# How safe is your Internet Provider?



## Mike (Oct 24, 2015)

After the UK ISP Talktalk was hacked during the week, I got
to wondering how safe are any others.

The hackers have all sorts of details of the 4 Million Talktalk's
customers, name, date of birth, credit card, bank account,
phone number and of course address.

BBC Report Here.

Mike.


----------



## Ameriscot (Oct 24, 2015)

I just started a thread on this right before you, Mike.


----------



## tnthomas (Oct 24, 2015)

The sad truth is that most businesses and government agencies are lax with security, and expose customers / citizens to the efforts of hacker-thieves.

Make sure your computers are updated, and use strong passwords for access to your banking or credit websites.   Make sure your home network is secure, and NEVER go to your financial or email sites on an unsecured connection to a public WIFI portal(airports, cafes etc).


----------



## RadishRose (Oct 24, 2015)

What wonderful and thorough advice Son Of perdition and thanks very much!

I especially liked- "Use prepaid debit cards for online purchases "


----------



## Mike (Oct 24, 2015)

Great advice tnthomas & Son_of_Perdition, but the post
is about an Internet "Service Provider", (ISP), that got
hacked!

Everything that you do on your computer on the internet
goes through the servers of your ISP, so no matter how
many secutity measures you use on your own PC/MAC,
in this case they are useless, as all the information was
elsewhere.

Mike.


----------



## tnthomas (Oct 24, 2015)

The thing is, is that one ISP is no more "safe" than the other; there is nothing magic that one provider can do that the others can't  or haven't tried, in keeping hackers out of their databases.


----------



## tnthomas (Oct 24, 2015)

+1 for Linux, my OS of choice.   I also have my home net behind a firewall.   My wife's laptop runs Windows :shrug: but I administer it and keep it protected.     No Adobe products on any machines,  Youtube runs fine with HTML5.


----------



## boozercruiser (Oct 24, 2015)

Ameriscot said:


> I just started a thread on this right before you, Mike.



You always do get in first word Ameriscot.
And you will likely have the last word and all!!!layful:

Just to keep on topic.
I am not on Talk Talk.


----------



## imp (Oct 24, 2015)

No one seems to speak of proxy browsers. Some claim complete protection of transmissions. I wonder about that, though. I am stuck at home with a fixed ISP ID, it never changes. Don't like it, what do you folks suggest?    imp


----------



## tnthomas (Oct 24, 2015)

You can browse in Incognito mode using Chrome and other browsers.      As mentioned, a firewall between your home network and your ISP is an important feature to have in place.  The fixed IP address your ISP assigned will be visible facing the web, but your actual computer's IP address(es) won't be.

For increased anonymity consider using Tor network to shield your internet activities.  I've heard that browsing speed is substantially reduced using Tor, and the NSA can still tell where you enter Tor and exit.

Edit:  Actually, although a couple years old- a thought-provoking story:  Attacking Tor: how the NSA targets users' online anonymity


----------



## Ken N Tx (Oct 25, 2015)

Mike said:


> Great advice tnthomas & Son_of_Perdition, but the post
> is about an Internet "Service Provider", (ISP), that got
> hacked!
> 
> ...



Good topic



tnthomas said:


> The thing is, is that one ISP is no more "safe" than the other; there is nothing magic that one provider can do that the others can't  or haven't tried, in keeping hackers out of their databases.



I feel relatively safe using a small ISP in this rural area..I believe the hackers are more interested in the volume of clients the larger ISPs have..


----------



## Ameriscot (Oct 25, 2015)

The online security of my bank has two passwords needed to get in. On the second one you never put in the entire password. It randomly asks you for example the 2nd, 7th and 9th letter or number.


----------



## Ameriscot (Oct 25, 2015)

boozercruiser said:


> You always do get in first word Ameriscot.
> And you will likely have the last word and all!!!layful:
> 
> Just to keep on topic.
> I am not on Talk Talk.



LOL. And what are you implying?!  layful:. I'm not with them either.


----------



## Son_of_Perdition (Oct 25, 2015)

Mike said:


> Great advice tnthomas & Son_of_Perdition, but the post
> is about an Internet "Service Provider", (ISP), that got
> hacked!
> 
> ...




To answer your question as I understand it.  ISPs provide Internet  access, employing a range of technologies to connect users to their  network.  Available technologies have ranged from computer modems with  acoustic couplers to telephone lines, to television cable (CATV),  wireless Ethernet (wi-fi), and fiber optics.

The security remains up to you the user and the site you are accessing.   The ISP protects itself from DOS (denial of service).  As a business  they are responsible for their account databases and if their security  is lax then that information is vulnerable to hacking.  They are like  any other business that needs to protect their information.  If any  company's website security is weak then your data is easily accessed.   If your files aren't protected by a firewall, virus/maleware software  and encryption then your data is vulnerable.  ISPs are only a doorway to  the internet and the other doorways are your security you have placed in  the hackers path.  Using all the available resources is your protection  but that is not iron clad.  Most ISP's offer you a discounted or free  virus checker, or mine has.  Since I use Linux mine is somewhat  protected but it can be hacked as most Android users have found out.   Linux is the low hanging fruit so it's a smaller target and not worth  the hackers time because there are so many more users on a Windows  system that has proven it's vulnerability to hacking over and over  again.  Using reliable browsers, adding data mining blocking software,  locking down your browser security, removing any suspect/weak software  and using common sense when accessing any site will better your chances  of preventing compromise.

Most ISPs rent server space from larger downline ISPs and don't maintain a large server farm.  They only provide internet access.

You live in the UK and if you are interested in buying a wool sweater from a manufacture located in New Zealand, you access their site first through your ISP's internet access and your request then may be routed through 10 different server/relay farms located throughout the world.  All those connections are open to hacking if there is a weak link in any of the servers.  If the sweater manufacture's website security is weak then once again, woe unto you.  The packets send back to you verifying your purchase could be routed again through 10 different server/relay farms, exposing that information to anyone illegally listening.  That's what I meant by using discretion when online and using only prepaid debit cards.  Ya, you get miles or rewards and protection from hacking, but why would you want to go through that mine field?


----------



## Mike (Oct 26, 2015)

Great advice and all true Son_of_Perdition, but I think
in this case it is the Company servers that have been
hacked and not for the first time either! More Here.

Talk Talk have been hacked several times according
to the press, but they don't seem to have done much
to protect themselves, or maybe they can't afford
specialists to do the job.
They are at the cheaper end of the market and most
of their customers will be low paid people, I only know
of one person who has an account with them.

One of your suggestions should be followed by everybody,
no matter who they deal with on-line, a separate card
for all internet transactions, I have had one for years
and top it up when I want to buy something.
But I had been ripped off before I thought about getting
a different account for the net.

Mike


----------



## Son_of_Perdition (Oct 26, 2015)

Mike said:


> Great advice and all true Son_of_Perdition, but I think
> in this case it is the Company servers that have been
> hacked and not for the first time either! More Here.
> 
> ...


That was my mistake and I admit to a mis-understanding.  You were asking an 'oranges to apple' question.  Talktalk's *WEBSITE* had been hacked and not their servers, since they more than likely rent space on a server farm.  Now their website should be the area of your concern.  They are probably hosted by another company and Talktalk's databases could be maintained on site on their own hardware or God forbid the cloud.  So if the security is lax there then of course they are subject to hacking.  Your searches, on line purchases, browsing & internet experiences are only as secure as the websites you visit not the routing hardware of the net.  The article went on to say that the hackers used 'Phishing' and other methods to exploit the users whom they had acquired from Talktalk's domain.  

That isn't say that they couldn't capture your searches & browsing, redirect it to proxy servers and mine your data, steal credit card/banking information, profiles and make life 'H_ll' for you.  Browsers have check & balances for that happening but again it's not a 100% guarantee.


----------



## Mike (Oct 27, 2015)

*Update:*

These hacks started in February 2015, the first when
servers at a customer sevice outfit, used by Talktalk,
that was in India, another in July 2015, but I don't know
where that one originated and yesterday a fifteen (15)
year old boy was traced to and arrested in Northern
Ireland.
So it looks like they, Talktalk, are a sieve and they have
been unable to plug all the holes over a period of 8 months.

Mike.


----------



## WhatInThe (Jan 2, 2016)

It's not the security of the provider it depends on what websites the users/customers go to. A nasty virus from a website can spread an affect servers let alone individual computers. Also slow running or consistent internet service seems to be a breading ground for viruses. Seems like the most trouble I have is when the local internet is running slower than usual.


----------

