Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tool Detects "In-Flight" Webpage Alterations

Posted by CmdrTaco on from the its-like-a-foil-hat-for-your-browser dept.

TheWoozle writes "In a follow-up to a recent story about ISPs inserting ads into web pages, the University of Washington security and privacy research group has teamed with the International Computer Science Institute (ICSI) to develop an online tool to help you identify if your ISP is inserting ads or otherwise modifying the web pages you request."

9 of 197 comments (clear)

  1. Should just block all ads, but... by nokilli · · Score: 4, Interesting

    If that isn't desirable, do a patch to Apache that creates a header that holds a hash of the content.
    The hash gets calculated once for static content, which is usually the bulk of the traffic, no? So
    not too big of a hit.

    Browser sees content. Browser sees hash. Browser compares the two...

    --
    Censored by Technorati and now, Blogger too!

  2. Oh lord the confusion by db32 · · Score: 3, Interesting

    Do we sue the ad folks for inserting ads and stealing content? I mean, in just about any other medium this would wind up in court overnight as copyright and stolen content and so on. But now we have a circumvention tool to detect it...so are we going to get sued under DMCA like nonsense for attempting to circumvent the ad insertion?

    --
    The only change I can believe in is what I find in my couch cushions.
  3. Re:Frames by mdm-adph · · Score: 2, Interesting

    ...Unless you add the ability for web-pages to dictate that they should not be in frames, this one can't really be trapped for like that...

    <script language="JavaScript" type="text/javascript">
    <!--
    if (top.location != location)
    {
    top.location.href = document.location.href ;
    }
    -->
    </script>
    That should do it. ;)
    --
    It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
  4. Re:What ISPs do this? by Anonymous Coward · · Score: 2, Interesting

    My hosting service (the University of Minnesota) sticks a little legal disclaimer (some h5 tags) in a contrasting colot at the bottom of every HTML page it serves for non-official accounts. It's the typical "The University of Minnesota is not responsible for the content...blah blah blah" message.

  5. Re:Frames by VGPowerlord · · Score: 2, Interesting

    If the ISP is inserting it into a frame on the fly, you've successfully created a page that will continually try to reload itself, as it will never be the topmost ancestor.

    --
    GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
  6. Old stuff. by TheLink · · Score: 3, Interesting

    Years ago on one April Fool's day, I got a list of ad sites (from the usual /etc/hosts files out there), then got the internal DNS server to resolve them to a server that served up the company logo instead (for all possible url paths).

    FWIW, seemed only one person noticed that the forbes page they loaded somehow had the company logos everywhere :). Nope I didn't get fired or even reprimanded - plus even better - I was saving company bandwidth (remember this was years ago)... Nobody complained about the lack of ads from ad.doubleclick.net and gang.

    I toyed with the idea of substituting ads with reminders (meeting at 2pm, or "you have been on slashdot for 2 hours!") and other more useful information.

    Lastly, I don't think their naive hashing thing checks if you are altering the images - the content may remain unchanged, but linked to contents may change (they aren't checked from what I see), so it doesn't work for my scenario where different ads are substituted for the unaltered URL.

    That said, I'm still curious on:
    1) How many ISPs would bother modifying traffic from those 7 destinations they are testing.
    2) What the various laws around the world say about this.
    3) What those laws say about "sponsored internet access" where an ISP gives a cheaper package/plan where the ads are substituted with the ISPs advertisers with the risk of some corrupted info.
    4) What those laws say about "streamlined internet access" where an ISP provides a package/plan where ads and other crap are removed (or modified) for their customer.

    --
  7. Re:Frames by ixl · · Score: 2, Interesting

    The hash would have to be signed by the originating website. So the frame would be detected, because the hash wouldn't be signed by the domain name that created the other content. Browsers could also display (at least) a warning when an unsigned frameset included a signed frame.

  8. Not quite... by nweaver · · Score: 3, Interesting

    This is a war however which we can make damn difficult by using virus-like mutation techniques, so that every checker looks different: force THEM to solve the AV defender arms race.

    As long as the actual API used by the Javascript is common enough that the ad-injectors can't recognize and block our code by keeing in on the API calls rather than the overall Javascript.

    The proper solution, adding integrity checking to all HTTP, seems like its not happening.

    --
    Test your net with Netalyzr
  9. Re:Frames by Impy+the+Impiuos+Imp · · Score: 2, Interesting

    > What if the ISP is simply putting the web-page in its own frame, and the advertisement in a second frame?

    What if we just jail the billionaires who own the ISPs for altering the copyrighted content of web pages?

    A 99.9999997183% decrease in salary for hours worked accompanied by a change in lovers from Big Boobs to Big Bubba might be just what the doctor ordered.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.