An old man notices a change in download speeds

[Blatman]

3 hours ago, Lyonspride said:

Back doors into routers, I don't think so,

Plenty out there about this. Can't believe you have all this paranoia and missed this.

3 hours ago, Lyonspride said:

the reason I abandoned my BT hub was because there is a port left open to allow remote alterations and updating to the firmware, which could in turn lead to a network intrusion. Quite frankly anyone trying to maintain anonymity would be foolish to keep their standard ISP router. A long those lines, it would be wise for anyone using IP cameras, to isolate and firewall block those cameras from outwardly accessing the internet.

Security is layered. Open ports are an issue for sure but this has been so since the 1990's or before and is well understood. Systems behind open ports should be protected with a strong password.

3 hours ago, Lyonspride said:

Is all this affecting us? yes it is, it's often very subtle, websites that won't load (until you fire up a VPN) but do not show any message to say they're blocked. Most people just assume the site is broken.

Got any I can test? I'm quite handy with this sort of thing

DNS hijacking isn't usually a term applied to ISP's and how they forward DNS requests but again if you can point to some evidence I'd like to learn more

3 hours ago, Lyonspride said:

Who controls the filters? it's not the ISPs, it's not the govt, it's some unknown corporate entity and who's to say they don't take backhanders?

Where does this come from and ow do you know about it if it's supposed to be "secret"?

3 hours ago, Lyonspride said:

European news websites, some are blocked inside the UK, they don't even appear in Google search results.

Again, got any I can try?

3 hours ago, Lyonspride said:

I remember a few years ago a Fire service strike, the UK media was just making them look bad, the European media was saying it was about pay and poor quality/broken equipment. There are other events that have been subjected to a virtual media blackout, "veterans against terrorism" marches, most people don't even know they happened and the media has barely reported on it because a) there was no violence and b) they can't very well accuse a bunch of 90 year olds of being racist.

Yet again, care to share the links? I'd be interested in learning more.

[pistonbroke]

somehow this one leaked through 

 

Earth conspiracy

[DonPeffers]

18 hours ago, Blatman said:

The Security Services victories go unpublished because they must remain secret, a policy that goes back to Enigma and likely beyond. I don't think the government revealed it had broken Enigma until the 1970's (or maybe 2001, I'm not sure) so that those charged with our safety can deliver it to the best of their ability.

http://www.bbc.co.uk/news/uk-england-beds-bucks-herts-27128685   In 1941, Mr Welchman and four other men known as The Wicked Uncles - including Alan Turing - personally delivered an influential letter to Prime Minister Sir Winston Churchill asking for more resources for Bletchley Park.

Mr Welchman then became the head of Hut Six, which was responsible for breaking German Army and Air Force Enigma ciphers, and was the first to detail the work of the codebreakers in his 1982 book.

After WW2 the UK and USA agreed that the decryption techniques would remain secret; however Gordon Welchman broke ranks in 1982 with his book and was to face FBI prosecution (living in the US) but died of cancer before any prosecution.

[Lyonspride]

12 hours ago, Blatman said:

Plenty out there about this. Can't believe you have all this paranoia and missed this.

 

It exists, but it's not about accessing your data, the concern is having routers turned into bots. ISP routers are easy pickings for this, but frankly "i'm alright jack", I haven't used an ISP router for over 15 years and I now use an Asus router with modified firmware.

As for the rest, you want me to prove what i'm saying when the proof has largely been covered up and censored off. I could ask for proof that it's untrue, but you won't find that either and I don't care whether anyone believe what I say, it's meant to be something to think about.

My own family didn't believe me about the recent bombings in Sweden, I told them to Google (and they did) it before it got filtered out of search results and right now there is considerably less information coming up on Google than there was 2 weeks ago, back then there we're at least 5 links to genuine European news/media websites.

The fact is the internet is being censored, we're told is was all about protecting children and preventing piracy, but it's starting to be abused for political gain.

[DonPeffers]

17 minutes ago, Lyonspride said:

My own family didn't believe me about the recent bombings in Sweden, I told them to Google (and they did) it before it got filtered out of search results and right now there is considerably less information coming up on Google than there was 2 weeks ago, back then there we're at least 5 links to genuine European news/media websites.

The fact is the internet is being censored, we're told is was all about protecting children and preventing piracy, but it's starting to be abused for political gain.

My Google browser did some update about 5 months back (and has been updated regularly subsequently) and since then I seem to have a greatly reduced variety of search results, especially historical results. A questionnaire popped up to ask if I was impressed with the new browser function (which I am not) but I ignored the questionnaire.

Currently using Chrome as I thought it would be most secure so my question is should I change the browser and what to?

[Lyonspride]

1 hour ago, DonPeffers said:

My Google browser did some update about 5 months back (and has been updated regularly subsequently) and since then I seem to have a greatly reduced variety of search results, especially historical results. A questionnaire popped up to ask if I was impressed with the new browser function (which I am not) but I ignored the questionnaire.

Currently using Chrome as I thought it would be most secure so my question is should I change the browser and what to?

 

Your browser doesn't affect your results, your browsing habits do, as well as if you've been looking for certain items, Google may put up results based on what it thinks you want based on that (somewhat like targeted advertising), I get different results on my PC to my laptop and again to my phone using the same browsers. It's a nightmare this time of year because you go searching for presents for family and for the next 6 months you'll be getting skewed search results from Google.
It's a bit like when people on forums post links to badly modified cars for sale on eBay (usually via PH), I try to avoid following the links because eBay will suddenly start showing me ads for similar vehicles (and sending me emails everytime a new bazzed up 3 series with a giant whale tail, goes up for sale).

In all likelihood, if your results changed, it's probably something to do with cookies expiring or getting wiped out.

As for browser, I use Firefox but I won't recommend it yet because they've just done a major update "Quantum", it's got some bugs, it's broken a lot of addons and i've only been using it a few days..

[Blatman]

Google have changed their search results policy recently.

https://www.theverge.com/2017/4/25/15418490/google-search-snippets-changes-fake-news-offensive-results

Some will see that as sinister. I don't.

What firmware is on the ASUS? Tomato? DD-WRT? Gargoyle? I would argue that these aren't the last word in secure firmware types for a home router. They might be better than the ISP supplied crap but you won't find a home router on custom firmware installed anywhere that matters.

Do I care if my ISP router is being used as a bot? No. Not my problem. It's up to them to secure and monitor their equipment. A quick look at the traffic stats will tell me if things are happening when I am not home (all my gear is powered off when I am out) and I'm pretty sure there's nothing going out that shouldn't be. That said, ever Wiresharked what's coming out of your TV? DVD Player? Apple TV? Chromecast? You may be surprised at who is tracking what!

2 hours ago, Lyonspride said:

Your browser doesn't affect your results, your browsing habits do, as well as if you've been looking for certain items, Google may put up results based on what it thinks you want based on that (somewhat like targeted advertising), I get different results on my PC to my laptop and again to my phone using the same browsers. It's a nightmare this time of year because you go searching for presents for family and for the next 6 months you'll be getting skewed search results from Google.
It's a bit like when people on forums post links to badly modified cars for sale on eBay (usually via PH), I try to avoid following the links because eBay will suddenly start showing me ads for similar vehicles (and sending me emails everytime a new bazzed up 3 series with a giant whale tail, goes up for sale).

In all likelihood, if your results changed, it's probably something to do with cookies expiring or getting wiped out.

Everything to do with cookies. Set your browser to delete your browsing history on exit. That should get most of them out. You could use Private Browsing or use a TOR browser and a search engine that doesn't track you. There are loads out there.

I actually like the fact that Google Chrome hooks in to my phone and PC. It means I can find anything I was looking at on my PC on my phone and vice versa. Perfect for when I'm shopping and don't have my laptop with me.

And the new Firefox update works just fine for me. I like the new look and it's definitely faster to load from clicking to shortcut and seems to be faster at switching between pages too.

 

[Lyonspride]

17 hours ago, Blatman said:

Google have changed their search results policy recently.

https://www.theverge.com/2017/4/25/15418490/google-search-snippets-changes-fake-news-offensive-results

Some will see that as sinister.

 

 

 

I wouldn't be concerned if Google were impartial and neutral in every way, but Google are as left wing as the BBC, certainly judging by what they've been doing to popular Youtubers over the last year or so.

 

 

17 hours ago, Blatman said:

Do I care if my ISP router is being used as a bot? No. Not my problem. It's up to them to secure and monitor their equipment. A quick look at the traffic stats will tell me if things are happening when I am not home (all my gear is powered off when I am out) and I'm pretty sure there's nothing going out that shouldn't be. That said, ever Wiresharked what's coming out of your TV? DVD Player? Apple TV? Chromecast? You may be surprised at who is tracking what!

 

 

 

TBH you probably should, considering it could be used as a proxy by people carrying out illegal activities. Making it appear as though it were yourself, I don't much fancy your chances of convincing anyone of your innocence if anything ever happened.
When I got into trouble at work, accused of creating software that did my job for me, it was quite ridiculous, I could prove my innocence quite easily, if only other people understood what I was saying. The more I explained and the more technical I got, the less they believed me, in fact any display of technical knowledge was used in ad-hominem by my accuser as "proof" i'd done it.
Proving that when accused of wrong doing in anything technical, any excuses, any evidence you may have, it's all meaningless if the people judging you are less competent than yourself.

Wireshark or similar, that's how I found that my IP cameras were sending heartbeats back to a server in China, with them being on my network with access to shared resources, I decided to put them all into a group of IP addresses and set my router firewall to deny them WAN access.



 

[Blatman]

7 hours ago, Lyonspride said:

TBH you probably should, considering it could be used as a proxy by people carrying out illegal activities. Making it appear as though it were yourself, I don't much fancy your chances of convincing anyone of your innocence if anything ever happened.

Innocence doesn't have to be proved. It is assumed until guilt is proven. And as there can never be any evidence that would point to my guilt I have zero to worry about.

7 hours ago, Lyonspride said:

When I got into trouble at work, accused of creating software that did my job for me, it was quite ridiculous, I could prove my innocence quite easily, if only other people understood what I was saying. The more I explained and the more technical I got, the less they believed me, in fact any display of technical knowledge was used in ad-hominem by my accuser as "proof" i'd done it.
Proving that when accused of wrong doing in anything technical, any excuses, any evidence you may have, it's all meaningless if the people judging you are less competent than yourself.

Proves you need to find somewhere else to work and that you need to remember what I said above. Innocent until PROVEN guilty. If those judging you lack the technical skills to bring evidence to bear that is their problem, not yours. Its a really bl**** difficult situation for you, no question but it's one you cannot lose. I'd let them blunder around making fools of themselves for as long as they want. When they think they have evidence it's up to them to put it in front of whatever adjudicator they want.

What information was the CCTV system reporting? Anonymous usage stats are common and plenty of software and hardware asks permission of the user for this. If you suspect a company of a data breach your choices are clear. Any combination of ignore it, allow it, block it or report it would work. Your choices depend how annoyed you are.

[Lyonspride]

59 minutes ago, Blatman said:

Innocence doesn't have to be proved. It is assumed until guilt is proven. And as there can never be any evidence that would point to my guilt I have zero to worry about.

Proves you need to find somewhere else to work and that you need to remember what I said above. Innocent until PROVEN guilty. If those judging you lack the technical skills to bring evidence to bear that is their problem, not yours. Its a really bl**** difficult situation for you, no question but it's one you cannot lose. I'd let them blunder around making fools of themselves for as long as they want. When they think they have evidence it's up to them to put it in front of whatever adjudicator they want.

What information was the CCTV system reporting? Anonymous usage stats are common and plenty of software and hardware asks permission of the user for this. If you suspect a company of a data breach your choices are clear. Any combination of ignore it, allow it, block it or report it would work. Your choices depend how annoyed you are.

 

Unfortunately these days your guilty at the mere suggestion, look at how many innocent peoples lives have been ruined by the media, the legal side doesn't matter if a million people already think your guilty. I think you can see the sort of accusations i'm talking about.

As for work, i'm not at that place anymore, I fought, I won, they came up with something else, I won (because i'd voice recorded my manager telling me to do something he later tried to discipline me for), they bought in their IT support company and had them look at my files, imagine some clueless snot nosed computer science graduate trying to work out what a complex DOS batch / VBS hybrid script file does (it was for a project i'd been given by the MD of the company)............. Apparently because he confirmed I'd developed software to do my job for me (well of course he would if he's being paid to), so then it's the word of a self taught IT "geek", against some idiot with a worthless degree that mentions IT in the title. I sat down and tore him a new one with DOS and VBS questions he couldn't answer, by this time it was obvious they would find a way to get rid of me eventually and make life hell in the meantime, so I presented my terms (2 months pay + holiday owed, and a signed written reference from the MD), the MD accepted, then I stood up gave them all the middle finger salute and walked out
 

Just a story of arrogant British management sticking together even when the instigator is clearly in the wrong.

 

 

[Blatman]

1 hour ago, Lyonspride said:

Unfortunately these days your guilty at the mere suggestion, look at how many innocent peoples lives have been ruined by the media, the legal side doesn't matter if a million people already think your guilty. I think you can see the sort of accusations i'm talking about.

Not exactly comparing apples with apples though...

[DonPeffers]

Ongoing Damian Green case  http://metro.co.uk/2017/11/18/porn-on-damian-greens-computer-was-so-extreme-it-would-now-be-illegal-7088958/

Wasn't it a shared office computer?

[Blatman]

On 11/23/2017 at 12:09, DonPeffers said:

Ongoing Damian Green case  http://metro.co.uk/2017/11/18/porn-on-damian-greens-computer-was-so-extreme-it-would-now-be-illegal-7088958/

Wasn't it a shared office computer?

That would be one defence. It should be simplicity itself to show who was logged in. The next issue is then proving that the person logging in was the person to whom those credentials had been given. If someone else had logged in as him then he's going to need some other evidence to prove that it could not have been him that downloaded the content. CCTV? Swipe card/door entry logs? Testament from colleagues? 

This comes back to my point earlier. If my ISP router is being used as a bot, so what? As i don't have the skill to do this there can be no evidence on any of my computers, phones or tablets that I have committed an offence because it simply doesn't exist. Whilst the accusation would be annoying, in and of itself it is not evidence.

I might expand the point further by suggesting that by not using an ISP supplied router it could be argued that the user is more at risk. By using non ISP equipment does the user know how to protect it adequately from external attack? And moving on by using non-standard firmware could add further unknown risks. The ISP is going to wash it's hands at this point by saying "it's not our equipment". The ISP likely as not wouldn't help with anything at all if their router isn't in use. Try calling BT with an "internet" problem. if it ain't their hub (crap though they are) they simply won't help. But they can still monitor the traffic. If they see a bot on equipment that isn't theirs,they are likely to ask questions. I can think of these: Is the user qualified to make this change to his internet connection router? Is he appropriately experienced? Did he take reasonable steps to protect the system and the ISP from forwarding "bad" traffic across the ISP network? Did he monitor the usage of the router? Were there suitable alerts programmed to warn of attacks or system compromise attempts, be they successful or otherwise?

And before I get jumped on, this is for home networks where all sorts of amateurs (no, not Lyonspride. Clearly he has skills) think they know best. Business networks are different and usually (but not always) quite well protected by the use of advanced (and expensive) enterprise grade routers and both software and hardware firewalls.

ISP's update their routers in the background every so often. No doubt some of these are to protect against emerging vulnerabilities. Is the same true of open source firmware versions?

I'm pretty sure BT updated some of their hubs recently because one effect seems to be a re-enabling of the BT "smart-setup" feature which breaks a lot of stuff my customers use on their networks. I've been to three this week where I know for 100% certain the smart-setup was disabled, only to find it up and running again.  

[Northwarks]

OK so my ramblings:

ISPs have ports available to them so they can provide remote support or as another poster has said for firmware updates BUT they could also be used to monitor performance of said broadband links remotely - They can also be used, once authenticated, to gain access to your home network, be it hard wired or Wi-Fi.  I never use an ISP provided hub/router, always go for after market and keep the firmware up to date, I decide what ports I forward and everything else remains in stealth mode. I then put a security gateway between the router and my network and everything hangs off that - That offers my home network an extra layer of defence but it does require some investment in time and effort.

 

If you are a novice and/or like things to just work with zero interaction then the ISP offering is for you and clearly it _should_ be supported by the ISP - But you should be checking. I've just renewed my contract with BT, I said I didn't want/need the Home Hub as I use my own and there was no questions asked. It doesn't present itself any different to their Hub, it just won't send them usage stats or allow them access.

 

[John K]

On 11/20/2017 at 17:42, Blatman said:

I don't think the government revealed it had broken Enigma until the 1970's (or maybe 2001, I'm not sure)

I remember listening to an Infinite Monkey Cage Podcast all about Enigma and they said the British government kept it quiet they had broken the cipher and then distributed all the Enigma devices they collected after WW2 to the Commonwealth with a recommendation that "what was good enough for the Germans should be good enough for us" and then snooped on all their traffic for 40 years...

I actually laughed myself out of bed hearing that.

And it might be a bit of an unpopular view - but no worries for me if the government want to snoop on my browsing or email.

My many perversions and wrong doings (which secretly I'm proud of) are small beer compared to some folk. And if a bit of snooping helps catch the real bad guys, I'm all for it..!

If you ain't got nothing to hide, you ain't got nothing to fear...