[opendtv] Re: F.C.C. Proposes Privacy Rules for Internet Providers - The New York Times
- From: Craig Birkmaier <brewmastercraig@xxxxxxxxxx>
- To: opendtv@xxxxxxxxxxxxx
- Date: Fri, 18 Mar 2016 08:42:10 -0400
On Mar 17, 2016, at 8:30 PM, Manfredi, Albert E <albert.e.manfredi@xxxxxxxxxx>
wrote:
Craig Birkmaier wrote:
So the informed takeaway is that it works in many ways, most of
which can be beneficial, some of which are used for data mining,
and some of which can be characterized as "snooping."
No, Craig. The "informed" takeaway is that deep packet inspection is not
required for metadata, which is all you claimed they wanted to do. So
whatever AT&T wants to use it for, it goes into invading the privacy of your
link. I explained all of this already, on my first, or at most my second post.
As I said, it's used in security gateways, so I suppose AT&T could claim they
want to use it to filter out spam, although less intrusive means have been
used for years for that purpose, and that wasn't AT&T's claim.
We disagree...
Perhaps, so don't use Google. There are other search engines. That's why
competition is good. It mitigates the need for regulations.
Almost all of the popular search engines sell your data. That's the only way
they can make money without charging for the service. The only exception I know
of is Apple, which is carving out a niche by NOT selling user data. But Apple
does not offer a real search engine...yet.
Apple is building search into other parts of iOS and apps. Siri - the voice
activated assistant - can now search for many things. And Spotlight search
looks both at content on the device, web resources, and at your location to
recommend a range of resources like gas stations, restaurants, banks and
grocery stores.
I would note that AT&T and other ISPs ALSO think competition is good. The fact
that they are data mining to drive advertising is no different than Google,
other than the technique to which you object. And AT&T allows you to opt out,
for a price. I think that price is way too high, but it is an option...
I doubt the ISPs are looking at your search criteria. But they
are looking at the sites you visit as a result of your searches
Which does not require deep packet inspection, Craig. I already explained
that several times.
That is your opinion. I have already noted that shallow inspection can provide
so,e useful metadata. Deep inspection obviously goes further, but cannot be
equated to "snooping" automatically.
but that is NOT how DPI is being used by AT&T and most other companies.
Go back, re-read the article, and then tell us what AT&T wants to do with
DPI, Craig.
Gather metadata about the sites you visit, and combine this with metadata about
the shows you watch on their MVPD services, to deliver targeted ads to you. I
expect this is primarily related to ad insertion in MVPD service, but it also
produces revenue by selling your data to advertisers who buy programmatic ads
on the web sites you visit...just like Google.
Not true? So, you think you have control?
Yes. I choose devices and apps that use encryption to protect me from snooping.
Painfully again, an effective encryption system has to be end to end.
Meaning, between the server you are dealing with and your PC. Or, between the
email client on the other guy's PC and the email client on your PC.
Yup. And the services I use do this to a very large extent. You are correct,
that I cannot control snooping if the final link between you and your mail
server is not encrypted. But that's on you, not me.
Otherwise, the ISP who uses DPI can snoop. When you write emails, and they
arrive at my email client as plaintext, which they do, that means that ISP
can snoop.
It means YOUR ISP, Verizon, can snoop. My ISP, Cox, cannot, as my e-mail is
encrypted when it leaves my devices and remains encrypted until it reaches your
e-mail server. As you are using your Boeing e-mail address, I don't know what
happens between that server and your Verizon ISP. My guess is that the Boeing
server is converting to plain text, unless you are using Verizon e-mail and
having your Boeing e-mail forwarded to the Verizon e-mail server. There would
be no reason for Verizon to read your Boeing e-mail and convert it to plain
text otherwise.
It makes NO DIFFERENCE whether at some stage, perhaps between your appliance
and your ISP, that message might have been encrypted. It got decrypted before
reaching my PC.
And thus they can snoop on you, and indirectly on me if they choose to snoop at
all. Given the volume of traffic that Verizon handles I find it hard to believe
they are reading e-mails...
AND
Under normal circumstances, you, the user, do not have control over what is
encrypted properly. Sure, if you go to your bank's web site, you'll see the
content is encrypted end to end. If you go to a search engine, it won't be.
Any site you browse that does not require credit card payment will generally
be unencrypted.
All true. Generally you can tell if you are connected to a secure server from
the URL.
If you use email, it normally won't be encrypted either, unless it's
enterprise network email.
Wrong. I already provided links that tell you my iCloud e-mail is encrypted all
the way from my devices to the destination e-mail server. As you note, Apple
cannot guarantee it will remain encrypted from that server to you, UNLESS you
are using an iOS device or a Mac, in which case it is end-to-end.
That's simple fact. So, encryption of everything might happen sooner or
later, but meanwhile, some ISPs seem keen on invading your broadband privacy.
Be afraid Bert...very afraid!
THEY are watching you.
I am not worried about private companies snooping - I have nothing of
significant value at the personal level for them to sell. When I set up e-mail
and a website for my new business I will be more concerned, as this affects
both my business and my customers.
I am very worried about government snooping driven by political agendas. Things
are going to get very interesting, perhaps nasty, throughout this election
cycle.
Regards
Craig
----------------------------------------------------------------------
You can UNSUBSCRIBE from the OpenDTV list in two ways:
- Using the UNSUBSCRIBE command in your user configuration settings at
FreeLists.org
- By sending a message to: opendtv-request@xxxxxxxxxxxxx with the word
unsubscribe in the subject line.
Other related posts:
