Comment by mixmastamyk
3 years ago
Somehow my ISP can see what I’m downloading even though I use https etc and has sent nastygrams a few times when they didn’t like what they saw.
3 years ago
Somehow my ISP can see what I’m downloading even though I use https etc and has sent nastygrams a few times when they didn’t like what they saw.
SNI isn't encrypted. They can see plaintext domain name of your https requests. Obviously, they can also see the IP you're connecting to. Maybe ECH will be rolled out at some point, and we can stop using SNI.
They knew the filename. May be a vulnerability in an external client app, not sure. Says it encrypts connections but must be leaking somehow.
Are you using torrents or something else?
If you downloaded a file over HTTPS, all they can see is the IP, domain name, and the amount of data transferred on a given connection.
If you're torrenting, you should be aware that a cross-reference between your IP and the files you're transferring is effectively public information.
Oh, how does that work? Sounds like the encrypted connection isn’t?
Trackers will share your IP with anyone who is trying to download the same file. This is more or less require in order for the protocol to work.
People/organizations run bots that pretend to be interested in popular downloads so that they can collect these IPs.