[AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

Eric Pinkerton Eric.Pinkerton at stratsec.net
Tue Jun 26 08:44:33 EST 2012


This sounds like BS to me, even if they did track your browsing history for billing disputes, there are much more elegant ways to do it.

Has anyone disputed a bill and been furnished with such a detailed report?

From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Rod Veith
Sent: Monday, 25 June 2012 6:00 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?



"Through a 40~ odd minute phone call, I was able to speak to a chap in `Level 2 Technical Support`, who has confirmed for me that it is a part of Telstra's core system, where they track the websites you have visited for bill reporting purposes. "
This seems plausible - keeping histories for billing queries/disputes is reasonable and is probably a mandatory TIO/ACMA requirement. With very high charges once a data plan is exceeded, Telstra does need to be able to verify that the data charges are valid and a history can well help resolve billing disputes.

Would be good for an independent party to confirm the data is not used for other purposes.

I'm not commenting on the technique used as I do not know enough however I'm comfortable enough to pack away the foil hat for another day.  :)

Rod


From: ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net]<mailto:[mailto:ausnog-bounces at lists.ausnog.net]> On Behalf Of Joseph Goldman
Sent: Monday, 25 June 2012 4:48 PM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

 Through a 40~ odd minute phone call, I was able to speak to a chap in `Level 2 Technical Support`, who has confirmed for me that it is a part of Telstra's core system, where they track the websites you have visited for bill reporting purposes.

 In other words, I confirmed with the chap (I have a reference for this call), that he could request billing to show a list of websites I have visited and how long I was on those websites.

 He informed me that these services hitting the same website is tied in with that system.

 It doesn't make sense why they would hit the site again as a GET, as they could pull this from a transparent proxy, and the purpose of scraping the website to gain extra insight about what i'm browsing, would suggest they would keep the path/query string instead of just hitting the root of the site, to actually see what content I am browsing.

 I was also informed that I can not opt-out of this occurring, so I plan to contact ACCC or TIO in the morning to see what they can tell me about the practise (who would you think is better?).

Interesting indeed.

On 25/06/12 3:38 PM, James Nicol wrote:
Eric, you should check this out.

http://www.zdnet.com.au/google-maps-coordinate-tracks-employees-339340095.htm

James

From: ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Eric Pinkerton
Sent: Monday, 25 June 2012 3:30 PM
To: Matt Perkins; ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

>Could it be that telstra are passing your browsing history in real time to a marketing company who are then looking at the site to gather some sort of marking info on the site you were just looking at.
Would explain why they are not looking at there own cache.

Last night I had a dream.  I dreamed I was walking along the beach with the Lord.  Across the sky flashed scenes from my life.  For each scene, I noticed three sets of footprints in the sand: one belonged to me, one to the Lord, and one to a marketing company in the US who was paying Telstra for my exact movements in real time.



Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.
http://www.mailguard.com.au/mg





_______________________________________________

AusNOG mailing list

AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>

http://lists.ausnog.net/mailman/listinfo/ausnog



Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.
http://www.mailguard.com.au/mg

Report this message as spam<https://login.mailguard.com.au/report/1F0LpHs8J5/6uaYRZxc4mJ0NJs1AmBOJR/0.002>

-- 
Message  protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.http://www.mailguard.com.au/mg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120626/5d683f3a/attachment.html>


More information about the AusNOG mailing list