Your ISP knows what you did last summer

ISP tracking is nothing new, but most people don’t realize just how much their Internet Service Provider knows about their browsing habits. Even when you turn on options like Do Not Track in your browser, your ISP is still watching you. Privacy isn’t important to them, but there are ways to go online and still maintain your privacy.

Your ISP spies on you every time you open a browser window. For mobile devices, your provider even monitors your call and text logs, but they don’t retain copies of the actual texts or calls.

While most providers aren’t going to readily tell you what they’ve collected on you, it’s still kind of terrifying to think there’s a strange third party that knows all about your Internet activity.

To get further down on this topic, we have to understand how your internet connection works and why your ISP is able to spy on you.


If you sit on your computer in your local network and then visit for example Google or something, the request gets routed through your ISP which means that it also sees which websites you go to. Not only that though, your ISP can see every piece of information that is not encrypted. Every package, every connection, every answer.

This means, that your ISP can basically frame your internet usage. It can see your browsing history and what websites you visit most of the time at which time.

For example, let’s say in the morning you are browsing some news site, then you continue to some YouTube and Netflix and call it a day with closing your last PornHub tab. With this throughout seamless information, you can create a pretty behavior profile.


What can I do about it?

So nothing is lost, we can still hide behind VPN Tunnels and deep inside the TOR Network, but yeah, basically we have to change the way we route through the Internet. Let us just go through it step by step.


First of all, almost every browser has this little lock (whether it is locked or not) on the left side of the address bar. This Lock shows you if you are connected with SSL/TLS or not. You can also in almost every browser press on the lock and get more details from it, for example, the exact version of the protocol that is used.

You can also see that from the URL itself if it starts with https:// it is secured via SSL/TLS.

I would also recommend installing a little tool created by the Electronic Frontier Foundation – it is called HTTPS Everywhere you can probably already guess from the name what it does. You probably guessed right … it does exactly what it says, it forces all the connections through SSL/TLS and automatically changes the URL to httpS no matter if it’s available or not.

The reason for this is pretty simple, some websites (definitively not mine) are reachable through HTTP and HTTPS so if you hit the HTTP site you’re giving away your free encryption for nothing. Other websites though, just like mine, will redirect your connection to HTTPS if you try to hit it via HTTP.

What does your ISP see with SSL/TLS enabled?

The increased use of encryption on the Web is a substantial privacy improvement for users. When a website does use HTTPS, an ISP cannot see URLs and content in unencrypted form. However, ISPs can still almost always see the domain names that their subscribers visit.

DNS queries are almost never encrypted. ISPs can see the visited domains for each subscriber by monitoring requests to the Domain Name System. DNS is a public directory that translates a domain name (like into a corresponding IP address (like Before the user visits for the first time, the user’s computer must first learn the site’s IP address, so the computer automatically sends a background DNS query about

Even if connections to are encrypted, DNS queries about are not. In fact, DNS queries are almost never encrypted. ISPs could simply monitor what queries its users are making over the network.

Since we already hit 700 words, I will not go into detail about DNS Leaks and how/why to change your DNS Lookup service, but I will cover it in the next post.


With a virtual private network, everything becomes very different very fast. Of course, it all depends on your protocol but let’s just say, your traffic is going to be encrypted starting from your computer. That means your Router already gets all the information encrypted, passes them encrypted to your ISP which then passes it on to your VPN Gateway and so on. At the end of the day, the other Computer or service will receive the encrypted traffic and will be able to decrypt it.

Also next to your encrypted data, also the source IP will be hidden behind the IP from your VPN, that means, that all the services that you reach, will think that you have the geolocation and IP from your VPN Gateway. Stuff like that makes it possible to watch Hulu outside of the US.

What does your ISP see with VPN?

VPN is not the God-G given solution though. There are still some tricks how your ISP is able to track you. One of them could be DNS Leak, just like above so your ISP knows in general that you visited YouTube, but does not know which exact video you watched. Your ISP is also very aware of the size and the time you send/receive information.

You should also use a kill switch because sometimes connections fail and I’m pretty sure you already know what it means if your VPN connection drops but you are still connected to the Internet. The Killswitch will route all your traffic through a virtual adapter that can only communicate with the internet if it is connected to your VPN Gateway.

The onion network

The Tor network runs through the computer servers of thousands of volunteers (over 6.200 at time of publishing) spread throughout the world. Your data is bundled into an encrypted packet when it enters the Tor network. Then, unlike the case with normal Internet connections, Tor strips away part of the packet’s header, which is a part of the addressing information that could be used to learn things about the sender such as the operating system from which the message was sent.

Finally, Tor encrypts the rest of the addressing information, called the packet wrapper. Regular Internet connections don’t do this.

The modified and encrypted data packet is then routed through many of these servers, called relays, on the way to its final destination. The roundabout way packets travel through the Tor network is akin to a person taking a roundabout path through a city to shake a pursuer.

Each relay decrypts only enough of the data packet wrapper to know which relay the data came from, and which relay to send it to next. The relay then rewraps the package in a new wrapper and sends it on.

The layers of encrypted address information used to anonymize data packets sent through Tor are reminiscent of an onion, hence the name. That way, a data packet’s path through the Tor network cannot be fully traced.


A VPN will probably be enough to protect your privacy as an average citizen and it shouldn’t always be about wearing a tinfoil hat, but maybe at least a wool hat.




Leave a Reply

Your email address will not be published. Required fields are marked *