[AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

Joshua D'Alton joshua at railgun.com.au
Mon Jun 25 10:35:39 EST 2012


Yes nothing like someone not being open and honest to spoil what would
otherwise probably be a very benign and reasonable thing to do.

On Mon, Jun 25, 2012 at 10:32 AM, Matthew Moyle-Croft <mmc at mmc.com.au>wrote:

> I can replicate it across APNs as well.   Disappointing that they're not
> honest about what and why they're doing it.  Transparency isn't just for
> HTTP proxying!
>
>
> MMC
>
> On 25/06/2012, at 9:20 AM, Eric Pinkerton wrote:
>
> Ausnoggers..****
> ** **
> Whilst there is a lot of tin foil hattery and other spasticity on this WP
> Thread, http://forums.whirlpool.net.au/archive/1935438 - the questions it
> throws up have made me curious, esp given Telstra’s official response in
> the following article “****
> ** **
>
> http://www.scmagazine.com.au/News/305928,telstra-says-its-not-spying-on-users.aspx
> ****
> * *
> *“But in a short statement, Telstra’s senior media boss Craig Middleton
> said the company’s wireless network management assured that “there is
> nothing untoward in what the Whirlpool member has observed - it is a
> normal network operation” NOTHING TO SEE HEAR MOVE ALONG.*
> * *
> In short, if you make a request to a web server on port 80 from a Telstra
> mobile, you’ll see a request immediately after your legit request from the
> Telstra gateway that originates from a US IP address hosted at Rackspace.*
> ***
> ** **
> *Legit request..*
> *58.163.xxx.xxx - - [24/Jun/2012:23:12:09 +0000] "GET /test101 HTTP/1.1"
> 404 464 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X)
> AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206
> Safari/7534.48.3"*
> * *
> *Curious identical request follows…*
> *50.57.190.97 - - [24/Jun/2012:23:12:09 +0000] "GET /test101 HTTP/1.0"
> 404 526 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9)
> Gecko/2008052906 Firefox/3.0"***
> ** **
> Whilst I accept this is probably benign, and can think of several reasons
> why the output of such a process might be of value to Telstra, I find
> myself less convinced than a certain senior media boss seems to be that
> this is “*a normal network operation”. *To me normal would be to say pull
> this info straight from the proxy server.**
> ** **
> Also, just to be awkward, I am curious as to why a cloud provider, would
> be using what looks a lot like a cluster of VPS’s in someone else’s cloud
> based out of Texas ;-)****
> ** **
> Also why is there a black helicopter hovering above me?****
> ** **
> So many questions….****
> ** **
> Discuss!****
> ** **
> ** **
> E****
>
> Message protected by MailGuard: e-mail anti-virus, anti-spam and content
> filtering.
> http://www.mailguard.com.au/mg
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120625/3b396351/attachment.html>


More information about the AusNOG mailing list