|
|
|
I'm currently using TalkTalk as my ISP, and for the amount I'm paying, the service is great. I regularly consume ~100GB/month, latency is excellent, and aside from p2p throttling at peak hours, I haven't had any additional throttling applied to my connection.
So what's my problem then? Well, as you may be aware, TalkTalk have a "malware scanner" in place, which essentially stalks you by visiting every unencrypted web page you visit, scanning it for malware, and then saving that URL in a white or blacklist, depending on whether they deem it malicious, all in aid of a safer internet, apparently. Worse still, you cannot opt out of this. Oh, and did I mention it's being managed by a Chinese company? Yeah...
Having every single URL I visit being logged indefinitely and transmitted to China does not sit well with me, and it also makes certain sites unuseable, so I'm looking for a new ISP.
tldr: I'm a heavy user (100gb/month), want a broadband package for <= £30, and only Opal/CPW have equipment in my exchange.
|
|
|
Whilst not wanted to detract you from changing ISP, I believe HomeSafe is only activated if you opt-in and you can opt-out at any time
http://www.talktalk.co.uk/security/faq/
Be* Unlimited
|
|
|
|
Partaking of the protection aspect of it is optional, yes. You cannot however opt-out of having the system follow you around wherever you go.
To the Anon OP - I don't have the link to hand but TT published a "technical" document on how the system works. The data stored is apparently de-personalised and then only stored transiently. i.e. until the URL/webpage is scanned and not to any persistent storage medium. The black-list / white-list is also apparently transient as a rolling system with entries only being held for a limited time (24 hours I think it was for whitelist and blacklist until the page is rescanned and found clean).
If I can find the details I'll post up the link.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
Partaking of the protection aspect of it is optional, yes. You cannot however opt-out of having the system follow you around wherever you go.
To the Anon OP - I don't have the link to hand but TT published a "technical" document on how the system works. The data stored is apparently de-personalised and then only stored transiently. i.e. until the URL/webpage is scanned and not to any persistent storage medium. The black-list / white-list is also apparently transient as a rolling system with entries only being held for a limited time (24 hours I think it was for whitelist and blacklist until the page is rescanned and found clean).
If I can find the details I'll post up the link.
I do not trust that the system sufficiently anonymizes anything. After all, a URL can hold vast amounts of data in an innumerable amount of forms. How can they _possibly_ anonymise every URL? They cannot. And a blacklist is hindered severely if data is only held for 24 hours, so I doubt this is the case.
Casting aside all privacy issues, it also breaks a lot of websites that embed session IDs in the URL, as some of them are programmed to only allow one IP per session ID. Also, imagine a scenario where you purchase something, and then Huawei's bot comes along and places another order using your session ID. It's an unlikely scenario, yes, but it COULD happen, and it shows how little they thought about the system. If they were actually halfway competent, the public would never even know about their data harvesting, because there's absolutely no reason for them to be re-issuing HTTP requests if a customer has already done so.
To me, it reeks of a foot-in-the-door attempt to re-introduce phorm or a phorm-like system. First they're only using the data to "make the web a safer place," but before you know it, it will be used to deliver targeted advertising, and then sold to whoever for whatever purpose.
Here's some more food for thought: I performed a preliminary scan of these crawlers, and on one of the addresses is a router, a Secospace USG2100BSR/HSR to be exact, with a telnet interface open to the public internet. I'm certainly no security expert, but having a telnet interface that only requires a password (no username) open to everyone makes you wonder how secure this data really is.
|
|
|
You may want to look at the resold Opal Wholesale packages from Xilo or Vivaciti
Which exchange are you on?
Be* Unlimited
|
|
|
|
Easy there. No need to be hostile, I'm passing no judgement on the wrongs or rights of it, just explaining how I understand it to work.
Perhaps my post was not quite clear on the blacklist scenario - it meant to say that a url stays in the blacklist and is periodically rescanned until it is found to be clean and thence removed from the list. The 24 hours (or whatever it was) referred to the whitelist. There would be no point having a permanently stored whitelist clearly.
I would say a website that passes session information or personally identifiable information in the URL is irresponsible - it's perfectly possible to do so using secured connections and using cookies passed over that encrypted connection.
As for your purchasing scenario - I'd be more concerned that purchases can be made over a non-https connection in the first place myself.
Indeed yes they could not re-issue the http request, instead they could theoretically implement a system that scans the html content on the fly as it passes through their network. The costs involved to do that at line speed for every one of their multi-million customers would be insane, as would the other possiblity of storing it all and scanning it offline. It certainly wouldn't be a preferable solution either as it would be completely invisible.
The open telnet port does sound concerning, one would have hoped that keys would be used at a minimum.
Given your very clearly expressed concerns over the system, are you going to be considering resellers of TTG circuits in your hunt for a new ISP? By the sound of it, you're between a rock and a hard place with TTG on one side and BTW based products on the other. Unless FTTC/P has arrived for you it is probably going to be considerably more costly to avoid TTG given your needs.
|
|
|
I'm sure the reps from Vivaciti or Xilo / Uno will be along to confirm
I believe resold Opal Wholesale does not have the heavy TT traffic management, so I would guess the monitoring is not applied either
As for getting around it in the meantime, a VPN would do the trick
Be* Unlimited
|
|
|
|
I'm sure if it had been implemented for even some wholesale circuits we'd have seen a furore over it somewhere on the rantosphere.
VPN would indeed work - but then how do you trust your VPN end point provider not to do the same thing and harvest whatever they want before squirting the data over the VPN?
Basically being online at all is a security and privacy risk. As with the whole of life, everything is a risk v. benefit calculation.
Oh - and Opal was rebranded TalkTalk Business a while back.
|
|
|
You may want to look at the resold Opal Wholesale packages from Xilo or Vivaciti
Which exchange are you on?
It's my understanding that if you are with TalkTalk direct, that there is no system in place to allow you to switch to one of the Opal packages from these providers.
I believe that you would have to migrate your line back to a BT based service (obviously someone with just a 1 month contract though), and then back to one of the aforementioned on their CPW based products.
The Xilo/Uno product does have a usage allowance of 75GB; anything over that would be charged.
[edited to correct wrong information in the Xilo allowance (ie. not 100GB)]
Edited by deleted (Thu 21-Jul-11 21:37:05)
|
|
|
75GB actually 
We're reviewing that though too and looking to work towards peak/off-peak much like with our standard BT-based Home/Office service.
Matt
|
|
|
Ooops; you are of course correct; I must have been getting two different packages confused 
|
|
|
In reply to a post by Anonymous:
Can you tell me which sites you can't access on TalkTalk? If you mean downloading from filesharing sites like rapidshare, filesonic etc then there's an easy way around this 
|
|
|
|
Fairly simple, get a low spec vps with plenty of traffic allowed and configure your own. The chance of that being monitored by the data center is slim to none.
|
|
|
Easy there. No need to be hostile, I'm passing no judgement on the wrongs or rights of it, just explaining how I understand it to work.
I'm not being hostile. I'm just passionate about the subject.
Perhaps my post was not quite clear on the blacklist scenario - it meant to say that a url stays in the blacklist and is periodically rescanned until it is found to be clean and thence removed from the list. The 24 hours (or whatever it was) referred to the whitelist. There would be no point having a permanently stored whitelist clearly.
This is no more comforting. I don't want ANY of my web browsing habits being stored by my ISP, regardless of whether they consider it malware.
I would say a website that passes session information or personally identifiable information in the URL is irresponsible - it's perfectly possible to do so using secured connections and using cookies passed over that encrypted connection.
Agreed, but it still happens everywhere.
As for your purchasing scenario - I'd be more concerned that purchases can be made over a non-https connection in the first place myself.
I was pointing out how short-sighted they were when they designed the system. Personally, I would never transmit financial information over plain HTTP, but given the sheer size of TalkTalk's userbase, the situation is not that implausable.
Indeed yes they could not re-issue the http request, instead they could theoretically implement a system that scans the html content on the fly as it passes through their network. The costs involved to do that at line speed for every one of their multi-million customers would be insane, as would the other possiblity of storing it all and scanning it offline. It certainly wouldn't be a preferable solution either as it would be completely invisible.
They already have to scan all content on the fly in order to extract the HTTP headers. I don't see how extracting the rest of the content is any more of an expensive process, other than the fact that the data will most likely be spread across multiple packets. Maybe I'm overlooking something.
Thanks for the help guys. uno and Vivacti look like two good candidates. Uno, can you confirm whether I will have to switch back to a BT line before I can receive service from uno?
The VPS solution also sounds like a viable choice. I figured this would be expensive, but doing a cursory search on the Internet says otherwise. At the moment, I'm using Tor to conduct most of my web browsing, but I am forced to avoid it if I wish to communicate sensitive information to sites without HTTPS support. I can't help shake the feeling that I'm being recorded on a police-owned database somewhere for simply being connected to the Tor network, either.
|
|
|
In reply to a post by Anonymous:
Can you tell me which sites you can't access on TalkTalk? If you mean downloading from filesharing sites like rapidshare, filesonic etc then there's an easy way around this
Overdrive, an eBook service used on many public libary sites in the UK, is one of many sites that is almost impossible to use because of TalkTalk's web stalker. You can find many more examples by visiting the TalkTalk Members forum.
The issue with filesharing sites is totally unrelated. That is due to the IWF, an organisation that was conceived under the pretense of preventing child exploitation but has quickly shown its true colours by crippling filesharing sites. And yes, I am completely opposed to the IWF filter too, but they're next to impossible to escape. Yes, I'm sure blocking an album cover will have an absolutely devastating effect on child exploitation in developing countries. Thank you for your valiant efforts, IWF.
|
|
|
In reply to a post by Anonymous: In reply to a post by Anonymous:
Can you tell me which sites you can't access on TalkTalk? If you mean downloading from filesharing sites like rapidshare, filesonic etc then there's an easy way around this
Overdrive, an eBook service used on many public libary sites in the UK, is one of many sites that is almost impossible to use because of TalkTalk's web stalker. You can find many more examples by visiting the TalkTalk Members forum.
The issue with filesharing sites is totally unrelated. That is due to the IWF, an organisation that was conceived under the pretense of preventing child exploitation but has quickly shown its true colours by crippling filesharing sites. And yes, I am completely opposed to the IWF filter too, but they're next to impossible to escape. Yes, I'm sure blocking an album cover will have an absolutely devastating effect on child exploitation in developing countries. Thank you for your valiant efforts, IWF.
Thanks for clarifying. Regarding IWF, its easy to bypass this on TalkTalk (unlike those on BE or Virgin Media):
Edit the hosts file located at
C:\Windows\System32\Drivers\etc
paste text below to hosts file:
69.5.88.211 www.hotfile.com
69.5.88.211 uk.megavideo.com
69.5.88.211 uk.megaupload.com
69.5.88.211 www.megavideo.com
69.5.88.211 www.megaupload.com
195.122.131.15 www.rapidshare.com
195.122.131.21 rs20.rapidshare.com
82.192.86.132 oron.com www.oron.com
209.222.23.221 fileserve.com www.fileserve.com
78.140.176.186 filesonic.com www.filesonic.com
94.75.229.70 easy-share.com www.easy-share.com
Bob's yer uncle! 
|
|
|
Can be bypassed in the same way on BE
Be* Unlimited
|
|
|
I've not used it, but as an alternative to Tor
http://ultravpn.fr/
Be* Unlimited
|
|
|
Can be bypassed in the same way on BE
I stand corrected
|
|
|
Good Morning,
I'm not sure if our Opal based services would be a close fit for your requirements?
http://www.aquiss.net/broadband-family-value.php
|
|
|
75GB actually
We're reviewing that though too and looking to work towards peak/off-peak much like with our standard BT-based Home/Office service.
Matt
OT: I understand it may be commercially sensitive but do you plan on getting near the entanet style usage options? Also any price point, interleaving options, DLM or higher upstream options?
Even if the usage pattern is close im still interested as its the only ADSL2+ avaliable here 
|
|
|
Good Morning,
I'm not sure if our Opal based services would be a close fit for your requirements?
http://www.aquiss.net/broadband-family-value.php
£35/month for 100GB is a little on the expensive side when compared to similar offerings from Vivacti and uno. I'll keep it in mind, though.
***What follows is all related to TalkTalk's monitoring system. It's interesting, though, because I think I irrefutably demonstrate that their system is illegal.***
The following is taken from a document on openrightsgroup.org, in which they explain in greater detail, from information provided to them by TalkTalk, how the system works:
"However, URLs that are deemed to be �bad� will leave the automated system and be reported to TalkTalk personnel. They may be used, for example, to allow TalkTalk to work with legitimate website owners to help resolve whatever malware infection they may have."
If capturing and then manually reviewing data from customers is not in violation of the RIPA, then what is? Paraphrased passage from the RIPA for reference:
"a person intercepts a communication in the course of its transmission by means of a telecommunication system if, and only if, he so monitors transmissions made by means of the system, as to make some or all of the contents of the communication available, while being transmitted, to a person other than the sender or intended recipient of the communication."
Monitors transmissions? Check
Makes the contents available to a person other than the intended recipient? Check
Illegal? Check
If they claim that they are allowed to do this, then they are claiming they can manually review all data you transmit and receive, and doing so is completely legal. The URL is contained in the data portion of a packet - because it's data.
In most statements, they do not mention the manual review of URLs by employees, so if you twisted the RIPA, it could be considered legal. But manually reviewing URLs by personnel is a clear violation. I personally suspect they are doing much more with the data.
TalkTalk also claim that they have a magic oracle that can "anonymise" any string. Yeah right. Removing everything that follows a question mark in HTTP requests IS NOT anonymisation. A machine cannot anonymise every URL. It's impossible. Stop lying.
Regulators are either: too inept, too lazy, or corrupt. Hanlon's razor would lead me to believe it's the former, but in a case where they have had the work done for them (i.e. members of the public have clearly stated what TalkTalk are doing and why it's illegal), I think the other two possibilities are just as likely.
This may not be such a problem now, because only TalkTalk do it; everyone is free to use another ISP. The problem is that if TalkTalk are allowed to do this, then there's nothing stopping the other ISPs from doing the same. I'm sure some of the more smaller ISPs would not engage in such things, but how long before it's embedded in routing equipment and/or BT's infrastructure and impossible to avoid? If everyone sits idly by, that's what will happen. Thank god for encryption. They'll have a tough time outlawing that.
|
|
|
When is your heavy use? Spread relativity evenly over the whole day everyday or could you move it away from weekday working hours if it isn't already?
If the latter then A&A might be suitable. £26.60 would get you four "units" which would equate to 150Gb off-peak and 1Gb in peak time (or 1.5 peak and 100 off, or any other mix) on BT's 20CN network, or 2Gb peak plus 300Gb off (or other combinations like 4Gb peak, 200Gb off) on the 21CN backhaul if that is available on your exchange. See http://aaisp.net.uk/broadband-units.html for more info and a cost calculator. Their billing is pretty flexible (units are called off by the byte so you can mix the peak use and off-peak use differently each month, unused quota can be carried forward one month, and overuse called off against next month instead of being charged the over-use rate unless you go significantly over) and their control panel gives you a good view of what you have used and when.
Uploaded data is unmetered (with a basic "don't go nuts policy" attached, but there are people uploading lots on 10Mbit upstream FTTC connections so you probably don't have to worry abut any upstream FUP on an ADSL2 line).
Oh, and they claim not to filter/monitor at all (http://aa.net.uk/news-censorship.html), a claim that I've not specifically tested myself but I have no reason to believe it is false (they weren't affected by the IWF Wikipedia issue, so they definitely don't subscribe to that as they state) - so that should help you with concerns about other organisations being fed your browsing habits.
If you need to download a lot during the day monday-to-friday then their plans are no good to you because at one or two Gbytes per unit it is quite expensive, otherwise it seems their product matches your requirements and price range. There is a period in the night (0200 to 0600) when things are cheaper (called off at 1000G/unit not 50 or 100), which is useful if some of your activity can be automated overnight (or if you keep unusual hours due to shift work or such, and so might actively use the 'net at that sort of time) - if you can make enough use of that you could probably make do with the minimum 2 unit/month tariff which is less than £20.
Edited by deleted (Sun 24-Jul-11 19:00:50)
|
|
|
Why on earth would the OP want to go from a ADSL2+ Opal LLU to a BT based ADSL1 A&A ipstream service and pay a small fortune in the process? I think the only solution for him/her is Vivaciti's Surfwise package (Opal LLU based):
http://www.vivaciti.net/product/1/home-internet/17/s...
|
|
|
Why on earth would the OP want to go from a ADSL2+ Opal LLU to a BT based ADSL1 A&A ipstream service and pay a small fortune in the process?
It depends on his exact expected use pattern. You are right in that the Opal option looks to fit the description of his needs and budget, and it does avoid a chunk more of BT's network (moving back to parts of BT in order to get FTTC from A&A after a few years using Be's LLU backhaul). The OP did not state what exchange he was on, so I have no way to determine if ADSL2+ is available without LLU in their area, and in any case maximum speed may not be a particular concern.
The OP asked for options, and I just added an option to the discussion that fitted the stated requirements (dependant on some fine details that were not specified).
Depending on how often (s)he goes over 100Gb, by how much, and how much under in the other months, how much of that traffic is upstream (the page you linked to give no detail as to whether upstream is metered on that plan, so I'll assume is as unmetered upstream bandwidth is usually explicitly stated in product descriptions when present in the plan), and how much of that traffic could be scheduled for the cheap early morning slot, an A&A 2 unit plan (costing about the same as the plan you linked to) with the flexibility regarding carry-over and carry-under might make it considerably more attractive.
Of course other factors (like if they want to avoid BT's backhaul, or need/want to transfer a noticeable amount downstream during the 9-to-6 period on week days) might make the Opal based deal a "no brain needed" decision and the A&A one completely unsuitable. There might be other factors that weight heavily in that direction too (if there are, it would be helpful to the OP for you to state them if you know them so the OP can use that information when comparing the options).
A&A's stance on filtering may be something the OP considers significant too (the plan you linked to had no detail on such things, so they'd have to check with the ISP in question to see what their stance is, if such things are in fact significant). Other fine details the discussion hasn't even touched on might make a difference too (so the OP would be well advised to read the detail provided by the respective ISPs, and contact them with questions where the detail is missing, if the larger details have not already made the decision completely one sided).
To say one of the two plans is the only one that could be right, without knowing the expected use details that would help distinguish between the two, seems rather short sighted to me - hence I stated the assumptions under which I thought the option I talked about would be worth considering and conversely under what circumstances it could be dismissed as unsuitable (either absolutely or when compared to the other option(s)).
|
|
|
|
Worth pointing out that there is some traffic management on the Vivaciti surfwise packages which you can pay to have taken off and make unlimited.
You get less allowance with Xilo but I don't think they have any traffic management.
|
|
|
|
Yeah but the OP wants to pay less than 30 notes pm for 100GB data so he'd have to put up with Vivaciti's throttling. I'm sure he realises a totally unthrottled connection with at least 100gb data ain't gonna come cheap (you don't get owt for nowt in this world!)
|
|
|
|
The traffic managment on Surfwise only applies during "office hours" and I think is limited to P2P traffic, this might not be an issue for the OP.
It does not affect the BBC iPlayer download service for me.
|
|
|
|
8am to 7.30pm Monday to Friday.
I'm on the surfwise complete package with the file sharing addon and have few complaints. Certainly none with throughput or latency.
I have noticed a couple of occasions of 20% packet loss that lasted around 15 mins or so recently which killed the connection and downtime of up to an hour a few times a month ago, normally in the middle of the night but once midday.
Can't think of any issues in the last year apart from those recent ones which I think is pretty good.
I pay £46.80. Assuming £11 line rental makes the broadband £35.80 which isn't that far from £30 with the bonus of being unlimited and unmanaged.
|
|
|
8am to 7.30pm Monday to Friday.
I'm on the surfwise complete package with the file sharing addon and have few complaints. Certainly none with throughput or latency.
I have noticed a couple of occasions of 20% packet loss that lasted around 15 mins or so recently which killed the connection and downtime of up to an hour a few times a month ago, normally in the middle of the night but once midday.
Can't think of any issues in the last year apart from those recent ones which I think is pretty good.
I pay £46.80. Assuming £11 line rental makes the broadband £35.80 which isn't that far from £30 with the bonus of being unlimited and unmanaged.
Was looking at the Surfwise package via vivaciti.
What sort of usage are you putting through it out of interest?
What upload speeds are you getting and can you tweak target margins?
Looks like unlimited addon takes it £40 PM.
Edited by deleted (Mon 25-Jul-11 17:39:22)
|
|
|
|
Don't think I have done more than 200GB usage wise so far.
Sync at 1019 kbps upstream and throughput is around 80 KB/s
Re target margins Vivaciti brought me down from 12db to 6db at my request which also removes any DLM.
I have a very stable line and have pushed that down to around 0.8db using DMT with my netgear modem.
The figures I quoted were for the complete package where you have to transfer your phone line as well, so fully unbundled.
For the variety package it does take it to £40 per month plus line rental
|
|
|
Don't think I have done more than 200GB usage wise so far.
Sync at 1019 kbps upstream and throughput is around 80 KB/s
Re target margins Vivaciti brought me down from 12db to 6db at my request which also removes any DLM.
I have a very stable line and have pushed that down to around 0.8db using DMT with my netgear modem.
The figures I quoted were for the complete package where you have to transfer your phone line as well, so fully unbundled.
For the variety package it does take it to £40 per month plus line rental
Thanks for that, would've have up stream would be a little more as on 832kbit up I average mid-90's.
|
|
|
|
You're right of course.
Just checked my backup that is running and is uploading at 826kbit which is around 103kB.
Always get my conversions wrong..!
|
|
|
|
That sounds about right for that sort of sync rate. You should get around 85% of line speed in observable throughput (this will vary a little depending on interleaving options and such, and line conditions) on a DSL line (if the line itself it the main bottleneck). Remember too that the M in Mbits/s as quoted in comms speeds is the SI unit modifier (i.e. 1000*1000 not 1024*1024 which makes ~4.9% difference if the measurements of observed throughput your have are in programmers measures).
|
Pages in this thread: 
Print Thread
nredwood