[ NNSquad ] Deja Vu: ISP Hijacking Google (and Other) Pages for Ads Via DPI

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Deja Vu: ISP Hijacking Google (and Other) Pages for Ads Via DPI - "Deep Packet Interference"

To: nnsquad@nnsquad.org
Subject: [ NNSquad ] Deja Vu: ISP Hijacking Google (and Other) Pages for Ads Via DPI - "Deep Packet Interference"
From: Lauren Weinstein <lauren@vortex.com>
Date: Mon, 28 Feb 2011 18:31:28 -0800


          Deja Vu: ISP Hijacking Google (and Other) Pages for Ads
                    Via DPI - "Deep Packet Interference"

               http://lauren.vortex.com/archive/000819.html


Greetings.  Regular readers may recall the considerable furor that was
triggered a bit over three years ago, when I revealed and demonstrated
that a Canadian ISP was testing Deep Packet Inspection (DPI)
techniques to insert their own informational messages above the Google
Home Page and other Web site pages ( http://j.mp/eS2EhM [Lauren's Blog] ).

At the time, I explained that the JavaScript method employed depended
on the use of unencrypted (non-https:) connections, and I noted that
it would be a simple step to full-blown ISP-based ad insertion
(without the permission of the affected sites) via the same intrusive
mechanism.

Now come reports that cable ISP Mediacom has pulled the trigger on
this escalation, by actually inserting their own promotional ads above
other sites' pages ( http://j.mp/ey6pak [DSL Reports] ), such as Google in
this example: http://j.mp/exJXQ9 (Lauren's Blog).

Starting from this point forward, I urge the use of the (apparently
previously "uncoined") term "Deep Packet Interference" (conveniently
also "DPI") for this sort of unacceptable chicanery.

Google now supports https: connections that block such behavior, but
you need to explicitly specify the "https://"; URL prefix to enable the
encrypted path.

And perhaps "Toward Pervasive Internet Encryption: Unshackling the
Self-Signed Certificate" ( http://j.mp/db9gsp [Lauren's Blog] ) now
has some additional significance -- with the proviso that I now
definitely believe that a variety of techniques other than traditional
PKI certificate-based encryption systems are worthy of major
consideration toward achieving the goal of pervasive crypto across all
aspects of the Internet.

In the meantime, Mediacom's apparent commercial interference with the
communications between Web sites and their users provides a red flag
warning -- and a vivid example -- of the extreme level of packet
tampering that some ISPs are apparently ready, willing, and able to
deploy.

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren
Co-Founder: People For Internet Responsibility: http://www.pfir.org
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org
 - Global Coalition for Transparent Internet Performance: http://www.gctip.org
 - PRIVACY Forum: http://www.vortex.com
Member: ACM Committee on Computers and Public Policy
Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein 
Google Buzz: http://bit.ly/lauren-buzz 
Quora: http://www.quora.com/Lauren-Weinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com

Prev by Date: [ NNSquad ] Censorship and Fines in Brazil for Wi-Fi Sharing
Next by Date: [ NNSquad ] Washington Post: "Obama administration joins critics of U.S. nonprofit group that oversees Internet"
Previous by thread: [ NNSquad ] Censorship and Fines in Brazil for Wi-Fi Sharing
Next by thread: [ NNSquad ] Washington Post: "Obama administration joins critics of U.S. nonprofit group that oversees Internet"
Index(es):
- Date
- Thread