Hank: No doubt there is a massive amount of information that can be gathered from in-box telemetry. This thread appears to be more focused on providers gathering data from traffic in flight across their infrastructure. Thank you jms On Fri, May 19, 2023 at 8:49 AM Hank Nussbacher <hank@efes.iucc.ac.il> wrote:
On 19/05/2023 15:27, Justin Streiner wrote:
It amazes me how people can focus on Netflow metadata and ignore things like Microsoft telemetry data from every Windows box, or ignore the massive amount of html cookies that are traded by companies or how almost every corporate firewall or anti-spam box "reports" back to the mother ship and sends tons of information via secret channels like hashed DNS lookups just to be avoided.
Regards, Hank
There are already so many different ways that organizations can find out all sorts of information about individual users, as others have noted (social media interactions, mobile location/GPS data, call/text history, interactions with specific sites, etc), that there probably isn't much incentive for many providers to harvest data beyond what is needed for troubleshooting and capacity planning. Plus, gathering more data - potentially down to the level packet payload - is not an easy problem to solve (read: expensive) and doesn't scale well at all. 100G links are very common today, and 400G is becoming so. I doubt that many infrastructure providers would be able to justify the major investments in extra infrastructure to support this, for a revenue stream that likely wouldn't match that investment, which would make such an investment a loss-leader.
Content providers - particularly social media platforms - have a somewhat different business model, but those providers already have many different ways to harvest and sell large troves of user data.
Thank you jms