Google spies on you. Your life is Google's.

Discussion in 'Computers & Tech' started by BULGARICA, Oct 4, 2018.

  1. Hotdogr

    Hotdogr Well-Known Member Past Donor

    Joined:
    Oct 21, 2013
    Messages:
    11,021
    Likes Received:
    5,248
    Trophy Points:
    113
    Encrypting your DNS traffic will definitely help prevent it from being intercepted, but you still need to hide your IP from your DNS provider. OpenDNS keeps query logs regardless of whether you encrypt the traffic between you and them or not.

    An easy solution to that is to route DNS traffic through your own caching DNS server and Tor.
     
  2. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    Who cares?

    If you are that paranoid, the solution is really simple.

    Throw away your cell phone, disconnect your Internet service. Get a "Land Line", and all of your television over the air.

    Forget about e-mail, go buy some stamps and write letters. Or use a fax machine.

    I find it hilarious that individuals are using the Internet, to complain that the "Internet" is spying on them.

    Do not like it, then throw away all of the advanced technology you all started to use since 1988 and return to the way it was when Reagan was in office.
     
  3. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    But that is not really how it works.

    Domain Name System is generally a way to link IP addresses to easier to remember names like "Google.Com". But it also does a lot more than that. For Google, there is no one IP Address, there are thousands of them. And you are going to be linked through DNS to one that is the most appropriate to your needs. Doing a TRACERT 10 times will take you to 10 different destination IP addresses, even if you use the same name each time.

    And this is especially true since most sites actually use dynamic IP addresses via DHCP. That IP address you gave links not to the owners of this forum, but to Linode, the host. And I bet it is likely a dynamic address, and could change at any time and a new one assigned. That is what DHCP is designed to do.
     
  4. BillRM

    BillRM Well-Known Member

    Joined:
    May 8, 2016
    Messages:
    6,792
    Likes Received:
    1,704
    Trophy Points:
    113
    Gender:
    Male
    LOL mostly the IP on most sites do not change and once IPv6 come into common usage with such a large large as in huge space of addresses compare to IPv4 that will be even more so.

     
  5. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    Yea, whatever.

    We were talking about the "upcoming IPv6" standard when I got my CNA certification in 1996 (I am talking about Novell Netware). And we were still talking about it when I got my MCSE in NT4 in 2000.

    Here we are in 2019, and we are still talking about migrating to IPv6. Let's just say I stopped holding my breath on that conversion decades ago. When I am working with networks, I am still configuring subnets and supernets in IP4, and care much more about the MAC address than I do the largely theoretical IP6 address.

    IPv6 is still largely theoretical, and even those that use it still tend to do conversions between the two, because everything still operates to the 4 standards, and not the 6 standard.

    So yea, I expect the Internet to fully adopt IP6 at about the time the iPhone 50 is released. Or that every child after they are born gets a chip implanted into their brain with their own MAC and IP address for life.

    In other words, pretty much never to be honest. Sure it may be used on the back-ends, but for 99% of the users it will purely be an IP4 world.

    Just as CAT 6 and 6A have been standards for a decade, but to this day we still make cables and connections following the CAT 5 standard. Yes, CAT 6 is much faster, but until uplink speeds, switching equipment and network cards are all CAT 6, it is pretty worthless to convert.

    Of course, maybe I am biased because I have been working in the industry for over 30 years. I have seen a great many "waves of the future" largely die and become footnotes when they are never really adopted.

    Oh, and IP addresses can change. It all depends on if the one who pays the bills chooses to pay for a static IP, or accept a dynamic one. And even then, most times it will not change until the connection is reset, and on the "time to live" on the IP is set.

    In the case of say a server in a server farm, it may keep the same address for years. But it may also be changed if say they choose to do a hard reset of that server every few weeks. I have worked for a VOIP company, and for some facilities we paid extra for a static IP, but for other facilities we got a dynamic one and used DHCP to address it. Depended on the number of terminals a facility might have, and the location.

    The only real difference is how long it took for the terminals at the remote location to fully connect after a reset really. If there were 40 or so end user terminals, we used dynamic and it was fine. If it was a facility with say 200+ terminals, we paid extra for static because it started to make a difference in how long it took after a hard reset.
     
    Last edited: Jan 18, 2019
    Hotdogr likes this.
  6. BillRM

    BillRM Well-Known Member

    Joined:
    May 8, 2016
    Messages:
    6,792
    Likes Received:
    1,704
    Trophy Points:
    113
    Gender:
    Male
    Of course while it not illegal to read such materials as is on a terrorist website you can find yourself on the no fly list the next time you are heading for say Cancun for a vacation.

    When I am looking around the dark side of the web the first thing I do in run Tor.

    An for the younger people still needing to be concern about future employers and with special note of the government they are searching your postings on social media an your other actions on the net.
     
    Last edited: Feb 13, 2019
  7. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    The "No Fly List" is largely a joke. It is not a list of actual identities, but of names. But the list targets active terrorists, not people who happen to visit Mexico. You are blowing things way out of proportion there.

    And for those that do not know, let me explain it a bit here. It literally is just a list of names. No dates of birth, no fingerprints, no photographs, nothing. Just names. If your name happens to be on the list, TSA gives you a more careful screening. And I do not mean a strip search, they just take more care validating that your ID and information is real. Overall, it adds maybe 5-10 minutes to the clearance process.

    For example, my own name is on the "No Fly List". It is a name that was used once as an alias by a suspected Lebanese terrorist, and that has caused me no end of grief over the last 12 years that I have known about it. About 10 years ago it caused me a great deal of trouble when I was returning home from R&R from the Middle East. I first found this out when I tried to get on a flight from Mobile to Fort Sill in 2007. The military (in typical military efficiency) got us to the airport with 30 minutes to spare, and that was when I discovered I was on the list (I had not flown since 1998). The Major in charge of us simply told the TSA agent that I had to catch that flight, and I had already received a provisional Secret security clearance, so obviously I was not the person they were looking for. Thankfully they listened to reason and let me through.

    The next time was not so good.

    I had 1 hour to make my connecting flight from Huston to El Paso, and ran smack into a TSA roadblock. I had according to their files arrived in the US on a charter flight out of Kuwait, therefore had to report to TSA for special screening. It took an hour for the ticketing agent (in the military terminal) to convince them that I had arrived on a military charter aircraft, and could not possibly be the individual they were looking for.

    That time by the time they let me through I missed my flight, and had to wait another 4 hours for the next one. Thankfully there was a USO in the terminal, so I could call my wife and let her know I would be arriving late.

    Thankfully in the last 10 years they have linked the military ID system to that of the TSA, and now we have pre-approved clearance status. I no longer have to go through the TSA checkpoints and go straight through the "pre-cleared" line. A vast improvement to when I could not even pre-check onto my flight, as I was on the TSA list and had to go through them first.

    And the check even for somebody on the "No Fly List" is nothing much. Just show your ID proving you are not who they are looking for, and away you go. Or if you fly semi-regularly, just do the paperwork for get the "TSA Pre-Approval ID". Then you also can largely bypass the TSA checkpoints and not worry if your name is on the list or not.
     
  8. Blaster3

    Blaster3 Well-Known Member

    Joined:
    Sep 7, 2018
    Messages:
    6,008
    Likes Received:
    5,302
    Trophy Points:
    113
    it's far too late to worry about it, everyone's info is logged, has been logged since the early stages, including every item you've ever purchased using 'shopper cards' for discounts... the moment you purchased a phone or computer which was linked with your name & address, filled out warranty papers, insurance policies, bank accounts & credit cards used online or over the phone or at a 'point of sale' in person, loan apps, mortgages are public info at the clerk's office, driver's id/licenses, service providers, websites(because your ip is known and it identifies you even when you use a pseudo and disposable e-mail, all this is logged and stored for eternity, no way, ever, to get it removed regardless of new privacy laws... once it's 'out there' you can never delete it...

    that said, the likes of google are centralizing all that info, through data mining, which can't be prevented but have at it, good luck trying...
     
  9. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    Do people actually fill those things out? Over 40 years ago it was decided that a person did not need to fill one out to have a warranty, so I never have.

    Unless you were born on a remote farm to parents that lived entirely off the grid, you are recorded and monitored from birth in many ways. School records, birth certificate, tax records (so your parents could use you as a deduction), everything. Today everybody leaves a trail behind them, unless they largely live as a luddite and have nothing beyond OTA television.

    And no, your IP is not "known", unless you are paying for a fixed IP, and nobody does that unless they are a host and not a user. What you get is an address for as long as you are logged into your ISP, pulled at random from a pool of dynamic IP addresses. Now it is true that today those leases are almost perpetual because of high speed internet always being connected. But turn off your gateway device for a few hours and turn it back on, odds are you will pull a completely different IP address from the hat. Back when we all used dial-up, you literally got a new IP address every time you connected. That is why some services would tire of hacker groups and block ban entire ISPs or TCP addresses.

    The actual IP address is actually owned by your ISP (unless you are paying big bucks for an actual IP address yourself), and does not actually point to "you". In fact, it may not even be the true address, thanks to forwarding technology that is allowing data to pass through multiple network protocols. What may be seen may be nothing more than the internal address assigned by your ISP, and their own network is handling the rest.

    And no, it is generally not "logged and stored for eternity", generally such information is only stored for 1-3 years. Sometimes it is longer, sometimes shorter. But rarely for more than that. Storing such information costs money, and companies do not spend money without a good reason.
     
  10. Blaster3

    Blaster3 Well-Known Member

    Joined:
    Sep 7, 2018
    Messages:
    6,008
    Likes Received:
    5,302
    Trophy Points:
    113
    semantics, warranty card or 'register your product' card same sh*t... larger/higher cost items require personal info for purchase, including paying in cash... return an item at wallyworld and if you paid cash they want to copy your id info before issuing a refund (illegal imo)... in this digital age 'they' don't delete anything, the 'small frys' perhaps, but certainly not the googles, amazons, governments, telephone & tv giants... the 'cable' company has my records dating back to when cablevision first came out, remember those days when cable had zero commercials? yeah, that far back...
     
  11. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    No, the copying of information is a way to combat Organized Retail Crime. A great many "professional shoplifters" will steal an item from a store, then bring it back for a cash refund. By having this information they can see trends if a single individual is making repeated cash refunds. This is a multi-billion dollar cost to companies, and having worked in store security I have seen it first hand.

    And no, they do not keep all information. Things like billing records they do indeed keep, but nothing as so benign as IP information beyond what their legal liability is. At one time they did not even track it at all, but when the RIAA and MPAA got involved in suing individuals they started to keep them for typically 3-7 years, so as to not get sued by those organizations themselves. And they do not keep records of where you went, simply who was assigned a specific IP address at a specific times.

    It takes a court order along the lines of a wiretap for them to track everywhere you go. Not even Google keeps that kind of information. With over 3.5 billion searches a day, it is impossible to keep those kinds of records. And if you are really paranoid, simply get a proxy service that spoofs or redirects your IP address, there are thousands of them. Most are located overseas, so they are pretty much immune to US laws unless it is one of those that is illegally internationally (child porn).

    That is the problem that many games run across with the bot gold farmers (WoW, Guild Wars, etc). A group (often from China or North Korea) make a ton of bots, then set them loose in games to farm gold and items that is sold for real money. They block the bots and the IP addresses they are run from, but they just get another proxy address and do it all over again. If it was as easy as you claim to get "real" IP information, they would be doing it to keep them all out.

    And no, it is not "semantics". I have worked in the IT industry for over 2 decades, and this is simply how it is.
     
  12. BillRM

    BillRM Well-Known Member

    Joined:
    May 8, 2016
    Messages:
    6,792
    Likes Received:
    1,704
    Trophy Points:
    113
    Gender:
    Male
    I think it is the ACLU who have a list of all manner of Americans that can not fly for no known valid reason.

    Some of them in order to return to the US needed to fly into a south american nation and then drive up the Pan-American Highway.

    Note also that even Senate Kennedy was block from flying for a short time due to his name appearing on the list.
     
  13. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    Once again, the list is just names.

    My name is on it, a great many names are on it. You arrive to check in, show your ID to show you are not the one they are looking for, and you carry on.

    It is not "Americans" or anybody else, it is not people or identities, it is just a list of names. If your name happens to be the same that a known terrorist has used (as mine is) your name is on the list. That does not mean that you are on the list.
     
  14. BillRM

    BillRM Well-Known Member

    Joined:
    May 8, 2016
    Messages:
    6,792
    Likes Received:
    1,704
    Trophy Points:
    113
    Gender:
    Male
    One hell of a lot of Americans had been blocked from traveling by air for many years for no known reason including an ex-marine that could not travel for his business or personal reasons until the ACLU back him suing the government.

    The list have the power to harm and even ruin many lives for no known gains.

    https://www.aclu.org/blog/national-...rmer-marine-who-was-no-fly-list-4-years-and-i
     
  15. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    And in that time he could have applied for a TSA pre-approval pass. It is not very expensive and would have solved all of his problems.

    I am in that program myself now, and even though my name is also on the list I now have no problems.

    I bet there is a lot more to that story than is being told.
     
  16. BillRM

    BillRM Well-Known Member

    Joined:
    May 8, 2016
    Messages:
    6,792
    Likes Received:
    1,704
    Trophy Points:
    113
    Gender:
    Male
    Yes indeed the pre approve pass is going to in some magical way over ride them being placed on a do not fly list.

    An yes the point is that there is something in back of the bans but the government will not tell those ban the reasons for or give them a chance to challenge the need for such a ban in fair open hearings.

    After being sue in federal courts they will not normally defend their bans but as if by magical removed the bans instead.

    In the UK with a similar system a woman could not fly home for years due to her husband a government official placing her on the do not fly list when she was traveling.
     
    Last edited: Feb 18, 2019
  17. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    You either do not comprehend, or do not want to comprehend that the list is simply a list of names. It is not people, it is not identities, it is just names.

    If this is the case, then simply change your name to one that nobody else on the planet uses. There, problem solved.
     
  18. zer0lis

    zer0lis Well-Known Member

    Joined:
    Jul 13, 2015
    Messages:
    677
    Likes Received:
    274
    Trophy Points:
    63
    Gender:
    Male
    I keep several browser fingerprints that I load in a modified version of FraudFox bought from the dark webs years ago.

    Even if you have solutions to spoof the browser fingerprint, you still have to spoof the hardware and then the network params.
    My botnet has years of activity. For now, Google (or the gov) absolutely has no idea to distinguish my machines from actual humans. As a consequence, you can be completely anonymous if you invest time, for now.

    There are some commercial solutions to privacy lately, I won't advertise here. Marvelous solutions, mostly from Russians. ( I think these were leaked- some were available on dark webs years ago and were developed by GRU for the troll factories). Anyway, the russians have knowhow in this area, as a pro tip:)
     
    Last edited: May 15, 2019
  19. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    Actually, Net Neutrality never had anything to do with that. Or in deciding how much they could charge, or anything else. It is not about charging more for one web site over another, or purposefully slowing another down unless you paid more.

    Net Neutrality is all about SMTP, TCP and UDP. This, only this, and nothing but this.

    It was never about all of the nonsensical political garbage that has been put onto it in the past few years, it is simply discussing if all network traffic should be handled the same. And on a network basis, of course it should not. SMTP (your e-mail protocol) does not care how it gets from location to location, or how long it takes. Take 100 ms, 1 second, or 19 seconds, it all gets there and works just fine. Using TCP to load up your web page can arrive in any order you want, bottom of page first, top of page first, images first then text, text first then images. It really does not matter, in the end you get your page.

    But UDP? For that it is very critical. Those are streaming things, like movies, sound clips, etc. They have to arrive quickly, and in the right order.

    SMTP was something many of us discussed 15 years ago, because we were wanting a more streamlined capability. That allowed us to allocate certain types of packets should move along more quickly because they were of a higher priority. The system we still use to this day sees it all as simply "packets".

    But especially in the last few years, 10,000 other things got thrown into the topic, so that the actual purpose and meaning have been completely lost. ANd the funny thing is, 99% of them are entirely made up, based purely upon the ignorance or paranoia of the individual bringing them up.

    But no, NN has nothing to do with an ISP "reading" your packet. In fact, that is actually very simple to do, and no IS Pis gonna do it because they are literally handling trillions of packets a minute. Contrary to what you (or others think), you are not that important.
     
    FreshAir likes this.
  20. FreshAir

    FreshAir Well-Known Member Past Donor

    Joined:
    Mar 2, 2012
    Messages:
    150,178
    Likes Received:
    62,816
    Trophy Points:
    113
    agree, it was not about slowing down sites like Netflix

    I thought there was some rules to prevent them from stealing data from other sites too, maybe that was not included

    luckily most sites use https now
     
    Last edited: May 18, 2019
  21. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    Nope, the exact opposite.

    Streaming services (like Netflix) rely upon UDP to move the video faster. So if Net Neutrality was not an issue, an ISP can get equipment and configure their network to allow UDP packets (movies, YouTube, IHeart, etc) to move faster, requiring less buffering.

    But the attempts to make such systems is dead. Killed by ignorance because nobody wants to invest billions into making parts of the Internet faster, then see it all have to be removed and thrown away because some unknowing luddites scream about it, even though they do not have any idea what they are talking about.

    All of the Internet today works on Net Neutrality. The actual concept was to find a way to move the more time critical information faster, to separate say TCP (web pages) at a slower rate then UDP (streaming services). NN was an offshoot, to describe the "benchmark" where it is all the same. All the other garbage that has been thrown on has nothing to do with it.

    HTTPS? Still not part of that, it still uses TCP. It simply does a handshake for security purposes. It is just TCP with extra steps.

    This is the kind of thing that makes network professionals want to bang our heads into brick walls. They invent things and insist it has to do with "Net Neutrality", and now most people believe it. Even though none of it is true at all. The lie becomes the truth, to all but those that do not actually understand.

    2 years ago I tried to explain this, and I could see their eyes glaze over through the Internet as I tried to talk about UDP, TCP and SMTP and they just said "But that is now what it is about, it is about XXXX.NET slowing down Netflix so Amazon Prime can move faster because they are paid to do so!

    Sadly, most people refuse to become educated. They thrive in their ignorance.

    And steal data from sites? No, not even sure what that even means.
     
  22. FreshAir

    FreshAir Well-Known Member Past Donor

    Joined:
    Mar 2, 2012
    Messages:
    150,178
    Likes Received:
    62,816
    Trophy Points:
    113
    your wrong..... without net neutrality the ISP's can slow down Netflix traffic, did you think they could only slow down tcp, but not udp? it all goes over the same IP connection

    "HTTPS? Still not part of that, it still uses TCP. It simply does a handshake for security purposes. It is just TCP with extra steps."

    never said it was, I said it helps prevent ISP's from reading our data... which it does

    "And steal data from sites? No, not even sure what that even means."

    if they are reading your packets, they they are stealing data they have no right to see - be like listening to your phone calls

    "Sadly, most people refuse to become educated. They thrive in their ignorance."

    I see (should of quit while you were ahead, I admit I was wrong in the first post)
     
    Last edited: May 18, 2019
  23. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    No, it does not.

    HTTPS has nothing to do with your ISP reading your data. It is to prevent both "main in the middle" attacks, as well as ensuring that your connection is to a trusted secure site through certificates and not to one that is spoofed.

    Sorry, but I will take my over 25 years of being a Network Engineer over this load of nonsense. This is the type of coprolite that has caused people to believe almost anything people say.
     
  24. FreshAir

    FreshAir Well-Known Member Past Donor

    Joined:
    Mar 2, 2012
    Messages:
    150,178
    Likes Received:
    62,816
    Trophy Points:
    113
    sure it does, http is not encrypted, https is, makes it harder for the ISP to read your data

    the best the isp can steal then is the sites you visit, vs the content like your bank information

    25 years and you did not know that? ;)

    like I said, should of quit while you were ahead....
     
    Last edited: May 19, 2019
  25. Mushroom

    Mushroom Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    12,494
    Likes Received:
    2,421
    Trophy Points:
    113
    Gender:
    Male
    It has nothing to do with the ISP.

    HTTPS also uses certificates, to ensure that you are actually communicating with the site you think you are. It is not just encryption, it is also certificates. That is the reason it was created. And that X.509 certificates and certifying agencies exist in the first place.

    And you do not know that?

    And no, it is not to prevent the ISP from taking your data.

    Here is how HTTPS works.

    You open an HTTPS connection, and ensure that the certificate being used by the other side is the one that is expected. That the certificate is a valid one and current, and one that is actually used by the computer on the other side. You then ensure that Port 443 is being used, and not Port 80.

    That is the basic of it. The entire reason HTTPS came about was because of Man in the Middle attacks, which were very common. But it was not done by the ISPs, it was done by hackers. If an ISP really wants to hack your data, with everything you send through them in establishing the secure connection they can actually do it. They have your key, they have the key of the other system you are trying to reach, they already have everything needed to reverse hash the encrypted information.

    You do not know that?

    If you are so damned paranoid, I suggest you just stop using the Internet period. Cut all the cords, return to POTS and FTA television, throw away your cell phone and all your computers. Because as before most of what you are saying is paranoia nonsense that has nothing to do with anything you are saying.
     
    Last edited: May 19, 2019

Share This Page