Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tool Detects "In-Flight" Webpage Alterations

CmdrTaco posted more than 7 years ago | from the its-like-a-foil-hat-for-your-browser dept.

The Internet 197

TheWoozle writes "In a follow-up to a recent story about ISPs inserting ads into web pages, the University of Washington security and privacy research group has teamed with the International Computer Science Institute (ICSI) to develop an online tool to help you identify if your ISP is inserting ads or otherwise modifying the web pages you request."

cancel ×

197 comments

Sorry! There are no comments related to the filter you selected.

Should just block all ads, but... (4, Interesting)

nokilli (759129) | more than 7 years ago | (#19983869)

If that isn't desirable, do a patch to Apache that creates a header that holds a hash of the content.
The hash gets calculated once for static content, which is usually the bulk of the traffic, no? So
not too big of a hit.

Browser sees content. Browser sees hash. Browser compares the two...

--
Censored [blogspot.com] by [blogspot.com] Technorati [blogspot.com] and now, Blogger too! [blogspot.com]

Frames (2, Insightful)

benhocking (724439) | more than 7 years ago | (#19983937)

What if the ISP is simply putting the web-page in its own frame, and the advertisement in a second frame? Unless you add the ability for web-pages to dictate that they should not be in frames, this one can't really be trapped for like that. The ISP could create its own hash for the served web-page that holds the frames.

Re:Frames (1)

XanC (644172) | more than 7 years ago | (#19984025)

While I'm not sure why frames are any different from whatever other kind of content modification, you're right that the ISP could modify the hash, so GP's idea apparently won't help. SSL would...

Re:Frames (1)

brunascle (994197) | more than 7 years ago | (#19984085)

i dont think they could manage to do this without it being obvious to the user. frames arent exactly subtle.

Re:Frames (1)

mdm-adph (1030332) | more than 7 years ago | (#19984107)

No, it's definitely possible to hide a website within another frame. Just remove the borders -- not that 90% of web users know what the fuck a frame border looks like, anyway.

Re:Frames (1)

brunascle (994197) | more than 7 years ago | (#19984159)

but they'll see it once they scroll. and if the ISP doesnt add target="_top" to all the links, they'll see it when only part of the page refreshes.

Re:Frames (1)

mdm-adph (1030332) | more than 7 years ago | (#19984215)

They'll see it, and they won't care or probably even notice. (I've got users who can't even find buttons on a web page -- and this is when they look like standard OS buttons.)

Re:Frames (2, Interesting)

mdm-adph (1030332) | more than 7 years ago | (#19984163)

...Unless you add the ability for web-pages to dictate that they should not be in frames, this one can't really be trapped for like that...

<script language="JavaScript" type="text/javascript">
<!--
if (top.location != location)
{
top.location.href = document.location.href ;
}
-->
</script>
That should do it. ;)

Re:Frames (1)

IBBoard (1128019) | more than 7 years ago | (#19984561)

Assuming the user has JavaScript enabled and hasn't disabled it to stop the popup and other adverts ;)

Re:Frames (1)

mdm-adph (1030332) | more than 7 years ago | (#19984725)

Aww, you're right -- fuck it. I'm going back to BBS.

Re:Frames (2, Interesting)

VGPowerlord (621254) | more than 7 years ago | (#19984749)

If the ISP is inserting it into a frame on the fly, you've successfully created a page that will continually try to reload itself, as it will never be the topmost ancestor.

Re:Frames (1)

mdm-adph (1030332) | more than 7 years ago | (#19985035)

Good point. You could probably set a cookie the first time you do this, and then check it upon refresh to see if you're still in a frame.

Re:Frames (2, Interesting)

ixl (811473) | more than 7 years ago | (#19985011)

The hash would have to be signed by the originating website. So the frame would be detected, because the hash wouldn't be signed by the domain name that created the other content. Browsers could also display (at least) a warning when an unsigned frameset included a signed frame.

Re:Should just block all ads, but... (1)

Bigby (659157) | more than 7 years ago | (#19984041)

What if the ISP, having the server's (Apache HTTPD) code, recomputes the hash in the same manner.

Browser sees content. Browser sees hash. Browser compares the two...gets an OK.

Re:Should just block all ads, but... (0)

nokilli (759129) | more than 7 years ago | (#19984207)

Ah, but I thought of this. We expressly disallow ISP's from doing this! :)

Actually... the hash would have to take the form of a signature, wouldn't it. The site would
need to publish its public key in a well-known location, like the root, a la robots.txt.
-
Censored [blogspot.com] by [blogspot.com] Technorati [blogspot.com] and now, Blogger too! [blogspot.com]

Re:Should just block all ads, but... (1)

mdm-adph (1030332) | more than 7 years ago | (#19984241)

Couldn't the ISP just edit the contents of this well-known location you're looking for when you request it, however?

Re:Should just block all ads, but... (0, Redundant)

nokilli (759129) | more than 7 years ago | (#19984533)

Not if you put a hash in a header... ermm....

Hey man, I was just trying to get first post, ya know? How the fuck am I supposed to fix this shit in the fifty seconds I had to write this shit down.

Re:Should just block all ads, but... (1)

nokilli (759129) | more than 7 years ago | (#19984639)

Oh fuck, forgot my sig.

--
Censored [blogspot.com] by [blogspot.com] Technorati [blogspot.com] and now, Blogger too! [blogspot.com]

Re:Should just block all ads, but... (1)

mdm-adph (1030332) | more than 7 years ago | (#19984659)

Har har! Don't worry, we're all just gonna probably start using SSL for everything, anyway. All of our discussions here will probably be worth shit all (including mine).

Re:Should just block all ads, but... (1)

ArsenneLupin (766289) | more than 7 years ago | (#19984599)

Couldn't the ISP just edit the contents of this well-known location you're looking for when you request it, however?
Maybe have it signed by a well-known certification authority, à la SSL?

Ok, but then you may ask, why not use SSL as it is? Answer: much less overhead (only one static file would need to be signed, and hash would only need to be computed once per static html file. And for dynamic files, computing a hash would presumably be much faster than encrypting&signing). And it could be made compatible with name-based virtual hosts too (which SSL is not...)

Re:Should just block all ads, but... (1)

ericlondaits (32714) | more than 7 years ago | (#19984089)

But the ISP would just need to alter the header with the new hash for the adulterated page (which he can calculate as easily as the browser can). Also, this is no good for Ajax...

Re:Should just block all ads, but... (1)

nokilli (759129) | more than 7 years ago | (#19984235)

Why no good for Ajax? Whether it's xml or json, it's still content, and there are still headers, no?

--
Censored [blogspot.com] by [blogspot.com] Technorati [blogspot.com] and now, Blogger too! [blogspot.com]

Re:Should just block all ads, but... (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19984149)

Get first post, say something smart. Choose one.

Re:Should just block all ads, but... (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19984229)

/. News for TURDS, SHIT that floats

I hate /. fucking open source nigger-faggots.

nigger nigger nigger nigger
faggot faggot faggot faggot

8=======D~~~~~~~ Go suck RMS's hair smelly cock!

Go ahead, reply to this...I dare ya!

Re:Should just block all ads, but... (1)

J'raxis (248192) | more than 7 years ago | (#19984397)

Not just a hash, but a message digest [google.com] .

Re:Should just block all ads, but... (-1, Troll)

HMKAI (924435) | more than 7 years ago | (#19984961)

All these ideas are neat, but ultimately losers.

The real solution is economic.

MOVE TO ANOTHER PROVIDER TODAY. Yeah, it's a pain in the arsenic, but companies respond to pain. Don't bother to engage in a technical war with the spammers (that's what they are) just move away, and get all your friends to do the same thing.

Re:Should just block all ads, but... (0)

Anonymous Coward | more than 7 years ago | (#19985059)

Excellent idea! I'm cancelling my Comcast right now!

...

Uh oh. Cancelling is expensive, and then I have to move to get another provider.

Re:Should just block all ads, but... (2, Insightful)

mdm-adph (1030332) | more than 7 years ago | (#19985149)

You're right! Why didn't we think of that before! Let me just cancel my Charter account and move to.... nothing. Charter's the only provider for my area.

Re:Let the legal system work for you (0)

Anonymous Coward | more than 7 years ago | (#19985121)

If the pages you create have a copyright notice comment in them, I am pretty sure the ISP's could not modify them without your permission. I am not a lawyer, but it seems right to me.

What ISPs do this? (1)

InvisblePinkUnicorn (1126837) | more than 7 years ago | (#19983895)

Do ISPs really do this? I've never really noticed anything like this.

Re:What ISPs do this? (0)

Anonymous Coward | more than 7 years ago | (#19984033)

RTFRS?

Read The Frellin Related Stories. :P

Re:What ISPs do this? (2, Interesting)

Anonymous Coward | more than 7 years ago | (#19984175)

My hosting service (the University of Minnesota) sticks a little legal disclaimer (some h5 tags) in a contrasting colot at the bottom of every HTML page it serves for non-official accounts. It's the typical "The University of Minnesota is not responsible for the content...blah blah blah" message.

The dont add may be they can subtract? (1)

140Mandak262Jamuna (970587) | more than 7 years ago | (#19983917)

When was the last time I saw an ad of a rival to Verizon in my verizon dsl line, I wonder.

Oh lord the confusion (3, Interesting)

db32 (862117) | more than 7 years ago | (#19983923)

Do we sue the ad folks for inserting ads and stealing content? I mean, in just about any other medium this would wind up in court overnight as copyright and stolen content and so on. But now we have a circumvention tool to detect it...so are we going to get sued under DMCA like nonsense for attempting to circumvent the ad insertion?

Re:Oh lord the confusion (1)

cob666 (656740) | more than 7 years ago | (#19984713)

are we going to get sued under DMCA like nonsense for attempting to circumvent the ad insertion?

Isn't a web site considered to have copyright protection and haven't there been cases of companies trying to sue Google under the DMCA for caching their web sites? Could the ISP be in violation of the DMCA for modifying the original HTML to include ads.

Re:Oh lord the confusion (0)

Anonymous Coward | more than 7 years ago | (#19985155)

IANAL, but based on what experience I have with copyright...

A case might be made that the modified page is a derivative work incorporating the original web page. The creative aspect of the page is almost entirely in the "borrowed" part, though; so it might be possible to make a case that the ISP would need a license from the copyright owner to distribute the modified work.

Of course, that gets tricky. If we're saying that the ISP is distributing the modified work, then isn't an ISP that doesn't modify the page distributing the original work? If so, how do we account for that? Could I post a web page, wait for people to view it, and then sue their ISP's? If not, why not? Are we supposing a compulsary free license impiled by my posting of the material to the web? If so, what are the terms? Do I then have to allow derivative works? If I don't have to allow derivative works, what about proxy translators and aggregators?

In any case, using a tool to detect and thwart the changes is not a DMCA issue. DMCA proscribes circumvention of mechanisms for copy protection. What the ISP is doing isn't protecting their copyright -- they're the one party who clearly doesn't have a copyright interest in the transaction.

UW and Good Tool (1)

WED Fan (911325) | more than 7 years ago | (#19983925)

I like UW and their tools. I think they've done wonderful work. Paint.NET is fun, easy, and I love that they are still working on it.

Who/what is able add to your pages:

  • Host ISP
  • browser
  • plug-ins
  • End User ISP? - in other words, your hosting ISP most definately can add to your page. But, can the end-users ISP, insert it into to the stream as it passes through? Technically, this would be feaseble. Are there examples of this?

Re:UW and Good Tool (1)

i.r.id10t (595143) | more than 7 years ago | (#19984557)

Why not? One of the win32 desktop firewalls (zone alarm pro? IIRC) would modify HTML code on the fly to remove javascript calls to window.open and a few other things to "stop popups"... I guess that the viewer's ISP could easily run everything thru a transparent proxy and either change the page or change the images (see "upside down internet", etc.)

Re:UW and Good Tool (0)

Anonymous Coward | more than 7 years ago | (#19984615)

Paint.net was done by Washington State University, not the University of Washington.

They're different schools (and rivals)

Next week on Slashdot (5, Funny)

proverbialcow (177020) | more than 7 years ago | (#19983929)

ISPs intercepting, altering results from online security tool

Re:Next week on Slashdot (1)

proverbialcow (177020) | more than 7 years ago | (#19984087)

Lest you think I'm merely joking, FTFA:

Caveat 2: Our integrity checking mechanism is not cryptographically secure. If a "party in the middle" were modifying web pages that you visit, it could modify our scripts as well. Instead, our mechanism acts as a "tripwire" that is likely to catch any party that is currently unaware of our experiment. In the future, we could create a huge number of variants on the JavaScript tripwire. This would make it more difficult for a "party in the middle" to reliably determine that a JavaScript tripwire is running.

Re:Next week on Slashdot (4, Informative)

nweaver (113078) | more than 7 years ago | (#19984493)

We are specifically worried about this case. But we have some thoughts on how to make it more difficult for someone to do that, which will probably end up in a full paper later.

Answers to questions in this thread (5, Informative)

nweaver (113078) | more than 7 years ago | (#19983931)

We (the authors of the page) will be answering questions in this thread.

Feature request (1)

DreamerFi (78710) | more than 7 years ago | (#19984083)

make a package that can be used as a simple drop-in to a website to detect this. If enough websites implement something that alerts users that the webpage was altered, isp will be forced to stop doing this.

Re:Feature request (1)

Qzukk (229616) | more than 7 years ago | (#19984133)

isp will be forced to stop doing this.

That, or ISPs will work harder to defeat the detection.

Re:Feature request (1)

DreamerFi (78710) | more than 7 years ago | (#19984297)

That is a war that this package will win - probably with some cryptographic checks in version 2.0.

Re:Feature request (1)

csreis (1132205) | more than 7 years ago | (#19984285)

We do have a set of scripts that we intend to make available as an integrity checking tool for others to easily use on their websites. We'll be refining them based on what we learn from this experiment, and we'll probably use some randomization to make it harder to detect the "tripwire."

We'll make them available in the not too distant future.

Charlie

Re:Answers to questions in this thread (1)

brunascle (994197) | more than 7 years ago | (#19984223)

care to share any of the results yet?

Analyses (2, Informative)

nweaver (113078) | more than 7 years ago | (#19984385)

We've seen a couple cases of NebuAdd, one other that looks interesting, and a fair amount of addblocking/firewall software (eg, ZoneAlarm does some modifications)

We are waiting for the Slashdot and DIGG deluges to pass, however, before we have a more detailed analysis.

Re:Analyses (1)

mdm-adph (1030332) | more than 7 years ago | (#19984457)

God, I imagine those deluges are leading to quite a bit of usable data in a short-time frame! Are you planning to modify the results any on any kind of basis that most Digg and Slashdot (well, at least Slashdot) users are somewhat more technically literate (don't know if it makes any kind of difference in a test like this, but I'm curious).

Re:Analyses (1)

nweaver (113078) | more than 7 years ago | (#19984583)

Partially, we want to encourage people to pass it on to their nontechnical friends.

Our initial goal is to not map the space completely, but to

1) Validate the tool operationally

2) Try to find some cases, and analyze those cases.

Also, I think the tech savvy might be MORE vulnerable, as it seems to be small ISPs which are doing this, not the big ones.

Re:Answers to questions in this thread (2, Funny)

Anonymous Coward | more than 7 years ago | (#19984263)

Hi,

What is your favorite flavor of ice cream?

Re:Answers to questions in this thread (4, Funny)

nweaver (113078) | more than 7 years ago | (#19984627)

Strauss Creamery Soft Serve vanilla with sea salt and olive oil from Pizzeria Picco [pizzeriapicco.com] in Larkspur

Re:Answers to questions in this thread (1)

mdm-adph (1030332) | more than 7 years ago | (#19984763)

No offense, but isn't that kinda... weird tasting?

Re:Answers to questions in this thread (0)

Anonymous Coward | more than 7 years ago | (#19984673)


In the cult known as "The Landmark Forum" [rickross.com] there is no right choice!
You just chose flavor X because you chose flavor X! No explanation needed!

Fucking cults.

Re:Answers to questions in this thread (1)

mdm-adph (1030332) | more than 7 years ago | (#19984331)

Is there a way you could set this up on an https connection? Or would that automatically negate any ISP's attempts? (Or would it not matter?)

Re:Answers to questions in this thread (2, Informative)

nweaver (113078) | more than 7 years ago | (#19984459)

HTTPS, when certificates are properly used, is designed to prevent man in the middle viewing and modification.

Re:Answers to questions in this thread (0)

Anonymous Coward | more than 7 years ago | (#19984391)

As per proverbialcow: [slashdot.org]

Caveat 2: Our integrity checking mechanism is not cryptographically secure. If a "party in the middle" were modifying web pages that you visit, it could modify our scripts as well. Instead, our mechanism acts as a "tripwire" that is likely to catch any party that is currently unaware of our experiment. In the future, we could create a huge number of variants on the JavaScript tripwire.
This seems like a very silly thing to do - instead of engaging in an arms-race, why not make your tools 'cryptographically secure' - like serving them via HTTPS?

Re:Answers to questions in this thread (1)

nweaver (113078) | more than 7 years ago | (#19984553)

Because people don't use HTTPs for everything.

I agree that doing things cryptographically-authenticated would be a good thing (one could probably do a more lightweight opportunistic mechanism, myself and others at ICSI have an upcoming paper in HotSec on the possibility), but most people don't use https, and a lot of web sites don't SUPPORT https for many things.

Re:Answers to questions in this thread (0)

Anonymous Coward | more than 7 years ago | (#19984801)

Other than "system overhead"; are there any reasons why we can't/shouldn't/don't "Just use HTTPS" for everything?

-AC so I don't lose my geek license here on /.

Re:Answers to questions in this thread (2, Informative)

nweaver (113078) | more than 7 years ago | (#19984843)

One of the big reasons is the certificate model...

If you self-sign, everyone gets a nag panel everytime they visit your web page. If you have verisign or someone else provide you with a certificate, it costs real money.

Also, the HTTPS handshake is expensive, figure ~.1 CPU second per visitor to handle the public key exchange, and it starts to add up. There is a reason why GOOGLE doesn't use https for gmail by default (you have to manually type in https://mail.google.com/ [google.com] to get gmail through SSL), the key echange is expensive, even by Google's standards.

Re:Answers to questions in this thread (0)

Anonymous Coward | more than 7 years ago | (#19984593)

Pages served over HTTPS cannot be modified in transit, it would be redundant.

Re:Answers to questions in this thread (1)

Lord Ender (156273) | more than 7 years ago | (#19984873)

Without reading the article (a slashdot tradition), why would your service be any better than using SSL? SSL was designed to detect alterations in content, and has been around for ages.

Re:Answers to questions in this thread (2, Informative)

nweaver (113078) | more than 7 years ago | (#19985105)

Because people don't use SSL, and ISPs are actively inserting adds into web pages.

ANd click the link anyway, we want to have as many people try it as possible.

Re:Answers to questions in this thread (0)

Anonymous Coward | more than 7 years ago | (#19985245)

Their goal is to detect crooked ISPs, not to defend yourself against them.

In meatspace it would be like testing bikes to see which brands fall apart, and you show up and say "why don't you just wear a helmet?".

Re:Answers to questions in this thread (1)

Compholio (770966) | more than 7 years ago | (#19985023)

Have you found that these services are applying modifications to requested pages that specifically state not be cached with the no-cache option [w3.org] ? Have you found these modifications to also apply to AJAX requests?

Re:Answers to questions in this thread (1)

nweaver (113078) | more than 7 years ago | (#19985163)

We do not check for either of those cases (yet).

Please don't post negative results! (4, Informative)

maggard (5579) | more than 7 years ago | (#19983951)

No need for thousands of "All good in Kalamazoo" & "Up to date in Kansas City" posts.

Re:Please don't post negative results! (1)

mtp85 (1132905) | more than 7 years ago | (#19984171)

It'd be pointless anyway, since everything's up to date in Kansas City.

Positive results. (1)

KingBozo (137671) | more than 7 years ago | (#19984323)

I always thought it was funny that I get tons of MicroSoft ads when viewing slashdot, now it all makes sense with my MSN as my ISP they are inserting those nasty ads everywhere.

Huh? (-1, Troll)

DogDude (805747) | more than 7 years ago | (#19984051)

ISP's inserting ads into web pages?

1. What kind of moron would never look at their own web site as they develop it and not notice this?

2. What kind of moron would continue using an ISP like this? Why would an ISP that did this stay in business another day?

This whole subject doesn't make any sense to me.

Re:Huh? (1)

mdm-adph (1030332) | more than 7 years ago | (#19984299)

ISP's inserting ads into web pages?... 2. What kind of moron would continue using an ISP like this? Why would an ISP that did this stay in business another day?

This whole subject doesn't make any sense to me.
#1 90% of computer users.

#2 Because there's no other choice for most users when it comes to ISP's.

Re:Huh? (0)

Anonymous Coward | more than 7 years ago | (#19984301)

Well, I hear that in Soviet America they have to use the ISP decided by their corporate overlords as the only option if they want high speed internet, so they do not have any other option but to use the crappy ISPs for a very high price in that case.

Re:Huh? (1)

TheWoozle (984500) | more than 7 years ago | (#19984315)

1. You're hosting ISP may not do this, but the ISPs of the people who view your webpage may. How would you know? Are you going to sign up for an account with every ISP in existence and test each one for yourself?

2. There are plenty of people who would never know: people who use adblocking software, for one. In any event, many commercial webpages are so overrun with advertising anyway, how would you know that one in the crowd was inserted by your ISP and not original to the page?

The subject doesn't make sense to you because you're not running a small ISP. The potential revenue vs. the loss of a few savvy customers might be a trade-off you'd be willing to make if the upside were big enough.

Re:Huh? (1)

Raistlin77 (754120) | more than 7 years ago | (#19984327)

3. What kind of moron continues to use Microsoft products?

4. What kind of moron continues to use AOL?

5. What kind of moron uses Alexa?

If you can answer 3-5, then you already know the answers to your own questions.

Re:Huh? (2, Informative)

fullmetal55 (698310) | more than 7 years ago | (#19984361)

It's not the host ISP that's inserting the ads, It's the "Client" ISP, for example Joe Smith buys a computer and buys high speed internet from "ECI" the Evil Cable ISP. Joe Smith visits Bob's Website, Bob, who hates ads never put any on his webpage, and instead makes his money through online sales of his product. Now Joe loads up Bob's webpage to purchase a widget from Bob, and he sees Ads all over Bob's Website. Bob who has GHI (Good Highspeed ISP) visits his website and there's no ads. ECI is putting the Ads on Bob's website. and collecting all the revenue from those ads. Profiting off of Bob's Website.

Re:Huh? (0)

Anonymous Coward | more than 7 years ago | (#19984501)

2. What kind of moron would continue using an ISP like this? Why would an ISP that did this stay in business another day?

Well, unfortunately for me I want broadband access, and in my area I'm stuck with only one choice for an ISP. So, whether my ISP inserts ads or not I really only have two choices: 1) Learn to like it* 2) Learn to live with no internet access.

* - Of course there is always choice 1b) Learn to use Firefox with the Adblock Plus plugin (which I already do - and it works great!). This is a choice that I'm sure many others will point out.

And yes I've called several other broadband providers and none of them have any plans to provide service to my area.

A possible workaround (4, Informative)

Spy der Mann (805235) | more than 7 years ago | (#19984119)

A friend of mine had a similar problem with his webpages. They were on a free host (rolls eyes). I wrote a script for him to store special tags to denote the beginning and the end of his webpage content. After the webpage was loaded, a script erased everything and replaced all the html with his marked content. Ta-da, no ads!

If you want to be stricter, encode your webpage content with base64 to make sure the ads don't intrude your precious content.

Re:A possible workaround (5, Insightful)

Raistlin77 (754120) | more than 7 years ago | (#19984411)

I'll bet that his user agreement with that free host also clearly states that circumventing their added content in the manner that your script does is prohibited. If they discover your script, they'll likely disable his account.

Re:A possible workaround (0)

Anonymous Coward | more than 7 years ago | (#19984415)

That sounds... messy, or at least revealining an unfamiliarity with the DOM.
Probably could have just display: none rules in CSS, most ad content is pretty predictable.
Or at least JS that only snipped out portions of the DOM.
Of course, the whole point of being on a free host is it was paid by ads, he was probably in violation of
TOS and should have been prepared to lose everything on the server at a moment's notice.

Re:A possible workaround (1)

Jeff DeMaagd (2015) | more than 7 years ago | (#19984575)

A friend of mine had a similar problem with his webpages. They were on a free host (rolls eyes).

Sounds like someone's being a cheapskate. Paid hosting can be had where you get your own virtual server for $1 a month, though a domain name is extra. For as little as that costs, it's almost not worth any time dicking around trying to counter your free host's means of hosting his site.

Re:A possible workaround (3, Informative)

Excors (807434) | more than 7 years ago | (#19984737)

For sites like GeoCities that add

</object></layer></div></span></style></noscript>< /table></script></applet>(...adverts...)
to the bottom of your page to stop you trying to hide their adverts, it could be good to add <plaintext style="display: none"> to your page just before the point where they add their junk. plaintext is the unstoppable monster [htmlcodetutorial.com] of HTML – there is no closing tag, and the rest of the page will be treated as plain text instead of HTML. It's a slightly obscure feature, but it has better support between web browsers than many other parts of HTML and it can be fun to play with...

acronym nazi (1)

darkwhite (139802) | more than 7 years ago | (#19984129)

International Computer Science Institute (ISCI)
It's ICSI. Pronounced Ee-ksee. It's where they exile you if you're not nerdy enough for Berkeley Computer Science proper, or something ;)

I've got a better method... (-1, Flamebait)

DogDude (805747) | more than 7 years ago | (#19984177)

It's called your eyeball. You can "see" if there is an "advertisement" in your own web page! Yeah, it's pretty revolutionary, but stick with me here.... you have your own or manage a web site... you "look" at the web page using your own, built-in eyeball. Then, you can use the image acquired using your eyeball to "analyze" the page and "see" if there is an ad in there that's not yours.

[patent pending]

Re:I've got a better method... (2, Informative)

brunascle (994197) | more than 7 years ago | (#19984281)

they're not talking about the ISP hosting the web page, they're talkign about your ISP adding ads to random sites that you visit. client-side, not server-side.

Re:I've got a better method... (1)

mdm-adph (1030332) | more than 7 years ago | (#19984387)

Actually... theoretically, would this be somehow "between" client-side and server-side? I'm having a hard-time classifying this type of interception.

Re:I've got a better method... (-1, Offtopic)

Nerdposeur (910128) | more than 7 years ago | (#19984335)

MOD PARENT UP! Funny.

What about the terms of service? (1)

petercruickshank (1132185) | more than 7 years ago | (#19984189)

I guess the next step is for the ISP to add their right to do this into your agreement with them.

Re:What about the terms of service? (1, Insightful)

Anonymous Coward | more than 7 years ago | (#19984355)

Yeah, well, it's not you that has the beef - it's the creator of the web site who's had his work modified. Your ISP is making a derivative work of his site, and you can't give your ISP permission to do that, only he can. TOS between you and your ISP won't make a damn bit of difference in this case.

Inserting Ads (3, Funny)

NeoTerra (986979) | more than 7 years ago | (#19984249)

A certain ISP in Canada [userfriendly.org] delt with this not long ago...

Inline HTML Signatures (1)

goofy183 (451746) | more than 7 years ago | (#19984255)

I've wondered about this for a while as a way to defeat XSS attacks but would be adding some sort of ability to sign the content in a HTML response be beneficial here? You could use your SSL cert to simply add a signature response body for content transmitted over http. I way to inform the browser to expect the signature that the ISP can't strip out may be problematic though.

The XSS idea would be to have the ability to have multi-part responses from the web server. The browser would put the page together from each part in order but only parts that contained a valid signature from your domain cert would have scripts and such executed by the browser. Then we don't have to worry about escaping scripts and such in the output content.

Re:Inline HTML Signatures (1)

Jeff Ballard (25222) | more than 7 years ago | (#19985083)

The simple solution to this is to use https: url's whenever possible. Without the private key, your ISP can't manipulate the traffic (and still have it be valid).

Simple in principle (1)

jimicus (737525) | more than 7 years ago | (#19984333)

I can think of one way to do it - but it wouldn't be too hard for a determined ISP to defeat:

Step 1: Calculate md5sum of webpage, store in separate location.
Step 2: Include on the webpage some javascript to md5sum itself and compare this to md5sum in known location. Issue an alert if it differs.
Step 3: Profit!

Of course, this is awkward for dynamically generated pages and if the ISP is happy to mess around with the page to insert ads, they're probably also happy to mess around with any javascript which detects it coming down the line. Does this method solve that?

What about upstream modification (5, Funny)

SeanTobin (138474) | more than 7 years ago | (#19984377)

It seems that everyone is concerned about downstream modification, and is completely ignoring the possibility of upstream modification. What if Sprint [verizon.com] started modifying upstream http [amazon.com] -posts to start a more viral ad distribution system? Not only would they be able to target their customers [barnesandnoble.com] , they would also be able to target the customers of anyone who could read the post!

This is the reason that we need to push for network neutrality [handsoff.org] . When the only choices are between a giant douche [summerseve.com] which alters content and a turd sandwich [panerabread.com] which alters content, the customer ends up screwed [lowes.com] in the end.

Re:What about upstream modification (1)

Red Flayer (890720) | more than 7 years ago | (#19984641)

What if Sprint [verizon.com] started modifying upstream http-posts to start a more viral ad distribution system?
Not for nothing, but I'd imagine Sprint [sprint.com] would be more likely to insert an ad for Sprint [sprint.com] than an ad for Verizon [verizon.com] .

Then again, maybe Verizon is your carrier... so maybe you would be directed to Sprint at Sprint [verizon.com] .

ISPBlock Plus (0, Offtopic)

andrewd18 (989408) | more than 7 years ago | (#19984417)

I've got this awesome new Firefox plugin called ISPBlock Plus. It blocks all the packets your ISP is sending you in-flight. No more ads!

Re:ISPBlock Plus (1)

mdm-adph (1030332) | more than 7 years ago | (#19984485)

I tried that one. The internet seemed a lot more peaceful and calm, though less informative.

They WANT to be slashdotted (2, Informative)

ookabooka (731013) | more than 7 years ago | (#19984559)

These guys actually want as much traffic as they can get to get a good idea of what isps are doing what. Go ahead, click online tool. [washington.edu] It's pretty nifty.

Old stuff. (3, Interesting)

TheLink (130905) | more than 7 years ago | (#19984845)

Years ago on one April Fool's day, I got a list of ad sites (from the usual /etc/hosts files out there), then got the internal DNS server to resolve them to a server that served up the company logo instead (for all possible url paths).

FWIW, seemed only one person noticed that the forbes page they loaded somehow had the company logos everywhere :). Nope I didn't get fired or even reprimanded - plus even better - I was saving company bandwidth (remember this was years ago)... Nobody complained about the lack of ads from ad.doubleclick.net and gang.

I toyed with the idea of substituting ads with reminders (meeting at 2pm, or "you have been on slashdot for 2 hours!") and other more useful information.

Lastly, I don't think their naive hashing thing checks if you are altering the images - the content may remain unchanged, but linked to contents may change (they aren't checked from what I see), so it doesn't work for my scenario where different ads are substituted for the unaltered URL.

That said, I'm still curious on:
1) How many ISPs would bother modifying traffic from those 7 destinations they are testing.
2) What the various laws around the world say about this.
3) What those laws say about "sponsored internet access" where an ISP gives a cheaper package/plan where the ads are substituted with the ISPs advertisers with the risk of some corrupted info.
4) What those laws say about "streamlined internet access" where an ISP provides a package/plan where ads and other crap are removed (or modified) for their customer.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>