UK ISP TalkTalk Monitoring Users Without Consent (Deep Packet Inspection)

The New Acunetix V12 Engine


Well this can be looked at in a number of ways, many would say “If you’ve nothing to hide, why worry?” – but then we know people in the UK can be fairly fanatical when it comes to issues regarding privacy. Also TalkTalk are claiming it’s an anonymous system, so actual user details aren’t stored.

Either way it’s a bit shady doing this kind of monitoring without even notifying your users and not offering any way of opting out from the exercise.

Plus the fact is, most of the major browsers already have this kind of technology built in and so does Google if people rely on it as their main search engine. It reminds me a little of the recent article Australians Propose ‘No Anti-virus – No Internet Connection’ Policy.

Broadband ISP TalkTalk UK could be about to incur the wrath of privacy campaigners after some of its customers spotted that their online website browsing activity was being monitored and recorded without consent. The situation has caused a significant amount of concern with many end-users worried about the impact upon their personal privacy.

TalkTalk has since confirmed that the monitoring, which was first discovered on the ISPs discussion forum during the middle of July (here), is part of a future Malware/Security/Parental Guidance tool to be provided by Chinese vendor Huawei. This is due to launch before the end of 2010.

The system, which is not yet fully in place, aims to help block dangerous websites (e.g. those designed to spread malware) by comparing the URL that a person visits against a list of good and bad/dangerous sites. Bad sites will then be restricted.

Apparently the system itself will be opt-in, but from what is happening now it’s likely the data collection will still be carried out across the whole customer-base.

Also under the Data Protection act they are operating in a legal grey area and the new Digital Economy Act 2010. I honestly don’t think such a service is required and already duplicates the functionality that people already have.

At present the affected customers cannot opt-out of TalkTalk’s data collection exercise, while the actual malware/block tool itself has yet to be enabled and will also be subjected to optional customer testing before it is. The resulting system will apparently only be available if you opt-in to use it.

As a result the systems first stage is currently just monitoring and recording URLs, which TalkTalk says is an anonymous process; no end-user IP address or personal details are revealed. However some customer posts have suggested that the TalkTalk system also reads the code for sites, at least the ones it cannot identify, which could in theory pose a security risk if the URL you visited was for a private admin page. Some of these would be pages that even Google cannot find.

It’s worth pointing out that ISPs are already required to record website and email accesses (but not content), including dates and times, as part of the previous governments Data Retention Directive. However this is a closed process for use by specific public/security services and should not be confused with what TalkTalk is doing.

Gotta give TalkTalk kudos for owning up to it though, explaining their actions and not trying to sweep it under the carpet. I wonder how they will address it going forwards though and if any legal cases will arise from this.

The conspiracy theorists will also say that the technology vendor is linked to the Chinese PLA and this data could be used for espionage purposes!

Source: ISP Review

Posted in: Legal Issues, Networking Hacking, Privacy

, , ,


Latest Posts:


HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.


Comments are closed.