How to prevent ISP sees what you downloaded and protect your connection – former ISP employer explained


Your Internet Service Provider knows a lot about you.

I formerly worked for more than one ISP in the United States. One of my job titles at the nation’s third-largest cable company was Internet Security Liaison. Although some of the job functions were more exciting than others, such as assisting law enforcement in tracking down kidnappers and the like, the day to day drudgery of busy work involved dealing with much of the subject matter I’m reading. Each day I would come into work and start processing lists and databases. We would receive a daily list from companies such as AOL’s daily spammer list. AOL collects a list of IP and email addresses that AOL users have reported as spam, and then sends these lists to ISP to process.

Best VPN service protect your privacy

My job was to go through the list, match up the dynamic IP addresses and emails provided by AOL to the logs to determine the offending customer/account, and then contact that customer and either ask them to stop, or determine if they have spyware or something affecting their systems acting as a relay for spam. Much of the time we will cut off the customer’s internet if they’re a high offender until we can resolve the situation and try to ensure that the spam coming from the offending address is stopped.

My job was to go through the list, match up the dynamic IP addresses and emails provided by AOL to the logs to determine the offending customer/account, and then contact that customer and either ask them to stop, or determine if they have spyware or something affecting their systems acting as a relay for spam. Much of the time we will cut off the customer’s internet if they’re a high offender until we can resolve the situation and try to ensure that the spam coming from the offending address is stopped.

We received many of these lists from many different providers and companies, and the most interesting lists were DMCA, RIAA and MPAA lists that came from companies such as Paramount, Time Warner, etc. These lists would contain the offending torrent being downloaded, timestamps, IP addresses and whatever other information they were able to collect.

I would then use the logs again to determine which customer was leasing that IP address at that time, and then send them that exact nastygram that so many of you have received, asking you not to download this content. Repeat offenders get their service cut off until the situation can be resolved. Many times you’ll be contacting the parents who’s kids are torrenting files without their knowledge. My own name actually came up on these lists from time to time, and it prompted me to try and determine why this happened, and how to stop it.

From this experience, I can tell you a number of observations …

Firstly, Peerblock, PeerGuardian or PeerWhateverTheHellYouWantToCa… is useless along with IP filters and updaters. Unless you’re updating your list on a constant basis, shutting down your torrent client to update your blocklist, and using multiple sources for your list, then you’re not really doing much. Even at that, it seems to make little difference as most lists aren’t updating while the client is running, and even the longest lists will miss far, far too many IPs that you should have blocked. I verified this by using these tools and having colleagues and friends use these tools, and we still showed up on the list. And yes, I made sure my tools were updated each and everytime before I started up my torrent client.

Secondly, the ISP doesn’t care. It was company policy to NOT disclose customer information. Unless we were subpoenaed for information or it was a life and death issue, we didn’t pass along customer information. The customer that gets sued by Paramount for downloading that new Star Trek movie, not only isn’t very much a fan of your company (the ISP) anymore, but may not want to afford to pay that costly bill they have for bundled phone, internet and cable service. ISP have a bad enough rep already and don’t need more by passing along the information of every offender. The people you’re ‘stealing’ from are the ones going after you, not the ISP that sends you the nastygram. We only care that you pay your bill.

ISP have a bad enough rep already and don’t need more by passing along the information of every offender. The people you’re ‘stealing’ from are the ones going after you, not the ISP that sends you the nastygram. We only care that you pay your bill.

Thirdly, and this is probably the most startling discovery … only seeders are targeted. If you download content from a company that would go after you, and immediately after your download completes, you kill your torrent client, move the file you downloaded and don’t seed, you’re not going to receive that letter.

“My theory is use peerblock, although it it mostly useless, and most importantly only seed for 1 minute after the DL is done. Theory based on the IP lawyers having a tough time winning in court versus a person who only uploaded 7-8% of the entire torrent.

Yea, it makes me a leech. Being this is MUCH better than being a client for an attorney.”

He’s right. These companies target the people distributing the files, just like in the drug world.

Fourthly, what you download and seed makes a difference. The most common offenders are those downloading music, full porn movies and regular movies. I rarely would see a software company going after someone.

We didn’t throttle speeds or extend bandwidth caps either

Well the RIAA or MPAA companies almost always provided individual IPs, but they don’t know if you’re a customer that has a static address or dynamic. Either way it is overlooked. Spyware, spam and P2P have become so commonplace that you’d lose a humongous chunk of your customer base if you were to take some kind of permanent action against your customers there. I’m not super tech savvy about the workings of the cable network, but I can tell you that bandwidth was not a problem. Changes in QAM and other adjustments constantly allowed for more speed and more bandwidth, and this was on a DOCSIS 1.1 network, before the upgrades to 2.0, and now companies are looking at 3.0. Cable is a fat pipe, I mean just RG-6 cable itself is much larger in diameter than your standard telephone cable.

Hence why most geeks would choose cable internet or another service such as E-Line, EIFM, FIOS, etc. over DSL. That’s also allowed the cable companies to jump on technologies like Video on Demand services. If you’re familiar with VoD and other interactive services the cable companies provide, you easily realize they were far ahead of someone like DirecTV there, where VoD has been pretty lackluster. We didn’t throttle speeds or extend bandwidth caps either, so you could download and surf the internet all you want and be fine.

The letters and the job function were in place simply to satisfy the RIAA or MPAA. We wouldn’t release customer information unless legally obligated, I mean, why would we, there are plenty of advertisers who pay for that kind of info. We would receive the info from the MPAA and then take action so that when the MPAA looks again, they see that soinso is no longer stealing suchinsuch movie via torrent. So they were happy when they see those results, and often all it takes is a call or email to the customer.

I would only suspend service, soft kill modems or provision them down to snail speeds if an offender wouldn’t disappear from my list after a certain length of time because I was unable to reach the customer, or they were unresponsive or unable to resolve the issue. That was much more typical in the case of spyware on the computer in regards to spam. In the case of torrent, most people just shut down their client, unshare that particular file or find an alternative means of downloading content—so there was no need to suspend service or take much further action.

If we have no record, your privacy is protected

I noticed a lot of people recommending alternatives to BTGuard, saying they have had bad experiences. With that in mind, can anyone recommend one over the others?

Also, a common question I saw asked was.. what if your VPN provider drops, are you then exposing your regular IP to the world again?

There are plenty of free, unsecured VPN services out there, but there are also some free secured VPN services out there too. Technically, I’d say no, as nothing is ever free. I have too much paranoia to use a free “secured” VPN…I’d be bothered too much by the suspicion that it is a honeypot (what are they getting out of it?).

I believe it is best to just pay for secure VPN service. The $90 a year for secured access is worth it for me. Very few questions about the server I am connecting to. They rely on money from subscribers to survive and profit, and therefore have a vested interest in keeping that gravy train flowing. From what I understand, the only thing the ISP can see is that you are moving a lot of encrypted data over encrypted port 563, and the only one to know what data is, is the server that’s sending it to you.

Top 5 Best VPN service in 2017