back to article AT&T accused of Wi-Fi interception, ad injection

AT&T has been accused of grabbing user traffic from its Wi-Fi hotspots for ad injection. The news comes from Stanford lawyer and computer scientist Jonathan Mayer, whose previous work includes uncovering a browser history bug in 2011, and the use of Verizon zombie cookies by third parties. In Webpolicy, Mayer writes that …

  1. TheOldBear
    Big Brother

    Just 'blackholed' the offending domain on my Macbook, pity there is no 'hosts' file to edit on an iPad

    1. Mark 85

      I don't know about Macbooks but on a Win PC, one should also block any cookies from them.

  2. ecofeco Silver badge

    Beyond the pale

    Fucking at&t.

    I run 3 or more filter/blocking add ons just for ads and rogue scripts just for this reason.

  3. Spaceman Spiff

    AT&T could not care less about their customers. They are only interested in profits and their quarterly bonuses (the execs). They won't do squat until they are slammed upside the head in court and are facing serious damages $$ wise.

    1. Ian Michael Gumby

      You can replace AT&T with pretty much most companies out there.

  4. DanielN

    The end is nigh!

    You know the end times have arrived when you need to hire Kevin Mitnick's security company to protect you from computer invasion by AT&T. Back in the day I would never have believed this could happen.

  5. Frumious Bandersnatch

    the "potential security problem" angle doesn't sound so weird

    when you consider that this would be a perfect way for the various TLAs to track persons of interest arriving at airports. Just pay for ad space just like any other <insert your favourite scumbags here>

    Paranoid, maybe. Weird, no.

  6. Decade
    Trollface

    Where is HTTPS?

    Security? They've heard of it but don't seem in a rush to do it very well

    This is referring to The Register, right? We’ve all known, at least since Snowden, that using HTTPS is the best way to prevent middleware from spying on and maliciously modifying the content that you send to visitors.

    1. Mike 16

      Re: Where is HTTPS?

      So, I have three choices:

      1) HTTPS Everywhere, which in practice means only bleeding edge browsers (that can keep up with the drumbeat of deprecated crypto protocols) running on computers that are backdoored everywhere from the networking libraries down through the BIOS and beyond (Trusted Computing? By whom?). Provides easy access to Kardashian news and cat videos, but makes one completely unable to view "labor of love" sites on long-tail subjects.

      2) Use a computer old enough to have a chance of escaping the most virulent backdoors (e.g. with a physical jumper on the BIOS Flash write enable), and wait for somebody like the TenFourFox folks to release a browser with the crypto du Jour, Decent access to sites that look like it's 1999, but have information you are unlikely to find anywhere else, but No Cheezburger for You.

      3) Just give up.

  7. Anonymous Coward
    Anonymous Coward

    Legality?

    Intercepting and modifying communications seems to me to be on the wrong side of legality. Or has the world just caved in to the big companies?

    1. Ole Juul

      Re: Legality?

      Or has the world just caved in to the big companies?

      Yes.

    2. Carlie J. Coats, Jr.

      Re: Legality?

      My take on it is this: modifying web pages by insertling those ads is creating an unauthorized derivative work for commercial gain. In the US, that's criminal copyright infringement (US Code Title 17 Section 506; see https://www.law.cornell.edu/uscode/text/17/506).

      If I catch them doing this to my web pages, I want someone at AT&T to do jail time.

      1. Someone Else Silver badge

        @ Carlie J. Coats, Jr. -- Re: Legality?

        Corporations are people, my friends, so we should soon see AT&T in the dock.

        Oh,...wait a minute...

  8. Anonymous Coward
    Unhappy

    Mayer notes that ad-injection extensions are frowned on by Google,

    as are many ad-blockers.

  9. MikeeMiracle

    Is this really surprising?

    In this day and age of ISP working with government agency's for security reasons, it's just not worth using any of the "major" ISP's. Fortunately for us techies, the politician's are cluless about IT security issues so they tend to go after the "big" ISP's here in the UK under the prmise that they will catch 80/90% of the traffic as most people use them and they tend to ignroe the smaller ISP's. Many of the sites the government has asked the big ISP's to block are freely accesible when using smaller ISP's.

  10. Ed Mozley

    Taking control

    I belatedly jumped on the AdBlock Plius bandwagon a couple of weeks ago - v. happy with it

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like