Australian Telco Causes Minor Panic While Preparing Web Filter

Twisted64 writes "Australia's largest telco, Telstra, has been frightening users of its mobile data services for the last week. Logging revealed that HTTP requests from a mobile device on Telstra's network were duplicated with a request from another server, located in Chicago. Eyebrows were raised on the Whirlpool forums, with fears that Telstra was giving up Australian browsing data to a U.S. company and therefore the U.S. government. Following a well-worded letter, Telstra revealed today that the reason for this behavior is that the company is preparing an opt-in web filter. Personally, while the idea of my browsing data being logged anywhere does not fill me with joy, the idea of the U.S. government having access to it (randomized or not) is probably going to be enough to make me switch to an inferior carrier once my current plan ends."

Re:

[Anonymous Coward]

Switch now, switch immediately. You can cite breach of privacy as a breach of contract by Telstra,

You are obviously not an Australian. You remember a few years back when everybody complained that AT&T had a monopoly? That wasn't a monopoly. Telstra's network is a monopoly.

Re:Don't wait for the plan to end

[Cimexus]

That's complete balderdash. This article is about the Telstra NextG (3G/4G LTE) cellular network, not their fixed line stuff. And Telstra has never, ever had anything remotely approaching a monopoly in the mobile market in Australia. Indeed, Australia's always had a much wider choice and range of cellular providers than most of the US has (and nowhere near the same degree of carrier-lockin via locked devices etc.)

Anyone on NextG can switch with minimal difficulty to Optus, Vodafone, Virgin, Boost, TPG, Amaysim ... (insert a dozen more carriers here). Whether or not those choices are BETTER than NextG is obviously questionable (NextG is by far the fastest and best coverage), but that does not mean there is no choice.

Re:

[Cryacin]

There are a few options in Aus. Vodaphone, Optus, cheap resellers of optus like Amaysim etc. Only fools and horses go with Telstra.

Re:

[Anonymous Coward]

Or anyone that wants to use their mobile outside the metro area. There may be quite a few choices but its only really optus that has presence outside metro and their coverage is not even close to telstra.

Re:Don't wait for the plan to end

[mug funky]

how far are we talking? i've had 3 for years, and in many cases i get coverage out at my folks' place where even telstra has trouble.

that said, 3 has shitty coverage IN the city...

Re:

[Anonymous Coward]

I was sitting 25km from Winton in central queensland (read 200km from anywhere) and getting faster 3g from Telstra than I get in downtown Brisbane.... Nobody else gives you that coverage.

Re:

[__Paul__]

Optus covers many regional areas now. Yes, it's not quite as extensive as Telstra, but for the vast majority of the population, it is more than adequate and they'd rarely ever go to those places that aren't covered.

The difference in price between the two is significant. If I ever go to one of those areas that aren't covered by Optus, I'll buy a Telstra pre-paid card and a cheap low-end phone, if I can be bothered at all.

Re:Don't wait for the plan to end

[bloodhawk]

I Live in Canberra, I hate telstra, but they are the ONLY provider that seems to even cover the city let alone rural areas outside the city. I tried multiple providers before grudgingly admitting telstra was the only viable option. Vodafone worked in the city center but not my suburb, Optus was patchy at best and 3 was a total joke everywhere.

Re:

[reason]

Agreed. I am also in Canberra, and tried both Optus and Vodafone before switching to Telstra. Vodfone had very poor coverage both in my home suburb and at my workplace (only a couple of kilometres from the city centre -- but probably affected by local hills). Even where the coverage seemed good, data speeds were very slow. Telstra has much more reliable and very much faster coverage, and better service these days, too.

Re:

[Dodgy G33za]

You can't really be serious about Vodafail can you? I got out of a contract for two phones 9 months early because they failed to deliver an acceptable service - hell, we even got a letter from the CEO of the company saying that they had oversubscribed their services. And I know I was not the only one that did so via the help of the telco ombudsman.

Optus is better, but still woeful internet speed over mobile in metro areas due to overselling of bandwidth. And once you get in to the country it gets very patch

Re:

[WillKemp]

Anyone on NextG can switch with minimal difficulty to Optus, Vodafone, Virgin, Boost, TPG, Amaysim ... (insert a dozen more carriers here).

Not quite! Anyone in a major urban area, maybe, but not anyone. I don't have a choice, there's only Telstra where i work (in a remote part of the Northern Territory).

Re:

[Cimexus]

Ok sure, that's true. However my post was in response to the statement that Telstra had a monopoly in Australia. They may have a de facto monopoly in some remoter areas, but that's a far cry from the comparison to AT&T that was being made.

Re:

[dbIII]

And Telstra has never, ever had anything remotely approaching a monopoly in the mobile market in Australia.

They own the cable to most of the towers no matter who owns them.
Nearly every choice involves Telstra at some point.

Re:

[Cimexus]

Fine.

In the GSM era, then.

Re:

[ls671]

In Canada they are now allowed to switch at anytime without penalties due to government regulation. No need to wait for the plan to end. They can switch just because they want to without giving any reasons. Providers abused too much hence the regulation came.

Re:

[ldobehardcore]

Because TOS docs are REALLY long. Like 400 Pages in the unabridged small-print format. And nobody wants to read 400 pages of legalese.......Not even lawyers. That's why they hire paralegals to read 400 pages of nonsense that lets the seller claim rights over your firstborn and have a claim to 2/3rds of your blood if you cancel the service.

Re:

[ldobehardcore]

I don't think the abuse is why there was regulatory action. In the US, ISPs are as vindictive and abusive to users as in Canada, there just isn't a national monopoly, just a monopoly for any given county/region.

I'd hazard the guess that the reason why Canadians enjoy the benefit of saying FUCK YOU to their ISP is twofold:
1.) Canada isn't caught up in wars on EVERYTHING (eg drugs, the middle class, terror, homosexuals, hispanics)
2.) No matter how you slice it, Bell (I think it likes to go by AT&T nowada

Re:

[stepho-wrs]

It's spelt "brake light".
Break light is what the copper was doing.

Re:

[DarwinSurvivor]

That's probably just to offset the fact that we pay close to (if not more than) double for those plans that our southern neighbours.

Seriously?

[jhoegl]

Australia's laws and internet restrictions are worse than anything the USA can do to you.
We finally get something outsourced to us and everyone is scared... We freakin outsource our EMR coding to India, the one thing we value the most of our private data.

Re:Seriously?

[Cimexus]

This is not about 'internet restrictions'. This is to do with the fact that this represents a potential breach of the Privacy Act [comlaw.gov.au]. Australia has fairly strong privacy regulations that govern how and when information can be sent overseas, and how people need to be notified of how their information is used, who can see it, what it can be used for etc. America OTOH is notorious for having probably the most lax privacy regulations/legislation in the developed world.

So yeah, in that respect, Australia's laws are "worse" (in that they are more strict with regards to protecting personal information). And we like it that way. Surreptitiously exporting information to a jurisdiction where similarly tough controls do not exist is not looked upon favourably.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[mug funky]

no coal for you!

spin control

[Anonymous Coward]

What a nicely biased summary.

Why does Telstra need to send all URLs to another company in order to "prepare" a content filter?

Do they expect us to believe that Netsweeper didn't already have a database of URLs?

Re:

[Anonymous Coward]

Do they expect us to believe that Netsweeper didn't already have a database of URLs?

They do, but they also profile the web browsing habits of your users, you can then split them into groups, oh, like, filter/do-not-filter, perv/non-perv, and your network-filter-of-choice then disallows/allows traffic based on their grouping.
Of course, irrespective of your grouping, once they implement this, all the traffic still goes to Netsweeper, its just that depending on your group, you either get filtered or not.

Of course, the cynic in me has to also point out that the profiles they build up of indivi

Re:

[cheater512]

Course they don't. Thats why they are doing this.
Free database without having to do as much work.

Re:

[AHuxley]

The filter will be massive, hit and miss and need 24/7 support.
Doing it via the USA gives them a huge instant well understood database, political cover and brand cover, less local security clearances, legal costs.
If a dentist or travel agent is blocked they be can un blocked and a "sorry, third party, its new, its our first year filtering... see we fixed it fast "
Mix in the legal national security dream of all Australian search texts magically been lopped to the US, it brings in a big thanks from other p

Hello, lag!

[SuricouRaven]

Maybe they plan to relocate the server somewhere more local once it's running.

Re:

[mug funky]

the fact that right now, they can't afford the hard disks for their own population, let alone the rest of the world's.

Re:

[AHuxley]

What this does it makes it nice and legal as you signed your privacy away when you stayed with the service :)
Australia has many very well trained lawyers. Sealed courts with ASIO intercept material are noticed by family, community and at a legal/media level - word gets out fast.
Terms like book chapter, hammer, hard drive, raid may not tell you much about what was, but people get an idea.
Now if your data flows to the USA and you allowed it to be searched for common words, jargon, complex strings, known e

Question

[Anonymous Coward]

From TFA: "Telstra was waiting on confirmation from its legal team before it is expected to issue a statement later today."

Hmm. Do something and then only check if it's legal? Equivalent to fire first and ask questions later. Tsk tsk.

Other Telstra users who frequent /.: is this typical behavior for them?

Re:

[Nursie]

It sounds a lot like British Telecom and their phorm debacle also. Turns out that (ex-)monopolies think they can get away with anything.

It's a shame they're usually proven right.

Re:

[Cryacin]

Yes. That's why a lot of us are former users.

Re:

[mug funky]

yep.

they lost me years ago when they repeatedly hassled me for money (a year after i'd switched to someone else), inexplicably calling me by my father's name (i've never had my phone linked to his account, though back in the day we were all linked to mum's), then refusing to tell me what the bill is and how much is owed because due to privacy they can't tell me - it has to be the account holder. when i tell them i am the account holder for the number they called they get confused and go away for another 2

Re:

[mug funky]

fuck, eh? i'd better check mine. i've never had a credit card, but i'll probably need a loan in the future. it's quite possible that telstra have pulled this shit on me.

Re:Question

[dbIII]

Other Telstra users who frequent /.: is this typical behavior for them?

Yes.
They were a government owned monopoly which got privatised and they are stuck with the worst elements of both, with a few twists from being run by a nuclear scientist with no business experience and a Mexican bandit (chosen by a the most nepotistic board imaginable led by a failed farmer turned union buster and with such gems as a third rate historian that made friends in politics by USSR style revisionism sanitising history to make ultra-conservatives feel better and the wife of a powerful party powerbroker). Among their epic failures are the loss of all backup tapes for three entire government departments by storing them in wheeled trash cans (wheelie bins), firing employees for their behaviour on their own time after a staff Christmas party that had been delayed until March, and making sales staff wear recording devices around their necks. Service quality is such that I waited four weeks to get a failed landline fixed which is located less than 5km from the main telephone exchange in Australia's third largest city, and the tech just turned up unannounced on a Saturday afternoon (they sacked a lot of people so there is little co-ordination and they just dump a list of jobs on overworked contractors).
There are hundreds of stories about them that stretch as far a China (they wasted millions on half-baked financial adventures there most notably buying the "IP" of a ringtone company that had 100% pirated mp3 files), and New Zealand (where they fucked up the carrier and the ISP they bought - two fucking months to change one MX record). So yes, they do whatever they like because they are big enough and check later if necessary to see if it's legal.
The main purpose of Australian's NBN (national broadband network) is to get telecommunications out from under the control of Telstra and to build what Telstra planned in 1996 before they decided only the short term mattered.

As a Telstra and Telstra Mobile user...

[Sasayaki]

All I can say is,

"It's opt-in. For now."

Re:

[complete loony]

But their current testing process is copying your web traffic overseas. And is most certainly not opt-in.

Re:As a Telstra and Telstra Mobile user...

[AHuxley]

"But Mr Dent, the opt-in option has been available via a link from your settings page for the last nine months."
"Oh yes, well as soon as I found out I logged in to see it, yesterday afternoon. You hadn't exactly gone out of your way to call attention to it, had you? I mean, like actually telling anybody or anything."
"But the opt-in option was on display ..."
"On display? I eventually had to go download java to display it."
"That's the website department."
"With .net and ActiveX"
"Ah, well your OS had probably missed an update."
"So had the site."
"But look, you found the option didn't you?"
"Yes," said Arthur, "yes I did. It was on site in the bottom of an encrypted page stuck in a disused directory with a banner on the page saying 'Beware of the .....

Double requests

[kaunio]

These double requests also causes a lot of trouble for some people.

I'm working for a company running a web service for corporations and we have a very high level of logging and surveillance in order to provide a good service. However we get a lot of strange alerts from double requests from different ip numbers. It appears that some content filtering companies like to do the same (Bluecoat I'm looking at you) and they even do requests with cloned cookies (so they act in the same session as the user).

A lot of funky things happens if you assume that a user is only going to access certain (GET) links once but a filtering company is intercepting the request and sometimes manage to make the request faster than the user.

Re:

[kaunio]

Well we are running with SSL but the filtering company has their proxy inside the corporations and can thus intercept the SSL requests.

Re:

[mwvdlee]

A lot of funky things happens if you assume that a user is only going to access certain (GET) links

What happens to your website if a user clicks the refresh or back button of their browser?

Re:

[kaunio]

In most cases things work as expected. The things that causes most problems are when we are using redirect links (temporary redirects) that are only ment to be used once. Normally the user doesn't see them and the browsers aren't supposed to cache them. Which works fine until the filtering companies like to do double of everything.

Re:

[SuricouRaven]

The school I work at has had to take all the five-button mice out of one room and replace them with three button mice, as some of the learning-support students have coordination problems and kept accidentially pressing the 'back' button on the side during computerised exams.

Re:

[dbIII]

and they even do requests with cloned cookies

Would that fit the definition of "wire fraud"?

US Govt.?

[Zibodiz]

Personally, while the idea of my browsing data being logged anywhere does not fill me with joy, the idea of the U.S. government having access to it...

My US-based Business stores user's information (I own a repair shop, we document model & S/N, names, addresses, etc, just like any other company), but that doesn't mean we share that information with the US government. What leap of logic could possibly lead people to believe that just because the server is in the US that the US Feds have access to it, or even care? Sure, the Feds like to spy on us (citizens), but why would they care what you (Aussies) shop for on eBay? Even if you can come up with a

Re:US Govt.?

[ThatsMyNick]

By "having access to the records", OP means the US govt (or a US court, under the request of some party, say RIAA) can subpoena the records. Not at all misleading.

Re:

[AK Marc]

So you don't respond to US subpoenas issued by the FBI?

Re:

[Zibodiz]

Not being sarcastic at all, but I would really like to see some statistics on how many average citizens in a foreign country (especially an ally) the FBI has enough interest in to invest the time to subpoena their browsing habit information. It just seems like an empty fear.
Remember, we aren't talking about warrantless automated mass wiretapping, airport screens, and the like -- the fear here is that it's possible to search you. It's like the difference between refusing to fly, because you're guaranteed

Re:

[Dodgy G33za]

Julian Assange?

Re:

[AK Marc]

Kim dotcom?

Now they don't need to go through official channels, they just get the servers in the US, then use "secret" subpoenas or warrantless wire taps and get everything from billions of people with nobody knowing or knowing and able to talk about it.

Re:US Govt.?

[AliasMarlowe]

Personally, while the idea of my browsing data being logged anywhere does not fill me with joy, the idea of the U.S. government having access to it...

What leap of logic could possibly lead people to believe that just because the server is in the US that the US Feds have access to it, or even care?

One of the provisions of the Patriot Act [wikimedia.org] gives the US government access to all data stored within the US on request. Essentially unlimited access can be granted in secret, and the request for access and the reasoning behind the request can be kept secret.

Re:

[will_die]

Please do yourself a favor and educate yourself on the Patriot Act, what it allows, and what was allowed before it.
All data is not allowed access by request, unless you mean a request signed by a judge, which you don't since you pointed the patriot act. The part that has people upset is not adding terrorism to a list of items were this actition was allowed, pre Patriot act, but that the Patriot Act automaticly makes it a crime to call up the person being investigated and offer to sell or give them info t

Re:US Govt.?

[xQx]

<quote>What leap of logic could possibly lead people to believe that just because the server is in the US that the US Feds have access to it, or even care? </quote>

Give the closeness of the Aussie and American governments, and the long history of governments getting around their "we will not spy on our citizens" decree is by having their allies spy on their citzens instead,I think the more accurate question is:

What makes you think the american government doesn't have access to your data just because it never leaves australia?

Re:

[dbIII]

One amusing thing is it was a fairly useless Australian politician that spilled the beans on the US "carnivore" intelligence gathering system when a shared intelligence system using it failed to warn him of political developments in nearby Papua New Guinea.
Personally I'm pissed off with this monitoring by commercial entities because there's probably nothing to stop them onselling the data to spammers or others that can try to make a buck out of private information. There's not enough SSL traffic yet to kee

What do you mean!?

[overbaud]

"is probably going to be enough to make me switch to an inferior carrier once my current plan ends." --- ha! Telstra is an inferior carrier, you really should be supporting iiNet. They are looking after their users rights, something Telstra has never done.

Re:

[mug funky]

does CDMA still run out there? it's a while since i was somewhere _really_ remote, but back then there was no 3G with any network. just CDMA, and there was talk of turning it off.

Re:

[sr180]

No, CDMA was shutdown. It has been replaced by the NextG network - with is simply a GSM/HSPA network operating at 850MHz in the country and also on 2100MHz in the cities. With this it combines the best of range and capacity with the dual frequencies. It really highlights the engineering excellence of the best of Telstra - its easily the best network in Australia, and the others are struggling to keep up. Its a pity that nothing else of Telstra shows similar quality.
It may not quite have the range of the old

Re:

[dbIII]

delivers excellence bandwidth to the areas it does cover

Not exactly so. It's so congested in some mining towns in Central Queensland that people find it difficult to even make calls at busy times of day, let alone network traffic.

No worries

[trifish]

Even if you switch an ISP, 99% of your browsing will still be logged by third-party servers (most of which are in the US, if that matters to you).

Most sites today use iframes that send HTTP requests to the following:

Google Analytics
Google ads
Facebook
Twitter
etc.

Re:No worries

[ThatsMyNick]

RequestPolicy takes care of it.

Re:

[trifish]

Yep, that looked very promising, until I realized that most of the major websites today use dozens of domain names (not subdomains, but different 2nd-level domains) one a single site to speed things up.

For example, google.com uses gstatic.com, g4154605.com, or whatever-they-come-up-with-at-that-day.

Just like NoScript breaks the web for me, so does RequestPolicy. Both are unusuable. And this is not a flame, it is a reflection of reality.

Re:

[ThatsMyNick]

Yeah most websites have a separate static domain to improve caching. But it does not take long to get to a point where one do not even notice RequestPolicy running. I have whitelisted all request from google & duckduckgo, and all request to most common cdns, and about 300 pairs of source and destination domains (most of these are for news websites). It took me a week to reach very good usability, but after the first week, you rarely notice it.

Re:

[ThatsMyNick]

To add to that, if you are looking for a ready-made solution, Ghostery is worth a look. It claims to block these, but I am not really familiar with how it works.

NoScript

[DrYak]

Just like NoScript breaks the web for me,

That's normal and intented. NoScript is supposed completely block any interactive content (either scriptable/programmable stuff like javascript/java/.net/flash, or big media files like audio/video tags), until you whitelist something.
It is supposed to "break" everything (or more precisely make everything "Web 1.0" :-) ) until you say: "Well, I might trust that source not to completely bork my machine, please unbreak it, and only it".

It is for the paranoid us out there. It's not designed for someone who expect a set and forget solution to security (unlike tools like CertPatrol or HTTPS Everywhere, which don't require much fumbling from regular users). It's designed for people who don't trust anything and prefere to manually select which tiny bit of the web they might choose to trust, while disabling everything else (it's closer to Flashblock and other similar tools in that way. Except that NoScript has a wider scope by blocking *anything* interactive)

(In addition to that, it will also block cross-site-scripting until whitelisted, and will put alerts about click jacking).

Re:

[cheekyjohnson]

In contrast to you, I have a life.

Taking a few seconds to whitelist a few domains indicates you don't have a life? I hope you don't tie your shoes, or do anything that takes a few seconds on a routine basis!

Re:

[cheekyjohnson]

A few minutes. It makes no difference. There are 24 hours in a day, yes? Surely using a few minutes to whitelist things on a few websites on their own time doesn't indicate that someone has "no life" (are they dead?).

Re:

[ArsenneLupin]

I hope you don't tie your shoes, or do anything that takes a few seconds on a routine basis!

I guess "tieing his shoes" is part of his life. A neat appearance allows him to land a good job, and get good girls (or boys) into bed. And saves him from a bloody nose by not tripping over.

Whereas keeping his computer safe is only useful to fend off improbably trouble, that somebody else takes care, in the rare event where it happens anyways:

• Stolen credit card details => covered by his bank, i.e. by all of us really who are customers of the banking system.
• Messed up or virified computer => by some

Re:

[PuZZleDucK]

Your right, shoelaces were a total waste of time. I gave up on them years ago... Sorry, got distracted, what was it that i should stop doing now agaim?

Re:

[thegarbz]

I read two things from this comment.

Firstly you have no idea how to use the program. Don't want to whitelist? Just allow scripts globally and it goes into black list mode allowing you to use you (evidently many hundreds) of interactive webpages yet block typical tracking domains like google-analytics and fsdn.

Secondly the notion of you visiting so many websites you don't have time to whitelist and "you have a life" are completely at odds with each other and one of them isn't true.

Re:

[SuricouRaven]

Obama? I think you can blame Bush for most of the privacy-violations, together with the culture of paranoia that swept over the US following the 9/11 attacks. All Obama has done is completely ignore the situation.

Inferior Carrier?

[thegarbz]

Personally, while the idea of my browsing data being logged anywhere does not fill me with joy, the idea of the U.S. government having access to it (randomized or not) is probably going to be enough to make me switch to an inferior carrier once my current plan ends."

I didn't actually know there were inferior carriers. I remember Telstra. We were a loyal customer for years. These were the guys who in I think a world first introduced the concept of a download limit. 3GB. Yes that's no typo. We had 10mbit cable and a 3GB download limit. I remember hitting that download limit on the second day of our billing cycle after which we were capped at 28.8kbps. This is the company which introduced an acceptable use policy without defining what acceptable use was. This was the company which refused to roll out ADSL2 in areas which already had ADSL. This was the company which charged more for wholesale use of it's network than it charged it's retail customers. It was a wise business decision too because once the ACCC put a stop to that practice users left in droves to cheaper better ADSL2 services.

I remember my last few days of Telstra cable fondly. We were paying some $80 per month with a 20GB download limit. When we tried to quit they gave us $300 credit so we jumped on the most expensive plan and then quit a month later anyway. Now I pay $60 per month for completely unlimited internet which is faster than the old cable we were on and we don't pay phone line rental either.

The only time I've seen people recently give Telstra a choice is if a) the company is paying, b) they had absolutely no other choice. Even if I now look at their plans, $70 for 200GB ex line rental for ADSL2 it boggles the mind that someone would pay these people willingly.

Re:

[fostware]

50% discount to seniors when bundling, and their superior 3G/4G mobile networks.

Other than that, they exist because of the copper their wholesale department owns...

Re:

[VirtualWolf]

You've obviously not used their mobile network in recent years. The prices are a bit higher than you pay with other carriers, but the network is brilliant. I can actually use the data I pay for each month, as opposed to getting dialup speeds on those occasions when I can even load anything to begin with.

Re:

[thegarbz]

No motivation mate. I'm not paying $20/month more to get exactly the same thing I'm getting now.

If I lived in a rural area or a fringe suburb I may agree with you. I have heard that Telstra's network is quite a bit better than others. That said I have yet to experience someone getting a faster speed that I do, or even a case where someone gets service where I don't.

2 years ago I switched carriers because one of them offered sketchy service where I lived. But then that carrier has an entire hate website [vodafail.com] dedi

Now remember kids

[MichaelSmith]

This is another good reason not to google self incrimination while planning a murder.

king of WTF product design

[slashmydots]

If I had to opt into a filter and the consequences were that my traffic has to go all the way from Austrialia to Chicago and back, that's not even about filtering anymore. Unacceptable ping time!!!