Just 'blackholed' the offending domain on my Macbook, pity there is no 'hosts' file to edit on an iPad
AT&T accused of Wi-Fi interception, ad injection
AT&T has been accused of grabbing user traffic from its Wi-Fi hotspots for ad injection. The news comes from Stanford lawyer and computer scientist Jonathan Mayer, whose previous work includes uncovering a browser history bug in 2011, and the use of Verizon zombie cookies by third parties. In Webpolicy, Mayer writes that …
COMMENTS
-
-
Wednesday 26th August 2015 03:44 GMT Frumious Bandersnatch
the "potential security problem" angle doesn't sound so weird
when you consider that this would be a perfect way for the various TLAs to track persons of interest arriving at airports. Just pay for ad space just like any other <insert your favourite scumbags here>
Paranoid, maybe. Weird, no.
-
Wednesday 26th August 2015 04:07 GMT Decade
Where is HTTPS?
Security? They've heard of it but don't seem in a rush to do it very well
This is referring to The Register, right? We’ve all known, at least since Snowden, that using HTTPS is the best way to prevent middleware from spying on and maliciously modifying the content that you send to visitors.
-
Thursday 27th August 2015 16:27 GMT Mike 16
Re: Where is HTTPS?
So, I have three choices:
1) HTTPS Everywhere, which in practice means only bleeding edge browsers (that can keep up with the drumbeat of deprecated crypto protocols) running on computers that are backdoored everywhere from the networking libraries down through the BIOS and beyond (Trusted Computing? By whom?). Provides easy access to Kardashian news and cat videos, but makes one completely unable to view "labor of love" sites on long-tail subjects.
2) Use a computer old enough to have a chance of escaping the most virulent backdoors (e.g. with a physical jumper on the BIOS Flash write enable), and wait for somebody like the TenFourFox folks to release a browser with the crypto du Jour, Decent access to sites that look like it's 1999, but have information you are unlikely to find anywhere else, but No Cheezburger for You.
3) Just give up.
-
-
-
Wednesday 26th August 2015 10:50 GMT Carlie J. Coats, Jr.
Re: Legality?
My take on it is this: modifying web pages by insertling those ads is creating an unauthorized derivative work for commercial gain. In the US, that's criminal copyright infringement (US Code Title 17 Section 506; see https://www.law.cornell.edu/uscode/text/17/506).
If I catch them doing this to my web pages, I want someone at AT&T to do jail time.
-
Wednesday 26th August 2015 11:28 GMT MikeeMiracle
Is this really surprising?
In this day and age of ISP working with government agency's for security reasons, it's just not worth using any of the "major" ISP's. Fortunately for us techies, the politician's are cluless about IT security issues so they tend to go after the "big" ISP's here in the UK under the prmise that they will catch 80/90% of the traffic as most people use them and they tend to ignroe the smaller ISP's. Many of the sites the government has asked the big ISP's to block are freely accesible when using smaller ISP's.