The proposed "Internet Connection Records" in the Draft Investigatory Powers Bill will potentially log every web site you have visited and retain that for a year.
If you are reading this blog post, you would now have an "Internet Connection Record" showing that you visited pornhub.com, or more specifically pornhub's content delivery network cdn1b.static.pornhub.phncdn.com, because there is a 1 pixel image included in this blog post which your browser will have fetched automatically.
Now, that is not illegal, thankfully, but it is probably in the filtering for many large ISPs, so even before this bill comes in it is probably logged.
Don't worry - the image is just a graphic of the word "hub", nothing rude, but this leads to another slight irony. In order to make this slightly less of an invasion of privacy the "Internet Connection Records" are not the whole URL to log which image it was, just the web site. What is worse is if logging by DNS then it does not matter if one innocent image like this or an hour watching the site, it would make one DNS lookup for the web site name.
Could you explain that to the police if it was some illegal site?
It is probably just as well it was not Inspire, a magazine produced by an al-Qaeda-affiliated group, because the police said downloaders of the mag would face prosecution "irrespective of their motive". See this article for more on that (yes, the article is quite safe).
http://blogs.telegraph.co.uk/news/brendanoneill2/100215723/in-a-truly-free-society-i-should-have-the-right-to-read-al-qaedas-magazine/ [link seems no longer valid, oddly]
Can you justify your Internet Connection Records?
Subscribe to: Post Comments (Atom)
I am, once again, getting more spam. Someone must have put my email on some mailing list. This is a pain in the arse, takes up my time, and ...
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
Damn you RevK I've just been fired for looking at porn during work hours :-)ReplyDelete
Thank you RevK as I've just used this blog post to get out of being fired for looking at porn during work hours :)Delete
Thanks Rev, just explained the visits to pornhub to the wife. Top man.ReplyDelete
I told mine I was 'looking for her Christmas Preasant'Delete
H'mm thats interesting, neither work firewall nor virgin medias filtering (on home broadband) flagged anything but the image doesn't actually load so i assume they blocked the access.ReplyDelete
I wondered how can a 1px image contain the word 'Hub'ReplyDelete
Never mind encryption - that is AWESOME compression!
Thank You RevK for reminding me that I haven't been to Porn Hub today which would put me under suspicion of 'what was I doing then,' given that I am never off the site ;-)ReplyDelete
Ironically that is not a site I visit personally, just one that is well known, though I don't plane to start a discussion on the merits of various sites :-)Delete
I'm seeing a dot in a grey outline. Will there be a dispute process to have it removed from my connection record as you instigated the connection rather than me?ReplyDelete
I also noticed a "link href ..." to the picture and a "meta content ..." in the header. Even if you had not put the "img src ..." in the body, would a connection record have been created?
Not to bang on, and I though you came across very well, but still no-one seems to have pointed out to them that using a VPN for a fiver a month bypasses all this effort and discussion and millions spent in new kit. You did mention TOR though, but it needs explaining to the technically clueless that this is a fundamental waste of time and is relatively easy to get round if you do indeed, not want to be tracked.ReplyDelete
I said there were many ways to bypass it, including Tor. I did not feel trying to itemise a lot of technical term was going to add much to that point.Delete
Let's say, without too much loss of generality, that if PornHub were to split its CDN into "UK-legal" and "BBFC-says-no" hostnames, then maybe the situation starts to get a little more interesting. I don't believe DEBill criminalises the watching of "banned" porn — just the distribution — but coupled with IPAct, the government starts to build up a nice cache of ICRs of people who accessed "illegal content"… and your hidden image becomes quite the incriminating HTTP request…ReplyDelete
Your post says, "Now, that is not illegal, thankfully" — what a difference a year makes.