Hank:

No doubt there is a massive amount of information that can be gathered from in-box telemetry.  This thread appears to be more focused on providers gathering data from traffic in flight across their infrastructure.

Thank you
jms

On Fri, May 19, 2023 at 8:49 AM Hank Nussbacher <hank@efes.iucc.ac.il> wrote:
On 19/05/2023 15:27, Justin Streiner wrote:

It amazes me how people can focus on Netflow metadata and ignore things
like Microsoft telemetry data from every Windows box, or ignore the
massive amount of html cookies that are traded by companies or how
almost every corporate firewall or anti-spam box "reports" back to the
mother ship and sends tons of information via secret channels like
hashed DNS lookups just to be avoided.

Regards,
Hank

> There are already so many different ways that organizations can find
> out all sorts of information about individual users, as others have
> noted (social media interactions, mobile location/GPS data, call/text
> history, interactions with specific sites, etc), that there probably
> isn't much incentive for many providers to harvest data beyond what is
> needed for troubleshooting and capacity planning.  Plus, gathering
> more data - potentially down to the level packet payload - is not an
> easy problem to solve (read: expensive) and doesn't scale well at all.
> 100G links are very common today, and 400G is becoming so.  I doubt
> that many infrastructure providers would be able to justify the major
> investments in extra infrastructure to support this, for a revenue
> stream that likely wouldn't match that investment, which would make
> such an investment a loss-leader.
>
> Content providers - particularly social media platforms - have a
> somewhat different business model, but those providers already have
> many different ways to harvest and sell large troves of user data.
>
> Thank you
> jms