Metadata retention

I thought there was already a thread on that issue. Evidently not - or at least I can’t find it.

The monster is spreading - seeping into new crannies. The more skillful can get around such surveillance. MAC addresses can be falsified, for instance. Of course, if you have nothing to hide, you have nothing to fear. :roll_eyes:


As far as I know nothing particular as a Metadata topic but it is mentioned many times in other threads. I am hesitant to move your thread at the moment but you might instead like to check out this one I link to at least and see if your topic may fit in there:

There are others you could search just on metadata and you will get a few hits. Let us know if you want it moved to another…please note @BrendanMays or another moderator may move it in the meantime if they find a better fit.


I was sure I’d seen metadata retention discussed at length. Maybe it was off-topic for the thread. Maybe it was another forum entirely. Anyway, the scope does seem to be growing. Looks like needing a thread all of its own.


Just don’t mention Dutton! Retention of a different type? :wink:

The community did touch on concerns around the legislation and broader issues arising.


As examples…

The legislation intrudes into nearly every aspect of private life. More so once you enable certain mobile apps that secretly report your location and status.


Looks like its time to disallow location info, and to get a VPN which is active 24/7.


The legal profession seems to be concerned:


What can I say? We have a parliament that seems to be happy to destroy this country in order to protect this country from terr’ism.

They can be but I wouldn’t use the word “falsified” as there are some technologies that require the MAC address to be altered.

Also worth noting: (a good idea badly implemented)


Or is it the parliament acting to protect itself from another vision, greater shared public knowledge and alternate opinions?


I am doing some reading here:

Whilst one cannot be totally anonymous, a good VPN which will not cave in to threats is worth having. Also, one which is not part of the 5/9/14 Eyes …


I’m having some difficulty deciding just who the terrorists are. :expressionless:


A fair point. As the definition of security broadens, so does the definition of terrorist.

1 Like

That article subheading does not match the body of the article. The body of the article says “IP addresses and port numbers”. The ignorami in parliament wouldn’t know the difference anyway. They will do whatever Home Affairs tells them to.

It doesn’t make clear whether that is talking about “source” or “destination” but if “destination”, which is my assumption, I believe the government specifically said that they would not do that. So unlike the government to lie. Scope creepy.


From the article:


Indeed. Thankfully people now rarely need to route IP, Appletalk, DECnet, IPX and Apollo Domain on the same network - no BIA is sacred then …

In Linux in the early days at a certain large multi, I recall adjusting the MAC address of Linux system we were using to de:ad:be:ef:fe:ed (or in Cisco speak dead.beef.feed, which makes it a little more obvious :wink: )

So it’s not falsified, it’s a ‘feature’ …


Got a VPN and I am not sure that is even secure in hiding anything. But t gives you a sense of not being snooped on. THEY have ways and means to detect VPN and I am sure THEY can go around it. Any thoughts on that one?

1 Like

If you use a standard HTTPS TCP port setting with your VPN it can look like normal HTTPS traffic (port 443). Not all VPN support this method. Most often you see UDP traffic. L2TP is on UDP on ports 500 , 1701 & 4500, PPTP uses TCP port 1723 & IKEv2 uses UDP on port 500. As many of these ports are VPN specific they can see that you have VPN traffic but if you use good security practices eg not letting anyone copy your private keys (protect your credentials by not sharing personal access) then you can be fairly sure your traffic remains encrypted on it’s journey.

Using ports used for other common traffic helps obscure that you are using a VPN, that is they may see encrypted traffic but it looks like it is just normal traffic to places like your bank.

Then there are those VPNs who retain logs, are based in countries who belong to the “Eyes”, or are just sloppy and these while the traffic will be encrypted are still able to be used to find out where and what you have been doing.


Mine does not at all retain any logs. It is registered in the Virgin Islands and I have been using it for years. I find it extremely reliable and private. But one hears so many rumors about the long arm or bionic eyes of the government that one has doubts. The next I want to do is to format my router/modem with it. I have thinking about that for yonks and never got to it. But will look into it in the next few days
Thanks for your input. My VPN is: Express VPN and I do not have any interest or shares in this company.


That is of course a question of trust. You don’t actually know that and you have no way of knowing that. But let’s assume that it is correct …

I would be asking though where the VPN endpoint servers are, not where the company is registered.

You are nearly always better off using a VPN than not using a VPN, for every privacy purpose not just for the purpose of privacy protection against metadata retention.

“They” can always detect that you are using a VPN. Even if using port 443 for the VPN, it isn’t you connecting to your bank because it is you connecting to a known VPN endpoint server. (I would suggest, for example, that if you are inside China then you would have to use an unknown VPN service, such as one that you set up for yourself, and use port 443.)

The traffic can always be intercepted on the other side of the VPN, in particular if the traffic is not end-to-end secure but is being sent via the VPN. So regardless of whether you use a VPN, you should wherever possible use end-to-end encryption (e.g. connect to secure https:// web sites in preference to http:// web sites and e.g. enable TLS or SSL with your mail provider if that is an option).

Choose your mail provider carefully (as your mail provider is itself potentially subject to privacy-fail legislation).

Some data goes into metadata retention even when using a VPN e.g. if you were on a mobile device, your physical location, the details of the device (make, model, IMEI, …). Creepy much.

“They” can compromise the device that you are using to access the internet, in which case neither end-to-end encryption nor VPN achieves anything.

This is all worst case scenario. If it all applies to you then you are probably wasting valuable time. :slight_smile:

1 Like

ExpressVPN, Nord, and ProtonVPN are the only ones I would really consider. Nord has had a special on lately, 3 years for a $118, but it was supposed to expire yesterday. I’ve used Nord before and found it quite good, if a bit expensive (Express and Proton are more so) but I couldnt afford it this fortnight. If they do another special I may get it again.

Currently I have Ivacy (got a lifetime licence via and the offer is running again at the moment) which is centred in Singapore but I think they are connected with anotehr company thats not so reliable. That said, Singapore is only peripherally related to the eyes countries, and since I dont do anything weird, I’ll probably keep using it. It works.

1 Like

Have you checked That One Privacy Site? It has extremely detailed comparisons of 185 (so far) VPN providers and their security/privacy policies and settings. Ivacy is Hong Kong-based according to TOPS, so not five or fourteen eyes - but…

NordVPN is Panamanian, so unless a disgruntled employee publishes all of their legal documents you should have privacy - at least from the jurisdiction perspective.

You also need to know whether your VPN leaks your IP or fails to tunnel your DNS requests, or has other nasty surprises. There are quite a few providers of DNS over HTTPS or DNSSEC, so you want to make sure your system is not just defaulting to your ISP’s DNS server.