[AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?
Solly, Matthew
matt at mtt.me
Mon Jun 25 18:16:11 EST 2012
However this doesn't make sense either. The follow up GET requests only occur through two APNs - telstra.internet and telstra.iph. What about the numerous smartphones that use telstra.wap instead, or any of the numerous other APNs available to Telstra customers? It appears to be the proxy server used for telstra.internet and telstra.iph that triggers the request, not some billing process.
I'm not really buying it and the "explanation" from Level 2 tech makes no more sense than Craig Middleton's "part of normal network operation".
Matt
On 25/06/2012, at 5:59 PM, Rod Veith wrote:
“Through a 40~ odd minute phone call, I was able to speak to a chap in `Level 2 Technical Support`, who has confirmed for me that it is a part of Telstra's core system, where they track the websites you have visited for bill reporting purposes. “
This seems plausible – keeping histories for billing queries/disputes is reasonable and is probably a mandatory TIO/ACMA requirement. With very high charges once a data plan is exceeded, Telstra does need to be able to verify that the data charges are valid and a history can well help resolve billing disputes.
Would be good for an independent party to confirm the data is not used for other purposes.
I’m not commenting on the technique used as I do not know enough however I’m comfortable enough to pack away the foil hat for another day. :)
Rod
From: ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Joseph Goldman
Sent: Monday, 25 June 2012 4:48 PM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?
Through a 40~ odd minute phone call, I was able to speak to a chap in `Level 2 Technical Support`, who has confirmed for me that it is a part of Telstra's core system, where they track the websites you have visited for bill reporting purposes.
In other words, I confirmed with the chap (I have a reference for this call), that he could request billing to show a list of websites I have visited and how long I was on those websites.
He informed me that these services hitting the same website is tied in with that system.
It doesn't make sense why they would hit the site again as a GET, as they could pull this from a transparent proxy, and the purpose of scraping the website to gain extra insight about what i'm browsing, would suggest they would keep the path/query string instead of just hitting the root of the site, to actually see what content I am browsing.
I was also informed that I can not opt-out of this occurring, so I plan to contact ACCC or TIO in the morning to see what they can tell me about the practise (who would you think is better?).
Interesting indeed.
On 25/06/12 3:38 PM, James Nicol wrote:
Eric, you should check this out.
http://www.zdnet.com.au/google-maps-coordinate-tracks-employees-339340095.htm
James
From: ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Eric Pinkerton
Sent: Monday, 25 June 2012 3:30 PM
To: Matt Perkins; ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?
>Could it be that telstra are passing your browsing history in real time to a marketing company who are then looking at the site to gather some sort of marking info on the site you were just looking at.
Would explain why they are not looking at there own cache.
Last night I had a dream. I dreamed I was walking along the beach with the Lord. Across the sky flashed scenes from my life. For each scene, I noticed three sets of footprints in the sand: one belonged to me, one to the Lord, and one to a marketing company in the US who was paying Telstra for my exact movements in real time.
Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.
http://www.mailguard.com.au/mg
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120625/57b7ae3e/attachment.html>
More information about the AusNOG
mailing list