#2992381)

I don't consider transparent caching acceptable. If they want people using a proxy, have them configure it in their software. The ISP could have their setup program configure the proxy when the service is installed (90% of users will just leave it turned on, unless it causes serious problems and someone tells them to turn it off).

Part of my problem with proxies is that, in my experience, they usually make browsing slower. Most of the pages I view are dynamically generated, and this just adds to their latency. Some ISPs don't give enough bandwidth to these boxes either, making port 80 slower than any other port. And if the server goes down, you're screwed - you can't access any web sites at all.

Also, the proxy mentioned in the Vuln-dev thread doesn't even work correctly. No matter what IP address you send your packets to, the proxy will look at the HTTP "Host" header, and send it to the computer that references (so you could send a packet to 99.99.99.99:80, send a "Host: slashdot.org", and read Slashdot). This means the proxy is confusing high and low level protocols, completely disregarding the OSI model and internet standards in general.

I heard a while ago about an ISP (CBNnet in Indonesia) using an evil transparent proxy. Users would start downloading, and the proxy would intercept their downloads after a few minutes, open up several connections to the web server, and start hammering the server with segmented downloads. This puts a huge load on the web server, and the domain has been banned from some web sites because of that (after the site admins noticed the load). If it was a regular proxy the users could turn it off, but right now there's nothing they can do.

In away, I dunno... (2)

AltGrendel (175092) | more than 12 years ago | (#2992214)

...what the big deal is. This one's been coming down the road for a long time. I KNOW it's a shame that it's happening. It could be construed as an invasion of privacy, to put it mildly. But for goodness sakes. If you can't stand the heat get out of the kitchen! Use a modem. Get local DSL. You actually can, if you SEARCH for it. Yea, whatever.

Re:In away, I dunno... (0)

Anonymous Coward | more than 12 years ago | (#2992275)

"You actually can, if you SEARCH for it."

No you can't. The phone company insists on using 1988 technology and says you have to be less than 18K feet from the POP.

Liars.

What they mean is
"We won't deploy anything more advanced than tin cups and string. sorry".

Re:In away, I dunno... (2)

bricriu (184334) | more than 12 years ago | (#2992332)

Yeah, except what happens when Verizon starts doing the same thing? Oops, guess I'm pretty screwed now.

Well, well... (1)

Scoria (264473) | more than 12 years ago | (#2992216)

For those who haven't ever treated your ISP's machines as hostile by default (e-mail server, proxies, etc.), here's your opportunity to do so.

This is yet another reason to employ some type of anonymizing software. I would say that using https is secure; however, they can still ascertain that you've contacted the webserver on port 443, though they can't easily sniff your query or the results of it.

However, I am still questioning the article's vadility. There isn't a processor intensive way to do this (sniffing all of your users' data to port 80 or 443/tcp on a broadband network is something I'd consider both expensive and probably processor intensive) unless the data is logged by a proxy server and resold at a later date. This is certainly a possibility; many cable networks recommend (a few even require) that the end user retrieve web pages via their proxies.

Re:Well, well... (1)

Scoria (264473) | more than 12 years ago | (#2992233)

*validity :p

Re:Well, well... (1)

Scoria (264473) | more than 12 years ago | (#2992246)

I completely forgot to mention the possibility of Comcast utilizing transparent proxies on their network.

Considering the fact that I use one on my LAN for certain connections, this shouldn't have eluded my mind. Bleh.

New service packages (4, Informative)

hex1848 (182881) | more than 12 years ago | (#2992217)

I got forwarded this by one of my buddies at work. At this prices its plain sick that they also want to sell your usage statistics to the SPAMERS. On top of that I've been told that they want every computer on there network using proxy clients in order to connect.

I'm glad sprint just hooked up DSL in my area, I'm switching providers.

According to insiders at Comcast there will be three tiers of service. The current service will be called Silver and it will be 1500/128 for $49.95 plus modem rental. Yes that is true, they are planning on a $10 price increase within the next year after the transition is complete and the merger with AT&T Broadband Internet is finalized. Comcast doesn't want to mess with the rates right now until they get regulatory approval for the merger. But the S.O.P. at AT&T and Comcast is a price increase after a merger. Look at what Cable rates did after the Mediaone transition.

Gold service will be 1500/300 and will allow VPN access and something they are calling priority traffic. This is the old Pro service. The cost will be $99.95. If you are a gamer used to the old MediaOne performance, this Gold level should get you back close to the perf you had with the old system. And yes that means you will be paying double for the same service you had last year.

The new low price option is Bronze. Expected to be 128/64 or maybe 256/128 it should be priced at $29.95. This is the one that is most in the air. I haven't seen a bronze config file yet to see what they are planning.

Modem rentals will be $5 and may increase to $7.

Illegal or not? (1, Interesting)

Penguinoflight (517245) | more than 12 years ago | (#2992220)

I personally don't like the idea of people sniffing an internet connection, but I do see a difference between a phone.

Your phone company is not chosen by you, the only way you can change phone companies is to move. However with a broadband internet connection, it's different.

Most places who get one broadband provider get several, I think they call it defence(i.e. don't let your competition expand in one area while you expand in another area). Therefore you have a choice to use it or not.

What the? (2)

mystery_bowler (472698) | more than 12 years ago | (#2992221)

First of all, have their customers been notified of this? Are they aware of the monitoring? Has it been explained to the customers in understandable language, not legalese? If the answer is "No" to any of these questions, then I think this company is headed down the short path to being sued.

Likely, they want to generate detailed customer profiles so that they can sell more targeted advertising (after all, highly targeted advertising is what sells for the most money). But even at that, it's an annoying practice that should be explained to the customers.

Even assuming they notified their customers (which I don't believe they did), though, it's going to be a hard sell to convince customers that their passwords (which are often not encrypted) as safe with them. They'd best stop this practice while they're ahead and no one has taken legal action. It reeks of a poorly-thought-out marketing/management decision.

Re:What the? (0)

Anonymous Coward | more than 12 years ago | (#2992368)

If you're on the internet, you should assume someone is logging every packet, reading you unencrypted email, etc. If this is a shock to you, you need to get off the internet.

I'm not saying its good that Comcast might be doing this, but you have to assume someone is. If this is what it takes for people to realize that Big Brother is always watching, then maybe this ain't so bad.

It's pretty much a done deal (0, Troll)

Anonymous Coward | more than 12 years ago | (#2992222)

The IPEC investigated this in Canada last month, and has already decided to file suit. This is egregious.

http://http://srd.yahoo.com/business/news/canadian /electronic/technical/francais/firstwatch/2002/jan uary/montreal/privacy/investigation/legal/watch/co mcast.html [yahoo.com]

This should get resolved pretty quickly in the Candian courts. Some of the prosecutor's points apply to the US as well!

Re:It's pretty much a done deal (1, Informative)

Anonymous Coward | more than 12 years ago | (#2992255)

Watch out -- redirect to something called oralse.cx, which failed to load before I whacked the close button. Asshole. Oh, wait. Not an asshole. I don't know what it was. But the poster is an asshole.

~~~

Re:It's pretty much a done deal (0)

Anonymous Coward | more than 12 years ago | (#2992271)

Try letting it load some time ... it isn't what you think it might be.

Re:It's pretty much a done deal (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2992302)

OK, I trusted you. That's funny. Almost, dare I say, cute! Thanks!

~~~

Evidence, please? (5, Informative)

1010011010 (53039) | more than 12 years ago | (#2992226)

How do we not know they're just implementing a web cache to save money and provide better service? Lots of ISPs do this. Why page to get the pictures from the homepage of cnn.com 458,765 times an hour when once will do?

This allows them to monitor and change (or insert ads into) what you read.

Posh. Fear-mongering. Come back with some evidence -- and I'll be as against it as the next guy. And if they are actually inserting ads, then they'll probably be in court with CNN, Disney, etc, so forth, for modifying and distributing copyrighted material.

Interestingly, regardless of what IP you address the packet to, the Inktomi Traffic-Server reads the Host: field to determine where to send the packet. I sent several packets from my home machine to one of my office machines, inside the packet was "Host: www.comcast.net". Comcast illegally intercepted, misinterpreted and altered this packet, and sent it to www.comcast.com. So, you might say there's a bug in this evil Inktomi Traffic-Server thing.


Oh, shut up. That's how a transparent proxy works. I suppose the Linux facilities for transparent proxing -- available for years now -- are also evil?

Where's my clue-by-four...

You cockloving motherfucker. (-1)

L.Torvalds (548450) | more than 12 years ago | (#2992304)

I view only fresh images, not some hour-old cached shit.

Simple Solution (1)

Rebel Patriot (540101) | more than 12 years ago | (#2992236)

Get every geek on slashdot to ping flood 68.34.76.99! Better things than this have been /.'ed before!

Hold your horses... (5, Insightful)

Calrathan (114381) | more than 12 years ago | (#2992244)

Now wait a second. Before we all flip out and start bashing ComCast, lets realize a couple things.

Number one, this guy just got transitioned. A lot of people all over the country have been going through the same thing, and not everyone is seeing the same thing as him. As 'hostman' from the MESH (Michigan Engineering Software and Hardware http://misc.eecs.umich.edu/) discussion email list wrote:

"This whole thread got me a bit peeved, so I went home and ran a few tests. I was unable to find any evidence of the packet modification described. It is possible the described issue is not an issue here in A^2, as we 'transitioned' from MediaOne's service, not @Home..."

Secondly, your ISP has the right to monitor traffic to ensure quality of service. Just because the caching part of the server is not currently running, it does not mean that they aren't phasing it into the system. At this point it's just speculation. They might even have more rights to monitor what you're doing, depending on your service agreement. Read it.

Lets get some REAL evidence of what's going on other than this hear-say. Someone show us some modified packet headers, and someone else reproduce those results, and MAYBE I'll believe it then.

I really hope this isn't true (1)

JeffM2001 (554620) | more than 12 years ago | (#2992248)

While it is perfectly possible that this is false, if it is true it is one of the worst invasions of privacy i've seen yet, and there has been alot of them. As a Comcast user (victem?) I can say that there is nothing in there privacy policy about any packet sniffing at all. The last thing I want is to have a company with the terrible reliability that Comcast has to have posession of a complete lof of websites I visit. If this is true Comcast should be shut down or at least severely reprimanded

Proof? (2)

tetrad (131849) | more than 12 years ago | (#2992254)

Is this just speculation or what? There seems to be no verifiable evidence presented that Comcast is in fact logging its customers' activities. I'm a (not entirely satisfied) Comcast customer, so in a way, I'd like to believe the worst about them, but this guy doesn't describe what he's "discovered" that makes him think they are playing big brother. It's just a bunch of accusations with no proof.

Of course, ISPs have access to pretty much all network traffic (you think your packets magically transport themselve to and back from slashdot?). And it would not be difficult at all to log everything that passes through the network. (You certainly don't need an Inktomi system, although maybe it helps, I dunno.) Probability is that there's at least some ISPs out there monitoring their customers invasively. Maybe Comcast is in fact doing it. But this article is simply not convincing.

My Question is.... (1)

jjonte (145129) | more than 12 years ago | (#2992259)

How do the exec's let things like this happen? Surely the understand the importance of customer loyalty? I'm a comcast customer, and when i move here in 4/5 months...i'm going sattelite and DSL. NEVER COMCAST AGAIN!

I'd like to get the email addresses of their executive commitee....anyone know'em? :)

This could be a big oops for Comcast (5, Interesting)

Joe Decker (3806) | more than 12 years ago | (#2992262)

If they're collecting the data themselves, instead of using a third party, I believe they would be in direct violation of the Cable TV Privacy Act of 1984. [epic.org]

While IANAL, I work in the digital television middleware industry and have been involved in making sure that we do not inadvertantly let our customers run afoul of that precise law. It's not just the law, it's a good idea.

Charter cable has a transparent proxy too (2)

victim (30647) | more than 12 years ago | (#2992272)

I'm sure this is normal industry practice. Here in St. Louis we have to go to odd meausures to dodge Charter Cable's buggy transparent proxy. (It doesn't handle the case where you are deliberately using an authenticated proxy.) Fortunately it only looks at certain ports so you can dodge with proxies on non-standard ports.

Say Charter, if you are reading you could reimburse me for the two hours I spent figurng out this defect in my Charter user's internet service.

Alledgely Comcast Also Using Spyware (4, Informative)

compumike (454538) | more than 12 years ago | (#2992276)

Take a look at this thread [phillylinux.org] from the Philadelphia Linux User Group. It sounds like the new software update that Comcast has asked its users to install contains spyware and changes internet settings...

So now they can track you from your own (Windows) machine, and also through their transparent proxy.

Dear Valued Comcast Customer (4, Funny)

J.D. Hogg (545364) | more than 12 years ago | (#2992297)

In an effort to bring more services to you
for your money, Comcast is committed to make
your Internet connectivity a useful tool in
your daily life.

We are partnering with many industry leaders
to ensure that you get many advantages out of
our service. In order to server you better,
Comcast now automatically connects you with
your interests by analyzing your Internet
traffic and matching it with one of our
partners.

Concretely, what does this bring to our
Valued Comcast Customers ? if you shop online,
Comcast and its partners will send you
E-coupons[tm] to save big at your favorite
online grocer. Do you book airline tickets
online ? Comcast and Delta Airlines will send
you E-coupons[tm] for incredible savings, and
access to unlisted flights. Do you buy
antiques on Internet Auction sites ?
E-coupons[tm] will help you save %15 or more
on your purchases.

But it gets better : you don't have to wait
for your next Value Comcast Customer
E-newsletter[tm] to take advantage of these
tremendous opportunities : the savings start
right now !

After analyzing your Internet traffic, our
automated PatnerMatch[tm] server is able to
send your first E-coupon :

--8<--8<--8<--
1 free visit to :

Madame Tinkertoys House of Leather
Corner of Bourbon and Toulouse
New-Orleans, LA

Authorization number : 5UCK-M3-PL3N7Y
--8<--8<--8<--

To use your E-coupon, simply print it out
and present it to our E-Partner, and you will
start enjoying incredible savings.

Thank you Dear Valued Comcast Customer for
using Comcast's services.

Proof? (2)

sourcehunter (233036) | more than 12 years ago | (#2992298)

Apparently they aren't using it to maximize bandwidth, because it's not configured to serve cached data.

I'm not a fan of Comcast (or for that matter cable modems in general) BUT I must ask - Where is your proof that they aren't caching any of the pages and only using it to gather marketing data? Once can configure a transparent proxy to completely mask its existance. I do this quite often with customers on their firewalls I don't give a crap about what they are browsing, I just try to get the most/$$ for THEIR bandwidth.

w? (-1)

Serial Troller (556155) | more than 12 years ago | (#2992306)

ANAL COX is intercepting my jizz packets!!

don't act suprised (1)

SrDrew (200086) | more than 12 years ago | (#2992308)

If they are forced to defend this sort of behavior they can portray it as simply an extension of logging all email traffic, which most ISP's have been doing for a pretty long time now. And not many people seem to be very worked up over that (I'm not saying they shouldn't be).

I would expect that some ISP's have been doing this for a while or at least experimenting with it on a small scale. If they feel they can get away with it even if they don't have any immediate need yet they probably view it as a potential resource, or at least something that doesn't hurt to have.

At worst they waste a little money on tape backup, they have potential advertising data, and there are other hypothetical benefits for them. For example if there was ever a criminal investigation, having the ability to (or to not) "discover" evidence that could incriminate a party because the information came across their network probably seems like a good thing to them. (remember the multiple times in the last few years emails have come back to haunt people and companies in court).

From the viewpoint of an ISP they really have nothing to lose by doing this, unless security/privacy is a major selling point for them (i.e. http://www.uncensorednews.com/), which for Comcast I'm guessing it isn't.

Oh gosh, not again. (2)

Pedrito (94783) | more than 12 years ago | (#2992328)

Sorry, but the /. community is so f@$%ng paranoid about people reading their packets. I have ComCast. Who cares? Oh wow, they're reading my e-mail. I hope they enjoy it. What a waste of time. If this is how big brother operates, then big brother is an idiot. Okay, so I tag my .sig with things like bombs, nitrogrlycerin, TNT, pipes, Amonia, Nitrate, etc..... Yeah, whatever.'

Like I care.

Just plain stupid. (2, Interesting)

gotak (547354) | more than 12 years ago | (#2992347)

WTF? Why is everyone accussing comcast of spying?

First off all your spending habit is normally kept in a database somewhere by your credit card company. How else can they bill you? What's the difference between that and this? Are you going to send your email over the net that's sensitive unencrypted?

Further more as many have pointed out without success this sounds just like a transparent proxy. Which is a perfectly valid network influstructure.

What is it with slashdot and the slashmob?

It's their wire, they can tap it (2)

iabervon (1971) | more than 12 years ago | (#2992352)

If Comcast wanted, they wouldn't have to rewrite packets in order to read all your web traffic if they're your ISP. They can just read all of your unencrypted traffic anyway, without modifying it to make you suspicious.

If their proxy isn't standards-compliant, that's somewhat annoying. It's somewhat likely that this actually *improves* anonymity, though, because web sites cannot necessarily track users by IP address. And this doesn't seem to affect SSL-encrypted traffic (which couldn't be proxied without the user agreeing, since SSL resists man-in-the-middle), which is all of the traffic which is at all hidden. This is like looking at people's postcards-- sure, it's not polite, but the things aren't even covered in anything.

I do wonder if this affects their common-carrier status at all, however. If they're doing non-trivial things to the traffic, they could be held liable for pages they pass on to customers.

They aren't logging packets! (3, Funny)

evilpaul13 (181626) | more than 12 years ago | (#2992370)

No, they are just catching them, holding them for a few seconds, and then releasing them to make capped upload completely emulate dial-up.

...But, be on the look out for version 2.0 of this Comcast innovation!

The all new super ultra deluxe Dream [Packet] Catcher. Just like the Native American device only it captures packets and puts the user to sleep waiting for a reply to them.

Caching proxy (1, Insightful)

Anonymous Coward | more than 12 years ago | (#2992377)

Isn't this just a caching proxy? Track the requests to cache the popular sites. Others requesting the page don't need to go off the network to access it. Makes an attempt to make their network appear fast (even if it isn't)
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?