×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Covert BT Phorm Trial Report Leaked

CmdrTaco posted more than 5 years ago | from the look-at-what-someone-found dept.

The Almighty Buck 292

stavros-59 writes "An internal BT report on the BT secret trials of Phorm (aka 121Media) Deep Packet Inspection has been revealed on Wikileaks today. The leaked document shows that during the covert trial a possible 18 million page requests were intercepted and injected with JavaScript and about 128 thousand charity ads were substituted with the Phorm Ad Network advertisements purchased by advertisers specifically for the covert trial period. Several ISPs are known to be using, or planning to use, DPI as a means of serving advertising directly through Layer 7 interception at ISP level in the USA and Europe. NebuAd claim they are using DPI to enable their advertising to reach 10% of USA internet users." CT: nodpi has updated their page with a note that says that the charity ads were "purchased and not hijacked"- read there to see what the latest is.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

292 comments

Ouch (4, Interesting)

mrbluze (1034940) | more than 5 years ago | (#23668121)

That's a big leak and a big privacy breach, but can this realistically lead to legal action against BT?

Re:Ouch (5, Informative)

KnightMB (823876) | more than 5 years ago | (#23668379)

That's a big leak and a big privacy breach, but can this realistically lead to legal action against BT?
Whether it does or not, someone has already taken the initiative to setup a page to generate fake web pages (or real ones) to pollute the data they collect. So if you can't get them out legally, you can make the data they collect useless, which hits them in the pocketbook and might be more effective than legal countermeasures. You'll find the site here: http://wanip.org/anti-nebuad/ [wanip.org] in which every browser becomes a data-mining polluter when it's run. Get enough those on a suspect ISP and watch the CEO's have a heart attack from the "pollution attack".

Re:Ouch (4, Insightful)

EvilMonkeySlayer (826044) | more than 5 years ago | (#23668511)

Looking at the site it appears to be pretty easy for phorm here, all they'd need do is do a simple domain lookup. If it doesn't exist they filter it out.

If it doesn't exist then it's generated by this, since all it does is randomly create addresses. It'd be better if it just loaded random websites. Of course, that'd eat up a lot more of the users bandwidth though.

Re:Ouch (5, Informative)

Janos421 (1136335) | more than 5 years ago | (#23668767)

The browsed pages do not exist, so you never download pictures or js files. It's very easy for an ISP to filter these requests, they can filter the HTTP response code.
Two FF exntensions generate fake queries on search segines to pollute the collected data (at search engine level, but it also pollute ISP data). SquiggleSR [mozilla.org] and TrackMeNot [mozilla.org] . Notice that the former also clicks on non-sponsored results and may deceive cookie tracking.

Re:Ouch (5, Interesting)

siddesu (698447) | more than 5 years ago | (#23668393)

not sure what the situation in the UK is, but in Japan some mobile phone operators have been doing this for a while with some phones. since probably half of the internet usage here happens over phones, it doesn't look like a small market.

to make it even worse, my current provider not only injects ads while I browse, they also supply the advertiser with a unique ID, which I can't easily turn off. since the image is inserted on the server i also assume the phone is sending referer headers, so the advertiser can collect your browsing history (and, that being a phone, your URL session cookies too) for good measure.

when i complained, i was told to go away, because there was no such thing as "personal" information being disclosed to the advertiser. to me such arrogance calls for more encryption as a kind hint to the ISPs to go and do the job i'm paying em for.

unless, of course, that option is also defeated by the copyright cretins and the gubbermint, working hard together to prevent child pr0n and terrorists.

in which case, thicker tinfoil will also be necessary.

Re:Ouch (1)

timeOday (582209) | more than 5 years ago | (#23668819)

I agree this calls for encryption. ISPs and routers should ONLY be able to see what they need to see - IP routing information. They shouldn't be able to see content, nor port numbers. But I am unsure whether ssl provides this, and how much compute horsepower would be required for big servers to ssl everything.

Re:Ouch (2, Informative)

hasdikarlsam (414514) | more than 5 years ago | (#23668955)

SSL doesn't, IPSec does. Sadly, the latter is hardly ever used.

IPv6 is supposed to have IPSec as a required element. I don't know how much this means; whether it'll actually be *used*, and resist MITM attacks.

Re:Ouch (5, Insightful)

Dark Kenshin (764678) | more than 5 years ago | (#23668427)

Of course is won't. If a private person were to develop and test this out, he would likely be spending the next 20 years in prison (looking less and less "exaggerated" as time goes on.) The fact that this is for cooperate gains; it will be largely over looked. Yes, I might be lost in cynicism, but life seems to be supporting my case thus far.

Re:Ouch (4, Insightful)

MindKata (957167) | more than 5 years ago | (#23668621)

"realistically lead to legal action against BT"

Legal action strong enough to totally stop them is unlikely, as the power seekers who run a lot of countries unfortunately seem to be rushing towards building their own Big Brother, so as they make the rules, they choose whats considered legal. So they simply need to change the laws, which is what they keep doing. It seems nearly every week now we are getting ever more stories of new grabs for information and/or power over people. At this rate, 2008 should go down in history as the start of a Worldwide Big Brother.

Its ironic that our so called free countries appear to be building Big Brother as fast, if not faster than other countries. Maybe we just have better technology. Its also ironic that the war on terrorists is a war against people who wish to force others into their point of view. Yet now the people already in power are seeking to clamp down and hold control over everyone. Its like all of us who don't seek power are caught up in a power struggle between the different groups of power seekers who do seek to impose their views on everyone.

I guess the ones in power in some way fear some lost of power, as it can't be just about protecting us. Its got to be about seeking more power, which is what they do thoughout their political lives and all of us who don't seek power are not going to be heard by them. Especially as most people don't seem to even see how much harm can be done with so much power and no way to tell them they are behaving unfairly. They are becoming like a machine which is loosing its feedback mechanism and so running towards ever more extremes.

Re:Ouch (5, Insightful)

aproposofwhat (1019098) | more than 5 years ago | (#23668691)

I came up with this as a concept in 2000, when layer 7 switching was just becoming economically feasible for a startup ISP.

It never flew, because the people I was dealing with weren't complete cunts.

From the document: The advertisements were used to replaced [sic] a 'default' charity advertisement (one of Oxfam, Make Trade Fair or SOS Children's Villages) when a suitable contextual or behavioural match could be made by the PageSense system.

So not only are the bastards hijacking our traffic, they are overwriting paid-for charity ads as well.

I repeat, CUNTS!

Re:Ouch (1)

hostyle (773991) | more than 5 years ago | (#23669015)

Say i have my paid-for website with no ads displayed. Are Phorm potentially injecting ads for a competitor of mine into the pages I display to my visitors?

Advertisement Injection (5, Insightful)

TheMeuge (645043) | more than 5 years ago | (#23668139)

So let me see - if I am paying for bandwidth (which will soon be metered), and my ISP in injecting its ads into the webpages I am requesting, then the ISP is running down my bandwidth on purpose?

Isn't that sort of like someone from the electrical company who breaks into your house to turn the lights on while you're gone?

I won't even mention the privacy issues, cause those aren't "in" nowadays, nor are they likely to be a sufficient cause to nip this practice in the bud. Cheating people out of money, on the other hand, is always a great way to apply the US tort law to the cause.

Re:Advertisement Injection (5, Interesting)

Rhys (96510) | more than 5 years ago | (#23668205)

If you're paying for metered bandwidth, why are you accepting ads in the first place? AdBlock+ solves that problem very quickly.

Past that, maybe we can start seeing more "regular" traffic served over https -- DPI or not, it looks like garbage unless you can break the encryption. If someone comes up with a way to do that, there are a lot more serious problems to worry about than ad injection.

Re:Advertisement Injection (5, Insightful)

QUILz (1043102) | more than 5 years ago | (#23668321)

They could still hijack SSL/TLS sessions if users aren't paying any attention to warnings.

Re:Advertisement Injection (3, Insightful)

Ed Avis (5917) | more than 5 years ago | (#23668601)

Doing man-in-the middle attacks on SSL connections is beyond the technical ability of ISPs, even if users don't bother to check certificates. And the potential for them to get in trouble for it is a lot higher (e.g. if they ended up intercepting financial information, and then the ISP's servers got cracked...). So https is still the right answer here.

It's 2008, why aren't most websites just using https by default? A low-volume site can handle the load with today's superfast CPUs, and high-volume sites can afford to buy one of those crypto engine thingies.

Re:Advertisement Injection (1)

Nursie (632944) | more than 5 years ago | (#23668705)

"It's 2008, why aren't most websites just using https by default?"

Because you have to go to a third party and pay them money. That would be the problem. We don't (AFAIK) have a free signer with a widely distributed public certificate at present.

AFAIK, anyway.

Re:Advertisement Injection (3, Insightful)

Ed Avis (5917) | more than 5 years ago | (#23668805)

Yeah it sucks that you have to either pay money or endure scary messages from the web browser. There should be a way to label your site as self-signed where it wouldn't get the special secure icon or magic green glowing bar in the web browser, but on the other hand the user wouldn't be pestered about an invalid certificate (unless the cert offered really has changed since last time the user visited the site).

Re:Advertisement Injection (3, Interesting)

Nursie (632944) | more than 5 years ago | (#23668943)

I like that idea actually.

A sort of "You probably shouldn't trust me that much, but at least nobody's eavesdropping or screwing with the datastream" setting.

Re:Advertisement Injection (1)

Albanach (527650) | more than 5 years ago | (#23668877)

The CPU requirements of serving large numbers of encrypted pages are massive in comparison to non encrypted pages.

You need to spend CPU cycles encrypting each page for each browser rather than just firing the same data in response to multiple requests,often from a cache.

To make matters worse, browsers for good reason won't cache data received over SSL, so each page view sees much more data having to be served.

Re:Advertisement Injection (1)

Nursie (632944) | more than 5 years ago | (#23669005)

True, it does up the processing requirements and that could prove costly or even impractical for some high traffic sites. And would increase the bandwidth needed.

But maybe it's a direction we should be heading in when it looks like we are going to have ever-increasing difficulty in trusting that what we're receiving is what the originator actually sent.

Maybe sometime the backbones decide they want a piece of the action, hell, maybe some government decide that company X isn't using any of the infrastructure in MY country to peddle its propaganda and replaces everything that routes through their territory...

Re:Advertisement Injection (1)

Urban Garlic (447282) | more than 5 years ago | (#23668897)

> AFAIK, anyway.

I believe you're right, for normal values of "widely distributed", but I am aware of a promising candidate. Cacert.org provides free authority certificates, and their root certificates are bundled with Debian, and some other Linux distros. If the Firefox guys got on board, this could work.

Re:Advertisement Injection (1)

Timothy Brownawell (627747) | more than 5 years ago | (#23668763)

Perfectly feasible if the users get enough annoying pop-ups that they just click OK on the "invalid certificate" warning, or if they have an installer that adds extra ssl root certificates.

Re:Advertisement Injection (1)

Abcd1234 (188840) | more than 5 years ago | (#23668837)

Perfectly feasible if the users get enough annoying pop-ups that they just click OK on the "invalid certificate" warning

Which is why FF3 makes it so much more difficult to accept an invalid certificate.

Re:Advertisement Injection (0)

Anonymous Coward | more than 5 years ago | (#23668821)

> It's 2008, why aren't most websites just using https by default?

You either need an unique IP for each domain or SSL load balancer, SSL cert (the user gets 'confusing' dialogs with self-signed certs), extra bandwidth and there's been no compelling reason to do this. Phorm going live could be just the push we need for IPv6 / HTTPS by default.

I stopped running a HTTPS instance in 2002 due to lack of interest and endless emails about my self signed cert.

Re:Advertisement Injection (1)

TheLinuxSRC (683475) | more than 5 years ago | (#23668841)

It's 2008, why aren't most websites just using https by default?

Certificates cost money. In order to have an encrypted site that does not pop up a warning about unauthenticated certificates, you have to buy a certificate rather than generate your own. As an example (warning: shameless plug) visit https://pagewash.com/ [pagewash.com] (in Firefox 3.0 it not only gives a warning, but actually shows an "error" page.

If you do not buy one, many people will view your "safer" site as unsafe and simply not visit it.

Re:Advertisement Injection (0)

Anonymous Coward | more than 5 years ago | (#23668919)

Doing man-in-the middle attacks on SSL connections is beyond the technical ability of ISPs,
WTF? i work at an a reasonably large (3million custs) ISP, and let me tell you, we certainly do have the technical ability to do a MITMA. sure, we couldnt break the encryption, but hey, go buy a valid certificate set up a machine and pass the traffic.

its not _that_ hard.

Re:Advertisement Injection (0)

Anonymous Coward | more than 5 years ago | (#23668747)

"Past that, maybe we can start seeing more "regular" traffic served over https -- DPI or not, it looks like garbage unless you can break the encryption. If someone comes up with a way to do that, there are a lot more serious problems to worry about than ad injection."

It would not be that hard to do if the ISP added themselves to the root CA's on the users machine (the setup CD's that nearly all ISPs send out when you subscribe)

1. ISP handles the ssl session with the remote host
2. ISP decrypts traffic (as they are pretending to be the 'client')
3. Inject Adverts
4. ISP encrypts traffic with there key
5. ISP forwards traffic to the real client

Hopefully this is not legal for a ISP to do in the UK! (but I'm sure it could be allowed if they mention it in the TOS)

Re:Advertisement Injection (0)

Anonymous Coward | more than 5 years ago | (#23668227)

Well, if you're electric company charged a flat rate and didn't meter your service, it would be different. Since ISP's don't normally do this, it's a gray area.

Re:Advertisement Injection (2, Interesting)

Stewie241 (1035724) | more than 5 years ago | (#23668367)

I don't necessarily trust the ISP's JavaScript either... leave my pages alone thank you very much.

Glad I have a small ISP that likely won't do this, but I wonder if this means that random routers across the internet can use this to inject code into web pages.

Misrepresentation (5, Interesting)

Rob T Firefly (844560) | more than 5 years ago | (#23668387)

There's another issue. Say I post a banner for Charity X on my site, with a note saying "I support these guys with all my heart and soul, and I urge my readers to do all they can for this cause." You go to my site, but your ISP swaps said charity banner for an ad for personal ads or punching the monkey for a ringtone or some other damn thing, making it appear to you as though I'm imploring you to purchase something I would never willingly endorse.

The ISP is then responsible for using my image to endorse their product to my readership, without my permission. Do I have recourse against them for perpetrating such a fraud? IANAL, etc.

Re:Misrepresentation (0)

Anonymous Coward | more than 5 years ago | (#23668701)

Do I have recourse against them for perpetrating such a fraud? IANAL, etc.
Yes you have - although IANAL as well, they may be guilty of copyright infringement at $750 per work, possibly illegal wiretapping, fraud and forgery, depending on what exactly they are doing.

Re:Misrepresentation (-1, Troll)

Anonymous Coward | more than 5 years ago | (#23668703)

Serve your pages using https.

Loss of Common Carrier Exemption? (3, Interesting)

OmniGeek (72743) | more than 5 years ago | (#23668831)

It occurs to me that, at least in the US, an ISP that does ad injection *may* be losing its common-carrier status by changing the information that they convey from a Web site to the subscriber.

Consider that the data is being edited on-the-fly based on its content -- i.e., whether or not it's a banner ad. I think a good case could be made that this violates the conditions for a common carrier.

Question is, does this have any legally useful consequences in trying to prevent ISPs from doing it?

Re:Loss of Common Carrier Exemption? (5, Informative)

Red Flayer (890720) | more than 5 years ago | (#23669029)

It occurs to me that, at least in the US, an ISP that does ad injection *may* be losing its common-carrier status by changing the information that they convey from a Web site to the subscriber.
Newsflash: ISPs do not have common carrier status.

This means that whatever safeguards you associate with common carriers, are not enforceable wrt ISPs. A lot of the big ISPs are very happy with the current situation, since they basically get the benefits of common carriers, without the drawbacks (such as not be allowed to throttle certain users).

German Laws (0)

Anonymous Coward | more than 5 years ago | (#23668899)

In germany there are law against that.

- Surpression of Data Â303 StGB (up to 2 years in prison)
- can be extended to 5 years if the data is important for some organization

- Interception of Data 202b StGB (up to 2 years in prisong). Even producing or owning software or hardware that is designed to do this is a felony.

It should be noted, that the customers browser sends a request to see one ad, which is then answer by the ISP with a different add. This could be interpreted as forgery, because the ISP disguises as the legitimate source of the add.

Re:Advertisement Injection (1)

Derosian (943622) | more than 5 years ago | (#23669043)

You know, you are right, can a company charge you for something then go out of its way to make that something happen?

I can't think of any ready examples of this in other corporate areas, but this can't really be entirely legal. If your service is metered and you pay for a certain amount then unless you sign a contract stating otherwise the ISP is responsible for the added bandwidth costs which they send you advertisements with. It wouldn't make sense for YOU to pay to be spammed with advertisements. That would be like paying for free TV.

Is that legal? (4, Insightful)

Opportunist (166417) | more than 5 years ago | (#23668179)

Changing content and injecting different ads? I could see two possible violations here, one being copyright (altering content without the consent of the provider of the content), the other one dealing with fraudulent ad change (someone other than the one paying for the ads being displayed).

It's like a cable company changing the channel ads with their own. I doubt any channel would sit and bear it, especially since their customers (i.e. ad buyers) won't accept that.

Re:Is that legal? (1)

QUILz (1043102) | more than 5 years ago | (#23668281)

It's only legal if it's opt-in. Not entirely sure how obvious they are supposed to make it though...

Re:Is that legal? (2, Insightful)

corsec67 (627446) | more than 5 years ago | (#23668381)

How could a consumer opt-in with a company to violate a copyright held by a third party?

Take /. for example. How could I opt-in with my ISP to modify the page /. sends to me? Wouldn't that be a derivative, and a copyright violation?

Re:Is that legal? (1)

Irish_Samurai (224931) | more than 5 years ago | (#23668973)

Derivative works are protected under fair use.

Without going into it again, I posted a prospected stance that the ISP would take once challenged on this here [slashdot.org] .

Before people start flaming me to death, please note I am not taking the stance that I think this is great and awesome, just being honest with myself about the shit that is going to get thrown back at me when I take action.

Re:Is that legal? (2, Interesting)

porkThreeWays (895269) | more than 5 years ago | (#23668303)

It's like a cable company changing the channel ads with their own. I doubt any channel would sit and bear it, especially since their customers (i.e. ad buyers) won't accept that.
Which Comcast already does here in the US...

Re:Is that legal? (1)

Drathos (1092) | more than 5 years ago | (#23668739)

All cable companies do that. Usually, there's provisions in their contract with the content providers for them to inject a certain amount of local advertising into the feed.

Re:Is that legal? (1)

SithGod (810139) | more than 5 years ago | (#23668849)

They aren't actually changing the ads per say. A local cable company is allowed to sell certain ad space in a broadcast, hence why you'll see ads for Joe Schmo mattress warehouse while watching a nationally televised program. It's just that in that circumstance they are selling the ad to themselves. In summary, it's perfectly legal and a common practice for any carrier.

Re:Is that legal? (0)

Anonymous Coward | more than 5 years ago | (#23669045)

All networks do. There are deals negotiated for how many ads in each timeslot, etc. are inserted at the local (i.e. Comcast) level, local network (i.e. Channel 9 news or whatever) level, and national network (i.e. NBC) level. Everyone knows about it, instead of this under the table shady secret ad injection stuff, which is totally different.

Re:Is that legal? (1, Informative)

Anonymous Coward | more than 5 years ago | (#23668327)

I'm sure it was found illegal in the UK a few months ago (this report is from 2007)

http://news.bbc.co.uk/1/hi/technology/7339263.stm

Re:Is that legal? (1)

mpapet (761907) | more than 5 years ago | (#23668399)

I had another thought. What if the plan is to aggregate advertisers? This would destroy the sites that makes any money based on advertising, or have them go to BT for their ad revenue.

The -eventual- outcome would be every ISP that can afford to do it will create something vaguely like television only with some extra free info out there where they can't sell adverts.

In the time that it takes for the case to make it's way through court, they could make plenty of progress toward this end without consequences.

Re:Is that legal? (1)

Misch (158807) | more than 5 years ago | (#23668631)

Changing content and injecting different ads?

I would wonder what this would do for "common carrier" status held by these ISPs?

It's like a cable company changing the channel ads with their own

Seen it. In a very small city I used to live in, Time Warner injected their own ads over other ads on the cable network. You could always tell it was an injected ad because it was local and it was off by a fraction of a second, so you saw the beginning or end of an alternate commercial.

Re:Is that legal? (1)

norton_I (64015) | more than 5 years ago | (#23668945)

Except that the cable company has permission from the national feed to inject local ads in specific slots. Sometimes the raw feeds have black space in those locations, other times they have ads for people who watch the national feed directly. Your local cable company is certainly not splicing in their own commercials without permission.

Re:Is that legal? (1)

kiehlster (844523) | more than 5 years ago | (#23668961)

I agree it seems illegal. It sounds just like the music industry where we find poor artists because the record companies are knifing both sides of the relationship (customer and artist). For one, you're injecting ads to your customers who pay you in the first place. I can see the reason if you are trying to save the customer money by getting sponsors to pay the bills. However, you're possibly replacing ads placed there by content providers who may rely on that ad revenue to put food on their family's plates. That's downright stealing.

There's enough stealing going on from the customer perspective when they block ads to prevent outages/overcharges when they reach their limit; People coast down hills in neutral to stretch their mileage/dollar, so why wouldn't the same principle apply to bandwidth/dollar? So having the ISPs stealing ad revenue is more than double the trouble since fewer people know/care to block ads anyway.

Are ISPs going in the same direction as the media industry and the lovely RIAA?

For the uninitiated (4, Informative)

Anonymous Coward | more than 5 years ago | (#23668191)

BT stands for "British Telecom," Something they failed to mention, except in TFA

I hate it when people use too many arbitrary abbrivations. Let's start actually typing out names to set a context, then let people abbrivate in comments...

Re:For the uninitiated (1)

moz13 (673277) | more than 5 years ago | (#23668305)

I agree. It's annoying when I'm reading a summary and I have to go look up what AT&T means. How am I supposed to know it means American Telephone & Telegraph?

Re:For the uninitiated (2, Informative)

Stooshie (993666) | more than 5 years ago | (#23668445)

Over here in the UK, nobody needs to expand BT. Everyone knows what it means. (I assume you are not from the UK).

I'm sure stavros-59 just used it out of habit.

Re:For the uninitiated (1)

amias (105819) | more than 5 years ago | (#23668681)

>Over here in the UK, nobody needs to expand BT.
>Everyone knows what it means

yep , Bastard Telecom.

Re:For the uninitiated (0)

Anonymous Coward | more than 5 years ago | (#23668541)

At first glance, I thought they were talking about Blackthorne (http://en.wikipedia.org/wiki/Blackthorne), which used to launch off an executable named "BT.EXE".

Hey, at least it caught my attention.

Advertisers (0)

Anonymous Coward | more than 5 years ago | (#23668243)

You can just tell the online advertisers (The ones which invent ways to bypass all your lovely ad filtering) are going to take this lying down. (End Sacrasm)

How does it distinguish between an advert and real content?

I hear every now and then that SSL could be used to stop this, is this realistic given the load ad-servers would be under?

Re:Advertisers (1)

Stooshie (993666) | more than 5 years ago | (#23668491)

Advert tend to be fairly standard image sizes(468x60 and 120x60 being the most common) and are quite often delivered in iframes. They also tend to be delivered via a very small number of advert providers.

Re:Advertisers (1)

Stooshie (993666) | more than 5 years ago | (#23668509)

Unfortunately, if it is charities they are targetting then they are the least able to fight back.

Um, Replacing Charity Ads? (4, Insightful)

DigitalSorceress (156609) | more than 5 years ago | (#23668257)

Wow, talk about low:

In addition to the 18 million regular advertising injections or hijackings, it appears charity advertisements were hijacked and replaced with Phorm advertisements.

        "The advertisements were used to replaced [sic] a 'default' charity advertisement (one of Oxfam, Make Trade Fair or SOS Children's Villages) when a suitable contextual or behavioural match could be made by the PageSense system."

Re:Um, Replacing Charity Ads? (5, Interesting)

zwei2stein (782480) | more than 5 years ago | (#23668377)

Its actually good thing they did this.

Great way to influence public opinion against them and convince even usually non-caring people that something evil was going on.

Now if only major news picked this up and made big deal out of it...

Mod Parent Up! (2, Insightful)

Cassini2 (956052) | more than 5 years ago | (#23668411)

I noticed that quote too. It is completely despicable that they would remove charity advertisements. Actually, I think the entire system boils down to theft and unlawful interception of traffic.

What if the phone company inserted commercial adds when you were talking to someone on the phone?

Re:Mod Parent Up! (5, Funny)

Nursie (632944) | more than 5 years ago | (#23668771)

"Hi Jim, I just a bought a great new handheld console"
"Oh yeah, what did you get"
"A Sony Pzzzzzzzzzzzzzz^^^^^T Nintendo DS proudly sponsors this phonecall! Your pal loves Nintendo DS! bzzzzzt *click* so yeah you should totally get one so we can play against each other dude!"

Re:Mod Parent Up! (3, Funny)

vux984 (928602) | more than 5 years ago | (#23668927)

What if the phone company inserted commercial adds when you were talking to someone on the phone?

That's nothing. What if they intercepted and changed what was said:

You say: Hey Jim, How are ya?
He hears: Hey Jim, I wish I was eating a tasty Mars bar.

He says: Ok.
You hear: Ok.

You say: Wanna go see a movie?
He hears: Wanna go see Superbad, and get some popcorn?

He says: Uh... sure.
You hear: Uh... sure.

You say: Cool see ya.
He hears: Cool. Can you pick me up some Laramie cigarretes. They take me to flavor country!

He says: Uh... say what?
You hear: Uh... you too.

Re:Um, Replacing Charity Ads? (1)

mpapet (761907) | more than 5 years ago | (#23668475)

There's a very good reason they chose those ads. Do you think the non-profits have the resources to litigate this? What would they litigate exactly?

It's a big win for BT, and probably Comcast here in the U.S because there are so many legal issues that none of the harmed companies can afford to litigate it. It would be a career's-worth of work for both sides, with the ISP getting the vast majority of their wishes met either through litigation or purchasing legislation.

Re:Um, Replacing Charity Ads? (1)

aproposofwhat (1019098) | more than 5 years ago | (#23668895)

Do you think the non-profits have the resources to litigate this? What would they litigate exactly?

Litigation? I can see the likes of Michael Mansfield [wikipedia.org] sharpening his pencil and accepting the case pro bono without a second thought.

As to what they would litigate, theft seems a good starting point - if I have paid for advertisements to be served from a site, and some Jumped-Up Fucking Marketing Shyster then intercepts those adverts before the user has a chance to accept or reject them, then the JUFMS has stolen some of my potential income.

I don't see it taking more than a couple of days argument, though the level of damage could be debatable.

Re:Um, Replacing Charity Ads? (3, Informative)

fhage (596871) | more than 5 years ago | (#23668909)

TFA says BT purchased the ads they replaced. The Charities got free advertisements if they were not replaced.

Re:Um, Replacing Charity Ads? (0)

Anonymous Coward | more than 5 years ago | (#23669077)

It appears that the purchased the charity ads for the express purpose of substituting them. So they weren't stealing - the charity ads were the "place holders".

Still, I agree. Very, very low.

Copyright infringement (1)

RichMan (8097) | more than 5 years ago | (#23668335)

I see lawsuits killing this really quickly. The originating site is creating a unique copyrightable HTML text document. This document is being modified in transit against the wishes of the originator before being delivered to the destination.

Some lawyers are going to make megabucks off this one.

Spidey Sense Tingling (1)

whisper_jeff (680366) | more than 5 years ago | (#23668355)

I sense a major lawsuit coming. I can imagine more than a few laws being broken by this sort of manipulation (copyright violations, hacking violations, interference with business violations, etc.). I cannot imagine this will go on for too long. Obviously, I'm not a lawyer (but does that stop any of us form posting our opinions on legal matters?...) so I could well be wrong, but I can't imagine this not resulting in major lawsuits.

What's going to happen... (1)

physman_wiu (933339) | more than 5 years ago | (#23668373)

...companies are going to start paying the ISPs to advertise for them instead of companies like Google. They are feeling the heat from losing money on their bandwidth, now they have to think of a new strat. to get the cash flowing.

I for one don't mind this in some cases if it means that they would actually have the funds to hook the rest of the United States up to highspeed.

Re:What's going to happen... (1)

poetmatt (793785) | more than 5 years ago | (#23668453)

Uh?

Why not just use Google's ads (which are far superior) and monetize them? It's not like google refuses to cut you a share of the profits.

Or you can use completely irrelevant ads that nobody reads, that don't work, such as the viagra/enhance your mangina ads. If an ad isn't relevant and interesting, nobody will read it. This is more on the intrusive category, which means its unwelcome and useless.

Also, what about the funds the companies already have? Surely you dont' think they'd keep pocketing the money like they already do or anything, right?

Re:What's going to happen... (1)

physman_wiu (933339) | more than 5 years ago | (#23668579)

Well if I were running a company selling a local football teams T-shirt (or the like), I think that I would rather pay my ISP to target the people directly in my city.

There are already targeted ads like that but Google's ads are relatively unobtrusive (at least I don't think I've clicked on one in say a year or so, not from the search pages anyway), where as it's more difficult for Mom's and pops to ignore that HUGE graphic banner on almost every page that displays their favorite team.

Re:What's going to happen... (1)

aproposofwhat (1019098) | more than 5 years ago | (#23669011)

All that can be done by the site serving the ad through simple scripting - we know where the source address of the request is (well, roughly), and it's simple to serve a different image based on source IP address.

Oh, and good luck to the Shots [theshots.co.uk] for next season in the League :P

Re:What's going to happen... (0)

Anonymous Coward | more than 5 years ago | (#23668583)

ISPs getting paid for advertising is like the tail wagging the dog. If there was no content of value on the internet why the hell would I fork over money to an ISP every month? Without ad revenues to back it up the content will dry up.

Re:What's going to happen... (1)

physman_wiu (933339) | more than 5 years ago | (#23668917)

I think it forces a little bit more competition. Now I don't just have to go to the Big Boys to be seen. Just because my ad is through ValueClick or some other agency like that, doesn't mean that's it's going to target who I want it to.

In some situations, and with certain types of local ads this would be a good way to increase revenue.

Not that everyone under the Sun who wants to advertise is going to switch to ISP (as there are many situations where ad companies do a much much better job).

I like how it's charity ads that were intercepted (2, Informative)

3-State Bit (225583) | more than 5 years ago | (#23668403)

It's like the thinking goes "let's substitute out something utterly inconsequential and that will have no ramifications whatsoever". No, a charity isn't going to sue your pants off, so I guess it's okay, right?

What's next, Nike tests shoes (leaked codename: "rental") that deteriorate in 30 days -- on retarded children. Through a charity donation. That they write off their taxes the full value of.

Seriously: these are the times I'm glad to procrastinate about being an internet activist[1], because YOU CAN'T MAKE THIS STUFF UP. I couldn't have warned of this if I had tried.

[1] CHILL, guy with the sig 'whenever I hear the word activist I reach for my revolver' It's going to be all right.

Sites and others will move to SSL (1)

visionsofmcskill (556169) | more than 5 years ago | (#23668417)

This sort of BS will cause standard non-commercial / login sites to all move to SSL.

redirect Http://youriste.com to https://yoursite.com/ [yoursite.com] before anything is served.

If anyone thinks any of the CPM ad networks or major sites will allow this for even an instant, your eye is not on the money.

If they use such tech for the less easily encrypted protocols... you'll find those as well slowly pushed into it.

Which leaves the ISP's with two options if they wish to pursue this, they can proxy everything their customers connect to and essentialyl monkey in the middle the whole affair (not possible due to sheer processing/bandwidth... yet)... or they may form an alliance with the ad networks (scarier more likely prospect).

Oxfam ads substituted (3, Insightful)

andyh-rayleigh (512868) | more than 5 years ago | (#23668425)

I could see Oxfam (and the other charities who had their ads substituted) getting their lawyers to shakedown BT for a substantial "donation" as an alternative to being sued.

Re:Oxfam ads substituted (1)

fhage (596871) | more than 5 years ago | (#23668949)

TFA says BT purchased the adverts for the charities. It was not clear if they informed the charities beforehand.

The problem here (1)

Midnight Thunder (17205) | more than 5 years ago | (#23668437)

Other than the ethical issues, that these guys have no issue with (money before ethics), there is the potential issues of having advertisement for a competing product. Imagine going to Mercedes.com and having an advert for BMW. Also, isn't this likely to deprive content providers of advertising revenue?

iptables or squid-cache: ads -- /dev/null (1)

flyingfsck (986395) | more than 5 years ago | (#23668481)

I'm sure there is a way to use IPtables of Squid-cache to remove any and all ads from packets. If they can be put in, then they can be taken out just as easily.

Wow another good reason for adblock (1)

multi-flavor-geek (586005) | more than 5 years ago | (#23668495)

This is actually sick, great, lets steal from the charities to deliver targeted ads for Viagra, we need more boners not food for starving children. I think that they should be ending up under investigation for all kinds of privacy and copyright violations for this one. Hope they fry

Possible temporary fixes.... (4, Interesting)

postbigbang (761081) | more than 5 years ago | (#23668549)

1) write a checksum to a page; if it doesn't match (or another hashing method doesn't match) warn the user that the page has been intercepted and corrupted; the code might not be too tough

2) Use page receipts to vet page authentication

3) litigate, especially for copyright violation as the page has been misused by an intermediary for a purpose not intended by the page's author

4) other solutions that someone will think of; stop the page vandals NOW!

Re:Possible temporary fixes.... (1)

vux984 (928602) | more than 5 years ago | (#23668655)

1) write a checksum to a page; if it doesn't match (or another hashing method doesn't match) warn the user that the page has been intercepted and corrupted; the code might not be too tough

So much for using adblock.

Re:Possible temporary fixes.... (3, Insightful)

kvezach (1199717) | more than 5 years ago | (#23668781)

Intermediate term fix: Tunnel everything over IPsec. If ISPs are going to act like Eve or Mallory, let's treat them as such.

Re:Possible temporary fixes.... (0)

Anonymous Coward | more than 5 years ago | (#23669055)

great solution until the ISP decides to block all IPSsec traffic.

HTTPS (0)

Anonymous Coward | more than 5 years ago | (#23668555)

The original website could run HTTPS.

ISPs won't be able to alter the original content short of a man-in-the-middle attack.

Time for crypto... (1)

Captain Zep (908554) | more than 5 years ago | (#23668563)

So, I guess servers are now going to have to start doing widespread cryptographic signing of web pages so that users can tell whether or not the content they asked for has been tainted by going through a dirty inter-tube.

Z.

Brief Overview (2, Informative)

skinfitz (564041) | more than 5 years ago | (#23668595)

Interesting - whole system runs on RHEL (told you it was evil..) and multiple Squid processes. Adds some latency into browsing (obviously...) Old system dropped javascript tags into URLs but later version did not (resulting in some users having some javascript appearing in their forum posts - like that guy on the motorbike phorum if anyone remembers that incident) Apple.com among the 'download target' sites (page 49) but surprisingly due to Evil, not Microsoft or Google.

Do we have to... (1)

camperdave (969942) | more than 5 years ago | (#23668619)

... during the covert trial a possible 18 million page requests were intercepted and injected with JavaScript and about 128 thousand charity ads were substituted with the Phorm Ad Network advertizements purchased by advertisers...a means of serving advertising directly through Layer 7 interception at ISP level...

Do we really have to go down this road? I mean, if we can't trust that the page we're looking at is the page that was served... Are we going to have to go to HTTPS for our browsing now? Are we going to have to have MD5 checksums on our web pages to make sure they weren't tampered with? Stuff like this layer 7 interception will make it inevitable.

Adblock (1)

infonography (566403) | more than 5 years ago | (#23668669)

Sorry to slashdot and others, but I don't feel the slightest guilt in using that tool (ok slashdot is on my white list) but inspect my packets as deep as you like when adblock sees your ads now PHORM especially will get the boot.

Would a copyright challenge be possible? (1)

supersnail (106701) | more than 5 years ago | (#23668729)

Copyright conditions usually have a "reproduced without modification" clause so someone who's website is copyrighted and contains ads could thoereticaly sue the ISP for modifing thier page.

My bet is that if they once replace a google ad with one of thier own they will drown in subpeonas.

Forum security thingy (1)

LiquidCoooled (634315) | more than 5 years ago | (#23668785)

Do I recall recently that some sort of worm had attached itself to different forums around?

from the pdf:

page 5
3) It was noted that posting to some web forums through PageSense caused the Javascript tag to be appended to a number of users' posts. A fix was provided for this by 121Media towards the end of the trial, following which the issue was not detected. It should not arise with ProxySense as no tag is appended.

shocking.
So far the rest has been as bad if not worse.

Tortuous Interference W/ Contractual Relations? (2, Interesting)

Anonymous Coward | more than 5 years ago | (#23668817)

Some legal eagle can set me straight here but this sounds a bit like a case of tortuous interference. The site owner and the user have a contract that the viewer views their ads in exchange for the content. The ISP is coming in and interfering with that contract in a material way by replacing ads. Somebody could make some big money on a class action -- as tortuous interference settlements are often very large.

As an Oxfam contributor, I am pissed (2, Interesting)

Anonymous Cowdog (154277) | more than 5 years ago | (#23669067)

BT stole part of my donation to Oxfam.

I give money to Oxfam. They take my money, and use it to run their charity, which includes helping people as well as doing some overhead like, for example, creating ads and managing ad campaigns. Seems like a perfectly good use of my donation.

But now I find out that some of these efforts have been sabotaged, stealing part of the money I donated!

Not only does Oxfam have standing to sue, I would think Oxfam donors have also been wronged.

But worst of all, of course, is the loss of aid to the people who really need it. Hijack an Oxfam ad today, and another child goes hungry tomorrow.

https (1)

TheSHAD0W (258774) | more than 5 years ago | (#23669123)

I predict that soon all web pages will be served via https rather than http. The encryption puts a heavier load on the server, but makes it impossible for such injections to be performed.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...