Slashdot Mirror
ISPs Inserting Ads Into Your Pages
TheWoozle writes "Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I'm sure that they weren't asked for permission either."
I know this won't be everyone's primary concern, but what happens to all of those pages carefully crafted to adhere to a specific standard eg HTML 4.01, XHTML 1.1 or whatever else you may choose? Surely, unless these uninvited contributions also adhere to that specific standard, we have no hope of producing standards-compliant documents.
They later issued a new firmware that disabled this. But not before I had issued them a "fuck off" feedback. I have never bought another belkin product since and I strongly urge no-one else to do so either. Fuck them.
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
I am pissed that they are even addressing my http stream through proxy. Technically, that is eavesdropping my session. Not to mention that just looking for the place to insert the ad will most certainly screw up many web applications. Once an ISP crosses this line there is no limit on what they can do. Things like feeding you a bogus SSL cert while making it appear perfectly legit and decrypting your traffic, redirecting entire web sites, blocking content without your knowledge...it goes on and on. The ISP even having this information in their logs starts a huge slippery slope.
Everyone, immediately call a lawyer and run away from any ISP that does this. You have been warned.
It would seem pretty straightforward to document uses of your website to sell ads, so that you could sue ISPs for copyright violation. This seems pretty straightforward to me.
1) Generate a unique id for every webpage transmitted. php's uniq() function would be fine. Embed it in the page.
2) Generate a checksum before transmitting the page. Save the id and the checksum, perhaps in a mysql database, when transmitting the page.
3) Embed a javascript that can compute the checksum of the document at the user's end. Have it transmit the checksum back to the server.
4) If the checksum doesn't match, have the javascript transmit the content of the page and it's headers, and perhaps even a traceroute, back to the server.
5) Server stores all of the above in a "pages corrupted in transmission" log.
Log analysis should then give you a list of ISPs who have consistently corrupted your pages, details on what they inserted, and documented # of violations with date and time. You can take this documentation to the court and say "Look! Earthlink/Megapath/AT&T/Whoever has illegally copied my website to market their own advertisements 12,432 times in the last year!". Demand remuneration.
6) Profit!
7) Reduce ISP's willingness to fsck with other people's content and thereby make the world a better place.
8) (Optionally) Have your own javascript strip their ad and/or put a banner at the top that notes "Your ISP has attempted to illegally insert their own advertising into our website, thereby making money off you and me without either of our permission. We strongly suggest you switch internet service providers." -- try to get user pressure on the ISP.
I'm about to head out on a 10-day vacation. When I get back, if one of y'all hasn't written this yet I'll start on it myself.
I stole this sig from someone cleverer than me.
I am almost always against laws (which are often worse than the ill they are trying to right), but it seems to me that there ought to be some sort of regulation that requires ISPs (since they are mostly effectively monopolies) to offer a transparent pipe for those who want to avoid all their obnoxious practices.