re: an idiot about my blog post on isp’s

for posterity’s sake i’m preserving the quote:

“I've worked at 4 different ISPs, this idea that they make a profit by selling info is wildly incorrect. ISPs on the inside are quite blue collar, this is from small ISPs like your local ISP that only has a few thousand customers, to giant corporations like TWC/Spectrum. Government subsidies and monthly subscriber payments are how they make their money.”

but here’s a word from dzone (x):

“USA — In 2016, the FCC mandated that ISPs would have to obtain consent for information harvesting, but officials from the Trump administration rescinded these regulations back in 2017, before Congress rejected them, and Trump signed his ISP Privacy Bill into law in April 2017. This made harvesting information absolutely legal. So users in the US have very few protections unless they use a VPN.”

there are obviously limitations on the length at which your isp can sell your browsing data, for instance, if you’re using https, which is very likely nowadays, they won’t have any readily accessible data on the exact pages you’re viewing, but they will have easy records on the servers you’ve visited. if you like streaming videos on youtube, they can give that information to netflix. if you like to do online shopping on ebay or etsy, they can give that information to amazon, or, more realistically, to the websites you visit, so that the next time you visit, , they’ll know which ads to show you, and in the united states, they absolutely can.

on top of this, they can also use their myriad dns gateways to gather telemetric data, which can be cross-referenced with who is using what server for what activities, so they can derive a list of most likely connections between online personas and their customers. and your online personas can be given targeted ads through leads sold by your isp that way as well, even if they can’t see positive proof of it because you’re using https, they can come up with an accurate guess. using telemetric data this way can also be used to unearth someone’s location through their twitter handle, making it much easier to narrow that list down.

even if you use a vpn with the wireguard protocol with its highly touted security, they will be able to tell that their dear customer is trying to make private communications through wireguard. and then they could give that information to any and all vpn service providers, regardless of how trustworthy vpn service providers are in protecting user data. in fact, by this reasoning, isp’s and vpn’s stand to profit both by colluding in disregard for their customers’ interests, and cyberterrorism laws could dictate that they must.

and most isp’s in the united states are actually really vague about what they do with their records of their customers’ online traffic.

slamdangles is braindead.

not only can isp’s sell user metadata if they wanted to, many of them are also willfully making it hard to tell whether or not it’s even happening, which is already a sign that they’re most likely doing so