 ilagoPremium
join:2005-06-28
Australia | Study Finds ISPs Fiddled with Web Pages quote:
About one percent of the Web pages being delivered on the Internet are being changed in transit, sometimes in a harmful way, according to researchers at the University of Washington.
In a paper, set to be delivered Wednesday, the researchers document some troubling practices. In July and August they tested data sent to about 50,000 computers and discovered that a small number of Internet service providers (ISPs) were injecting ads into Web pages on their networks. They also found that some Web browsing and ad-blocking software was actually making Web surfing more dangerous by introducing security vulnerabilities into pages.
From here »www.pcworld.com/businesscenter/a···nds.html
Copy of University of Washington paper here - direct pdf link
»www.cs.washington.edu/research/s···2008.pdf |
|
|
|
 rawwhidePremium
join:2000-09-03
The Sticks | WoW. To think that your very own ISP could inject ads into the pages you view is kinda scary. What else will they start injecting, scripts? None of the larger IPS's were named, but I could see those greedy CEO's of larger ISP's contemplating the idea. I could see them scratch their head and rub their chin wondering if the ad revenue would be worth the users that left if the practice made headlines in the news.
--
Tin-Foilers Union of America!!
Tin-Foilers Union Local 101... |
|
| reply to ilago
This is so wrong. Why is the internet experience so subject to invasion of personal communications? No one would think of changing your phone calls, no one opens your mail and puts ads in with your letter. The technology is moving faster than the laws can keep up with, and there is always someone waiting to push the edge of what is legal to make a few bucks. |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 | reply to ilago
It's time to use end-to-end encryption all the time, I think. |
|
| Perhaps we can convince Justin to start a proxy service that we can trust. Then we can all be encrypted past our own ISP's, even for pages that don't offer SSL. We would still be at the mercy of Justin's ISP, but I would imagine a fat business line would be treated with a bit more respect. |
|
 koma3504AdvocatePremium
join:2004-06-22
North Richland Hills, TX | reply to ilago
Seems to me there needs to be a new 3 or 4 letter agency.
how about IPAS Internet protection association service. |
|
 EGeezerSummertimePremium
join:2002-08-04
Midwest
kudos:7
 ·Callcentric
| reply to ilago
I believe that happened with Prodigy in the early years, as well as NetZero, which used to be free in exchange for injecting ads into pages and emails.
This is a creeping phenomenon. First, put ads into free services, with paid access being ad-free. Then put ads into paid services and offer a "gold" or "Platinum" service that doesn't muck with your traffic. Just wait - you'll see ATT, Comcast, Earthlink, Charter et al offering "gold" access for ad-free protocol neutral bandwidth - for an increased price.
Then the cycle will start again.
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... ) |
|
SUMwarePremium
join:2002-05-21
kudos:2 | reply to ilago
Internet Explorer Vulnerability Great read. Thanks.
Is the following fixed yet?
From the above linked pdf:
»www.cs.washington.edu/research/s···2008.pdf quote:
Internet Explorer Vulnerability. IE injects a "Mark of the Web" into pages that it saves to disk, consisting of an HTML comment with the page's URL [28]. This comment is vulnerable to similar attacks as Ad Muncher and Proxomitron [We reported these vulnerabilities to the developers of Ad Muncher and the Proxomitron filter sets, who have released fixes for the vulnerabilities.], but the injected scripts only run if the page is loaded from disk. In this context, the injected scripts have no access to cookies or the originating server, only the content on the page itself. This vulnerability was originally reported to Microsoft by David Vaartjes in 2006, but no fix is yet available [37].
[28] Microsoft Developer Network. Mark of the Web. »msdn2.microsoft.com/en-us/librar···628.aspx, Oct. 2007.
[37] D. Vaartjes. XSS via IE MOTW feature. »securityvulns.com/Rdocument866.html, Aug. 2007.
|
|
| reply to ilago
Re: Study Finds ISPs Fiddled with Web Pages I don't know that most of the ISP customers are aware - or even care - that this is happening.
There may be a way for website owners to take legal action against the ISP that is changing their website content. It involves the use of Tripwires:
»www.cs.washington.edu/research/s···ire.html
I am considering this for two of my websites that do not have any ads on either site. I pay the hosting and am responsible for all costs to maintain these sites and certainly don't want them tampered with in any way.
My belief is that once website owners are aware that their content is being tampered with by advertisements originating from the visitors ISP that compensation from the ISP should be available to them.
It is very easy for an ISP to hide what they could be doing with a customers browsing habits - and some are already doing it. |
|
 VigThread-safe since 1997Premium
join:2004-03-23
San Diego, CA | reply to EGeezer
said by EGeezer:This is a creeping phenomenon. First, put ads into free services, with paid access being ad-free. It happened with cable TV as well. The first subscribers had no commercials. After all, they were already paying for their TV content. Then the ads came later even though the customers were still paying for their connection.
The only surprise to me is that it's taken this long to start happening.
--
Visit the land of the never-setting sun |
|
 DC DSLThere's a reason I'm Command.Premium
join:2000-07-30
Washington, DC
kudos:2
 ·Covad Communicat..
·Verizon Online DSL
| reply to ilago
Simple solution: Site owners and content creators should sue the pants off ISPs who alter the bits in transit, as well as the advertisers themselves, for violating the DMCA. If content is inserted after it leaves the originating server, it constitutes reverse-engineering and unauthorized modification.
While it may take a while for the cases to conclude, it'll scare away most, if not all, of the advertisers from that method and negate the revenue stream. ISPs will see the decline and then issue some statement like "since it's not profitable, we're not going to bother with it any longer."
--
There is no giant fur-bearing trout. |
|
jlrubin
join:2005-04-12
Jackson Heights, NY
1 edit | reply to ilago
PC World article misquotes the paper The PC World article misinterprets the University of Washington paper in a very serious way. The report does *not* say that 1% of web pages were modified; it says "over 1% of web clients in our study received altered pages."
Please read the original paper. |
|
 La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3
·Vonage
 ·Optimum Online
| reply to Vig
Re: Study Finds ISPs Fiddled with Web Pages said by Vig:It happened with cable TV as well. The first subscribers had no commercials. After all, they were already paying for their TV content. Then the ads came later even though the customers were still paying for their connection.... That still ticks me off. There are now just as many (if not more) commercials on cable tv as there is on network tv.....why am I paying to watch that crap?
--
10,925 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore
|
|
| reply to dave
said by dave:It's time to use end-to-end encryption all the time, I think. Exactly what I was thinking.
Along with time for John/Jane Doe consumer using those ISPs to kicking-some-tail (figuratively speaking of course)...
--
Do yourself a favor, just say no to anything Windows. |
|
| reply to La Luna
said by La Luna:There are now just as many (if not more) commercials on cable tv as there is on network tv.....why am I paying to watch that crap? Satellite (DirecTV) is just as bad. DTV has now even started putting ADs in their show Guide as a large bar in place of a TV show listing.
--
Do yourself a favor, just say no to anything Windows. |
|
OZOPremium
join:2003-01-17
kudos:2 | reply to La Luna
said by La Luna:said by Vig:It happened with cable TV as well. The first subscribers had no commercials. After all, they were already paying for their TV content. Then the ads came later even though the customers were still paying for their connection.... That still ticks me off. There are now just as many (if not more) commercials on cable tv as there is on network tv.....why am I paying to watch that crap? 100% agree with you. It becomes outrageous that now they contaminated cable TV with so many commercials, that I have to switch channels every 5 - 7 min to get rid of those annoying ads.
Why am I paying to watch that crap?
--
Keep it simple, it'll become complex by itself... |
|
La LunaSurvived AshrafulPremium
join:2001-07-12
Warwick, NY
kudos:3 Reviews:
·Vonage
·Optimum Online
1 edit | said by OZO:100% agree with you. It becomes outrageous that now they contaminated cable TV with so many commercials, that I have to switch channels every 5 - 7 min to get rid of those annoying ads. Why am I paying to watch that crap? I don't know. I've been asking that question for years. 
Switching channels doesn't even always help, they've got their commercials timed for pretty much the same time frames. An hour show seems to be 20 minutes of commercials and 40 minutes of show, if we're lucky. 
edit: back OT....I don't need any more ads, on the internet or anywhere else. We've already got more than we can stand being shoved down our throats.
--
10,925 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore
|
|
OZOPremium
join:2003-01-17
kudos:2 | said by La Luna:I don't need any more ads, on the internet or anywhere else. We've already got more than we can stand being shoved down our throats. I'm with you.
It may come to the point (and it's actually close to that now) when I consider to completely dump the cable TV service and move for the news and entertainment in the Internet... I'm already spending more time with and getting more info from the Internet. One thing is waiting to happen - I have to change my habits. But if I do, I'll not go back (watch me Comcast!) I'll use my TV set for local watch only (movies).
It becomes ridiculously stupid to me to pay $60 and try to skip 30% of whole TV time wasted on commercials. BTW, during the last 10 years Comcast has increased price for TV cable service from $25 to $60 (it's more then two times!) and, at the same time, the time for commercials has been increased to almost unbearable level as well...
--
Keep it simple, it'll become complex by itself... |
|
ilagoPremium
join:2005-06-28
Australia | Advertisers must feel that advertising works and therefore more advertising must work better.
I'm getting a little tired of being regarded as some sort of gullible idiot that will buy anything if they can just corner me somehow to show me more pictures of their product
As if the pictures weren't enough, they insist on music and talking as well and they never stop  |
|
| reply to ilago
My ISP partnered with Nebuad without telling its customers and thus we get tailored adds based on our surfing habits. We can opt out and they set cookies for the opt out also. So either way they are on YOUR computer monitoring you so there is nothing to be done. We were not even given the courtesy of being notified of the change in TOS. The only way for it to stop is mass revolt by end users,which won't happen as the sheep have no idea as this is going on and don't care. |
|
