US Cable Support > Cox HSI > Cox popup...is this even legal

Cox popup...is this even legal

Cox has been using them for important notices...

»Email Notice Popups in Browser

reply to ConfusedDan
Hmm...could be illegal in the sense that they have to do layer 7 packet inspection, which some consider to be spying.

However network administrators have been doing this for many years now and there hasn't been any legal trouble over it. In those use cases, it is typically for QoS and security purposes. It seems that this would be for the later, only they are actually modifying the payload before sending it, whereas traditionally they simply drop a packet that has potentially dangerous content in it.

I doubt that doing this would put them in legal hot water though, unless they were inspecting SSL traffic (which would be so difficult to not only inspect, let alone modify, to the point that I'd say mathematically impossible unless you had a future computer.)

Actually wouldn't they have to modify the copyrighted HTML in transit to inject the javascript that produces the popup?

If they're going to do this, they should do it with a walled garden.

While I understand they have the legal right to send popups with network status, isn't too much to check what hardware I'm using. What would stop them to check my NAS and access my personal files/pics or inspect my laptop/tablet/PC etc?

I believed they can't access or they don't have the right to access anything behind the modem…but I was wrong. I think is my choice to use any firmware I want for any of my devices and I don't need COX to suggest what I should install or not...
As far as I'm concerned my router (netgear) is not made by COX, not provided by COX, not paid by COX so they can keep their suggestions for themself.
What's next...Cox bugging me with popups to upgrade my OS or the videocard?
This doesn't look well....

reply to ConfusedDan

reply to ConfusedDan
With deep packet injection, if you can find the IP address its coming from, block that IP. As long as it is not for other parts of your ISP service it should kill you seeing the injection.

The ISP will argue its for security of their network purposes to avoid being prosecuted for probing your router.

So the next thing to tell if its a crime via their probing, is how much information they got from your router.
Was it just the mac address? for a generic warning,
or was it the actual firmware version of your router? which would be a cyber attack by your ISP.
If your router has any type of backdoor(remote access from the Internet side) change the password or turn it off via blocking all ip ranges except for your own local.

If your router has a log turned on that details attacks, check it out.

Man in the middle attacks need to be prosecuted, but the government doesn't have any guts to prosecute their owners(rich bribing a-holes).

Add-on for Firefox or Chrome. If a website supports encryption it will cause default to an encrypted connection instead of open.
»www.eff.org/https-everywhere
And in case you still use an unencrypted connection search engine
»encrypted.google.com/

Google search of ISPs injecting ads.
»encrypted.google.com/webhp#hl=en···a7286373

reply to ConfusedDan
If you want to hide the router, Go into your router (well, besides check for obvious router firmware updates, security issues, etc) somewhere in there they have an option to change the mac address. Mine netgear allows me to use my desktop mac address. That should stop it.

On a side note, regardless if it's made by cox, or not. I doubt any court of law will side against cox for protecting their network. (Obviously some issue with their network. they have no way to profit or anything from updating your firmware.)
--
The day the child realizes that all adults are imperfect, he becomes an adolescent; the day he forgives them, he becomes an adult. The day he forgives himself, he becomes wise.
Alden Nowlan

reply to ConfusedDan
I think you're all making something out of nothing.

If there is a firmware vulnerability, if I don't know about it and Cox does, hey the popup is fine. It's not just about THEIR network - it's about YOUR network too - and possibly your financial info, etc. depending on the vulnerability, how far it goes, how it can be used, etc. etc.

They are only trying to help for god's sake. They are not snooping at your personal files, what your doing on the Internet, etc...

--
~~Chris~~

Need a pro computer tech? See my profile for my website - I offer remote support services!

reply to ConfusedDan
Hmm.. never seen one of these, ever.

reply to ConfusedDan
Hate to say it, but I have to some what agree with OP. Not to say I think there is anything sneaky going on, and to question if its legal is a little dramatic, but I too would be annoyed if it popped up on my screen. Way I see it, some people don't like it, so why not have a opt out option, if for no better reason then to make people happy? Also, I don't like the lack of transparency. Sure what they are doing now is fine, and helpful, but what mechanism is in place to protect it from being abused? I could see launching Ads with this technology being very tempting. When it comes to my internet and net neutrality I take things very seriously. That's just me though.

I never said it was about profit. I was stating my opinion that I was concerned by the lack of discussion on the matter. 5 years ago I wouldn't have believed there would be ads in webmail, on Cox.net, and in the cable guides. And now they have purchased, from a 3rd party, a method of putting a pop up on your screen no matter what site you go to, and you think its just going to stay in its current support role? I see that as a bit naive. And if it was me, introducing it as outage notifier seems like a genius way to lessen public outcry. These are just my thoughts and opinions though and welcome your reply.

reply to bbeesley

Ok, if that is how everyone feels I will accept maybe my opinion is extreme. Apologies.

reply to Optimus2357

reply to ConfusedDan
Never had this issue with my services.

I used »www.grc.com/dns/benchmark.htm to find some of the fastest DNS servers available to my location and then with my router using DD-WRT I set:

DNS 1
68.12.16.30
DNS 2
129.250.35.250
DNS 3
4.2.2.6

DD-WRT is also set to contact all three servers rather than just one and then fail over. If one is slow or bogged down the others get the info out and things keep going, has worked GREAT for me over in the past and often performs better than any one server can. The servers I use are generally on different networks as well.

This isn't a DNS redirect. I have been using Google DNS for years. If it was a DNS redirect, I would have no issues with it since Cox has a opt out option for that. Does anyone know a way to "opt out" of this? Would a proxy do it?