cross-posted from: https://covert.nexus/post/27235
The FTC released a staff report in 2021 analyzing the privacy practices of six major U.S. Internet Service Providers. The report found that these ISPs collect as much, if not more, data on their customers’ browsing habits than popular advertisers like Google and Facebook. Additionally, some of these ISPs either operate their own advertising businesses or sell the data to third parties, such as the NSA.
Facebook internal documents from their current lawsuit discovery process. Facebook call this project ghostbuster:
https://www.documentcloud.org/documents/24520332-merged-fb
https://mashable.com/article/facebook-snapchat-data-project-ghostbusters-mark-zuckerberg
Mental Outlaw briefly outlines how the mitm attack works without alerting the browser of bad certs:
https://www.youtube.com/watch?v=WkLvpxImRGw&t=30
Your ISP doing a mitm attack would be multi-step and unlikely, but not impossible. The most likely use case would probably be the involvement of the federal government or bad actors who have compromised a CA, which has happened in the past:
https://en.m.wikipedia.org/wiki/Kazakhstan_man-in-the-middle_attack
https://blog.mozilla.org/security/2015/03/23/revoking-trust-in-one-cnnic-intermediate-certificate/
https://security.googleblog.com/2015/09/improved-digital-certificate-security.html?m=1
For a malicious ISP to try to intercept traffic on it’s own, I imagine an attack like this would be used:
https://techgenix.com/understanding-man-in-the-middle-attacks-arp-part4/
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=WkLvpxImRGw&t=30
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.