I am using Google Chrome in Windows 7 for Internet access. I am very curious to know if my ISP knows or not which sites I am visiting or what I am downloading. If it knows then to what extent (meaning what does it know about my browsing and downloading activity). I am not using any VPN services.
Asked
Active
Viewed 1.3k times
4 Answers
11
Yes. Even if you're visiting websites with HTTPS, your ISP knows which website you're visiting. We can try to hide what we are sending back and forth but the destination you're visiting is always available to your ISP.
Minot
- 144
- 1
- 7
4
Logging says they do, even if the initial connect is to an SSL enabled server.
So if you connect directly to a proxy, they'll know that.
If you connect directly to a TOR node, they'll know that.
If you connect directly to a VPN provider, they'll know that as well.
Do they care? Probably not, unless you're in one of those "enlightened" countries. Or doing one of those "enlightened" activities.
Fiasco Labs
- 6,864
0
Of course they do.
The only mitigating factor is if they actually care to have a look. Most people manage to stay under the radar, but if you're doing something you really shouldn't, they'll be logging it somewhere.
Tetsujin
- 50,917
-3
Your ISP can always know what your initial connection is to (web, mail, file transfer, IM). Most likely you use their DNS services too so they know any hostname you query on. Given the long list of certificate roots (trust anchors, whatever you want to call them) that Microsoft, Firefox, Apple, Mozilla, and Opera trust it is possible for your ISP to see all your traffic, be it in an SSL tunnel or not. This is because they can setup a transparent proxy and you will most likely trust the cert they offer up. It is possible to detect this but most users don't know how and the browser makers don't make it easy. Sorry :(
== @DanielB @zamnuts I'm afraid you're mistaken. Take a look at your root list in whatever off the shelf browser you use; you will note a wide variety of countries and companies are in there. Many of those countries and companies are extremely susceptible to influence by national entities; many have issued certificates errantly and many would issue bogus certificates to the right requestor (your favorite intelligence, military agency in the case of western countries and the drug cartels in the case of central and south american countries and business). These are simple facts. What is to stop a "patriotic" or corruptible CA from issuing a certificate to yourbank.com? Sure some users after seeing the golden padlock will double check that the issuing authority and root have not changed since last they visited - but not most. Even someone like wells fargo who uses the certificates that give a green address bar (meaning ID not just domain name was validated by the issuing authority) are not immune since most users don't know what the green bar means and will never notice that it's no longer green so long as the padlock is still there. BTW ask your tech ignorant relatives what the padlock is and they won't even know that.
Ram
- 1,117