telecommunications

Hundreds of French academics sign letter asking for safeguards on contact tracing

A group of 471 French cryptography and security researchers has signed a letter to raise awareness about the potential risks of a contact-tracing app. A debate in the French parliament will take place tomorrow to talk about all things related to post-lockdown — including contact-tracing app StopCovid.

Among the group of researchers, 77 of them are affiliated with Inria, the French research institute that has been working on the contact-tracing protocol that will power the government-backed contact-tracing app, ROBERT. With this letter, it appears that Inria is conflicted about ROBERT.

“All those applications induce very important risks when it comes to protecting privacy and individual rights,” the letter says. “This mass surveillance could be done by collecting the interaction graph of individuals — the social graph. It could happen at the operating system level on the phones. Not only operating system makers could reconstruct the social graph, but the state could as well, more or less easily depending on the approaches.”

The letter also mentions a thorough analysis of centralized and decentralized implementations of contact-tracing protocols. It includes multiple attack scenarios and undermines both the DP-3T protocol as well as ROBERT.

Ahead of the debate in the French parliament tomorrow, researchers say that “it is essential to thoroughly analyze the health benefits of a digital solution with specialists — there should be important evidence in order to justify the risks incurred.”

Researchers also ask for more transparency at all levels — every technical choice should be documented and justified. Data collection should be minimized and people should understand the risks and remain free not to use the contact-tracing app.

Over the past few weeks, multiple groups of researchers in Europe have been working on different protocols. In particular, DP-3T has been working a decentralized protocol that leverages smartphones to compute social interactions. Ephemeral IDs are stored on your device and you can accept to share ephemeral IDs with a relay server to send them to the community of app users.

PEPP-PT has been backing a centralized protocol that uses pseudonymization to match contacts on a central server. A national authority manages the central server, which could lead to state surveillance if the protocol isn’t implemented properly. ROBERT is a variant of PEPP-PT designed by French and German researchers.

While the French government has always been cautious about the upsides of a contact-tracing app, there’s been little debate about the implementation. Inria, with official backing from the French government, and Fraunhofer released specifications for the ROBERT protocol last week.

Many (including me) have called out various design choices, as you have to trust your government that they’re not doing anything nefarious without telling you — a centralized approach requires a lot of faith from the end users as the government holds a lot of data about your social interactions and your health. Sure, it’s pseudonymized, but it’s not anonymized, despite what the ROBERT specification document says.

Moreover, ROBERT doesn’t leverage Apple and Google’s contact-tracing API that is in the works. France’s digital minister, Cédric O, has been trying to put some pressure on Apple over Bluetooth restrictions with a Bloomberg interview. Given that Apple and Google provide an API for decentralized implementations, they have little incentive to bow to French pressure.

On Sunday, Germany announced that it would abandon its original plans for a centralized architecture in favor of a decentralized approach, leaving France and the U.K. as the two remaining backers of a centralized approach.

France’s data protection watchdog CNIL released a cautious analysis of ROBERT, saying that the protocol could be compliant with GDPR. But it says it will need further details on the implementation of the protocol to give a definitive take on StopCovid.

The European Data Protection Supervisor (EDPS) also said on Twitter that the debate in front of the French parliament is particularly important. “Decisions will have an impact not only on the immediate future but as well on years to come,” they say.

France’s Inria and Germany’s Fraunhofer detail their ROBERT contact-tracing protocol

04.24.20 telecommunications

Deficiencies that broke FCC commenting system in net neutrality fight detailed by GAO

Today marks the conclusion of a years-long saga that started when John Oliver did a segment on Net Neutrality that was so popular that it brought the FCC’s comment system to its knees. Two years later it is finally near addressing all the issues brought up in an investigation from the General Accountability Office.

The report covers numerous cybersecurity and IT issues, some of which the FCC addressed quickly, some not so quickly, and some it’s still working on.

“Today’s GAO report makes clear what we knew all along: the FCC’s system for collecting public input has problems,” Commissioner Jessica Rosenworcel told TechCrunch . “The agency needs to fully fix this mess because this is the way the FCC is supposed to take input from the public. But as this report demonstrates, we have real work to do.”

Here’s the basic timeline of events, which seem so long ago now:

May 2017: John Oliver’s segment airs, and the next day the FCC claims it was hit by denial-of-service attacks that took down its comment system, ECFS. (In fact it was merely the sheer volume of people who wanted to share their opinion of the FCC’s plan to kill net neutrality.)
July 2017: Despite calls for details, the FCC refuses to release any details on the cyberattack, despite Congressional demands, saying the threat was “ongoing.” (Its investigations had not in fact determined malicious intent and its official account was in doubt internally from the start.)
August 2017: Congress calls for an independent investigation of the FCC’s claims and its comment system. (That’s the report released today. Also around this time another improbable “hack” was found to have (not) happened in 2014.)
October 2017: FCC’s chief information officer, David Bray, who claimed the attacks took place both in 2017 and 2014, leaves the FCC.
December 2017: The FCC votes along party lines to kill net neutrality.
June 2018: A watchdog group acquires 1,300 pages of emails, which (though very heavily redacted) show that the DDoS claims were essentially false and known to be so.
August 2018: The FCC finally admits that it was never hacked, and the next day its own internal report comes out showing that it really was just overwhelming interest from people wanting to be heard. Members of Congress accuse Chairman Ajit Pai of “dereliction of duty” in perpetuating this dangerously incorrect narrative.

Then it’s pretty quiet basically until today, when the report requested in 2017 was publicly released. A version with sensitive information (like exact software configurations and other technical information) was internally circulated in September, then revised for today’s release.

The final report is not much of a bombshell, since much of it has been telegraphed ahead of time. It’s a collection of criticisms of an outdated system with inadequate security and other failings that might have been directed at practically any federal agency, among which cybersecurity practices are notoriously poor.

Government investigation finds federal agencies failing at cybersecurity basics

The investigation indicates that the FCC, for instance, did not consistently implement security and access controls, encrypt sensitive data, update or correctly configure its servers, detect or log cybersecurity events, and so on. It wasn’t always a disaster (even well-run IT departments don’t always follow best practices), but obviously some of these shortcomings and cut corners led to serious issues like ECFS being overwhelmed.

More importantly, of the 136 recommendations made in the September report, 85 have been fully implemented now, 10 partially, and the rest are on track to be so.

That should not be taken to mean that the FCC has waited this whole time to update its commenting and other systems. In fact it was making improvements almost immediately after the event in May of 2017, but refused to describe them. Here are a few of the improvements listed in the GAO report:

Representative Frank Pallone (D-NJ), who has dogged the FCC on this issue since the beginning, issued the following statement:

I requested this report because it was clear, after the net neutrality repeal comment period debacle, that the FCC’s cybersecurity practices had failed. After more than two years of investigating, GAO agrees and found a disturbing lack of security that places the Commission’s information systems at risk… Until the FCC implements all of the remaining recommendations, its systems will remain vulnerable to failure and misuse.

You can read the final GAO report here.

Commission Impossible: How and why the FCC created net neutrality

04.16.20 telecommunications

Verizon is buying B2B videoconferencing firm BlueJeans

US carrier Verizon* has splashed out to buy veteran B2B videoconferencing platform, BlueJeans Network — shelling out less than $500 million on the acquisition, according to the Wall Street Journal which first reported the news.

A Verizon spokeswoman confirmed to TechCrunch that the price-tag is sub-$500M but did not provide a more exact figure. Videoconferencing platform Blue Jeans has raised ~$175M since being founded around a decade ago, per Crunchbase, with US investor NEA leading a Series E round back in 2015.

In a press release announcing the deal, Verizon said it has entered into a definitive agreement to acquire the enterprise-grade videoconferencing and event platform in order to expand its “immersive unified communications portfolio”.

“Customers will benefit from a BlueJeans enterprise-grade video experience on Verizon’s high-performance global networks. In addition, the platform will be deeply integrated into Verizon’s 5G product roadmap, providing secure and real-time engagement solutions for high growth areas such as telemedicine, distance learning and field service work,” it wrote.

“As the way we work continues to change, it is absolutely critical for businesses and public sector customers to have access to a comprehensive suite of offerings that are enterprise ready, secure, frictionless and that integrate with existing tools,” added Tami Erwin, CEO of Verizon Business, in a supporting statement. “Collaboration and communications have become top of the agenda for businesses of all sizes and in all sectors in recent months. We are excited to combine the power of BlueJeans’ video platform with Verizon Business’ connectivity networks, platforms and solutions to meet our customers’ needs.”

The acquisition comes at a time when videoconferencing is seeing a massive uptick in usage as white collar workers around the world log on to meetings from home during the coronavirus pandemic.

Although it’s BlueJeans’ rival, Zoom, that’s been the most high profile name linked to the viral videoconferencing boom in recent weeks. The latter recently revealed that daily meeting participants on its platform jumped from a modest 10M in December to 200M in March.

However such booming growth and consumer usage has brought increased scrutiny for Zoom — leading to a spate of warnings (and even some bans), related to security and privacy concerns. And earlier this month the company said it would freeze product dev to focus on the laundry list of issues that have surfaced as users have piled in and kicked its tires, taking a little of the shine off of surging growth.

On the sheer usage front BlueJeans is certainly small fish in comparison to Zoom — having remained b2b focused. A BlueJeans spokeswoman told us it has more than $100M ARR and over 15,000 customers at this point. (Some notable users include Facebook and Disney.)

But it’s paying users that are likely of most interest to Verizon, hence talk of telemedicine, distance learning and field service work — areas ripe for coronavirus-accelerated digitization. Carriers generally, meanwhile, haven’t been able to translate increased usage during the pandemic into a revenue growth story — as a result of a combination of fixed costs, debt and market disruption that’s been hitting their shares during the coronavirus crisis, per Reuters. Bolting on more b2b tools looks to be one way of growing network revenues.

“The combination of BlueJeans’ world class enterprise video collaboration platform and trusted brand with Verizon Business’ next generation edge computing innovation will deliver highly differentiated and compelling solutions to our joint customers,” said Quentin Gallivan, BlueJeans CEO, in a statement. “We are very excited about joining the Verizon team and we truly believe the future of business communications starts today!”

Verizon said today that said BlueJeans founders and “key management” will join the company as part of the acquisition, with BlueJeans employees set to become Verizon employees immediately following the close of the deal — which is expected in the second quarter, pending customary closing conditions.

BlueJeans co-founder Krish Ramakrishnan has a history of exits, selling a couple of his previous startups to networking giant Cisco — where he has also worked, in between spinning out his own companies.

*Disclosure: Verizon is also TechCrunch’s parent company

04.13.20 telecommunications

SoftBank expects $24 billion in losses from Vision Fund, WeWork and OneWeb investments

The Japanese technology conglomerate SoftBank Group said it would lose a staggering $24 billion on investments made through its Vision Fund and bets on the co-working real estate company WeWork and satellite telecommunications company OneWeb.

Ultimately, the company expects the losses to help generate a $7 billion total loss for the technology giant for the year as its ambitious bets on early-stage companies come up short.

Over the past two years SoftBank and its founder Masayoshi Son have staked billions of (other people’s) dollars and its own fortunes on a vision that investments in machine learning technologies, robotics and next-generation telecommunications would reap hundreds of billions in financial rewards.

While that was the vision that Son and his team sold, the reality was multiple billions of dollars invested into real estate investment plays like WeWork, OpenDoor and Compass, and companies with direct-to-consumer merchandising plays like Brandless, pet supply businesses like Wag and the food delivery business DoorDash. Add the hotel chain Oyo to the mix and the investment selection from the Vision Fund looks even less visionary.

Over the past year, several of its investments ran aground. Though none of them imploded as spectacularly as WeWork — whose valuation was slashed from more than $40 billion to around $8 billion — many have struggled.

Brandless went bust earlier this year, and real estate investments in Compass along with investments in travel and tourism-related businesses like Oyo have suffered in the wake of the COVID-19 outbreak, which has shuttered economies around the world.

While many SoftBank and SoftBank Vision Fund bets were made into companies that have failed, seem to be on that path or perhaps may struggle in the economic downturn, not every wager is a clunker. The Vision Fund put lots of capital into Slack before it went public, and the company has caught a huge tailwind in the remote-work boom that we’re currently seeing in light of COVID-19.

Perhaps the most visionary of the SoftBank investments (and one not included in the Vision Fund), OneWeb, too, collapsed under the weight of its own capital-intensive vision for a network of satellites providing high-speed global telecommunications services. Zume, SoftBank’s robotic pizza delivery business, also folded.

The only reason all of these gambles haven’t completely destroyed SoftBank is that the company still has a cash cow in its Alibaba stake and a relatively strong core business in telecommunications and semiconductor holdings.

“The difference in income before income tax is, in addition to the above, mainly due to the expected recording of non-operating loss totaling approximately JPY 800 billion for fiscal 2019 on investments held outside of SoftBank Vision Fund, including The We Company (WeWork) and WorldVu Satellites Limited (OneWeb),” the company said in a statement. “This will be partially offset by the gain relating to the settlement of variable prepaid forward contract using Alibaba shares recorded in the first quarter of fiscal 2019 and the dilution gain from changes in equity interest in Alibaba recorded in the third quarter of fiscal 2019, as well as an expected year-on-year increase in income on equity method investments related to Alibaba.”

Ultimately, it seems that Son was too enamored of the mythology he’d created around himself as a maverick and a visionary. To the detriment of his company’s outside shareholders and investors.

As Bloomberg noted in an op-ed earlier today:

Son’s insistence that startups grow faster than their founders planned, and strong-arm them into taking more money than they might have wanted, has turned into a burden. And that’s become a huge liability to investors in the Vision Fund and SoftBank, too.

By throwing cash around, dozens of startups became addicted to spending instead of building fiscal discipline into their business models. For years, it seemed like a sound strategy. By having more money than rivals, SoftBank-backed companies could win market share by offering bigger incentives, taking out more ads and luring the best talent.

Today, SoftBank has a major stake in sector leaders like Uber Technologies Inc., WeWork, Grab Holdings Inc. and Oyo. But climbing to number one doesn’t mean being profitable.

04.11.20 telecommunications

Google starts highlighting virtual care options in Search and Maps

The COVID-19 pandemic has put a spotlight on virtual care options as both doctors and patients try to reduce in-person visits for routine care as much as possible. Patients aren’t always aware of what’s available to them, though, so over the course of the next two weeks, Google will roll out new features in Search and Maps that will highlight telehealth options.

Hospitals, doctors and mental health professionals can now add details about their virtual care offerings to their Business Profile in Search and Maps, for example. When a patient then searches for them, they’ll see a “get online care” link that will take them to their provider’s website with more information.In the U.S., Google will also start showing virtual care platforms when people use search queries like “immediate care.” The search results page will now highlight both in-person and virtual care options, something that wasn’t previously the case. Uninsured users will also see more details about out-of-pocket prices for their visits.

In addition, Google will now also automatically try to surface a link to a healthcare provider’s COVID-19 page, where they can highlight their own policies for walk-in visits or updates to their operating hours, for example.

04.09.20 telecommunications

France is officially working on Stop Covid contact-tracing app

France’s health minister Olivier Véran and digital minister Cédric O have officially announced that the French government is working on a smartphone app to slow the spread of COVID-19. The government is putting a stamp of approval on the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) project but remains cautious about what to expect from an app.

Using mobile apps to track the coronavirus is a sensitive issue in Europe. Dozens of nonprofit organizations have written a common statement urging governments to respect human rights.

They fear that governments could use this opportunity to enforce far-reaching surveillance measures that don’t comply with the regulatory framework and that remain in place after the coronavirus crisis. The European Commission reminded governments that they should implement “appropriate safeguards” as EU citizens are not going to trust contact-tracing apps if they don’t treat personal information appropriately.

That’s probably why the government is preventively trying to reassure people before releasing the Stop Covid app. According to a statement, the Ministry for the Digital Sector says that it is working with the Health Ministry, the Justice Ministry and the Ministry of Higher Education, Research and Innovation to coordinate tech-based initiatives.

Led by Germany’s Fraunhofer Heinrich Hertz Institute for telecoms (HHI), the PEPP-PT project that was unveiled last week is a coalition of dozens of research institutions across multiple countries. France’s INRIA is a member of the PEPP-PT and the French government is willing to collaborate with the INRIA as part of the PEPP-PT effort.

They’re working on an open standard to develop contact-tracing apps. Those apps would rely on Bluetooth Low Energy to identify other phones running the same app. If, at some point, you are near an infected person, you would be notified.

And the French government says that there will be an app specifically designed to track people living in France. That app will leverage the PEPP-PT protocol.

People in favor of contact-tracing apps say that it would help break infection chains if you combine those apps with proactive tests and self-isolations.

In an interview with Le Monde, Cédric O and Olivier Véran detailed the effort. France isn’t going to force you to install the app and “Stop Covid” is only going to use Bluetooth. A prototype is in the works, but it’s going to take three to six weeks to develop.

Even then, the French government might not even release the app. “We’re not sure that we can overcome all the technical difficulties because Bluetooth hasn’t been designed to measure the distance between individuals. We will decide later if it would be useful to roll out such an application or not,” Cédric O told Le Monde .

When it comes to privacy, Cédric O says the app will be open-source and France’s privacy watchdog the CNIL will have a say. We’ve reached out to the CNIL for comment but the agency said it was too early to comment.

More importantly, details are still thin on the implementation of the PEPP-PT protocol in France. Privacy experts are debating the design of the system. Some argue that it should be as decentralized as possible. Smartphones should keep a log of your social interactions (via ephemeral Bluetooth identifiers). Your phone would regularly fetch a list of infected ephemeral Bluetooth identifiers and do the heavy lifting.

The PEPP-PT project currently supports centralized and decentralized approaches, which means that governments have to decide on an implementation. In a centralized system, a server would assign each user an anonymized identifier and collect data about your social interactions. Each user would be able to fetch the status of its identifier to check whether they’ve been potentially infected or not. It creates a single point of failure and presents risks if someone is able to match anonymized identifiers with real names.

EU privacy experts push a decentralized approach to COVID-19 contacts tracing

The Ministry for the Digital Sector also detailed how France is leveraging tech in general to understand the coronavirus outbreak, improve COVID-19 treatments and plan the end of the lockdown in France.

In addition to the app that is currently in the works, the French government has rolled out an official website to inform people, is encouraging telemedicine services to treat patients (such as Covidom from public hospitals in Paris), is mining aggregated data from telecom companies to understand how people move around the country and is leveraging machine learning on big data to forecast the coronavirus outbreak.

04.01.20 telecommunications

Microsoft launches Edge Zones for Azure

Microsoft today announced the launch of Azure Edge Zones, which will allow Azure users to bring their applications to the company’s edge locations. The focus here is on enabling real-time low-latency 5G applications. The company is also launching a version of Edge Zones with carriers (starting with AT&T) in preview, which connects these zones directly to 5G networks in the carrier’s data center. And to round it all out, Azure is also getting Private Edge Zones for those who are deploying private 5G/LTE networks in combination with Azure Stack Edge.

In addition to partnering with carriers like AT&T, as well as Rogers, SK Telecom, Telstra and Vodafone, Microsoft is also launching new standalone Azure Edge Zones in more than 10 cities over the next year, starting with LA, Miami and New York later this summer.

“For the last few decades, carriers and operators have pioneered how we connect with each other, laying the foundation for telephony and cellular,” the company notes in today’s announcement. “With cloud and 5G, there are new possibilities by combining cloud services, like compute and AI with high bandwidth and ultra-low latency. Microsoft is partnering with them bring 5G to life in immersive applications built by organization and developers.”

This may all sound a bit familiar, and that’s because only a few weeks ago, Google launched Anthos for Telecom and its Global Mobile Edge Cloud, which at first glance offers a similar promise of bringing applications close to that cloud’s edge locations for 5G and telco usage. Microsoft argues that its offering is more comprehensive in terms of its partner ecosystem and geographic availability. But it’s clear that 5G is a trend all of the large cloud providers are trying to tap into. Microsoft’s own acquisition of 5G cloud specialist Affirmed Networks is yet another example of how it is looking to position itself in this market.

As far as the details of the various Edge Zone versions go, the focus of Edge Zones is mostly on IoT and AI workloads, while Microsoft notes that Edge Zones with Carriers is more about low-latency online gaming, remote meetings and events, as well as smart infrastructure. Private Edge Zones, which combine private carrier networks with Azure Stack Edge, is something only a small number of large enterprise companies would likely to look into, given the cost and complexity of rolling out a system like this.

Google Cloud goes after the telco business with Anthos for Telecom and its Global Mobile Edge Cloud

Microsoft acquires 5G specialist Affirmed Networks

09.02.19 telecommunications

13 ways to screw over your internet provider

Internet providers are real bastards: they have captive audiences whom they squeeze for every last penny while they fight against regulation like net neutrality and donate immense amounts of money to keep on lawmakers’ good sides. So why not turn the tables? Here are 13 ways to make sure your ISP has a hard time taking advantage of you (and may even put it on the defensive).

Disclosure: Verizon, an internet provider guilty of all these infractions, owns TechCrunch, and I don’t care.

1. Buy a modem and router instead of renting

The practice of renting a device to users rather than selling it or providing it as part of the service is one of the telecommunications industry’s oldest and worst. People pay hundreds or even thousands of dollars over years for equipment worth $40 or $50. ISPs do this with various items, but the most common item is probably the modem.

This is the gadget that connects to the cable coming out of your wall, and then connects in turn (or may also function as) your wireless and wired router. ISPs often provide this equipment at the time of install, and then charge you $5 to $10 per month forever. What they don’t tell you is you can probably buy the exact same item for somewhere between $30 and $100.

The exact model you need will depend on your service, but it will be listed somewhere, and they should tell you what they’d provide if you ask. Look online, buy a new or lightly used one, and it will have paid for itself before the year is out. Not only that, but you can do stuff like upgrade or change the software on it all you want, because it’s yours. Bonus: The ISP is limited in what it can do to the router (like letting other people connect — yes, it’s a thing).

2. Avoid service calls, or if you can’t, insist they’re free

I had an issue with my Comcast internet a while back that took them several visits from a service tech to resolve. It wasn’t an issue on my end, which was why I was surprised to find they’d charged me $30 or so every time the person came.

If your ISP wants to send someone out, ask whether it’s free, and if it isn’t, tell them to make it free or ask if you can do it yourself (sometimes it’s for really simple stuff like swapping a cable). If they charge you for a visit, call them and ask them to take it off your bill. Say you weren’t informed and you’ll inform the Better Business Bureau about it, or take your business elsewhere, or something. They’ll fold.

When someone does come…

3. Get deals from the installer

If you do end up having someone come out, talk to them to see whether there are any off the record deals they can offer you. I don’t mean anything shady like splitting cables with the neighbor, just offers they know about that aren’t publicized because they’re too good to advertise.

A lot of these service techs are semi-independent contractors paid by the call, and their pay has nothing to do with which service you have or choose. They have no reason to upsell you and every reason to make you happy and get a good review. Sometimes that means giving you the special desperation rates ISPs withhold until you say you’re going to leave.

And as long as you’re asking…

4. Complain, complain, complain

This sounds bad, but it’s just a consequence of how these companies work: The squeaky wheels get the grease. There’s plenty of grease to go around, so get squeaking.

Usually this means calling up and doing one of several things. You can complain that service has been bad — outages and such — and ask that they compensate you for that. You can say that a competing ISP started offering service at your location and it costs $20 less, so can they match that. Or you can say your friend just got a promotional rate and you’d like to take advantage of it… otherwise you’ll leave to that phantom competitor. (After all, we know there’s often little or no real competition.)

What ISPs, and, more importantly, what their customer service representatives care about is keeping you on as a customer. They can always raise rates or upsell you later, but having you as a subscriber is the important thing.

Note that some reps are more game than others. Some will give you the runaround, while others will bend over backwards to help you out. Feel free to call a few times and do a bit of window shopping. (By the way, if you get someone nice, give them a good review if you get the chance, usually right after the call or chat. It helps them out a lot.) Obviously you can’t call every week with new demands, so wait until you think you can actually save some money.

Which reminds me…

5. Choose your service level wisely

ISPs offer a ton of choices, and make it confusing on purpose so you end up picking an expensive one just to be sure you have what you need. The truth is most people can probably do pretty much everything they need on the lowest tier they offer.

A 1080p Netflix stream will work fine on a 25 Mbps connection, which is what I have. I also work entirely online, stream high-def videos at a dozen sites all day, play games, download movies and do lots of other stuff, sometimes all at the same time. I think I pay $45 a month. But rates like mine might not be advertised prominently or at all. I only found out when I literally asked what the cheapest possible option was.

That said, if you have three kids who like to watch videos simultaneously, or you have a 4K streaming setup that you use a lot, you’ll want to bump that up a bit. But you’d be surprised how seldom the speed limit actually comes into play.

To be clear, it’s still important that higher tiers are available, and that internet providers upgrade their infrastructure, because competition and reliability need to go up and prices need to come down. The full promise of broadband should be accessible to everyone for a reasonable fee, and that’s still not the case.

6. Stream everything because broadcast TV is a joke

Cord-cutting is fun. Broadcast TV is annoying, and getting around ads and air times using a DVR is very 2005. Most shows are available on streaming services of some kind or another, and while those services are multiplying, you could probably join all of them for well under what you’re paying for the 150 cable channels you never watch.

Unless you really need to watch certain games or news shows as they’re broadcast, you can get by streaming everything. This has the side effect of starving networks of viewers and accelerating the demise of these 20th-century relics. Good ones will survive as producers and distributors of quality programming, and you can support them individually on their own merits. It’s a weird transitional time for TV, but we need to drop-kick them into the future so they’ll stop charging us for a media structure established 50 years ago.

Something isn’t available on a streaming service? 100 percent chance it’s because of some dumb exclusivity deal or licensing SNAFU. Go pirate it for now, then happily pay for it as soon as it’s made available. This method is simple for you and instructive for media companies. (They always see piracy rates drop when they make things easy to find and purchase.)

This also lets you avoid certain fees ISPs love tacking onto your bill. I had a “broadcast TV fee” on my bill despite not having any kind of broadcast service, and I managed to get it taken off and retroactively paid back.

On that note…

7. Watch your bill like a hawk

Telecoms just love putting things on your bill with no warning. It’s amazing how much a bill can swell from the quoted amount once they’ve added all the little fees, taxes and service charges. What are they, anyway? Why not call and ask?

You might find out, as I did, that your ISP had “mistakenly” been charging you for something — like equipment — that you never had nor asked for. Amazing how these lucrative little fees tend to fall through the cracks!

Small charges often increase and new ones get added as well, so download your bill when you get it and keep it somewhere (or just keep the paper copies). These are really handy to have when you’re on the phone with a rep. “Why wasn’t I informed my bill would increase this month by $50?” “Why is this fee more now than it was in July?” “Why do I pay a broadcast fee if I don’t pay for TV?” These are the types of questions that get you discounts.

Staying on top of these fees also means you’ll be more aware when there are things like mass refunds or class action lawsuits about them. Usually these have to be opted into — your ISP isn’t going to call you, apologize and send a check.

As long as you’re looking closely at your bill…

8. Go to your account and opt out of everything

When you sign up for broadband service, you’re going to get opted into a whole heap of things. They don’t tell you about these, like the ads they can inject, the way they’re selling this or that data or that your router might be used as a public Wi-Fi hotspot.

You’ll only find this out if you go to your account page at your ISP’s website and look at everything. Beyond the usual settings like your address and choice of whether to receive a paper bill, you’ll probably find a few categories like “privacy” and “communications preferences.”

Click through all of these and look for any options to opt out of stuff. You may find that your ISP has reserved the right to let partners email you, use your data in ways you wouldn’t expect and so on. It only takes a few minutes to get out of all this, and it deprives the ISP of a source of income while also providing a data point that subscribers don’t like these practices.

9. Share your passwords

Your friend’s internet provider gets him streaming services A, B and C, while yours gives you X, Y and Z. Again, this is not about creators struggling to get their content online, but rather all about big media and internet corporations striking deals that make them money and harm consumers.

Share your (unique, not reused!) passwords widely and with a clean conscience. No company objects when you invite your friends over to watch “Fleabag” at your house. This just saves everyone a drive!

10. Encrypt everything and block trackers

One of the internet companies’ many dirty little deals is collecting and selling information on their customers’ watching and browsing habits. Encrypting your internet traffic puts the kibosh on this creepy practice — as well as being good security.

This isn’t really something you can do too much to accomplish, since over the last few years encryption has become the rule rather than the exception, even at sites where you don’t log in or buy anything. If you want to be sure, download a browser plug-in like HTTPS everywhere, which opts you into a secure connection anywhere it’s available. You can tell it’s secure because the URL says “https://” instead of “http://” — and most browsers have other indicators or warnings as well.

You should also use an ad blocker, not necessarily to block ads that keep outlets like TechCrunch alive (please), but to block trackers seeded across the web by companies that use sophisticated techniques to record everything you do. ISPs are among these and/or do business with them, so everything you can do to hinder them is a little mud in their eye.

Incidentally there are lots of ways you can protect your privacy from those who would invade it — we’ve got a pretty thorough guide here.

11. Use a different DNS

Bryce Durbin / TechCrunch

On a similar note, most ISPs will usually be set up by default with their own “Domain Name Service,” which is the thing that your browser pings to convert a text web URL (like “techcrunch.com”) to its numerical IP address.

There are lots of these to choose from, and they all work, but if you use your ISP’s, it makes it much easier for them to track your internet activity. They also can block certain websites by refusing to provide the IP for content they don’t like.

TechCrunch doesn’t officially endorse one, but lots of companies offer free, fast DNS that’s easy to switch to. Here’s a good list; there are big ones (Google, Cloudflare), “open” ones (OpenDNS, OpenNIC) and others with some niche features. All you need to do is slot those two numbers into your internet configuration, following the instructions they provide. You can change it back at any time.

Setting up a VPN is another option for very privacy-conscious individuals, but it can be complicated. And speaking of complicated…

12. Run a home server

This is a bit advanced, but it’s definitely something ISPs hate. Setting up your home computer or a dedicated device to host a website, script or service seems like a natural use of an always-on internet connection, but just about everyone in the world would rather you sign up for their service, hosted on their hardware and their connection.

Well, you don’t have to! You can do it on your own. Of course, you’ll have to learn how to run and install a probably Unix-based server, handle registry stuff, install various packages and keep up to date so you don’t get owned by some worm or bot… but you’ll have defied the will of the ISP. That’s the important thing.

13. Talk to your local government

ISPs hate all the things above, but what they hate the most by far is regulation. And you, as a valued citizen of your state and municipality, are in a position to demand it. Senators, representatives, governors, mayors, city councils and everyone else actually love to hear from their constituency, not because they desire conversation but because they can use it to justify policy.

During the net neutrality fight, a constant refrain I heard from government officials was how much they’d heard from voters about the issue and how unanimous it was (in support, naturally). A call or email from you won’t sway national politics, but a few thousand calls or emails from people in your city just might sway a local law or election. These things add up, and they do matter. State net neutrality policies are now the subject of national attention, and local privacy laws like those in Illinois are the bane of many a shady company.

Tell your local government about your experience with ISPs — outages, fees, sneaky practices or even good stuff — and they’ll file it away for when that data is needed, such as renegotiating the contracts national companies sign with those governments in order to operate in their territories.

Internet providers only do what they do because they are permitted to, and even then they often step outside the bounds of what’s acceptable — which is why rules like net neutrality are needed. But first people have to speak out.

08.30.19 telecommunications

US cell carriers team up to combat robocalls but no deadline set

Twelve cell carriers, including the four largest — AT&T, Sprint, T-Mobile and Verizon — have promised to make efforts to prevent spoofed and automated robocalls.

Announced Thursday, the pledge comes after 51 U.S. attorneys general brokered a deal that would see the telecom giants roll out anti-robocalling technologies, including a way of cryptographically signing callers to wipe out phone number spoofing. Known as STIR/SHAKEN, the system relies on every customer phone number having a unique digital signature which, when checked against the cell networks, validates that a caller is real. The carrier near-instantly invisibly approves the call and patches it through to the recipient.

Robocalls are illegal, but are a billion-dollar industry. Many of these automated, robot-dialed calls imitate a cell number area code to convince unsuspecting victims into picking up the phone. Often robocalls try to sell products they don’t need — or worse, try to con victims out of cash.

The hope is that STIR/SHAKEN would weed out most robocalls. The system would verify real callers while the billions of illegal or spoofed robocalls made every year would fail.

So far to date, AT&T and Comcast have tested the new anti-robocalling system, and AT&T and T-Mobile have also teamed up to use the technology to fight robocalls. But the system works best when every carrier uses the technology, allowing calls to be checked even as they traverse between networks. By getting Verizon (which owns TechCrunch), Sprint and the other cell giants on board, the attorneys general hope the cooperation will vastly reduce the number of robocalls each year.

CenturyLink, Charter and U.S. Cellular have also signed up to the pledge.

There’s a catch: No deadline was set, allowing the carriers to take as long as necessary to roll out the technology. That may not be good news for those seeking immediate relief. Although all of the major networks have already made some progress in testing the new anti-robocalling system, few have said exactly when their service will be ready to roll out to consumers across the country.

The Washington Post first reported the news ahead of Thursday’s announcement.

The pledge comes just weeks after the Federal Trade Commission and the Justice Department took coordinated action against close to a hundred individuals and companies accused of making more than a billion illegal robocalls.

How to stop robocalls spamming your phone

08.27.19 telecommunications

T-Mobile hit by hours-long nationwide outage

T-Mobile customers across the U.S. said they couldn’t make calls or send text messages following an outage.

We tested with a T-Mobile phone in the office. Both calls to and from the T-Mobile phone failed. When we tried to send a text message, it said the message could not be sent. Access to mobile data appeared to be unaffected.

The outage began around 6pm ET.

Users took to social media to complain about the outage. Users across the U.S. said they were affected. A T-Mobile support account said the cell giant “engaged our engineers and are working on a resolution.”

In a tweet two hours into the outage, chief executive John Legere acknowledged the company was struggling to get back online but noted that the company had “already started to see signs of recovery.”

By 10:34pm ET, the issue had been resolved, tweeted T-Mobile chief technology officer Neville Ray, without saying what caused the four-hour long outage.

T-Mobile is the third largest cell carrier after Verizon (which owns TechCrunch) and AT&T. The company had its proposed $26.5 billion merger with Sprint approved by the Federal Communications Commission, despite a stream of state attorneys general lining up to block the deal.

Updated with acknowledgement by chief executive John Legere, and later from Neville Ray.