Telcos And Rupert Murdoch Pushing Nonsense Story That Google Helping Keep Your Internet Activity More Private Is An Antitrust Violation

from the oh-really-now? dept

There are all sorts of reasons and ways to hate on big internet companies these days, but as we’ve warned, some of them are in conflict with one another — though that doesn’t seem to stop those who keep pushing the narrative forward from blindly repeating them anyway. The latest is a positively bonkers article in the Wall Street Journal arguing that Google’s (somewhat middle of the road) support for DNS over HTTPS (DoH) is potentially an antitrust violation worthy of Congressional action.

This is (1) utter nonsense and (2) driven by telcos looking to undermine consumer privacy. So if you’re a pro-privacy Google hater, you might want to at least reconsider supporting this particular line of attack. If you are unaware, under the current DNS system, you still leak some key metadata every time you visit a site to your DNS provider (which is usually, but not always, your broadband/internet access provider). It used to be that those providers could collect even more, page-level, information, but that is less and less true as more and more of the web itself is encrypted with HTTPS. DoH is an attempt to encrypt the last bit of info that leaks when you surf — the metadata about the top level domains you are visiting. Mozilla has been strongly pushing support for DoH, and will plan to move most public Firefox users to DoH in the relatively near future. Google, on the other hand, is supportive of the standard, but has shown no inclination to adopt it nearly as widely as Mozilla.

Either way, done correctly, DoH protects your privacy and stops the fairly large metadata loophole that has allowed DNS providers (generally your telco/broadband provider) from being able to snoop on everywhere you surf. There are some reasonable concerns that if browsers automatically force users to use specific DNS resolvers for DoH that it could, potentially, lead to more control/centralization of both those servers, but as EFF points out in the link above, that’s mitigated by more ISPs simply adopting DoH themselves.

The problem, of course, is that the biggest telcos, such as AT&T, Verizon, and Comcast don’t want to stop spying on you and all of your internet habits. And, so, rather than adopting DoH, they’re trying to undermine DoH entirely by pretending that Google’s lukewarm interest in supporting DoH is, itself, an antitrust violation. What’s kind of incredible, however, is just how open they are about this plan, and that’s it’s entirely about preventing the big broadband providers from spying on your traffic:

?Because the majority of world-wide internet traffic?runs through the Chrome browser or the Android operating system, Google could become the overwhelmingly predominant DNS lookup provider,? a coalition of internet service providers said in a Sept. 19 letter to lawmakers. ?Google would acquire greater control over user data across networks and devices around the world. This could inhibit competitors and possibly foreclose competition in advertising and other industries.?

They urged lawmakers to call on Google not to impose the new standard as a default standard in Chrome and Android.

Google, for it’s part, reiterated (as it has in the past) that it has no plans to force users into using its own DNS offerings. While the Wall Street Journal report at least quotes some pushback on this claim, it still seems to present this mostly as a credible antitrust concern, when the reality is that it’s clearly an attempt by big broadband players to play an antitrust card to (1) attack Google and (2) to prevent Google from helping consumers better protect their own internet privacy.

There are, of course, plenty of legitimate concerns that people have about Google’s own privacy practices. But pushing people towards DoH is a good thing. A few months back we saw UK ISPs laughably attack Mozilla’s plans to support DoH by calling the company an “internet villain” claiming that better protecting your privacy would undermine “internet safety standards.” To be clear: this is nonsense. What they mean is, like with other forms of encryption, it might make a very tiny number of criminals marginally harder to track down. But, on the flip side, it will massively protect everyone else’s privacy from overly snoop happy broadband providers.

We’ve noted for a while how hypocritical it is for people to focus on “antitrust” and “privacy” claims about the big internet companies, while ignoring the much larger problems on both fronts regarding broadband companies. Similarly, we’ve talked about how many of the attacks on “big tech” are quietly driven by the big broadband players quietly fanning the flames. But this story combines all of that. It’s the big broadband players/telcos pushing a totally bogus monopoly story against Google (which makes no sense at all if you understand the details, and which wouldn’t even be a potential monopoly concern at all if those very same broadband companies adopted DoH themselves), in order to stop Google from better protecting your privacy — so that the broadband providers can better snoop on you.

And, a side note: Rupert Mudoch’s Wall Street Journal has been one of the worst in pushing these misleading anti-Google/Facebook stories over the last few months, which is, again, no surprise at all, as it’s been revealed before that Murdoch has been eager to attack Google and Facebook and has no problem using the Wall Street Journal to do so. While this story at least includes some balance, the entire narrative arc of it seems to follow the telcos talking points — and it’s notable that while it briefly quotes a section of the telcos letter to Congress, it fails to post the entire letter. I wonder why…

Either way, this kind of thing undermines any serious discussion of either privacy or competition online, by mixing up and conflating an attempt to better protect privacy, and pretending it’s an antitrust violation.

Filed Under: , , , , , , ,
Companies: google, mozilla

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Telcos And Rupert Murdoch Pushing Nonsense Story That Google Helping Keep Your Internet Activity More Private Is An Antitrust Violation”

Subscribe: RSS Leave a comment
55 Comments
allengarvin (profile) says:

An internet of only http?

It’s tangential, but this could make an enormous leap to an all-http Internet–that is, traffic traversing from AS to AS–that is nothing except http. And in a few years with http/3, perhaps nothing but UDP.

I’m sure other protocols will continue to exist inside individual AS’s for a long time (though, http/2 is replacing diameter in the 5G packet core).

The Internet really only bears a very superficial resemblance to what it was 30 years ago.

James Burkhardt (profile) says:

Re: An internet of only http?

So, assuming I have read your detail lite commentary about some deep protocol questions correctly, you are suggesting the end of FTP, torrent, magnet, and other communications protocols to entirely functioning on HTTP, based on a move to DNS over HTTPS.

Could you expand on why you think this is the case, such as how this move helps HTTP finally supplant the less popular but still in use protocols like FTP, or how this move helps HTTP replicate torrent and magnet protocols?

Anonymous Coward says:

Re: Re: An internet of only http?

The trend to run "everything" over HTTP was noted in 2002

you are suggesting the end of FTP

FTP is dead. Mostly. There’s some special-case usage, but essentially nobody sets up public FTP servers anymore. Even http://ftp.debian.org shut down FTP access two years ago (in favor of HTTP).

torrent

BitTorrent trackers use HTTP. The .torrent files are most often delivered via HTTP. The peer-to-peer protocol isn’t HTTP; if designed today, it might have been.

magnet

That’s a URI scheme, not a communications protocol.

Scary Devil Monastery (profile) says:

Re: Re: Re: An internet of only http?

"FTP is dead. Mostly. There’s some special-case usage, but essentially nobody sets up public FTP servers anymore. Even http://ftp.debian.org shut down FTP access two years ago (in favor of HTTP)."

Except for some 95% of the EDI solutions still used by companies, banks, and news agencies worldwide.

I dare claim bullshit on your assertion as long as removal of FTP would cause the global economy to crash and burn.

allengarvin (profile) says:

Re: Re: An internet of only http?

Ah, yeah I wasn’t thinking at all of peer to peer filesharing, but FTP is a dying protocol, and it deserves to die. Debian shut down their FTP servers a couple years ago, for instance. It is an annoying, horrible protocol because of the separation of data and control channels into separate connections. It’s always been hard, because of that, to make it work properly with firewalls, natting, and access lists. It becomes a really serious problem if you encrypt the control plane, because you’re left leaving blocks of ports wide-open, or limiting the numbers of connections. Seriously, I’ve been cursing FTP for decades now.

For downloading, it provides no advantages over http downloads, and for uploads, that functionality has been largely replaced by http uploads, dropbox type services, or to a lesser degree for specialized apps, webdav.

Anonymous Coward says:

Re: Re: Re: An internet of only http?

It is an annoying, horrible protocol because of the separation of data and control channels into separate connections

…which was the style at the time, apparently. Early port numbers were all odd because NCP, TCP’s predecessor, reserved the corresponding even numbers for traffic in the opposite direction. This convention was dead when gopher and http appeared. FTP predates NAT and firewalls by decades.

Anonymous Coward says:

Doesn't protect you from the DNS provider

Either way, done correctly, DoH protects your privacy and stops the fairly large metadata loophole that has allowed DNS providers (generally your telco/broadband provider) from being able to snoop on everywhere you surf.

No, it won’t do that. It will prevent everyone except your DNS provider from snooping that. But the DNS provider—which for DOH will likely differ from your current provider—can see all the data a DNS provider ever could.

BTW, DOH over Tor could stop that. Having web servers send you DNS responses for pages they link to, without you having to request anything, would also work. Of course that would require DNSSEC and wouldn’t prevent anyone from seeing the IP addresses you connect to.

Anonymous Coward says:

Re: Doesn't protect you from the DNS provider

It will prevent everyone except your DNS provider from snooping that. But the DNS provider—which for DOH will likely differ from your current provider—can see all the data a DNS provider ever could.

The difference is that you could choose a DNS provider you consider trustworthy, while many if not most people have no practical choice of ISP.

Anonymous Coward says:

Re: Re: Doesn't protect you from the DNS provider

The difference is that you could choose a DNS provider you consider trustworthy

The difference is that it’s harder for an ISP to interfere with this choice. There were always 3rd-party DNS providers. Some ISP, even entire countries, were known to block them or change the results. (Firefox will apparently disable DoH in the UK to allow DNS-based porn-blocking. Lame.)

Anonymous Coward says:

Re: Re: Re: Doesn't protect you from the DNS provider

(Firefox will apparently disable DoH in the UK to allow DNS-based porn-blocking. Lame.)

Its just not turned on by default, but it can be turned on. Also, using some other public DNS server, such as Google bypasses those blocks as well. That is those blocks only work for people who cannot be bothered to look up alternatives, or configure Firefox etc.

Anonymous Coward says:

Re: Re: Re:2 Doesn't protect you from the DNS provider

Mozilla shouldn’t be helping governments censor the internet, even if there is a workaround. There’s no valid reason for the UK to have different defaults. They might as well do the same for China and the dozens of other countries abusing DNS.

Dan says:

Think this through...

it could, potentially, lead to more control/centralization of both those servers, but as EFF points out in the link above, that’s mitigated by more ISPs simply adopting DoH themselves.

So, what, the ISP enables DoH on its own DNS servers? What good does this do? In this case, the ISP still knows who’s making the queries, and what those queries are, right? If you’re concerned about your ISP sniffing your DNS queries to other providers, turning around and making those same queries to your ISP over DoH really isn’t helping anything, is it?

Conversely, if Google were to enable/force DoH, and if they were to operate the servers (as they likely would), that would put them in a unique position to track their users’ browsing habits (even more than they already do). Is the issue overstated? Probably–but I don’t think it’s as exaggerated as you’re saying.

Now, IMO, the best way around this, at least at home, is to use a router that can be configured to act as a recursive DNS resolver. That way, your queries are going only to the authoritative hosts for the domains in question, and can’t be aggregated in any single place. It’s as simple as checking a box in pfSense, not sure about other F/OSS router/firewall solutions.

A Guy says:

Re: Re: Think this through...

Hard drives are now large enough you could probably just run your own very large hosts file. You could probably make a program it to have it update itself every so often from all known authoritative domains and bypass DNS altogether.

I have enabled Doh and encrypted ensi on my firefox. It breaks the windows hosts file so now one of my malware blockers no longer works. (Spybot S&D)

Anonymous Coward says:

Re: Re: Think this through...

Because DNS is a recursive hierarchical look up system, where reading the dot separated part of a url, from right to left, is resolved by sending a request to the address found for higher level part. I.e. to resolve http://www.techdirt.com a request is sent to the root server for the server for ‘com’, and then a request to the address that gives for ‘techdirt’ and the to that address for ‘www’. In practice results are cached to reduce the number of repeated lookups that are actually required.

When you use an ISP’s or other public resolver, they carry out that look up process on your behalf. Using your own resolver makes it harder for the ISP to track your web history, as look ups can be interleaved, and caching means some are skipped.

Anonymous Coward says:

Re: Re: Re: Think this through...

to resolve http://www.techdirt.com a request is sent to the root server for the server for ‘com’, and then a request to the address that gives for ‘techdirt’ and the to that address for ‘www’

This is a very recent algorithm, called QNAME minimization. Traditionally, a resolver would send the string "www.techdirt.com" to each level, even the root (which won’t know anything except "com"; it’s an information leak with no benefit). Many still do.

Anonymous Coward says:

Weak Sauce

“Because the majority of world-wide internet traffic…runs through the Chrome browser or the Android operating system,"

Usage share by web browser measurement is not a standardized metric and has questionable accuracy. Also user agent spoofing is very easy.

"Google could become the overwhelmingly predominant DNS lookup provider,""
.. Could ..

Very weak argument.

PaulT (profile) says:

Re: Weak Sauce

Spoofing is easy but very few people do it in reality. Sure, the result will skew as a result of the people who do it, but like moves to enforce https generally this isn’t aimed at those people.

Similarly, DNS dominance can be a concern because most of the people this is aimed at don’t know what it, let alone make an informed choice of er provider. The battle will be over whether they accept the default from their ISP or their browser settings.

allengarvin (profile) says:

Re: Re: Re: Weak Sauce

Right now DNSSEC is a bit of a failed protocol. The key size requires a fallback to TCP, and so many of the places I’ve worked or seen don’t allow tcp over 53. For years, you’d see it recommended in security best practices, usually because the only traffic that would go over tcp on 53 would be zone transfers. And of course, DNSSEC is only designed to protect integrity, not confidentiality.

DNSSEC makes a lot more sense in DNS over https than it does in the DNS protocol.

virusdetected (profile) says:

Firefox currently supports DoH...

…and the DNS provider is CloudFlare, which promises not to sell your browsing history. Google might (!!!) become the predominant DNS lookup supplier, but only if the rest of the industry doesn’t step up an implement DOH, which isn’t difficult. But, you’ve captured the essence of the concern for the big ISPs — there won’t be able to eavesdrop on your DNS queries as they pass through their network. Of course, anyone using a VPN already has, effectively, DOH. Bigger issue is that the big ISPs are simply asking their paid servants to do what they are told…

ECA (profile) says:

the only problem

With Privacy tends to be WHO gets it, and WHO dont..

Either everyone gets it, or No one gets it.. Thats part of the law.
But thats also a failing.
If it was all free, the corps and anyone could have it and Spam us to death, and fill our mail boxes with crap, AND create Fake ID and Credit cards all over the world. And what would the rest of the world do to STOP IT?? The banking system would have to Improve and have better ID systems, and spread ALL over the world.
But we would have all the info we needed for the rich and Famous, as well as all the corps and our GOV..(perchance)

With us PERSONALLY responsible for our privacy and creating laws to backup those rights… We save ourselves of most of this hassle. But we also dont get certain info on many things. Such as Corps and Gov. Hiding how much stuff really costs and military expenditures. As well as knowing how much the rich are hiding in other countries..(buying property, as the middle east and russia have done in the USA)
And still the banking system loves us for doing so.

But the internet is something else. as our browsers are built around SHARING OUR INFO. The more you put into it, the more it can share. Even if a Bot/Trojan/?? is needed to get the data, Some Odd thing will popup and ask to do something, and We have lost our privacy and data.

When porn sites can be safer then Legit(??) sites its a marvel that we have ANY PRIVACY..
And will all the Server break-ins, and data loss over the past 10 years, its almost Stupid to think we have much privacy left. would still like info on Server break-ins, compared to Linux/unix/MS server.

A-Sbeve-Or-Two (profile) says:

Privacy is Respecting The People Who Ask For Privacy

Of course it should not be illegal to keep people’s internet searches private. If the government doesn’t respect privacy on the internet, that’s like the FBI having an agent stand with you in the bathroom as he watches you pee/poop (within the public stall for non-residential examples such as colleges and offices) and then reports how many bowel movements you made which would be leaked for others to see. In a word, NASTY!
Privacy is important in every aspect, and because we have privacy and respect outside of the internet, we need the respect of privacy on the internet as well. Not in terms of censorships – don’t get the wrong idea. That’s why some browsers have a private tab available so that Google (or whatever internet company provides the browser) won’t keep record of what you searched online in a private tab. They even have that feature on the iPhone’s Safari app as well.

I apologize for any misspells. Using an iPhone’s keyboard is hard no matter what size phone you use.

This comment has been flagged by the community. Click here to show it.

A-Sbeve-Or-Two (profile) says:

Re: Re: Privacy is Respecting The People Who Ask For Privacy

You clearly didn’t read my comment correctly. The bathroom comparison is meant to represent that government agencies have no respect for our privacy. They disrespect the people they serve, and their racist, sexist attitude towards their people is downright cruel, retarded, and unacceptable.

A-Sbeve-Or-Two (profile) says:

Re: Re: Re:2 Privacy is Respecting The People Who Ask For Pri

I knew what /s meant. /s = sarcasm. Privacy is nothing to be lightly joking about. If the government won’t respect the privacy of its people, then they shouldn’t be in office at all. The American government has always promised to be run by the people, yet it never is. They break their promises more than they realize. They think us Americans shouldn’t learn the truth about why they’re being so scandalous. Their corrupt, racist and sexist remarks are disrespectful and unacceptable. I may be white, but I’ll gladly defend any race and any gender from the racist and sexist affairs that our own government is charging at us. I respect every race and every gender and every age and every generation, but I will not let our bipartisan government throw us into anarchy. They force us to choose sides, and they force us against each other while they continuously make everything worse. In 2020, I hope people will realize that the Democratic and Republican debate needs a complete overhaul, because apparently Common Sense Isn’t So Common Anymore!

Anonymous Coward says:

Re: Re: Re:3 Privacy is Respecting The People Who Ask For

I knew what /s meant. /s = sarcasm.

Judging from your previous reply, I’d bet you had to go look it up.

Privacy is nothing to be lightly joking about.

If you still don’t understand the purpose of sarcasm, or just don’t like it, then fuck you.

Anonymous Coward says:

Close but no banana

Either way, done correctly, DoH protects your privacy and stops the fairly large metadata loophole that has allowed DNS providers (generally your telco/broadband provider) from being able to snoop on everywhere you surf.

No, DoH will change where the information is collected.

Mozilla has been working with Cloudflare, and they are likely to be the default setting, which means that when this rolls out Cloudflare will all of a sudden know an aweful lot about what is happening on the internet (they already know a lot, but will merely know more).

DoH (and DoT) support your privacy by preventing people in the middle (e.g NSA) from seeing your traffic, and potentially spoofing responses (which the NSA has done). So, it really is a SECURITY improvement with a significant privacy benefit. The bigger issue is what privacy policies the DoH resolver providers declare.

If you really want privacy, use Tor.

There are other negative impacts too. Many organisations host their own DNS resolvers and some use services like RPZ (Response Policy Zones) which detect attempts to contact know dangerous (i.e serving malware) domains and redirect people to a safe landing page. DoH will disable these defenses.

So, as with any moderately complex technology, its a mixed bag, and depends very much on how it is used.

NB: I’ve been involved with the IEFT in the discussions around the RFC’s which standardize both DoT and DoH.

Anonymous Coward says:

Re: Re:

"Google is not keeping your internet activity private. They are selling that shit as quickly as they can to advertisers. This includes your email by the way."

Let’s assume you are correct, what makes you think you will be treated any better elsewhere?
If you run your own server "they" will only see the updates your server gets and not the every day lookups – unless of course they crack the encryption – which they probably already have done so you just make it a bit more difficult for them.
Your ISP will not save you.

Ed (profile) says:

You can also implement DoTLS. Asus routers allow you to configure them for DNS-over-TLS and come preconfigured for several different providers (Google, Cloudflare, Quad9, etc.). This makes your entire home network have secure DNS, and it doesn’t have to be through Google. Google also makes Android 9 and 10 available with "Private DNS", which you can configure with your choice of DNS provider. This is essentially DoH for your phone, and is a simple setting in the network settings. Personally, I use Quad9 for all my DNS activity.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...