29 votes

Discussion: Internet Piracy: ISPs tracking every your move

Sorry for the minor clickbait title

Let's talk about ISPs in USA. In my personal opinion, they do so much "bad" things to their clients, as opposed to, most noticeably, Europe (I guess it's because, (at least in my country, IDK about another European states) much bigger competition, even in village with 500 people, there are about 3-4 ISPs, but there are even more of them in bigger cities). They throttle websites (even before they destroyed Net Neutrality), they track that you use your network too much and throttle you because of it ("they may send you a warning for excessive internet usage and throttle your bandwidth for awhile.").

Now, they track that you download/upload too much and/or pirate movies and can throttle your account, downgrade your account, or completely refuse to provide you any service.

Why? Why are they allowed to do this? Why they can track users and throttle them just because they download too much (I've read article about it, downloading too much, ISPs slowing down internet for few hours, link soon) or they suspect you of pirating. How they dare intercept your packets, read them and throttle you because of this? Why is it wildly accepted as completely normal behaviour?

And I could continue on things like them publicly buying votes to remove Net Neutrality from the way, and so on.

I honestly do not know why so much people are OK with this. Could we start a discussion on this?


Throttling because of piracy sources: 1 2 3 4
Pre-NetNeutrality-End websites throttling: 1 2

36 comments

  1. [31]
    teaearlgraycold
    (edited )
    Link
    Usually when an Internet subscriber gets a letter from their ISP about piracy the ISP hasn't performed any active monitoring whatsoever. For the most part they don't want to, it would only cost...

    Usually when an Internet subscriber gets a letter from their ISP about piracy the ISP hasn't performed any active monitoring whatsoever. For the most part they don't want to, it would only cost them money to run such a system. They're simply forwarding along a notice from the IP holder. Interrupting your service or charging you fees for receiving these notices is something that they choose to do, though. You receive DMCA notices when you torrent from a public tracker. Anyone can join a public tracker, including companies commissioned by the IP holder to pinpoint copyright infringers.

    Anyone looking to pirate content in a country with draconian IP laws like the US should either use a VPN, private trackers, or both.

    Edit:

    Things I'm more upset about:

    • ISPs injecting JavaScript into webpages to send you messages about your service.
    • Data caps
    • ISPs violating the ideals of net neutrality
    • ISPs blocking ports unless you pay for business class internet
    21 votes
    1. [2]
      pseudolobster
      (edited )
      Link Parent
      Many ISPs have been proven to do deep packet inspection, usually specifically to throttle torrents. It stands to reason they have the data, they just haven't been compelled to divulge that data to...

      Usually when an Internet subscriber gets a letter from their ISP about piracy the ISP hasn't performed any active monitoring whatsoever. For the most part they don't want to, it would only cost them money to run such a system.

      Many ISPs have been proven to do deep packet inspection, usually specifically to throttle torrents. It stands to reason they have the data, they just haven't been compelled to divulge that data to the IP holder until it comes to a lawsuit and they receive a valid court order.

      They're already running such a system. This is without question. The fact they don't necessarily divulge this info to any random joe lawyer who sends them a letter is nice, but it absolutely doesn't mean they don't have these data.

      To me, it's really concerning they harvest this data at all. There's ample evidence ISPs routinely sniff unencrypted traffic, DNS queries, and as much else as they possibly can. Any ISP can do whatever they want with this data, so long as you click the appropriate "I agree" button. They can sell it to other companies, they can give it to the government, they can have their database hacked and leak it to anyone without consequence.

      Anyway, to add to your superficial complaints, hijacking NXDOMAIN DNS responses to show an ad-laden search page pisses me off. The fact that the NXDOMAIN response exists means resolving a valid IP to this address is breaking spec.

      Edit: After re-reading this, "Your superficial complaints" sounds way different than what I intended it to mean. I meant "Adding to your list of complaints, in the category of less-serious-than-the-thing-I-just-said..."

      11 votes
      1. teaearlgraycold
        Link Parent
        Ah, yes. I forgot to mention that one as well. But you're right. They're collecting data they shouldn't be allowed to. They just don't always sift through it until they need to.

        hijacking NXDOMAIN DNS responses to show an ad-laden search page pisses me off

        Ah, yes. I forgot to mention that one as well.

        But you're right. They're collecting data they shouldn't be allowed to. They just don't always sift through it until they need to.

        6 votes
    2. [25]
      Soptik
      Link Parent
      Isn't this avoided by using HTTPS? The protocol is almost everywhere now. I don't get this one, why do they block certain ports? Do they hope that this will decrease VPN usage, when VPN uses...

      injecting JS

      Isn't this avoided by using HTTPS? The protocol is almost everywhere now.

      Ports blocking

      I don't get this one, why do they block certain ports? Do they hope that this will decrease VPN usage, when VPN uses certain port and users don't know to (or can't) change it?

      Thank you for these points. I'm living in Europe and I didn't know about it.

      5 votes
      1. [20]
        mendacities
        Link Parent
        Port blocking started off decades ago, really innocuously. Port 25 was blocked, to prevent botnets from spending spam. It only worked because botnets were stupid, and would try to send mail...

        Port blocking started off decades ago, really innocuously. Port 25 was blocked, to prevent botnets from spending spam. It only worked because botnets were stupid, and would try to send mail directly. But it was effective, in a very crude way... and it got people used to the idea of ports being blocked for "security".

        And then it was "we block ports 6666-6667", because dynamic IPs meant people could be asswipes on IRC and escape consequences of a DOS attack (this is before DDOS became a thing) just by power-cycling their modem, and it turned out the easiest way to not get crippled by DOS attacks was to not let people on IRC, 'cause "security".

        Repeat with a dozen trojans and things over the years, add in the growing trend for networks to issue automated abuse reports when suspicious traffic was spotted, and pretty soon the finger port is blocked, telnet is blocked, et cetera, et cetera, 'cause "security". When the idiocy that is bittorrent became a thing, a lot of networks couldn't handle it, especially the connection counts that clients of the day, in their default confugurations, would open/acccept, so it got blocked (and rightly so), 'cause... security.

        Nowadays, VPN ports aren't usually blocked in the US (yet...), but VOIP ports are, especially by ISPs who offer their own VOIP product. You get three guesses why. But that happens in a lot of countries...

        8 votes
        1. [16]
          balooga
          Link Parent
          I’m curious to know why you describe BitTorrent as “idiocy.” Distributed P2P file sharing is as practical as it is brilliant.

          I’m curious to know why you describe BitTorrent as “idiocy.” Distributed P2P file sharing is as practical as it is brilliant.

          6 votes
          1. [15]
            mendacities
            Link Parent
            There's nothing "brilliant" about it. It is on paper an ill-conceived solution in search of a problem, and in practice a fad that has long outlived any usefulness it might have ever had.

            There's nothing "brilliant" about it. It is on paper an ill-conceived solution in search of a problem, and in practice a fad that has long outlived any usefulness it might have ever had.

            2 votes
            1. [9]
              balooga
              Link Parent
              What's the better alternative?

              What's the better alternative?

              6 votes
              1. [8]
                mendacities
                Link Parent
                For what hypothetical imaginary use-case?

                For what hypothetical imaginary use-case?

                1 vote
                1. [5]
                  balooga
                  Link Parent
                  Censorship-resistant dissemination of content is one. Inexpensive file hosting is another. You’re being dismissive without saying anything meaningful to support your argument.

                  Censorship-resistant dissemination of content is one. Inexpensive file hosting is another. You’re being dismissive without saying anything meaningful to support your argument.

                  8 votes
                  1. [4]
                    mendacities
                    Link Parent
                    No, I'm not being dismissive. As the replies to my post show, people think up all sorts of elaborate (and not infrequently silly) use-cases, and the "better alternative", which is what you...

                    No, I'm not being dismissive. As the replies to my post show, people think up all sorts of elaborate (and not infrequently silly) use-cases, and the "better alternative", which is what you demanded, is, shockingly, not always the same. Facebook at one time used some variation of bittorrent for some sort of internal back-end data transfer, which I know because every time I have the nerve to criticize the magic socialist utopia that is torrenting someone predicctably brings it up. I don't know the gory technical details of how they used it and neither do you, but I would wager an educated guess that rsync, or something fundamentally along the same lines, proved to be a, if not the, better alternative for that use case. Whereas rsync is a frankly shitty way to distribute a music album. (But so is bittorrent...)

                    Censorship-resistant dissemination of content

                    Tor hidden services. Password-protected files at any cloud host. Anonymous pastebin posts. DCC. Hosting on a foreign server. Encrypted messaging apps.

                    Inexpensive file hosting

                    CDN.

                    1 vote
                    1. balooga
                      Link Parent
                      Those are good examples, thank you. I'm not sure I understand why you have an apparent axe to grind against BitTorrent though. Each of these technologies has its own strengths and weaknesses. But...

                      Those are good examples, thank you. I'm not sure I understand why you have an apparent axe to grind against BitTorrent though. Each of these technologies has its own strengths and weaknesses. But I wouldn't call any of them "idiotic," and generally more choice is better than less. Why the hostility?

                      4 votes
                    2. [2]
                      unknown user
                      Link Parent
                      Still costs something. Plus, I can max out my connection downloading an Ubuntu image via torrent, but if I try an HTTP mirror I get significantly worse speeds. Torrents are no panacea, but neither...

                      CDN.

                      Still costs something.

                      Plus, I can max out my connection downloading an Ubuntu image via torrent, but if I try an HTTP mirror I get significantly worse speeds. Torrents are no panacea, but neither are they useless.

                      2 votes
                      1. mendacities
                        Link Parent
                        Yes, but the word he used was "inexpensive", not "free". Congratulations?

                        Still costs something.

                        Yes, but the word he used was "inexpensive", not "free".

                        I can max out my connection downloading an Ubuntu image via torrent, but if I try an HTTP mirror I get significantly worse speeds.

                        Congratulations?

                2. [2]
                  SaucedButLeaking
                  Link Parent
                  Since you stipulated "imaginary use-case", say I wanted to release an album without tying it to a record label or Soundcloud or whatever. Now I seed and don't have to keep my computer running (or...

                  Since you stipulated "imaginary use-case", say I wanted to release an album without tying it to a record label or Soundcloud or whatever. Now I seed and don't have to keep my computer running (or pay for a server) indefinitely to deliver the files. My album also isn't bound by Terms of Service for whatever other site I'd be releasing it through.

                  5 votes
                  1. mendacities
                    Link Parent
                    'k. Now you lose all control over your work (i.e. you can't readily update your cover art, add a bonus track, fix that typo in the title of one song, correct the accidental out-of-intended-order...

                    say I wanted to release an album without tying it to a record label or Soundcloud or whatever.

                    'k.

                    Now I seed and don't have to keep my computer running (or pay for a server) indefinitely to deliver the files.

                    Now you lose all control over your work (i.e. you can't readily update your cover art, add a bonus track, fix that typo in the title of one song, correct the accidental out-of-intended-order playlist), lose out on all marketing data (where your album is popular, how many people are actually downloading it, whether people are downloading the whole thing or if there's one sleeper hit everyone's grabbing). Worse, you're wholly dependent on the charity of completely random anonymous volunteers for the distribution of your work, and dependent on them for the user experience of new would-be fans. (E.g. how many would-be fans are you losing out on if there are no seeds, their downloads stall at 98%, etc?) Obviously you can overcome that last problem by constantly seeding yourself, but that completely negates the entire sentence I quoted.

                    You also throw a technological barrier in the way of the would-be fan, for no good reason. They could just download your album like any other file in the exact same way people have been downloading music for decades, but, nope, if they want to hear your album, first they've got to download a torrent client.

                    My album also isn't bound by Terms of Service for whatever other site I'd be releasing it through.

                    Is this going to devolve into one of those "muh freeze peach" discussions? 'cause I don't really see this as a problem. It's an album you are literally trying to give away for free, how oppressive are the Internet Archive's, or Dropbox's, or Google's, TOSes, really?

                    Host it yourself or put it on a CDN.

                    2 votes
            2. lordpipe
              Link Parent
              Elaborate? Bittorrent sees widespread legitimate use...

              Elaborate? Bittorrent sees widespread legitimate use...

              6 votes
            3. [3]
              SaucedButLeaking
              Link Parent
              I don't think distributing and decentralizing the dissemination of data (especially large files) is ill-conceived. It addresses bottlenecking issues, server downtime, and source deletion.

              I don't think distributing and decentralizing the dissemination of data (especially large files) is ill-conceived. It addresses bottlenecking issues, server downtime, and source deletion.

              6 votes
              1. [2]
                mendacities
                Link Parent
                I rest my case.

                ...bottlenecking issues, server downtime, and source deletion.

                I rest my case.

                ill-conceived solution in search of a problem

                1 vote
                1. SaucedButLeaking
                  Link Parent
                  Look, I'm not saying I fully understand the design philosophy of the bittorrent protocol, but those are the problems it addresses and the way it was implemented seems to imply that they were at...

                  Look, I'm not saying I fully understand the design philosophy of the bittorrent protocol, but those are the problems it addresses and the way it was implemented seems to imply that they were at least a consideration.

                  Please, tell me what you consider ill-conceived about it

                  6 votes
        2. [3]
          BadMonkey
          Link Parent
          It was well over a decade ago. I was fighting ISPs to run my personal mail server all the way back to 2000 or so. I eventually got smart and got some colo space after spending the next few years...

          It was well over a decade ago. I was fighting ISPs to run my personal mail server all the way back to 2000 or so. I eventually got smart and got some colo space after spending the next few years fighting. Blocking port 25 has been SOP almost 20 years at least.

          2 votes
          1. [2]
            mendacities
            Link Parent
            Yep. That's why I said "decades". And honestly, outright blocking port 25 isn't as bad as some ISPs who redirect port 25, any address, to their own mailservers. Time Warner used to do and probably...

            Yep. That's why I said "decades".

            And honestly, outright blocking port 25 isn't as bad as some ISPs who redirect port 25, any address, to their own mailservers. Time Warner used to do and probably still does that, and I can only imagine the thousands of man-hours they've caused to be wasted by people trying to send email elsewhere and getting "authentication failed" errors with the right password, who then contact their host/work/college helpdesk for a password reset or whatever. Grr.

            2 votes
            1. BadMonkey
              Link Parent
              Wow. That's straight up slimy.

              to their own mailservers

              Wow. That's straight up slimy.

              1 vote
      2. yacn
        Link Parent
        one port I know that's very common to block on residential lines is port 25 / e-mail ports due to the risk of mass spam from malware.

        one port I know that's very common to block on residential lines is port 25 / e-mail ports due to the risk of mass spam from malware.

        3 votes
      3. [2]
        starchturrets
        Link Parent
        HTTPS everywhere. A surprising amount of sites still load ads and other stuff insecurely.

        Isn't this avoided by using HTTPS? The protocol is almost everywhere now.

        HTTPS everywhere. A surprising amount of sites still load ads and other stuff insecurely.

        2 votes
        1. pfg
          Link Parent
          Isn't that blocked by the browser for loading an http script from an https page? I get warnings in my url bar saying a script wasn't allowed to load every once in a while because of this.

          Isn't that blocked by the browser for loading an http script from an https page? I get warnings in my url bar saying a script wasn't allowed to load every once in a while because of this.

          1 vote
      4. teaearlgraycold
        Link Parent
        Some ISPs make it so that you can't receive incoming data on ports 80, 443, 21, 22. The assumption being that if you want to run an HTTP/HTTPS/SSH/FTP service you need to pay them extra.

        Some ISPs make it so that you can't receive incoming data on ports 80, 443, 21, 22. The assumption being that if you want to run an HTTP/HTTPS/SSH/FTP service you need to pay them extra.

        2 votes
    3. Parliament
      Link Parent
      The edit to your comment touches upon why I can never move to certain regions/cities. I have a local muni fiber ISP that upholds user privacy and net neutrality. I’d probably rack up hundreds in...

      The edit to your comment touches upon why I can never move to certain regions/cities. I have a local muni fiber ISP that upholds user privacy and net neutrality. I’d probably rack up hundreds in data cap charges if I were still with Comcast since I consume that amount of data in maybe a few days. Couldn’t imagine my ISP holding me hostage by blocking ports.

      3 votes
    4. Luca
      Link Parent
      Or a seed box. I’m paying 7€/month for a box in the Netherlands, and I rsync my movies over to my home server when they’re done.

      Anyone looking to pirate content in a country with draconian IP laws like the US should either use a VPN, private trackers, or both.

      Or a seed box. I’m paying 7€/month for a box in the Netherlands, and I rsync my movies over to my home server when they’re done.

      2 votes
    5. acr
      Link Parent
      Yeah and if you use public trackers they get you on the upload and a lot of applications wont let you turn seeding off completely so it doesnt just start on its own. Always use a vpn. Provate...

      Yeah and if you use public trackers they get you on the upload and a lot of applications wont let you turn seeding off completely so it doesnt just start on its own. Always use a vpn. Provate trackers can be hard to get for some people.

      1 vote
  2. spctrvl
    Link
    I don't think anyone is really okay with it, it's just that we don't have much power to do anything about it. The overwhelming majority of Americans have access to one ISP, maybe two, each of...

    I don't think anyone is really okay with it, it's just that we don't have much power to do anything about it. The overwhelming majority of Americans have access to one ISP, maybe two, each of which engages in the same shady shit, so switching to the competition either isn't an option or isn't helpful. Internet Service is a utility in all but legal status, boycotting it is about as much an option as boycotting the electric or the water company (less of one actually, you can't install internet wells or internet panels). About the only thing we have left is government action, but that's not very useful when the government isn't on your side. We all know how long the enforcement of Net Neutrality lasted. Municipal fiber has fared somewhat better, but ISPs still sue like mad whenever a new city tries to start a network and lean on state governments to erect legal barriers to entry.

    5 votes
  3. mendacities
    Link
    Verizon are a bad company to use for (all of...) your throttling examples. They aren't really an ISP; they're a wireless service who sort of grudgingly happen to offer Internet data. Why do people...

    Verizon are a bad company to use for (all of...) your throttling examples. They aren't really an ISP; they're a wireless service who sort of grudgingly happen to offer Internet data. Why do people use them? Aggressive marketing. Also, in some places, the only competition might be ~5mbps ADSL via the local phone company, and a thing we have in America called "Comcast". What is Comcast? Well, imagine if the Azerbaijani national cable television business got privatized, started offering Internet access, and then got bought and taken over by British Rail. "We're sorry, due to high winds off the coast of Scotland, Hulu is unavailable right now. Also, unforeseen high temperatures in your area may result in occasional periods of reduced download speeds lasting two to eight hours. Also, IPv6 accessibility may be impacted by wildcat labor actions on the part of some core routers."

    3 votes
  4. SaucedButLeaking
    Link
    What really grinds my gears about my ISP is that it's considered business class to get a static IPv6 range. Yes, I understand that "static" is primarily used for reliable access to services. But...

    What really grinds my gears about my ISP is that it's considered business class to get a static IPv6 range. Yes, I understand that "static" is primarily used for reliable access to services. But there's so many IPv6 addresses that they wouldn't notice a /120. Hell, when I worked for a hosting company we'd give out /64s just because somebody asked

    2 votes
  5. [2]
    toratoratora
    Link
    What can I do to enhance my security and privacy against ISPs?

    What can I do to enhance my security and privacy against ISPs?

    1. annadane
      Link Parent
      This never got a reply. You can use a VPN, and maybe change your DNS using something like OpenNIC, there's various DNS options available

      This never got a reply. You can use a VPN, and maybe change your DNS using something like OpenNIC, there's various DNS options available