what does my ISP know about me ??


and is there any way that i could minimize its “knowledge”?

In: Technology

If you don’t use a VPN all the time, your ISP knows everything you do on the Internet. If you want to minimize this, you should use a VPN. Then your VPN vendor will know a lot about you.

Maybe it would be better not to do what you’re doing online??

They know what sites you visit, where you live, how much stuff you download and upload, what you download/upload (sometimes), and generally what you do on the internet.

A VPN will help you hide what sites you visit from your ISP, but they will still know how much data you download and where you live (because they have to for billing). Then the VPN company will know everything you do, though.

In this day and age, here’s what your ISP can see.

First, they can see your DNS requests. When you access reddit.com, you have to make a request to know which IP Address reddit.com is. DNS is a plain-text protocol, so your ISP sees all that.

Second, they see the amount of traffic coming out of your modem, and the destination IP/Port of that traffic. If they know you access an IP associated with cornhub.com on port 443 and download 800TB of traffic from it each day, they know you’re downloading a lot of data via HTTPS from cornhub.com, even if they can’t see exactly what it is.

Third, for any website that doesn’t use HTTPS and just uses HTTP, they can see everything you access on it. They can see the specific page you’re requesting, they can see anything you enter in a form and submit.

As for other comments who say “Just use a VPN” — all you do is move the problem upstream to the VPN. At some point your traffic goes over the public Internet without any additional encryption beyond the protocol (i.e. HTTPS). You’re just changing who you decide to trust.

Displacing the trust from the ISP to a VPN: is it really true that some VPN “do not log” anything from their clients?

There is a ladder of sorts when it comes to their knowledge about you,

– things they technically HAVE to know to be able to provide a service to you. Like how to physically access you and how to bill you. Typical example: they know where you live and how you prefer to pay.

– things they have to find out about you, because there are regulations and laws that stipulate certain information about you. Typical example: the IP address they give you when you connect, they have to keep that IP address in a database together with your customer ID, so that authorities can ask “on march 13th at 0945, who was at this address!?” and get a proper answer.

– things they CAN find out about you, because they see and control the information that flows to you include information about all the dns requests you make, and even if you don’t make ANY dns requests at all, they can still look at the packages you receive and make note of where they are sent from, which often makes it kind of obvious anyway. Typical example: they control the DNS that your computer uses to look up domains. When you ask their DNS how to connect to Reddit, they can totally log that information and keep it til later. And when you communicate WITH Reddit, they can make note of when and how much data you exchanged with Reddit if they want to.

If you have your email address through them, they also have constant access to your email inbox. They see your emails before you do. And they see every single email you send.

If you want to minimise their knowledge you have to

1) use a different DNS service.

2) make sure that your communication to that DNS service is encrypted

3) only use encrypted communication to all web pages you connect to, and refuse to connect to non-encrypted web services.

Keep that up, and they will still see THAT you do something, but they will pretty much be locked out of their ability to see WHAT you do.

In essence, this is why people find it so outrageous that ISP’s are forced to reveal information about you when authorities ask for that information. Because they know a lot already.

there are 3 kinds of knowledge they have

[1] Billing info. If it is for a home hardwired connection (rather than mobile or satellite) they also know the service location.

[2] Basic traffic patterns of your data. All your data passes through their servers, so even if everything was encrypted (not really possible) they still see the volume of traffic.

[3] Protocol info you share with them. Do you use their DNS? They can see every DNS lookup. Is anything HTTP? This may total “plaintext”. Do you use a VPN? This may not be as effective as you with it was. Do you have IOT devices? These are notoriously bad for privacy. Do you have streaming devices (Roku, Fire Stick, Apple TV, smart TV) These also give up loads of data.