General Discussion
  >> Which ISP? (Residential)


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | (show all)   Print Thread
Anonymous
(Unregistered)Thu 21-Jul-11 14:16:54
Print Post

Heavy user, Opal LLU only


[link to this post]
 
I'm currently using TalkTalk as my ISP, and for the amount I'm paying, the service is great. I regularly consume ~100GB/month, latency is excellent, and aside from p2p throttling at peak hours, I haven't had any additional throttling applied to my connection.

So what's my problem then? Well, as you may be aware, TalkTalk have a "malware scanner" in place, which essentially stalks you by visiting every unencrypted web page you visit, scanning it for malware, and then saving that URL in a white or blacklist, depending on whether they deem it malicious, all in aid of a safer internet, apparently. Worse still, you cannot opt out of this. Oh, and did I mention it's being managed by a Chinese company? Yeah...

Having every single URL I visit being logged indefinitely and transmitted to China does not sit well with me, and it also makes certain sites unuseable, so I'm looking for a new ISP.


tldr: I'm a heavy user (100gb/month), want a broadband package for <= £30, and only Opal/CPW have equipment in my exchange.
Standard User nredwood
(eat-sleep-adslguide) Thu 21-Jul-11 14:28:46
Print Post

Re: Heavy user, Opal LLU only


[re: Anonymous] [link to this post]
 
Whilst not wanted to detract you from changing ISP, I believe HomeSafe is only activated if you opt-in and you can opt-out at any time

http://www.talktalk.co.uk/security/faq/

Be* Unlimited
Standard User GeeTee
(committed) Thu 21-Jul-11 14:42:53
Print Post

Re: Heavy user, Opal LLU only


[re: nredwood] [link to this post]
 
Partaking of the protection aspect of it is optional, yes. You cannot however opt-out of having the system follow you around wherever you go.

To the Anon OP - I don't have the link to hand but TT published a "technical" document on how the system works. The data stored is apparently de-personalised and then only stored transiently. i.e. until the URL/webpage is scanned and not to any persistent storage medium. The black-list / white-list is also apparently transient as a rolling system with entries only being held for a limited time (24 hours I think it was for whitelist and blacklist until the page is rescanned and found clean).

If I can find the details I'll post up the link.


Register (or login) on our website and you will not see this ad.

Anonymous
(Unregistered)Thu 21-Jul-11 16:41:31
Print Post

Re: Heavy user, Opal LLU only


[re: GeeTee] [link to this post]
 
In reply to a post by GeeTee:
Partaking of the protection aspect of it is optional, yes. You cannot however opt-out of having the system follow you around wherever you go.

To the Anon OP - I don't have the link to hand but TT published a "technical" document on how the system works. The data stored is apparently de-personalised and then only stored transiently. i.e. until the URL/webpage is scanned and not to any persistent storage medium. The black-list / white-list is also apparently transient as a rolling system with entries only being held for a limited time (24 hours I think it was for whitelist and blacklist until the page is rescanned and found clean).

If I can find the details I'll post up the link.


I do not trust that the system sufficiently anonymizes anything. After all, a URL can hold vast amounts of data in an innumerable amount of forms. How can they _possibly_ anonymise every URL? They cannot. And a blacklist is hindered severely if data is only held for 24 hours, so I doubt this is the case.

Casting aside all privacy issues, it also breaks a lot of websites that embed session IDs in the URL, as some of them are programmed to only allow one IP per session ID. Also, imagine a scenario where you purchase something, and then Huawei's bot comes along and places another order using your session ID. It's an unlikely scenario, yes, but it COULD happen, and it shows how little they thought about the system. If they were actually halfway competent, the public would never even know about their data harvesting, because there's absolutely no reason for them to be re-issuing HTTP requests if a customer has already done so.

To me, it reeks of a foot-in-the-door attempt to re-introduce phorm or a phorm-like system. First they're only using the data to "make the web a safer place," but before you know it, it will be used to deliver targeted advertising, and then sold to whoever for whatever purpose.

Here's some more food for thought: I performed a preliminary scan of these crawlers, and on one of the addresses is a router, a Secospace USG2100BSR/HSR to be exact, with a telnet interface open to the public internet. I'm certainly no security expert, but having a telnet interface that only requires a password (no username) open to everyone makes you wonder how secure this data really is.
Standard User nredwood
(eat-sleep-adslguide) Thu 21-Jul-11 17:14:48
Print Post

Re: Heavy user, Opal LLU only


[re: Anonymous] [link to this post]
 
You may want to look at the resold Opal Wholesale packages from Xilo or Vivaciti

Which exchange are you on?

Be* Unlimited
Standard User GeeTee
(committed) Thu 21-Jul-11 18:44:21
Print Post

Re: Heavy user, Opal LLU only


[re: Anonymous] [link to this post]
 
Easy there. No need to be hostile, I'm passing no judgement on the wrongs or rights of it, just explaining how I understand it to work.

Perhaps my post was not quite clear on the blacklist scenario - it meant to say that a url stays in the blacklist and is periodically rescanned until it is found to be clean and thence removed from the list. The 24 hours (or whatever it was) referred to the whitelist. There would be no point having a permanently stored whitelist clearly.

I would say a website that passes session information or personally identifiable information in the URL is irresponsible - it's perfectly possible to do so using secured connections and using cookies passed over that encrypted connection.

As for your purchasing scenario - I'd be more concerned that purchases can be made over a non-https connection in the first place myself.

Indeed yes they could not re-issue the http request, instead they could theoretically implement a system that scans the html content on the fly as it passes through their network. The costs involved to do that at line speed for every one of their multi-million customers would be insane, as would the other possiblity of storing it all and scanning it offline. It certainly wouldn't be a preferable solution either as it would be completely invisible.

The open telnet port does sound concerning, one would have hoped that keys would be used at a minimum.

Given your very clearly expressed concerns over the system, are you going to be considering resellers of TTG circuits in your hunt for a new ISP? By the sound of it, you're between a rock and a hard place with TTG on one side and BTW based products on the other. Unless FTTC/P has arrived for you it is probably going to be considerably more costly to avoid TTG given your needs.
Standard User nredwood
(eat-sleep-adslguide) Thu 21-Jul-11 18:50:52
Print Post

Re: Heavy user, Opal LLU only


[re: GeeTee] [link to this post]
 
I'm sure the reps from Vivaciti or Xilo / Uno will be along to confirm

I believe resold Opal Wholesale does not have the heavy TT traffic management, so I would guess the monitoring is not applied either

As for getting around it in the meantime, a VPN would do the trick

Be* Unlimited
Standard User GeeTee
(committed) Thu 21-Jul-11 19:10:49
Print Post

Re: Heavy user, Opal LLU only


[re: nredwood] [link to this post]
 
I'm sure if it had been implemented for even some wholesale circuits we'd have seen a furore over it somewhere on the rantosphere.

VPN would indeed work - but then how do you trust your VPN end point provider not to do the same thing and harvest whatever they want before squirting the data over the VPN?

Basically being online at all is a security and privacy risk. As with the whole of life, everything is a risk v. benefit calculation.

Oh - and Opal was rebranded TalkTalk Business a while back.
Standard User aramsay
(member) Thu 21-Jul-11 19:44:19
Print Post

Re: Heavy user, Opal LLU only


[re: nredwood] [link to this post]
 
In reply to a post by nredwood:
You may want to look at the resold Opal Wholesale packages from Xilo or Vivaciti

Which exchange are you on?

It's my understanding that if you are with TalkTalk direct, that there is no system in place to allow you to switch to one of the Opal packages from these providers.

I believe that you would have to migrate your line back to a BT based service (obviously someone with just a 1 month contract though), and then back to one of the aforementioned on their CPW based products.

The Xilo/Uno product does have a usage allowance of 75GB; anything over that would be charged.

[edited to correct wrong information in the Xilo allowance (ie. not 100GB)]

Edited by aramsay (Thu 21-Jul-11 21:37:05)

Standard User uno
(fountain of knowledge) Thu 21-Jul-11 20:04:22
Print Post

Re: Heavy user, Opal LLU only


[re: aramsay] [link to this post]
 
75GB actually wink

We're reviewing that though too and looking to work towards peak/off-peak much like with our standard BT-based Home/Office service.

Matt

-
uno Broadband
t: 0808 221 8642
Official Maidenhead, Milton Keynes & Manchester Speedtest.net Host
Pages in this thread: 1 | 2 | 3 | 4 | (show all)   Print Thread

Jump to