Hello everyone When I worked in the support of the provider, sometimes they called me and asked the following question: can the Internet provider see what sites I went to? Well, what can I say. Then, working in support, of course, I answered that no, this is impossible and that the provider does not see anything like that. Well, that is, he said that he sees only when you connected to the Internet and that’s it ... But it’s clear that I said so so that users do not rebel, do not ask even more questions .. well, that is, to be calm
What can the provider actually see? I will try to explain in simple terms what he can see and what he cannot.
Let's first understand what a provider is. Well, in a simple way. The provider is the building from which the wires go, all sorts of dishes sit on it, well, satellite ones, and inside there are cash desks for payment, and everything else is darkness and the darkest forest ..
The provider is essentially a node that sells the Internet more expensive, which buys cheaper. It can be said that the main Internet is cheaper, there are very high speeds.
A provider can have tens of thousands of users, or even hundreds.
To follow or not is a matter of honor. Joke. This is a state-level matter. There are some laws there that oblige providers to pass traffic through a special device. In any case, the provider is obliged to issue, at the request of the police, all the data about the subscriber who is suspected of committing a crime on the network. Simply put, there are a number of regulations that a provider needs to fulfill in order to obtain a license and provide services.
- Can ISP see what sites I visit? If necessary, the provider in most cases can obtain a list of all visited sites. But as a rule, this is a list of IP addresses or domains for some recent period of time. It could be a month, three months, six months, a year...
- If I use a VPN, will the provider not know that I'm using a torrent? Well, this is the moment. Yes, if you do everything correctly, I mean the VPN connection, then he will not see everything that is in it. Torrents will also be hidden. But the VPN server itself will be visible. And it will also be seen that it is with one IP address that there is a suspiciously large traffic exchange (that is, with a VPN server). And if the admin breaks through the IP, looks, and sees that this is the IP of the Netherlands, for example, and if the activity lasts for hours, days, then this will certainly induce suspicion. But this is if there is a reason to look for something. Usually no one cares where you go there and what you download there ..
What does the provider see?
- Does the ISP see HTTPS? He sees only the fact that a secure connection is being used, but he does not see the content itself.
- Well, what about HTTP then? Here the provider sees almost everything, because there is no encryption. Packet headers, what and where you sent. It can see, for example, that you have visited a torrent tracker, and it will have a list of all pages.
- Does the provider see TOR? The provider sees only the TOR server, it is unlikely that he will be able to decipher what you are doing there, if necessary, they will come home. But for that to happen, you have to take over planet earth on the internet.
- Does the ISP see the MAC address? Yes, he can see it. Thanks to the poppy, providers often have a connection to the user's equipment. Well, that is, so that someone cannot use your Internet, even if he knows the username and password.
- Does the provider see search queries? Well, here's what's really going on. He basically can see. He sees the addresses themselves, this is all logged, that is, all this is recorded. But in order to see requests, you need to connect additional technology that will process packets and pull requests from them. All this I mean is that it takes a lot of power to follow this way and therefore the provider does not see search queries.
- Does the ISP see the proxy? It can only see that you are connected to some server (which is actually a proxy). That is, in fact, it sees, but you still need to find out whether it is a proxy or just a server with which some program works. But for the most part, it's the same thing.
- So does the provider see where I go? Yes, he sees. That is, if a provider has hundreds of thousands of clients who can generate a million or even more visits to certain sites per day, then the provider sees all this as a big mountain of traffic. Of course, he won't watch anything on purpose. This is for statistics and nothing more.
- Does the provider see what I'm downloading? I don't even know what to say here. Information about what you download and from where in the first place is contained in the first package that is sent to the server to start the download process. And so the provider sees just that you are receiving data from a specific IP address.
- Does the provider see what I'm doing on the Internet? Well, as I said, in general, we can say that he sees what you are doing there. He can even make a picture, that is, to understand what kind of user you are, what you are interested in, where you go, and so on. The provider sees the entire history of the visit. But it's just that no one cares.
- Okay, but does the provider see which sites I visit in incognito mode in the browser? Incognito mode is not a mode for the provider in the first place, but for other people and for sites. That is, incognito mode allows you to make it look like you did not use the browser. This can deceive sites so that they do not collect confidential information about you and acquaintances, so that they cannot look at which sites you visited.
When I wrote whether he sees, I meant the provider, but from the point of view of not a person, but a machine! One sees little there. For there are terribly few employees compared to the number of users and their traffic. A person can see everything, but only upon request from above ...
But in fact, the provider cares what you do at the computer. There is no such thing as someone sitting in a room and looking at what is being downloaded there .. There are simply a lot of users and it is impossible to monitor everyone manually, everything is recorded. And it is recorded at a minimum, because there is a lot of traffic and even here you need to save, although this is just text .. If you just use sites, then you have nothing to be afraid of. Even if you constantly use VPN or Tor, then no one will tell you anything, well, unless of course you do some insidious things
But what's the big deal with movies? The fun is here. In Germany, there is some kind of law there, in short, that you can’t download movies without paying. So. How does this scheme work? You are downloading a torrent. And some policeman starts pumping it. And he sees in the torrent from whom he downloads the movie. And then, analyzing these statistics, he can understand who can be fined. Well, that is, you understand that just a VPN would be appropriate here.
That's all, I hope that I wrote everything clearly and accessible. If something is wrong, then I'm sorry, good luck to you and all the best
18.07.2016“If you are paranoid, then this does not mean that you are not being followed ...” - one notorious character used to say, and there really is a grain of truth in this. The Information Age has given us so much, but in return our privacy has been threatened. Geolocation apps, social networks, Instagram, tracking services, viruses and many other spy tools are a direct threat to privacy and peace of mind.
So what can you do to protect yourself from unauthorized surveillance? You must find the answer to this question for yourself, because there are many on the Internet who will gladly take advantage of your ignorance and carelessness.
There are quite a few protection recipes and almost all of them are quite simple. For greater convenience, we will consider the options for stopping surveillance by the types of equipment that can be used.
- Geolocation services. A lot of mobile applications and desktop programs have in their arsenal the functionality to determine the location of the user. You can disable computer location detection directly in the program settings or, alternatively, simply report inaccurate coordinates during the initial installation of new applications. For example, for Firefox, there is a convenient Geolocater application that allows you to set coordinates yourself, and in the Chrome browser, you should activate the developer tools and change the current geodata right in the Emulation tab.
- Camera. Filming and visual surveillance is one of the most dangerous and unpleasant types of unauthorized surveillance. And it does not matter what you do at the computer, how you look, what is open on the screen and how the recordings can be used in the future - each of us always needs a sense of security. If this is not the case, then there is no peace. But just this type of surveillance is very well controlled. It's very simple: seal the camera with a neat piece of dark tape. If necessary, it is easy to peel it off, but this is the only way to really prevent the likely leakage of information. This approach is simple, but it is many times more effective than any programs and applications.
- Microphone. Like the built-in camera, the microphone can collect a lot of information about the owner of a computer or smartphone, and the scotch tape option will not work here. Unlike the image, the sound penetrates a mechanical obstacle quite easily, so other protection is needed here. For almost every operating system, you can choose an application that blocks access to the microphone for any installed programs: Windows owners should pay attention to Webcam Blocker Pro, and for Mac, Micro Snitch and its analogues will be relevant. All programs run in the background, their work is invisible, but very effective.
- Keyboard. To track data entered using the keyboard, nothing supernatural is needed, since there are now dozens of small programs that easily implement this kind of monitoring. How to prevent data leakage in this case? Firstly, you can use abbreviations or assign special key combinations to each of the entered passwords, secondly, in especially important cases, use the on-screen analogue of the keyboard, and thirdly, regularly check your computer with antiviruses without neglecting updates.
Modern technologies dictate to us new rules of behavior on the network and a more serious approach to personal data and information in general. To neglect this means to jeopardize your material well-being, private life and career. Antiviruses, careful attention to the information published on the network, and the protection measures described here will help reduce the likelihood of secret collection of information and make it possible to safely continue work, business and online communication.
Fortunately, advanced technologies are in service not only with villains, but also with good people. The 3D scanning and printing industry is now in full swing. If you want to know the latest news from this direction, then I recommend that you visit the thematic conference. You can learn about the conference on the website 3dprintconf.ru. In IT, everything happens so fast that it is worth a little gape and fall out of the mainstream. To prevent this from happening, educate yourself.
Video.
In continuation of the topic, I propose to watch a simple but practical video on how to get rid of surveillance on the Internet.
The security of computer data and ours, the user's, is measured by the absence of viruses - trojans, worms and other nasty malicious programs designed to slightly or seriously spoil the life of us. However, the last couple of years have shown that viruses of the past, and indeed of the present, are a childish 8-bit squeak on the Super Mario lawn compared to what really threatens each of us.
So what can a virus really do? Force the owner of a computer to download, parting with hard-earned fifty dollars, a licensed antivirus? Reinstall operating system? Change passwords on Facebook? Patch a hole in Wi-Fi? Run around the offices involved in data recovery? Frightened! All this is solvable and not scary.
It is much more terrible that all that seemingly harmless information that we share every day with curious friends, boastful colleagues and annoying relatives can end up with attackers at any moment. Who, how and why is watching us continuously and how to prevent this vile fact - that's what we'll talk about today.
Do you want cookies?
Smartphones can enter the coordinates of the point where the picture was taken into the system fields of the photo file. When publishing a picture on social networks, online resources can automatically match the coordinates and give the exact address of the shooting location.
Facebook and email have become an integral part of every morning for many. But think for a minute! After all, we are constantly sending so many intimate details of our own lives to the World Wide Web that no spy is needed. It is enough to write down the actions that we perform on our devices 24 hours a day: in which club and with whom did Sveta visit Facebook for the fifth time during the night, what size shoes and how much did Aleksey buy, when Irina is going to a conference in Poland, which children's club Sergey took his son, at which metro station Katya got off, what GPS coordinates Andrey assigned the tag home sweet home.
And who will write down all this seemingly useless nonsense, you ask? There is such a James Bond, and it is also installed on your computer. This is our own carelessness, hiding under the cute name "cookie" or cookies.
“C is for cookie and it’s good enough for me,” sang the cute blue plush Gingerbread Monster in the Sesame Street tutorial, unaware that he would serve as the inspiration for the original cookie makers, Netscape Communications. Old geeks may remember that before Google Chrome, before Internet Explorer, before Opera and, of course, Safari, there was a browser like Netscape Navigator, the "grandfather" of modern Mozilla Firefox, and it was the most common until the mid-90s . It was Netscape that first introduced support for cookies. They were invented in order to collect information about visitors and store it not on the company's overcrowded servers, but on the hard drives of the visitors themselves. To begin with, the cookies registered basic information: it checked whether the visitor was already on the Netscape site or visited for the first time. Later, programmers realized that cookies can be trained to record almost any information about the user that he himself wants to leave on the Internet. They gathered, of course, without the knowledge of peaceful visitors.
Invisibly introduced into Netscape Navigator in 1994, and into Internet Explorer in 1995, "cookies" remained unknown workers until 1996, when, thanks to a journalistic investigation, the entire respectable Internet public found out about them - and an international scandal erupted . The public was shocked: the brother, while not very big, but still the brother, it turns out, followed all the actions every minute and, moreover, wrote everything down. The assertions of the creators that all data is stored securely (namely, on each user's own computer) and cannot be used by intruders were little reassuring. It soon became clear that these claims were not true.
As it turned out, with a strong desire, an attacker can intercept the “cookie” file sent to the site that created this work of computer-culinary art, and, pretending to be a user, act on the site at his own discretion. This is how mail, accounts in online stores, banks, etc. are hacked. But, we admit, it is not so easy to do this.
Moreover, despite the declared anonymity of cookies, even marketers themselves admit that the classification of users, that is, you and me, has reached perfection. All Safari owners 25-35 years of age, male, with a Citibank card, graduated from the Moscow Aviation Institute, unmarried, suffering from myopia, wearing long hair, fans of the Star Wars series and the Nickelback band, with an annual income of $ 50-100 thousand, frequent visitors to the Rolling Club Stone, living near the Novogireevo metro station? Please, these three people.
Who buys this information? How does he want to use it? Our paranoia has poured herself a glass of something with orange juice and refuses to answer this question. The mass nature of the phenomenon has long gone beyond any acceptable limits.
An experiment conducted by the Wall Street Journal in 2010 showed that the 50 most popular sites in America installed 3180 spy files on their behalf on a test computer (the “cookies” we have already mentioned and their younger advanced brothers “beacons” or “beacons”) , writing down for serene users in the literal sense of everything. Only less than a third of the files were related to the operation of the sites themselves - they fixed passwords, remembered their preferred section to start with next time, and so on. The rest existed only in order to learn more about a particular visitor and sell the information collected about him at a higher price. The only site that did not install a single unpleasant program was Wikipedia.
In addition to cookies, as we have already said, there are also “beacons”. They do not send themselves to users, but are placed directly on the site as a small picture or pixel. "Beacons" are able to remember the data entered from the keyboard, recognize the location of the mouse cursor, and much more. Comparing them together with the "cookies", we get a picture worthy of a paranoid nest.
Using the Privacychoice.com service, you can find out exactly who is monitoring your activities, whether only general or also personal information is recorded, how long it is stored and whether its anonymity is guaranteed. Unfortunately, unpleasant statistics are collected only on the main American sites.
What can this information be used for?
Fig 1. An approved list of words, phrases and expressions, the use of which may lead to increased attention to your actions on the Global Network
Scout Mark Zuckerberg
The American public, unlike ours, does not sleep and, having sniffed out that the DHS is conducting furious surveillance of ordinary people, created an organization opposing this with the modest name EPIC. In one of their counter-investigations, EPIC employees managed to find out that the DHS had developed a certain list of surveillance activating words. You type in, say, Google the innocent phrase "Guadalajara, Mexico." And the DHS immediately puts you on the list of potential bin Ladens and begins to record all your activities on the Internet just in case. Suddenly decide to blow something up, you never know ...
A complete list of extremely strange words, many of which we use in Internet communication every day, can be found on pages 20-23 of this document.
In addition, as EPIC found out, the vast majority of at least some significant domains, such as: Facebook, Twitter, news mail sites, cooperate with all known security services, giving them access to correspondence, personal data, location, and even appearance of users without a court order. According to one of the employees of the DHS, for one real suspect there are a dozen suspects on completely unfounded grounds. It is not clear how data transfer occurs in such a situation, how secure it is, and how the information received is disposed of if it is not needed.
Another egregious fact of the introduction of the Johnsons, Petersons and Sidorsons into computers under the auspices of the fight against piracy was made public in the United States in July this year. The fact is that the US Recording and Film Association has developed a project under which providers will automatically report cases of media piracy. Of course, we are against piracy, but such an initiative means spying on users. The punishment measures seem especially strange: from soul-saving conversations and limiting the speed of the Internet channel to banning access to two hundred major sites in the world.
Even if you have a separate computer for work, from which you, like a decent paranoid, never go to the World Wide Web, we hasten to upset you. There are ways to keep track of him, even bypassing "cookies", "beacons", words from the terrorist list, etc. After all, you still update your antivirus regularly, don't you? And what kind of signatures are sent to your computer? An interested (whether by the government or third parties) creator of an antivirus can, thanks to his program, search your hard drive for anything. It is enough to declare it a new virus.
Yes, there is an antivirus, your GPS, your smartphone that is about to acquire a fingerprint sensor, Google Street View, facial recognition software in photographs - there is simply no limit to the introduction of unauthorized strangers into our daily lives. Your handler at the FBI or MI6 is aware, he's already been handed over.
Dancing with pigs
But who gave it? We passed on to you. See how we treat our own information! Look at your Facebook settings: how many third-party apps have you allowed to use your data? Try installing a new app from the Google Play Store on Android and, for a change, read what powers you promise it (access to the phone book? use the Internet as needed? make calls to your grandmother?). Look at the Instagram user agreement - by signing up, you have transferred all your photos to the full ownership of Facebook! Create an account in the Amazon cloud and ask what you have agreed to: Amazon has the right to change, delete the information you uploaded at its discretion, and also terminate your access to the site.
Computer science guru, Princeton University professor Edward Felten aptly dubbed what is happening "dancing pig syndrome." If a friend sent you a link to a program with dancing pigs, you will probably install it, even if the license agreement says about the possibility of losing all data, sense of humor, guilt, conscience, reason and average income.
What to do?
1. Make sure your home Wi-Fi is well password-protected and never use a suspicious Internet connection.
2. Change passwords more often, make them longer and stronger. We remain skeptical of password management programs and are torn between the fear of forgetting our twenty-three digit alphanumeric password, the fear of being hacked into email, Facebook, Twitter and other nice sites, and the fear that someone will write down our passwords if we keep a record of them in specialized program. As they say, here's your choice of poison. If you choose the last option, our paranoia recommends you RoboForm and Last Pass.
3. Install CCleaner and don't forget to use it (ideally every day). If you do not know where to get it, go to our website www.computerbild.ru and look in the "Download" section.
4. Install anti-tracking plugins in your browser. In Google Chrome, for example, we like Keep my opt-outs Plugin. It removes data about you from more than 230 sites. After that, install Do not track plus - this plugin prevents cookies from sending information about you again. In Chrome, by the way, we recommend using the Incognito function. In this mode, you can only be watched from behind, so do not forget to look around or hang a mirror behind the computer. Joke.
5. Use an anonymous VPN. A good and fast one may cost a little money, but the service is usually worth it. Of the free ones, we like HotSpot Shield.
6. Turn off history on Google. To do this, type google.com/history and, using your gmail.com account, delete everything that Google has recorded about you. After this operation, Google will stop recording (probably) unless you ask otherwise.
7. You can also switch to the now popular TOR browser, which uses a volunteer network of computers to achieve maximum anonymity of transmitted encrypted data.
8. If your surname is Navalny or Nemtsov and you need to communicate with friends and colleagues through an invisible channel, install an anonymous file-sharing program like GNUnet, Freenet or I2P. In the same case, we recommend that you regularly backup your data and store them on different clouds, accessing them through an anonymous VPN.
9. And, most importantly, read the user agreements of the installed programs. Before installing the next cats, think carefully about whether you need this program, if it undertakes at any time, like a mother-in-law, to use the Internet and telephone on your behalf, check who called you, find out where you are, pay for purchases with your credit card and change your ringtone.
Other news
Update your operating system regularly. Attackers spy on users by installing viruses on their computers or hacking into computers. Regular system updates will eliminate vulnerabilities and neutralize malicious codes.
Update programs regularly. The latest versions of the software add new features, fix vulnerabilities, and fix bugs.
Update your antivirus regularly and do not disable it. If you do not update the antivirus database, it will not be able to detect some viruses. Also keep your antivirus active (let it run in the background all the time) and regularly scan your system for viruses. We recommend that you turn on the automatic updating of the antivirus or always allow it to be updated when prompted.
- Antivirus programs look for viruses, spyware, rootkits, and worms. Most anti-spyware programs are no better than good antiviruses.
Use only one antivirus program. If you install several antiviruses on your computer, they will conflict with each other, which will slow down your computer. At best, one of the antiviruses will falsely work, and at worst, the antiviruses will prevent each other from working properly.
- An exception to this rule are anti-spyware, such as Malwarebytes. They can effectively work simultaneously with an antivirus program, providing an additional layer of security.
Do not download files from untrusted or suspicious sites. For example, if you want to download the VLC media player, do so from the media player's official website (www.videolan.org/vlc/). Do not click on links to random and unofficial websites, even if the antivirus does not issue warnings.
Use a firewall. The firewall checks all incoming and outgoing connections. The firewall prevents hackers from finding your computer and also protects you from accidentally going to dangerous websites.
- Most antivirus programs include a firewall, and all major operating systems also have a built-in firewall, so you probably shouldn't worry too much about the firewall.
Do not use an administrator account. Be aware that if you log in as an administrator, any software, including viruses, can be given administrative rights. This will allow malicious codes to damage the system and monitor your activity. If you use a "guest" account, the virus must be much more powerful in order to penetrate the system and work in it. From a guest account, malicious code will be able to send information about you, but nothing more.
In 1993, the New Yorker magazine printed the famous cartoon about a dog in front of a computer. “On the Internet, no one knows that you are a dog,” the caption said. More than twenty years later, things are exactly the opposite. In today's Internet, any dog knows who you are - and sometimes even better than yourself.
The Internet is not well suited to secrecy, and privacy is no exception. Every click made in the browser, by definition, needs to be known by two parties: the client and the server. This is at best. In fact, where there are two, there are three, or even, if we take the Hacker website as an example, all twenty-eight.
For example
To verify this, it is enough to enable the developer tools built into Chrome or Firefox. More than half of these requests have nothing to do with documents that are located on Hacker's servers. Instead, they lead to 27 different domains owned by several foreign companies. It is these requests that eat up 90% of the time when the site loads.
What are these domains? Ad networks, several web analytics systems, social networks, a payment service, an Amazon cloud, and a couple of marketing widgets. A similar set, and often even more extensive, is available on any commercial site .. Not only we know about them (this goes without saying), but also the owners of these 27 domains.
Many of them don't just know. They are watching you with the keenest interest. See the banner? It is downloaded from the server of Doubleclick, a large ad network that is owned by Google. If there was no banner, he would have found another way. The same data can be retrieved using the Google Analytics tracker or through AdSense, accessing fonts from Google Fonts or jQuery on the Google CDN. At least some clue will be found on a significant proportion of the pages on the Internet.
Analyzing the history of a user's movements on the Internet helps Google determine with good accuracy their interests, gender, age, wealth, marital status, and even health status. This is necessary in order to more accurately select ads. Even a small increase in Google-wide targeting accuracy is worth billions of dollars, but other applications are possible. According to documents published by Edward Snowden, American and British intelligence agencies intercepted Google trackers to identify suspects.
You're being watched, that's a fact you have to come to terms with. Better to focus on other issues. How do they do it? Is it possible to hide from surveillance? And is it worth it?
Find and hide
In order to follow a person, you need to be able to identify him. The simplest and most well-studied identification method is a cookie. The problem is that it is the most vulnerable to attacks from privacy advocates. Users and even politicians know about them. In the European Union, for example, there is a law that forces websites to warn users about the dangers of cookies. Zero sense, but the fact itself is alarming.
Another problem is that some browsers by default block cookies set by a third party, such as a web analytics service or an advertising network. This restriction can be bypassed by running the user through a chain of redirects to a third party server and back, but this, firstly, is not very convenient, and secondly, it is unlikely to save anyone in the long run. Sooner or later, a more reliable method of identification will be required.
There are far more places in the browser where you can hide identification information than the developers planned. It just takes some ingenuity. For example, through the DOM property window.name, you can transfer up to two megabytes of data to other pages, and unlike cookies, which are available only to scripts from the same domain, data in window.name is also available from other domains. Only the ephemeral nature of this property interferes with replacing cookies with window.name. It does not persist after the session ends.
A few years ago, it became fashionable to store identity information using the so-called Local Shared Objects (LSOs) that Flash provides. Two factors played in favor of the LSO. First, unlike cookies, the user could not delete them using the browser. Secondly, if cookies are different in each browser, then LSO, like Flash itself, is the same for all browsers on the computer. Due to this, it is possible to identify a user who alternately works in different browsers.
Continued available to members only
Option 1. Join the "site" community to read all the materials on the site
Membership in the community during the specified period will give you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score rating!
