How long do ISPs store your browsing history and what is stored?

Nasher said:
But by proxying out of the UK you are outside of UK jurisdiction, so those servers don't have to comply with UK law.
Click to expand...
Sadly this isn't the case. I remember a case in the early 2000s were a UK guy was running a racist website hosted in the USA to be under their freedom of speech laws.

But the UK government changed the meaning of the law and made publication from were it was transmitted from as opposed to where it's hosted at.

The government can track anyone successfully. It just comes down to how many resources will they put into to locating the person.
 
i gave up on privacy some time ago................ however out of curiosity, would using privacy mode with Tor on the brave brower help at all or is that all pointless as well?
 
bigmike20vt said:
i gave up on privacy some time ago................ however out of curiosity, would using privacy mode with Tor on the brave brower help at all or is that all pointless as well?
Click to expand...
Proper TOR browser + VPN is probably the most 'easy' private you can get. Slow though.
 
bigmike20vt said:
i gave up on privacy some time ago................ however out of curiosity, would using privacy mode with Tor on the brave brower help at all or is that all pointless as well?
Click to expand...
All pointless in the grand scheme of things. Whatever device you use is logging something about how it's being used. Cars track you, phones track you, your own smart TV tracks you and listens for key words as do Alexa and Hey Google speakers. Your doorbell cams talk to each other, CCTV is watching you everywhere you go.... Privacy is a false sense of security nowadays.

All the faff and effort to go private using tor and such for normal browsing is utterly tedious a prospect, just why? For a person to have to be that paranoid must be browsing some real shady stuff.
 
Last edited:
We should just stick an 18 rating on the internet and be done with it. You wouldn't let a kid drive a car or operate machinery because it's dangerous. Yet clueless parents just hand kids a mobile phone
 
Hades said:
I can't recall her name, but a few months ago an MP was being interviewed on the radio about the new online "safety" bill. She was insistent that technology existed to allow ISP's to check for illegal images without breaking end-to-end encryption. She was saying it was both 100% possible to ensure that a message was not interfered with or intercepted while at the same time being 100% possible for your ISP to be able to check the image against a hash code for known images. She also said that the IT industry was widely behind these new laws. Unfortunately the interviewer wasn't technologically savvy enough to challenge her on it.
Click to expand...

Even someone with a hint of knowledge knows that, to do what they are suggesting, requires client side scanning and who wants a piece of software on their device which could be manipulated to then start scanning for other things like bank details, personal info etc.

The whole "nothing to hide, nothing to fear" crowd are a Government and malicious actor's wet dream.... You don't have to be doing anything illegal to be useful to other people when it comes to your info. Blackmail and identity theft are a couple of examples.
 
Nasher said:
We should just stick an 18 rating on the internet and be done with it. You wouldn't let a kid drive a car or operate machinery because it's dangerous. Yet clueless parents just hand kids a mobile phone
Click to expand...
AFAIK from a technical/legal perspective i think that's very much the case already, INAL but I'm fairly sure a minor can't enter into a contract so they can only use the internet, even a mobile phone, with the consent of their parents.

It would be interesting to know if there's been any cases of parents being held responsible for what their child has gotten up to on the internet.
 
Richie said:
Hmmm - Encrypted-email company ProtonMail has faced criticism after handing over user details to the authorities.
Click to expand...

Hades said:
I've just had a quick read of that Proton incident. From my limited understanding of it, no personal data was handed over (presumably because no personal data could be handed over). What appears to have happened is that Proton initially refused a request from French authorities for assistance, who then made a request at a Swiss court via Europol. They wanted to find out who was using a particular Proton email address which they believed was being used for illegal activity. Proton could not tell them who was using it or what the contents of the emails were (because Proton can't access those). So Proton were legally compelled by Swiss courts to start recording the source IP address of anyone accessing that Proton account. This does show that Proton were indeed not recording anything prior to being compelled by the court. Presumably the French police could then find out the identity of the person from the French ISP who provided that IP address.

As far as I can see there was no handing over of the contents of emails (Proton have made it clear in the past that if you lose your password and recovery codes they cannot recover your account for you because they don't have access to it) and no availability of historic data before the court ordered Proton to change their logs for this one user. If someone is that paranoid then use several VPN's based in several countries to make it even harder to get that IP address.
Click to expand...

What never seems to get reported by people bringing up that incident, is that Proton then paid (quite a bit) to escalate the legal case, and won judgment that the original order was invalid and was wrongly implemented. They are now exempt from that particular requirement being possible to exploit in future, as the court ruled their service doesn't fall under the scope of the legislation mandating court ordered IP collection etc.
 
Rainmaker said:
What never seems to get reported by people bringing up that incident, is that Proton then paid (quite a bit) to escalate the legal case, and won judgment that the original order was invalid and was wrongly implemented.
Click to expand...

I didn't report it when i brought that incident up as I wasn't aware of the legal case you mention but hey-ho

The verdict followed a Swiss Supreme Court ruling in April that providers of chat, instant messaging, Internet video or telephone services, or email services such as Threema, WhatsApp, iMessage, Zoom, Teams, Chime or Skype were not telecom service providers but rather "over-the-top" (OTT) service providers.
Click to expand...

I can't imagine the Online Safety Bill will follow the same findings and rule those same services as out of scope of said bill... The Government would never allow that caveat :o

Be good if it was challenged in the UK courts if it ever came up mind.
 
supafly said:
All commercial VPN's are cheap compared to the amount of bandwidth passing through. I always wonder who is supporting these companies.
Click to expand...
Co-location or dedi rental with unmetered bandwidth isn't really expensive, especially when you agree to buy 20/50/100 servers with the supplier. Pack a few hundred users on each server (and they're usually always 10 year old stuff, probably second hand) at £5 a chuck and you're well into profit.
 
Hades said:
I can't recall her name, but a few months ago an MP was being interviewed on the radio about the new online "safety" bill. She was insistent that technology existed to allow ISP's to check for illegal images without breaking end-to-end encryption. She was saying it was both 100% possible to ensure that a message was not interfered with or intercepted while at the same time being 100% possible for your ISP to be able to check the image against a hash code for known images. She also said that the IT industry was widely behind these new laws. Unfortunately the interviewer wasn't technologically savvy enough to challenge her on it.
Click to expand...

That doesn't surprise me.

All the experts that I know of have labelled the government as "naive and incompetent" when it comes to the online safety bill.

The alarming thing for me is that they are prepared to compromise everyone's privacy and security using child porn as an excuse, because I guarantee you that if back-doors exist, hackers will find them.

And I do think it is an excuse. While child porn is horrific, I would like to see some evidence that the problem is as bad as they make it out to be. I mean, how do they know? If the messages are encrypted, then they have no way of knowing, right?

According to the supporters of the bill, it would probably be better to lock us all up and let out the ones who can prove they aren't paedophiles.

There is another reason behind all this. Probably HMRC. It's like Smart Meters. We all know it was never to save us money.
 
Richie said:
I didn't report it when i brought that incident up as I wasn't aware of the legal case you mention but hey-ho
Click to expand...
Sorry. Just to be clear, I wasn't digging at (or even referring to) you in that post. I should have been more specific. When the original case transpired online, every news and reporting outlet was slamming Proton saying how awful it was, how they'd done this or that. However, when Proton continued on through the courts to challenge the original order, and won(!), nobody said a thing. It just got dropped. So now when folks ask about VPN or mail providers, Proton has this undeserved black mark, because hardly anyone ever followed up with '...but they challenged it, and won, doing a favour for all providers in the jurisdiction'. I don't use Proton btw, and don't have skin in that particular game; but facts are still facts. :)
 
krooton said:
Proper TOR browser + VPN is probably the most 'easy' private you can get. Slow though.
Click to expand...

I think Tor doesn't recommend using a VPN in combination with it as if you're not careful you can make yourself less secure doing it.

If you want to be super paranoid use Tails on a burner laptop. It's a live USB hardenered Linux OS which uses Tor for internet access.
 
mrk said:
All pointless in the grand scheme of things. Whatever device you use is logging something about how it's being used. Cars track you, phones track you, your own smart TV tracks you and listens for key words as do Alexa and Hey Google speakers. Your doorbell cams talk to each other, CCTV is watching you everywhere you go.... Privacy is a false sense of security nowadays.

All the faff and effort to go private using tor and such for normal browsing is utterly tedious a prospect, just why? For a person to have to be that paranoid must be browsing some real shady stuff.
Click to expand...

Sadly people have let it happen out of a lack of vision :( Windows 7 and older, with a few tweaks, reports nothing, Windows 10/11 you are effectively leaving the curtains open... personally I avoid smart TVs and the likes of Alexa, smart doorbells, etc. and/or have that functionality disabled, etc. though these days it is much harder to fully lock down things like phones in that regard :(

Disagree with your last bit though - some people have good reasons to want privacy without doing anything shady, or simply aren't comfortable with it.
 
Pho said:
I think Tor doesn't recommend using a VPN in combination with it as if you're not careful you can make yourself less secure doing it.
Click to expand...

My understanding is the way you use a VPN and Tor that can be less secure.

You need to set it up so that you use your VPN as the first connection then onto Tor. This prevents a compromised Tor node from seeing who is connecting to it as it will see the VPN IP rather than yours.

If you use Tor first, and the exit node is compromised, it knows the source IP and also the destination you're trying to get to even though you then tunnel this through a VPN
 
You must log in or register to reply here.
Back
Top Bottom