Go Back   XplornetSUCKS > News
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Thread Tools Display Modes
Old 04-03-2013, 05:24 PM
buttitchi buttitchi is offline
offline "Global Moderator" Retired
Join Date: Feb 2008
Posts: 213
Default ISPs and ad injection again ( april 2013)

From time to time, greedy ISPs will use deep packet inspection to then use deep packet injection to put ads into webpages that you are viewing.
Classic man in middle hack attack.

These scummy schemes get noticed by people who know what ads are or are not on webpages.
For an example Google.com has no ads on its landing page(other than the top right and get chrome browser). If you see ads that means either an ISP is injecting them or you have an infected computer that is injecting the ads for you.

In some cases with these injections the ISP will actually strip out the websites own ads and replace them with ads from the ISP.

By the way, there are no ads on this site.

How would you like it if a banner ad was inserted on the bottom of every web page, on top of content you are trying to read and eating away at your usage allowance?

Customers of CMA Communications can tell you, because their web browsing experience now includes advertising messages injected by the cable company to earn more revenue.

CMA, which operates rural cable systems in Texas, Louisiana, Mississippi and Nevada,.....
CMA Communications is using JavaScript code injection that overlays third-party advertisements on top of various websites

More details in this Reddit thread...

I'm not exactly sure which subreddit this would belong in (or if it even belongs in a subreddit).

My ISP is called CMA Communications, and they operate in small towns in Nevada, Louisiana, Mississippi, and Texas.

CMA, as of March 7th (but earlier in a few select towns), has decided to inject advertisements into any and all websites (except for ones they can't, such as SSL-enabled ones) [encrypted] . They do this through a module they get from a company called r66t ("root 66").

When contacted, CMA said that this was an idea of the VP of Marketing to bring in additional revenue.

There are four major issues I have with this.

They're using the Internet they're selling (at an already high price) as a platform for advertisements to bring them in more money. This is not the way they should be doing it, especially given the intrusive nature of the advertisements.

The advertisement that scrolls in from the bottom can not be dismissed, and is rather intrusive if you're using a small screen. I've tried on OS X (chrome/safari), Windows XP (chrome), Debian wheezy (chrome/firefox), Android Jellybean on a Nexus 7 (chrome), and Chrome on iOS.

r66t could inject arbitrary javascript into the webpage, and I find it somewhat frightening that an ISP would allow them to do so.

The main reason I'm posting this here, however, is that the advertisements served up by r66t cover up advertisements that websites are selling with their own. Here's an example on reddit. http://i.imgur.com/Enz20T7.png This seems like an immoral move at best, and potentially illegal to do at worst.

As mentioned before, we've contacted CMA about this, but I'm wondering if there's something more we should be doing

Note that we have taken care of this within our home network by blocking *.r66t.com through DNS.


We do not have the ability to (reasonably) switch to another ISP

We contacted Amazon, eBay, and a few others. The most prominent response we received was from Amazon, who were concerned that their advertisements were being replaced with that of r66t. Not sure this is going to go anywhere, but it was at least worth telling them about it.

For some reason they've suddenly switched from <script> injection to <iframe> injection, and I don't understand why. Perhaps someone else might?

Okay, it seems that the idea of doing this isn't so new after all. This has been done by numerous ISPs, and it's been covered by TechCrunch, discussed on Slashdot, discussed on Reddit and Hacker News in the context of Hotel Internet service, and covered by many others. In previous cases, most of the ISPs had clauses in their ToS stating that they can add advertising material to the page at whim. The issue now is that I can not find such a page on CMA detailing their ability to insert advertising material into the page. Need to sleep, but after I get up I'm going to keep searching.

To people saying we should use a VPN: we absolutely will if this doesn't get addressed (and might even if it does, given the breaking of trust that occurred). At the moment our DNS solution is fine.
Interesting about the Iframe replacement of the former javascript injection to possibly try and avoid legal issues of modifying the web page itself. Overlay the ad and who cares if it blocks the view of the webpage.
I do not like Iframes(in a new window frame in the initial webpage) as they are a pain in the ass. Some sites that have links to other sites content will try and force a new 'in page window' to open up without the user actually 100% going to the linked site.
Picture it like your desktop and you open a browser window. You are still on your desktop, but you have this window to see beyond your desktop.
Hi Diddly Ho, Good Neighborino

Last edited by buttitchi : 04-03-2013 at 06:30 PM.
Reply With Quote
Old 04-04-2013, 10:49 AM
Brad R Brad R is offline
Linux Member
Join Date: Apr 2007
Location: Ontario
Posts: 607

One reason I like the Opera browser is that it lets me block iframes. I also surf with Javascript disabled, and configure Opera to automatically enable it only for the specific sites where I want to use it. And I can configure Opera's ad-blocker to block *.r66t.com if I need to.

I'll admit that the NoScript plugin for Firefox is way better than the Javascript blocking option on Opera. You have much finer control over what scripts get blocked, and it's easier to override the block temporarily. Combine that with the AdBlock Plus plugin and you can pretty much get rid of everything annoying when using Firefox. (I don't know if Firefox or one of the plugins will block iframes, but I expect that they do.)
4G Fixed Wireless Formerly Echostar 17 "Jupiter"; Rogers Rocket Hub; Everus 3.5 GHz Wireless; Telesat Kazam plan; HughesNet Ku.
A computer without Windows is like a chocolate cake without mustard. http://www.goodbyemicrosoft.net
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

All times are GMT -4. The time now is 01:24 AM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.