πŸ’₯ πŸ” ISP's Selling Out Customers (Data) ...

πŸ’₯ πŸ” ISP's Selling Out Customers (Data): Whistleblower Analysis (UPDATED)

Sep 22, 2022

❄️ UPDATE: Fully automated Tor Snowflake Proxy Service installer script now ready to use! Try it, share it. Let's help the mission, and expand the network (benefiting all).

See Blog Post Here (on the above).


❄️ πŸ“ Download Automated Tor Snowflake Service (Linux)

(just run 'sudo bash install.sh' to go from nothing to running dedicated Snowflake service in 5min!)


This post is based on Senator Wyden's statements.

Serving as an example of the type of data being handled / sold by databrokers, everywhere.

There is ample misinformation attempting to steer you from safer options (ie: Tor), towards weaker alternatives (such as VPN only solutions - everything has its use cases).

WHY USE TOR BROWSER?
Tor has a great track record (transparency). Trusted by many as one of the best open source tools and networks freely available to us, greatly improving anonymity, privacy... In many cases, enhancing security (still: use https only over clearnet - .onion hidden services carry built in encryption).


GLOSSARY

Netflow much more common than pcap - the sale of which machine connects to another.

PCAP (Packet Capture) provides deeper look into each packet. This type of data is much more rare, creating heavier files, and not commonly sold by ISP's. But that doesn't mean it isn't possible (as this article relays, but others appear to dispute).

Bridge unlisted entry guard into the Tor network. Serves to defeat internet censorship / blocking (ex: "Great Firewall")


Example of data types (PCAP / Netflow) sold by certain databrokers, to private companies (in some cases).

Data sold by ISP's (not all): nothing short of alarming. But hope is not lost, and here I am to share a couple anonymity enhancement solutions, if you feel need to increase protection (optional -- not needed for most).

Netflow data can allow for deanonymization of VPN users (possibly others) - a register of what machine is talking to the next. This can show what machine is connecting into the VPN, and from there, further netflow data can show what the VPN is connecting to (if that data is accessible).

Important To Note: Tor is more challenging for adversaries to attack, using multiple hops, changing nodes, layering encryption.


Good News:

1.) Not All ISP's Sell This Data.

2.) There Are Ways To Further Protect Yourself (covered below)

3.) It is still safe to use Tor. The internet is filled with misinformation. I have yet to see hard proof of anything less than transparency from the Tor Project.

4.) Actual PCAP (Packet Capture) sales are not easy to acquire.


πŸ’₯ BREAKING

(following video available on select mirrors and this blog (for better context / updates): follow here for all videos - it's free to follow, read, watch - you can optionally get posts sent by email)

To add context: most should not combine proxy/VPN with Tor.

[ WATCH ON PEERTUBE ] (click link to left or image below)

[ WATCH ANONYMOUSLY ON INVIDIOUS ] ( πŸ§…πŸ” Use Tor Browser For This Link)

WATCH IN BROWSER (YT):

https://youtu.be/TlP_RzEWTY8


SENATOR RON WYDEN ON WHISTLEBLOWER REPORT


UPDATE: Techdirt published an article, carrying more details, clarification on this story.

The idea with this story is not to paint anyone or anything in a bad light. Goal is to give followers an idea of the type of data available from databrokers.

The main problem here being that privatized selling of ISP data is warrantless. Bypassing traditional constitutional protections.

Everyone has a right to know this information, in my honest opinion (afterall, it's your ISP or one above it).

My purpose is to provide honest information, advice, on the issues I feel you should know about .


UPDATE: Tor Project released a statement on the role of the Tor Board (in relation to story)


Worth Reading: "You Want Tor Browser Not A VPN."


POINT #1:

Tor is the most important anonymity enhancing tool we have (along with I2P).


There are ways to strengthen tor. Another way to grow the network: try running a bridge.


❄️ UPDATE: fully automated install script downloads, builds snowflake source and creates a systemd service to run dedicated ❄️ Snowflakes. Download here (Tor Browser or torify git clone to download).


Don't Have A Spare Machine? No Problem. Installing Snowflake Browser Extension Is Super Easy.

Snowflake browser extension

It's Simple: The more nodes there are, the more potential connections, the more varied the route, the more difficult tracking can become.

Another Option: Open This Webpage (act as snowflake anytime page is enabled)

Screenshot:


INTRODUCE OTHERS TO TOOLS LIKE TOR

Teach friends and family the benefits of using Tor Browser (ie: do they realize data is sold to raise their insurance rates?).

TIP: The more we use the Tor network, the safer it becomes (for anonymity goals). By using Tor Browser, our data becomes essentially useless to profiteering databrokers. It's one reason you may like to set it as your main browser.

You could share resources from the blog.


Without tying an identity to the data, you become just another webpage load (count) number.


TOR ADVICE

Direct connecting to Tor is not a problem.

It suits most threat models. It's as easy as direct connecting to Tor. But there are more protective measures, and they aren't necessarily more difficult to use (like Tor bridges).

Like anything else, it's another tool -- we can customize its behavior (for those who feel need).

At the same time, avoid making changes to the browser - the idea behind Tor Browser is for users to look the same.


The Problem:

Whistleblower on ISP data sales presents a casefile on the databroker industry.

Monetization in this arena can get worse (without proper regulation / protection).

There are reports (not yet confirmed) of PCAP data occurring -- not as common as netflow (PCAP: packet capture -- see wireshark; screenshot below):


Not just privacy, security, but a right to anonymity (ex: protests - could protester lists be sold?).

Vital to a free future.


PRIVATIZATION

Private companies generaly seek ways to continually increase value (profit) for shareholders... but to what end?

At what cost?

Where is our final destination with profiteering surveillance capitalism companies?

The fact Senator Wyden cannot expand on his report...

After all, it's our data, isn't it? Do we not have a right to know what ISP's are selling on customers (don't we pay them not to do that)?

In the future, what is to stop the increasingly invasive monetization of everything we do and say... attempts to anticipate (ie: "precrime"), even the power to automate behavior?

Automate? See author of "Surveillance Capitalism" article: "The Goal Is To Automate Us".

Is there protection of data context, are ISP's selling PCAP data to various companies?

Are politicians safe from blackmail (using their data)? Is the political process safe? Is democracy safe?

In today's AI, machine learning, dataset filled world, I wonder how democracies could survive a future complete loss of privacy, anonymity.

The biggest factor (at this time) is information missing from this story. We have some pieces, but not the entire picture. Having bits and pieces undoubtedly leaves users to wonder... and that's never a good thing.

Many companies use, and support projects like Tor. That's a good thing, as they rely on donations.


Increasing Tor Anonymity

If you have concerns and live in an area of the world where you have trouble connecting to Tor, try a Snowflake bridge.

Want a faster connection? Connect directly - it's faster than a bridge (save bridges for those who actually need them).

Installing the extension in your browser also makes your device an unlisted bridge (adding more traffic to Tor makes analysis more challenging, increasing anonymity).

Using a bridge further decentralizes our entry connection from the broader, publicly listed Tor network nodes.

https://www.youtube.com/watch?v=DfX1gUx0YDg


Tor is a more 'anonymous' option than a VPN.

You can improve on this anonymity by adding a bridge, even proxy (not suggested for most unless you trust the proxy, or have a good understanding) to Tor Browser. Towards the end of the video (top of page), we cover this.

Adding a bridge further decentralizes from publicly listed Tor network nodes.

For an introduction to proxies, and using proxychains (introduction), see here.


BECOME A SPECIAL SNOWFLAKE (HELP SAVE THE WORLD)

The very best thing we can all do is install the Tor Snowflake browser extension.

Super easy.

When you have it 'turned on' in browser you BECOME a bridge -- or unlisted entry node into the Tor network.

This provides ALL of us MANY benefits.

  • Improves performance of the network by automating your device becoming a new entry node (more bandwidth for Tor network)

  • Running snowflake browser extension can even increase your own anonymity on Tor by adding more traffic into the network from your machine (individual activities becoming "a smaller needle in a larger haystack"

  • Increases anonymity for everyone by adding new nodes, more potential for randomization, circuit variability

If EVERYONE ran the snowflake browser extension (easiest thing ever) it would bring benefits to all of us.

I've run one for over a year and it feels great seeing how many users you help. :) It's a fun browser extension to have. πŸ˜€

And if you don't want to install it, you can still become a Snowflake bridge anytime, by simply opening this link and turning on the embedded snowflake: https://snowflake.torproject.org/


ADDED: -- Running Standalone Snowflake Proxy (Linux)

SCREENSHOT:


πŸ€– HACKING HUMANS:

Our autonomy as free beings is being sold out of existence. Could the future of 'human' include automated behavior actualized through deeper understandings within each individual?

Right now this happens (to a certain extent) on a psychological level. Through advertising, memes, fears, and other emotional cue events. Probing, analyzing, learning from reactions, behavior, interests. All rooted in databrokers, selling personal data.

The Future As Predicted By Yuval Harari:

https://youtu.be/rUIwIuyvu8w

There is no dollar value that can be placed on the importance of access to anonymity, for democracy, even basic happiness in the human condition.

Anything less is akin to imprisoning the mind.


RELATED

Tor Project


Have info (reliable citations) to update / correct anything in this post? Comment / contact.


😎 SHARE this article with others, and become a dedicated Tor Snowflake Proxy here.

Enjoy this post?

Buy πŸ₯· (RTP) Privacy Tech Tips πŸ“‘ a coffee

1 comment

More from πŸ₯· (RTP) Privacy Tech Tips πŸ“‘