What does your ISP find out from your Internet traffic?
Everything you ask Alexa, right down to your e-mails and passwords: If you don't encrypt your Internet traffic, your ISP (Internet Service Provider) can basically see every detail, and since your ISP manages all your Internet traffic, they can see everything you do online. He could collect enough personal information to know what you are looking for, who you are sending emails to (and when), and even your Bitcoins transactions are not hidden from him. So not really optimal, we would say... But even if you encrypt all your movements on the Internet, even the peaks of your traffic patterns might be enough for your ISP to figure out how your everyday life at home is going. Let's take a closer look at what your ISP sees when you encrypt or do not encrypt your data. And how you can tackle the problems.
1. the exact pages you visit and your passwords
If the websites you visit are unencrypted - that is, if they still use HTTP instead of HTTPS - your ISP will see the exact pages you visit. For example, if you shop z./ website, your ISP will see that you have visited the website, but that's it. What a difference such a small "s" can make for our privacy! So the solution to this problem is simple: make sure the sites you visit use HTTPS and avoid sites with an expired or invalid SSL certificate. After all, this is how you can keep some things from your ISP. And if you don't want to tell him anything, it's best to get a good VPN.
2. your e-mails
If you use an email service that does not use Transport Layer Security (TLS) encryption, your ISP will most likely be able to view the contents of your email. If your ISP is also your email service provider, then they can definitely do this. The solution: Use an email service that uses TLS encryption (often called STARTTLS). Some providers, such as Gmail, have a small red lock to let you know if the recipient or sender is not using TLS correctly. You can tell the email sender about this error or ask for another email address. Or you can choose not to use this Gmail account at all and instead use privacy-conscious alternatives such as FastMail.
3. whether you use BitTorrent
Your ISP can see when you use BitTorrent to download files, even if the files are legal (for example, a game update). Your ISP may not really care about the content you're downloading-as soon as they realize you're using bandwidth when you're sharing files, they may slow down your download speed . Not great either - but there is a solution to this problem: to prevent your ISP from detecting your BitTorrent activity, use a VPN for safe and fast downloading.
4. your Bitcoin transactions
After ordinary Bitcoin clients send standard and unencrypted messages to known TCP ports, your ISP can easily find out if you are using Bitcoin. Through your traffic, they can also trace your transactions back to you. This is because an ISP can see all your incoming traffic and thus also whether one of your sent transactions is not being received by anyone else - and must therefore be a transaction you generated. The solution? A good VPN or Tor network prevents your ISP from tracking your Bitcoin transactions through your inbound traffic. Unfortunately, there are other ways your ISP can find out about your transactions. If you want to be absolutely sure that your Bitcoin transactions remain undetected, you must make your Bitcoin payments anonymously.
What can your ISP see when you encrypt your data?
First of all, congratulations to you if you encrypt all your web traffic. Absolutely top! However, your ISP still has the ability to view the unencrypted metadata that follows your encrypted web traffic. He doesn't know exactly what kind of traffic it is, but the ISP can draw very good conclusions based on the size, frequency and timing of the traffic, and recent studies have shown that operators can still learn a lot from your encrypted traffic. For example, one study found that every YouTube video has a unique traffic pattern when you stream it on your device. So if the ISP wants, they could find out the exact videos you are watching. Despite encryption probably noticed! Another disturbing study by Princeton University found that "An ISP or other network monitor can draw conclusions about sensitive, private activities in a home by analyzing the Internet traffic from smart homes with commercially available IoT (Internet of Things) devices" In other words, whether it's Alexa or your SleepSense monitor, they can all massively undermine your privacy by exposing your daily routine! Thankfully, VPN can help here as well: If you connect all of your devices through a VPN-enabled router, you make it really hard for your ISP to find out which devices you use. Unfortunately, it is not impossible for ambitious opponents to draw conclusions from the traffic you send - especially if you only have one IoT device or if several devices send only sparse traffic, such as smart door locks or sleep monitors. The solution: Destroy the pattern by adding random inbound and outbound traffic to your encrypted web traffic. For this to work, you need a VPN to bundle all traffic from your home so that the ISP can no longer distinguish between a movie, file sharing or website, and make sure there is constant traffic to and from your home even when you're not there. With constant traffic all day long, you can avoid traffic spikes when you come home from work and go online. To generate inbound traffic, create a constant stream that hides any jumps in traffic. Run an audio streaming service like Spotify or a digital radio and just turn it silent. To generate outbound traffic, you could share popular files like the current Linux version on a file sharing service.