dslreports logo
 story category
Blocking Perftech Injected ISP Messages
For future reference, Rogers users find it's a fairly simple affair...

Canadian cable provider Rogers recently gave American cable users a possible glimpse of the future when they started charging data consumption overage fees for their capped and throttled broadband service. They've also been using a new user alert technology from Perftech that could see broader use as an ad-injection engine. Perftech's technology lets the ISP inject a banner ad above, beside or below any existing web content.

Click for full size
Perftech's technology clearly can be of practical use: it was used as early as 2005 on Wide Open West's network to deliver Amber alerts. It can also be used to alert subscribers to possible infection or if their PC is being used as a spam relay. Rogers currently only uses it to alert customers when they get close to their monthly cap of 60GB.

However, Perftech also advertises the technology as a possible way for ISPs to subsidize certain lower-cost tiers of service. In this industry, it's hard not to think that a number of ISPs -- under constant pressure from investors to create new revenue streams -- will eventually use the technology to try and grab an additional slice of ad revenue. It's a good guess that users, ad networks and network neutrality supporters might get slightly annoyed.

Rogers does allow users to opt-out of the alerts, though users are forced to opt-out every billing cycle. One user in our Rogers forum highlights that the system is fairly easy to block if you want a more...absolute solution. You simply have to identify the server (in Roger's cap alert system's case it's 64.71.251.10), then use either a rule based firewall or a personal proxy server to block the IP. Might be useful information to keep on hand for down the road.
view:
topics flat nest 

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Why would you block bandwidth overage warnings?

Why bother blocking anything? - unless and until they send ads instead of bandwidth overage warnings.

adisor19
join:2004-10-11

adisor19

Member

Re: Why would you block bandwidth overage warnings?

Because there are BETTER ways to inform users of the overage warnings. You know, stuff like e-mail.

When a requested HTTP page from my bank account somehow contains something that was not coming from the bank server, there is something REALLY bad going on.

Adi
hottboiinnc4
ME
join:2003-10-15
Cleveland, OH

hottboiinnc4

Member

Re: Why would you block bandwidth overage warnings?

And as far as using email; who would read an email from their ISP? or who checks their ISP email? Especially if its full of AT$T Yahoo!, Rogers Yahoo! or Verizon Yahoo! ads trying to sell you something you already have. Plus yahoo itself doesnt provide that that great of an email service let alone us an ISPs.

sbrook
Mod
join:2001-12-14
Ottawa

sbrook

Mod

Re: Why would you block bandwidth overage warnings?

One of the big problems is that the bandwidth warning is out of date by the time you receive it! It can be at least 8, but more likely 24 hours or more behind. Moreover, Rogers bandwidth measurements are often so wrong it's laughable. Like the guy who was away on vacation for an entire month and consumed over 80GB.

But the bottom line issue is that this is the thin end of the wedge. ISPs want to make more money and they'll try every way they can ... they wanted to charge the sender ... they wanted us to get to the internet through an ad infested portal ... and next it will be injected ads.

Dogfather
Premium Member
join:2007-12-26
Laguna Hills, CA

2 edits

Dogfather

Premium Member

How is this not a violation of copyright?

They modify the site owners HTML to inject their javascript execution line then forward the modified HTML to the user (whose browser then renders the HTML along with the freshly injected executes the javascript).

The HTML of site owners like Google is copyrighted and it's a violation of copyright law to modify copyrighted works without permission of the copyright holder, especially for profit.

Karl Bode
News Guy
join:2000-03-02

1 edit

Karl Bode

News Guy

Re: How is this not a violation of copyright?

Ottawa's Canadian Internet Policy and Public Interest Clinic (CIPPIC) made a similar argument last year:
quote:
"When Rogers modifies the html file in their cache and sends it to its subscribers, it means the Web page has become a derivative work of the original page under copyright,"; McOrmond said. "So if the licence for the particular Web site being modified does not allow for derivative works, Rogers would becomes a pirate. This is a modified work which is considered a worse violation of copyright than verbatim distribution for free."
Don't know how effective that argument would be in court given they're essentially using a frame and no original content is distorted. ISPs might not want to risk a fight with the courts or network neutrality brigades though.
hottboiinnc4
ME
join:2003-10-15
Cleveland, OH

1 recommendation

hottboiinnc4 to Dogfather

Member

to Dogfather
because its not replacing anything on the website. its being put along in another frame- as pictured above; or above the actual web site content.

Not everything is a violation of copyright laws. Especially this because as i stated; its not actually altering the website content.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: How is this not a violation of copyright?

and where is that frame's source located ?
Its basically taking a page, and rendering it as a frame within a page. Its very borderline legal.
I.e. If my page is to be rendered as a page, and suddenly, I find my page loads as a frame with ad ridden content beside/ontop of it, this could be seen as an attempt to hijack content.

Eg. If I went to www.nsa.gov, and found the page split in 2 with a video of Obama as a good samaritan ontop, some one's going to be in trouble.

adisor19
join:2004-10-11

1 recommendation

adisor19 to hottboiinnc4

Member

to hottboiinnc4
Huh ? It IS altering the website content. When i request an HTML document, i expect that HTML document to be what i requested. If the contents change, whether it's in a separate frame or not, then we have a BIG problem.

Adi

Dogfather
Premium Member
join:2007-12-26
Laguna Hills, CA

1 edit

Dogfather to hottboiinnc4

Premium Member

to hottboiinnc4
said by hottboiinnc4:

because its not replacing anything on the website. its being put along in another frame- as pictured above; or above the actual web site content.

Not everything is a violation of copyright laws. Especially this because as i stated; its not actually altering the website content.
Frames are a function of the HTML.

You can't have frames without modifying the HTML to add the line that executes the ISP's java which is the frame and content.

For example, if they did this to you while browsing google you request the HTML page from Google who then serves it to you.

The ISP intercepts the page, edits it adding a single line near the beginning of the HTML code saying to execute a particular javascript on the ISPs server.

The modified page is then forwarded to you at which time your browser loads the HTML, executes that java script and renders the page, along with the java code which is the frames and content.

Without stand alone separate software running on your machine, nothing can appear in the browser without being part of the HTML (aside from hacks like the GDI+ patch fixes).

Looking at copyright, it sure seems to be that it is not legal for the ISP to take Google's HTML and changing it even if it's to add this single javascript execution line without Google's permission.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102 to Dogfather

Member

to Dogfather
I agree.
Even though this appears to not change the function of someones content by opening another frame, it IS modifying the basic content. This would make users assume that the modified data is from the page source, and not an ISP attempting to leach off someone elses content for ad revenue.
hottboiinnc4
ME
join:2003-10-15
Cleveland, OH

1 edit

hottboiinnc4

Member

Re: How is this not a violation of copyright?

very true. that part about leaching is true if the ISP does use it for such. I don't see a problem with the system though if its a very low speed tier that the ISP is giving away for dollars a month- such as maybe 96k by 56k for say like $10 per month- i wouldnt see a problem with it then.

Although i would like to know when i would reaching my monthly cap and this could be very usfull for such a thing or Amber Alerts or such.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: How is this not a violation of copyright?

Why not simply have another window open... oh wait.. pop-ups for ad content provider revenue tried this in the past, where hundreds of redirects and pop-ups would invade your screen.

why82923
@sbc.com

why82923 to Dogfather

Anon

to Dogfather
said by Dogfather:

They modify the site owners HTML to inject their javascript execution line then forward the modified HTML to the user (whose browser then renders the HTML along with the freshly injected executes the javascript).

The HTML of site owners like Google is copyrighted and it's a violation of copyright law to modify copyrighted works without permission of the copyright holder, especially for profit.
You mean that HTML that Google stole from the site owner in the first place to build their index?

hottboiinnc4
ME
join:2003-10-15
Cleveland, OH

hottboiinnc4

Member

Re: How is this not a violation of copyright?

especially when they cache versions of the websites on their own servers all around the world. Google is basically taking from someone. And their actually keeping it until they refresh to save again.

Matt3
All noise, no signal.
Premium Member
join:2003-07-20
Jamestown, NC

Matt3

Premium Member

Re: How is this not a violation of copyright?

said by hottboiinnc4:

especially when they cache versions of the websites on their own servers all around the world. Google is basically taking from someone. And their actually keeping it until they refresh to save again.
robots.txt

sbrook
Mod
join:2001-12-14
Ottawa

sbrook to Dogfather

Mod

to Dogfather
This is one of the reasons that many sites do not permit referrals ... so that their page cannot be framed inside another as we often see.

pog4
Premium Member
join:2004-06-03
Kihei, HI

pog4

Premium Member

Re: How is this not a violation of copyright?

said by sbrook:

This is one of the reasons that many sites do not permit referrals ... so that their page cannot be framed inside another as we often see.
Just curious... the referer string is a function of the browser... which normally just uses the URL of whatever page it's on.

If code is injected or modified, does the URL also get changed? I don't see this being necessary... and, if it isn't, then denying access based on referer is not going to help...

wruckman
Ruckman.net
join:2007-10-25
Northwood, OH

wruckman

Member

Linux

All the more reason to use a Linux system as your home router.
cornelius785
join:2006-10-26
Worcester, MA

cornelius785

Member

Re: Linux

well if you ignore power, money, and time, then sure.
Lazlow
join:2006-08-07
Saint Louis, MO

1 recommendation

Lazlow

Member

Re: Linux

Corne

You will have to translate that for me. Most of the linksys routers can/do run linux so I do not see power or money being an issue. As far as time goes I do the same things as I did running XP but have none of the headaches. Not one virus since switching. I only have to reboot when I change kernels ( used to be twice a day on XP). I have not had to reinstall once due to OS flaking out (averaged once every three months with XP). All on the same hardware. Linux has saved me weeks of time per year.

wruckman
Ruckman.net
join:2007-10-25
Northwood, OH

wruckman

Member

Re: Linux

Agreed. Nothing like a good ole' Openwrt install.

chd176
join:2003-01-10
Winfield, AL
·CenturyLink

chd176

Member

no thanks

If my ISP injected Ads into my browser then I don't expect to pay anything for the service. That's IMO, although companies are already doing this (Directv with the H20 are starting to inject ads into the H20's guide and prices increased...ironic) I guess pay more for less is the "in" thing these days...

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: no thanks

I think I'll be going OTA HD soon enough, with TV prices soaring. I'm able to get 19 OTA HD channels with a pair of amplified rabbit ears.
ddevilduck
Premium Member
join:2002-07-26
Minneapolis, MN

ddevilduck

Premium Member

Re: no thanks

I only do OTA HD I live 30 miles from Minneapolis and get 10 HD channels and 21 digital channels that are rebroadcasts of SD channels. Screw paying cable or dish to see what I can get for free or pay a small monthly fee to get in my mail.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: no thanks

I can probably do better if I get a 'real' antenna (I'm 30 miles + 1 mountain range away). My inlaws in the San Fernando Valley get 53 HD OTA channels.

biff420
Premium Member
join:2002-01-26
Vallejo, CA
·Comcast XFINITY

biff420 to chd176

Premium Member

to chd176
said by chd176:

If my ISP injected Ads into my browser then I don't expect to pay anything for the service.SNIPPED
If they're going to charge you by the byte, then
it's possible their own ads and whatever else they
"inject", can put you over the cap.

What a deal! They put you over, then charge you for it!

Can you say Hosts file?

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: no thanks

said by chd176:

If they're going to charge you by the byte, then
it's possible their own ads and whatever else they
"inject", can put you over the cap.

What a deal! They put you over, then charge you for it!

Can you say Hosts file?
Exactly...extra consumption to put capped users over the top.
These days, its all screwed.
a) Throttled/filtered (Bell / Comcast)
b) Capped (Rogers / Time Warner)
Now add injected ads to consume MORE bandwidth... oh wait, they're making profits on both ends.
- Overages
- Marketing

dvd536
as Mr. Pink as they come
Premium Member
join:2001-04-27
Phoenix, AZ

dvd536 to biff420

Premium Member

to biff420
said by biff420:
said by chd176:

If my ISP injected Ads into my browser then I don't expect to pay anything for the service.SNIPPED
If they're going to charge you by the byte, then
it's possible their own ads and whatever else they
"inject", can put you over the cap.

What a deal! They put you over, then charge you for it!
Corporate GREED at its finest!

woody7
Premium Member
join:2000-10-13
Torrance, CA

woody7

Premium Member

question??

Would a SPI Firewall block this? as the "packet" is not the same as the one that is expected? It is altered by the injection? Curious

DeeplyShrouded
@comcast.net

DeeplyShrouded

Anon

Blocking unwanted content

Well, there was an article on DSLR a while back about a guy
who was blocking FireFox because people were blocking the
ads on his site. Well, my response to him was, if you can't
afford to run a site, then you shouldn't.
(Sarcasm on)
Yes people really do become rich from that .000000000001 cent
click!
(Sarcasm off)

I also stated to him the following analogy:
I pay for a telephone line. No telemarketer has the right
to use that line, and my time to try to make money for
themselves.

The same thing applies here: My computer. I bought it, and I
paid for it. My ISP, I pay a monthly fee for that too.
As long as my bill is paid in full and on time, that is
all the ISP should have to worry about.

I'll gladly pay "overuse fees" when my ISP stops all the spam
that comes into my email box, filters all the probe attempts
on my IP address, and kills all the flashing banners and
other useless crap I don't need to see.

A good example is the front page of Google.
Their logo, a search box, two buttons. That's it.
No ads, no news, no flashing banners, no flash animation.
It's a simple page made to do one thing. Accept information
for a search.

How about an ISP disconnect any PC that's sending massive
amounts of spam? How about they disconnect anyone that has
a PC running a rouge bot and is part of a botnet?

"Our users are using too much bandwidth" they cry.
Well? If you cut out the spam, probes, botnets, and crap
like that off your network, less bandwidth would be used
wouldn't it? Just give me the content from the page I'm
on and THAT'S IT. Simple solution!

It would also be nice for Yahoo's email filter
to be able to filter *.domain. After all, I'm in the USA,
I don't know anyone in Africa, Nigeria, or any other country
that decides to tell me that out of the billions of people
on the net, that I have inherited millions of dollars from
Prince Whatthefuck'shisname."
Yeah, and I was born yesterday too. Give me a break!

It's an unfortunate situation that people have to defend
their PC's with routers, firewalls and virus protection,
but it's a fact of the internet these days.

The bottom line is, most if not all ISP's are aware of
botnets on their networks. Does it really cost all that
much to block the ports those bots are using?
Oh wait, that takes time, time that has to be paid for.
I know! Let's send out more ads to make up for it!

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: Blocking unwanted content

and this is where 'net neutrality' and 'network management' come to play.
Net Neutrality: Give me a pipe, unthrottled where I am free do do what I want. Be it a bittorrent, VoIP that is not owned/preferred by the ISP or any other app. I never said I needed 20Mbps, but I'd better be able to use that 1.5Mbps as I see fit.

Network Management: We own the network, and don't want useless crap that isn't making us rich in the process (i.e. ads/spam is legal, as long as we get our cut). We'll sell you 20Mbps and throttle it down during peak hours, or put caps. The 1.5Mbps connection will have a 1GB cap, the 20Mbps connection will have a 60GB cap. 1.5Mbps users don't need a cap... its just to get you off the lower tier.

MicroWISP
join:2008-01-30
TX Republic

MicroWISP to DeeplyShrouded

Member

to DeeplyShrouded
First let me say that I am an ISP owner, albeit a small one, ok I'm ducking from the swings now, lol.

I think that this PerfTech is a wonderful tool that could benefit my network and it's subscribers immensely. I don't see it as a gateway to revenue from ad streams, (see Phorm and NebuAd) but as a way that I can get information quickly and efficiently to individual subscribers. If I were to push Amber alerts, weather updates, and other non-ISP related content to our subs, I would have them fill out a quick "What would you like for content" kind of form before hand.

This can be a useful tool for 'slow pay' customers, who you really don't want to disconnect, but they don't pay any attention to email reminders from billing. It can also be a great tool for us to inform our subscribers of either planned or unplanned internet outages, equipment upgrades, etc.

Being a wireless ISP with multiple Access Points and HotSpots, we have to be on the lookout for unauthorized users on our network. PerfTech seems to have a tool called their Subscriber PC Audit tool that looks like it can make this job a lot easier.

DeeplyShrouded, we do disconnect subs that are sending out massive amounts of SPAM. We are also constantly watching usage patterns for bots, and if a subs PC is suspected of infection a free virus check etc. is offered and required to continue using our network. I see this PerfTech tool as a great way to look for these patterns via the 'Abuse Sentry' module which apparently monitors for SPAMming then shuts down the offending outgoing email port of the sub if found. To me that is a great tool for managing our network.

Something everyone has to remember. It's my network, not yours... Yes you rent it from me on an hourly, daily, weekly, monthly, yearly basis but it is still 'my network'. If you don't like my network, connect to the internet through someone else's network, or acquire your own infrastructure for a direct trunk connection. I, like other small ISPs will give the majority # of our subscribers the best experience I can on my network. For me at this moment in time that means internet browsing is my top priority. My subs want to see fast speeds and they don't like waiting for a page to load. If a year from now, the majority of our subs were gamers, then I guess ping times and latency would be top priority. I do not restrict your bandwidth during peak hours, nor do I block your content. Of course your Peer to Peer download or Torrent client may have to take a back seat to someone else opening up www.google.com or any other Http, as it has a higher priority than you.

Bandwidth is expensive, especially for us little guys. We have to be very careful how we allocate and manage what we have available to keep our subs happy and our networks operating efficiently and safely. I can't block the SPAM you're receiving, 'cause you might want it. I can and do try to filter probe attempts to your IP address to keep your PC safe by using appropriate firewalls. As far as those flashing banners go, well once again you might like that stuff so I'm going to leave those alone too. And filtering email by domain... good idea, but what if you are prince what's his name's brother in law and I accidentally block your email. Well you won't care for that I'm sure, so I will leave your email management up to you, unless of course for some reason there are 1000 emails per hour leaving your PC, then I will probably give you a call and ask if you are doing a monthly newsletter to your friends or planning a high school reunion, and if not let you know your PC is probably infected with something and offer to assist you in fixing it.

In closing, let me say that I use my own network practically every day. I am behind the firewalls, bandwidth allocating and shaping devices and other hardware/software like any other subscriber on our network. If it isn't working properly, I'm not happy. If I'm not happy, chances are good someone else isn't happy. I am not on a special IP address that gives me gobs of bandwidth and bypasses our protocols and shaping systems, even though I could be. I prefer to experience our network exactly as our customers do to continually monitor quality and efficiency. Maybe some of the larger ISPs should try this too.

MrMoody
Free range slave
Premium Member
join:2002-09-03
Smithfield, NC

MrMoody

Premium Member

Raise your hands

How many people think that ISPs will reduce the cost of your internet when they start injecting ads?
ssokolow4
join:2008-03-23

ssokolow4

Member

What about automated user agents?

Any Rogers users here who can tell us whether these "harmless notices" have been interfering with RSS/Atom feeds by returning unexpected content in response to an HTTP request?
robertfl
Premium Member
join:2005-10-10
Mary Esther, FL

robertfl

Premium Member

block ads

there is software that can (and does) block ads. it's in all of the machines here

»www.admuncher.com works much better (though, not free) then firefox ad removal which does not block javabased flash ads.

-rob

avantare
Go Tribe
join:2000-02-16
Rome, GA

avantare

Member

Re: block ads

said by robertfl:

there is software that can (and does) block ads. it's in all of the machines here

»www.admuncher.com works much better (though, not free) then firefox ad removal which does not block javabased flash ads.

-rob
Use Firefox with AdBlock+ and NoScript. I do and NEVER see any ads, even Java based and Flash based.

Chuck

StevenB
Premium Member
join:2000-10-27
New York, NY
·Charter

StevenB

Premium Member

Cable Found a Way

to not upgrade their headends, but to put the cost on the consumer. I've been stating this since the start of caps. Some cable co's just do not want to put any sort of revenue into their networks at all.

Isn't it funny though, how all of cable co's are doing these caps with Docsis 3.0 on the horizon.