computer security (safety)
Results 1 to 5 of 5

Thread: computer security (safety)

  1. #1

    computer security (safety)

    I am using a cable net Internet connection and my net provider watches all our activities and knows our passwords, about people whom we chat with and what we chat. Is there a way to keep Internet use private and not known by cable net provider? My cable net provider uses ISA server, satellite and some times also uses Linux Red Hat.
    faisal faiyaz

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    **Thread moved from Antionline: How do I? to Newbie Security**
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Every ISP can, if they wanted to, see everything you are doing. That's the simple answer. The hard part is preventing this.

    For just regular browsing you can try some of those 'anonymiser' like proxies. Those proxies will let you connect through SSL. This will prevent anyone in between from easily seeing your traffic. Some proxies even let you use other protocols (like irc).

    But it's probably easier to switch ISP's if you don't trust yours.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    But it's probably easier to switch ISP's if you don't trust yours.
    *Every* ISP has a logging policy so that they can monitor what is happening on their network. You will be hard pressed to get a copy of an ISP's logging policy unless you A) Work for them. B) Know someone on the inside who has access to it. or C) Find it posted somewhere on the internet (though unlikey).

    Today, more so than ever, ISPs are investing quite a bit of capital in monitoring. Increased terrorist cyber threats have paranioa levels elevated and executives don't want to be the one's who end up on the front page of the paper after some kind of incident.

    Anyway, I'm ranting way off the subject here . The bottom line is no matter what ISP you use, you *will* be tracked to a degree.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #5
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    I would agree with thehorse13. Similar to an employer having a right to view any emails on their server the ISP owns the wires and hardware you are using. They have the right to monitor if they so choose.

    The issue of a company having access to your information is an issue, or at least a potential issue at a number of service providers. Your electric company, gas company, phone company, cell phone company, your employer's HR department, your ISP, etc- they all have key personal information about you. You provide information to them so that they can verify your identity and authenticate you when you contact them, but you are also trusting that the people who work there have scruples enough not to steal this information.

    The people who have access to this sort of information generally know your name, birth date, home address, home phone number, and social security number- or at least the last 4. Armed with this information it would be a breeze to steal your identity.

    I think the more important issue is trust. Do you trust that your ISP will monitor and log only necessary information and securely archive any such logs? Or, are you afraid that you can't trust the people who work at the ISP to not abuse their power or authority and somehow hack you or steal your identity, etc?

    There is an emerging standard from the World Wide Web Consortium called P3P (Platform for Privacy Preferences Project) which would allow users to install agents to customize what and how they want their private information handled by P3P compliant sites. Sites that implement P3P agree to abide by your wishes. However, it is still a matter of trust- you trust that the P3P site will honor its word.

    I can see where your ISP would know your password possibly for THEIR site or access to their services, and I can see why they might be monitoring general sorts of information about what IP addresses you visited, etc. I don't think they should be examining packets down to the level of capturing your passwords for 3rd party sites and even if they wanted to hopefully those passwords are encrypted somehow. If the passwords are being sent in plain text you have probably more to worry about from all of the other sniffers on the network than you do from your ISP.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •