Cox Comm. Injects Code Into Web Traffic To Announce Email Outage

An anonymous reader writes "Cox Communications appears to be injecting JavaScript and HTML into subscribers' traffic, as part of their effort to announce an email service outage. Pictures showing the popup."

Is this News?

[omega6]

Providers have been doing similiar things for a while...If you want security, use https.

Re:Is this News?

Butt it's Cox so it's funny bathroom humor.

Re:Is this News?

[Pedrito]

No, not like this. At least I've never seen it before. This is intrusive. I've had it show up in my browser at least 3 times in the past couple of hours and it's about a service I don't even use. I don't care if their e-mail is out. I don't use their e-mail. I don't want this stuff and there ought to be a simple way to opt out.

Re:Is this News?

[sabri]

No, not like this. At least I've never seen it before. This is intrusive. I've had it show up in my browser at least 3 times in the past couple of hours and it's about a service I don't even use. I don't care if their e-mail is out. I don't use their e-mail. I don't want this stuff and there ought to be a simple way to opt out.

There is, it is called: Vote With Your Money...

Re:Is this News?

[mwvdlee]

there ought to be a simple way to opt in.

FTFY

Re:Is this News?

[Pedrito]

Actually, that's exactly what I'm going to do now. I was already pissed because my connection has been going down a lot lately. Then they pull this crap. Bye Cox!

Re:Is this News?

[GoodNewsJimDotCom]

Too bad you can't vote with your money when there is a monopoly/oligopoly. I remember Comcast suing the government for competing in certain areas. Why isn't UPS and Fedex suing the Post Office?

Alternative title: Cox acting like a bunch of dicks.

Re:Is this News?

[rickb928]

Around here, that means voting for Centurylink. great choice.

Re:Is this News?

[guttentag]

It's the modern equivalent of the phone company playing a recorded message while you are talking to someone on the phone. Or the post office opening your mail and gluing a message to the contents, ransom-note-style, about your mail carrier being out sick. It wouldn't happen. But cox wants to condition people to think of the web like cable TV, where thy can cover part of the picture with service announcements. The FCC needs to weigh in on this and stop it.

Re:Is this News?

I just love Cox. That's my favorite part of the internet. I'm on Cox for several hours a day, every day. You might say I'm a Cox addict. If Cox wants to deliver a friendly payload during my regular service, I don't find that hard to swallow. I'm quite pleased when Cox injects this sort of material for me and I'm always eager for more. If you haven't tried Cox, you really should. There's nothing quite so fulfilling or satisfying as Cox.

Re:Is this News?

[paiute]

Why isn't UPS and Fedex suing the Post Office?

They have found it much more promising to give contributions to certain members of Congress to burden the USPS with debt so they sink and clear the way for UPS and Fedex to take over.

Re:Is this News?

[theskipper]

Or instead there ought to be a simple way to just opt in. Or they could produce a FF/IE addon. Or put a big notice on their homepage with this info. Or automated social media notifications. Etc.

Messing with DNS to redirect bad domains to ad parking pages is still around but no one cares anymore. However, this is right in the user's face which feels different, like it's an offensive volley, like one ISP is finally ready for war. The first battle in ISPs training users to accept a tainted connection.

In all honesty, I think they picked the perfect application to start the ball rolling. Few average Joe customers would argue against email outage notifications because it seems like it's an important function that the ISP should provide. More importantly users are used to dynamic pages now, it "feels" like a Facebook or Twitter thing. So in their mind it's probably ok, or at least something that would be hard to argue against from a layman's perspective.

So it's a good starting point to start boiling the frog. I'll bet that their internal calculations show no more than one year to completely boil the poor beast (i.e. ad insertions). That's the holy grail.

Re:Is this News?

[Nutria]

FF's pop-up blocker and ABP must be effective at stripping injected code, because I have the email outage, too, but have not seen the Cox windows.

(BTW, Cox HSI is probably a bit expensive, but my service has been sturdily reliable. Other than hurricanes, I can't remember the last time I had a Cox outage.)

Re:Is this News?

[DarkTempes]

You can use noscript or any adblock addon to block this.

Look for something like <script src="http://184.178.98.*/static/FloatingContent/243/floating-frame.js" type="text/javascript"></script> in the head.
Craft rules as appropriate.

Re:Is this News?

[craigminah]

Don't want to complain or you might get Cox blocked.

Re:Is this News?

[sjames]

That and they need someone to deliver the last leg on unprofitable routs. More privatized profits and socialized losses.

Re:Is this News?

I wish I could do the same. Sadly, Cox is my only option.

Re:Is this News?

Well, run some kind of communication over port 80. But it shouldn't really be http, only something vaguely like it. When they insert something, sue them for disrupting your communiocations.

Those that want notification won't need this sort of mess. To opt-in - simply visit their info page. Or use their page as homepage...

Re:Is this News?

[X0563511]

There is.... use a secure protocol.

Re:Is this News?

Or instead there ought to be a simple way to just opt in.

There is a way of opting in. It is called: "visit their web page, where they can announce outages and anything else they like"

This sort of intrusion ought to be illegal. Would you accept a postman that opens your letters in order to put extra information inside the envelope? This is the same thing. Of course - if this goes well for them, the next thing is to attach advertisements to any web communication . . .

Re:Is this News?

[religious+freak]

Just remember to pay your bill. Otherwise they'll cut off your Cox.

Re:Is this News?

[paiute]

http://www.esquire.com/blogs/politics/post-office-default-11215023

"In other words, we can no longer have nice things from what is still, in theory, our government, because we have placed what is still, in theory, our government into the hands of vandals and madmen, so the solution is to hand everything over to a private sector that repeatedly has shown that, in the pursuit of an extra nickel in profits, it would sell your grandmother to the Somali pirates and drill an oil-well in Lincoln's nose on Mount Rushmore."

Re:Is this News?

This sort of thing is illegal tho, as it violates copyright laws, specifically the reproducing of derivative works. I'd let the websites know so they can get their lawyers to send the C&D letters, Cox would soon stop, unless they want to risk their common carrier status!

Re:Is this News?

[rs79]

So I click on the first link in the article "Pictures" and I get a fucking ad and have to click through to something far more reasonable looking to me than the fucking ad.

I've really had enough of those things, they're everywhere now. If they don't go way soon I'll make them go away (at least for me).

Re:Is this News?

No, it's nothing like that at all. In your phone company case, you cannot control their message over the top of your conversation. In this case, you are in control of your computer, and it only runs their scripts if you want it to. If you don't want it to, it won't. You get to pick. In fact, you get, as a general policy, to pick whether to let 3rd parties run scripts on your computer *at all*. If you chose to do that, this is the sort of thing that can happen, either from your ISP or from a random web site.

Don't volunteer for X, and then get upset when X happens. You can't have it both ways. Your computer is YOURS(*), and will obey YOU(*). No one else is responsible for it but you.

(*) Apple users not included

Re:Is this News?

[RMingin]

So... Your Cox has been down more than you'd like, and you can't get your Cox to stay up? Getting rid of it entirely is an option, I suppose, but I keep hearing about medications that claim to keep your Cox up any time you want it up.

Re:Is this News?

[StripedCow]

It's the modern equivalent of the phone company playing a recorded message while you are talking to someone on the phone.

Yes, entirely spot-on, but what Facebook and Google are doing is the modern equivalent of massively tapping conversations, and nobody of importance seems to have a problem with that.

Re:Is this News?

Of course, if you live where the high speed internet options are Cox, or DSL that would've been considered slow as molasses in Minnesota in January in 2000...

Google can't roll out Google Fiber nationwide fast 'nuf IMHO...

Perhaps if Google and Apple would kiss and make up and form a joint venture around that... use it as a showcase for their products.. to compete head-to-head on the fastest network in the USA...

Re:Is this News?

[Kjella]

So... Your Cox has been down more than you'd like, and you can't get your Cox to stay up? Getting rid of it entirely is an option, I suppose, but I keep hearing about medications that claim to keep your Cox up any time you want it up.

Well his email is down, so he hasn't been getting any of the many, many, many offers to fix this.

Re:Is this News?

[martin-boundary]

Wrong. Injecting HTML code into an HTTP stream breaks the end-to-end principle. With HTML5 being as complex as it already is and web apps doing all sorts of Weird JavaScript Shit(TM), there is no way anyone can guarantee that adding HTML snippets _anywhere_ won't break a user's session. This isn't fixable on the user end, this is buggy behaviour in the network.

Re:Is this News?

[Dachannien]

but I keep hearing about medications that claim to keep your Cox up any time you want it up.

If your Cox stays up for more than four hours straight, you should seek medical attention. Fortunately, this doesn't happen too often.

Re:Is this News?

[Culture20]

I wish I could do the same. Sadly, Cox is my only option.

come on...are you really trying to say that you dont love cox?

He's saying it's like he's in prison.

Re:Is this News?

Yeah, I'll move to the other locally available cable company. Wait...

Re:Is this News?

[Grishnakh]

I used to be a Cox customer until last month, because I moved across the country (to where Comcast is the cable provider, and IME they suck far, far worse than Cox, just judging by the few weeks of service I've had with Comcast versus about 7 years with Cox).

This announcement is especially annoying, because it's an outage on some stupid service that no one with a brain would ever use. Seriously, what moron actually uses ISP-provided email in this day and age? What a brilliant idea: as soon as you have to move or change providers for some reason, all your email is suddenly gone, and your email address is defunct, and if you didn't notify everyone in your address book beforehand you're screwed.

Re:Is this News?

[TWX]

If someone's stealing cable from your service line, are they sucking your COX?

Re:Is this News?

[DeusExCalamus]

Adblock isn't, by default at least. I saw it here once on my phone and then on my laptop, both running firefox with adblock.

Re:Is this News?

[Grishnakh]

No, they don't. They might use FedEx to ship their Priority Mail flat rate boxes, but the final door-to-door delivery is done by the USPS. In my experience, Priority Mail is usually one day faster than First Class, and much, much faster than either FedEx or UPS Ground.

In addition, UPS has a service where USPS does the final residential delivery.

Re:Is this News?

[Grishnakh]

Perhaps if Google and Apple would kiss and make up and form a joint venture around that...

Hell no. With Apple in there, any service they get involved in providing will only work with Macs and iDevices. I used to think Microsoft was the worst company as far as respecting open standards and working with others and pushing customers to only use their products, but Apple has surpassed them and become much worse.

Re:Is this News?

[Grishnakh]

In addition, since they can do DNS redirects, whenever some Cox email user (how many of those are there anyway?) goes to email.cox.com, or whatever their URL is, Cox can redirect it to a new site with a big message saying, "Sorry, but this service is down! That's what you get for trusting us with your email."

Anyone who doesn't use Cox email, or isn't visiting cox.com, doesn't need to be bothered with this news.

Re:Is this News?

[Ritchie70]

Absolutely, the USPS should be responsible for funding pensions and retiree health care just like any other governmental or private entity.

But that's the problem - so far as I can tell, they've had stricter funding requirements related to future retiree health care than any other entity. This was imposed by Congress in 2006.

Here's an article --> http://www.huffingtonpost.com/ron-bloom/reality-check-postal-service_b_1927634.html

Re:Is this News?

[Ritchie70]

And they're cheaper. I don't ship a lot of stuff, but I usually check price between Fedex, USPS and UPS on packages.

USPS is consistent cheaper.

The thing where USPS does the "final mile" delivery for UPS sucks, by the way. The tracking is a mess and it's quite slow. I hope it's really cheap at least.

Re:Is this News?

[Grishnakh]

No, USPS is only cheaper for certain things. Basically, once you go over 4 pounds, Fedex and UPS ground get cheaper (Fedex is cheaper than UPS in my experience, but companies with special rates may have a different experience). USPS rates for heavy packages are quite high. But under 4 pounds, UPS/Fedex can't touch USPS at all. Under 13 ounces, it's a total joke: you can send it First Class Mail for next to nothing, and it gets delivered in 3 days maximum, 2 if it's somewhat close, and overnight if it's in the same metro area. The other services will cost you at least $10, and will take 4 days (less if it's really close).

So if you're only sending lightweight stuff, or small things that can fit into the Priority Mail small flat-rate box (a little bigger than a videotape, for those who remember how large those are), USPS is easily the best choice. If you're shipping really dense, heavy stuff that can fit into the larger Priority Mail flat-rate boxes, USPS will again probably end up being cheaper. If you're shipping a box that weighs 20-70 pounds and won't fit in one of those flat-rate boxes, then the other services are most likely a much better deal, unless it's all books and you can qualify for the "Media Mail" service.

Re:Is this News?

[Grishnakh]

I forgot to address that USPS/UPS service (can't recall the name now): it IS really, really slow, but it is cheap for heavier boxes, at least for the one that I had delivered recently with it. Basically I was shipped a box (with a bunch of metal stuff in it: dense at about 10 pounds) for $4.99 that would cost me $12 to ship by Priority Mail or $10 by Fedex.

Re:Is this News?

[antdude]

And Cox will send Lorena Bobbitt to do that. ;)

Re:Is this News?

Now I get it...

Re:Is this News?

[tepples]

Seriously, what moron actually uses ISP-provided email in this day and age?

People trying to register for web services that block not only disposable addresses but also free webmail providers such as Hotmail, Yahoo, and Gmail.

Re:Is this News?

[Grishnakh]

With the massive number of people who use the Big 3 free webmail providers, which web services these days still block those for registration? I can't think of a single one I've run across in years.

Re:Is this News?

> There is, it is called: Vote With Your Money..

Fuck you and your capitalistic crap. For a majority of the subscribers (of Comcast, Cox or TWC), there is only one option. That's capitalism for you.

Re:Is this News?

> Perhaps if Google and Apple would kiss and make up...

No, thank you. I don't want any iCrap anywhere near my house.

Re:Is this News?

[tepples]

Google block registration hotmail yahoo turns up this request and this request. I guess blocking major webmail providers does two things: 1. it forces users to use paid providers that serve as less-disposable identifiers, which discourages people from registering on a forum or wiki just to post spam, and 2. it warns users against trying to register using an e-mail provider known to incorrectly classify confirmation e-mails sent from a given domain as spam. I just use my catch-all *@pineight.com for these things, which forwards to my address somewhere else, but because I pay Gandi every year for pineight.com, it's not quite as disposable as a big-three webmail account.

Re:Is this News?

Actually, it's you anti-government pseudo-libertarian types that are smoking weed.

Re:Is this News?

Enough already with the Cox sucking stories.

Why do we never hear about Virgin going down.?

Re:Is this News?

[idontusenumbers]

Are you using a SIEMENS SpeedStream?

Re:Is this News?

Do you know whether Cox services Fucking? I think they've been very active in Pussy Creek for a while now. They haven't yet managed to break into Ass though.

Re:Is this News?

Adblock isn't, by default at least. I saw it here once on my phone and then on my laptop, both running firefox with adblock.

Adblock isn't an ad blocker, despite the name. It's simply an easy to use IP/URL blacklist plugin for your web browser. You could add their list to a firewall, router, or your hosts file and accomplish the same thing. Since the Cox IP isn't (yet) part of the official AdBlock blacklist, it won't get blocked.

What you need to prevent this type of thing happening is to use a white-list based plugin. I recommend using NoScript, as it will block all scripts by default unless you specifically allow them. It will also protect against cross-site scripting attacks and local system access exploits. Adblock is good for blocking a lot of advertising, but if security is what you're after go with NoScript instead. Personally, I use both.

Re:Is this News?

[LateLurker]

Mailinator.com

Re:Is this News?

[imsabbel]

Sorry, mail analogy is wrong.

http:/// == postcard, nothing to open there.

Re:Is this News?

[gtomorrow]

Alternative title: Cox acting like a bunch of dicks.

Wouldn't that be "Cox acting like a bunch of dix"?

I can't believe i'm adding to this nonsense.

Re:Is this News?

[fa2k]

Or the post office opening your mail and gluing a message to the contents, ransom-note-style, about your mail carrier being out sick.

More like them gluing it on a post card. A letter in an envelope would be more like SSL, which they thankfully don't have the power to snoop on. Doesn't seem that evil actually. It would be better if there was some standard way for the ISP to communicate with their customers. They could make customers provide an up-to-date email address instead of insisting on using the @comcast.com or what ever.

Re:Is this News?

[TheCarp]

Actually no, he hit it spot on. No matter what else you say about them, they really did get screwed by congress.

The USPS actually did balance their checkbook to the point that they had surpluses. They didn't end up in trouble until congress added an unreasonable requirement that they fully fund vetrans benefits...decades ahead of time. Something no other agency must do.

This was pretty clearly done to put them in this situation.

Re:Is this News?

[drinkypoo]

I don't want this stuff and there ought to be a simple way to opt out.

There is, it is called: Vote With Your Money...

That's fine if you are in a market with competition. I have literally two options for "high speed" coverage. I can get some CDMA crap from the top of the local volcano from a local WISP for too much money. (They bought out a community WISP using WiFi, which is how I know it's too much money... they replace working hardware, better-working hardware from my perspective) Or I can get satellite. No 3G 4G blah blah blah here, I think there's some access in the actual towns (no "cities" worth the name here) but there's certainly none out here where I live amongst the hay and the grapes.

Re:Is this News?

[LWATCDR]

A do not warn me again would be good but overall this seems like a good thing. They are letting you know of an issue. I would love to see weather warnings also set up this way. I was surprised one night driving home to have a tornado warning pop up on my cell phone and on one of the info signs on the highway. I would like to see this for severe weather alerts as well.

Re:Is this News?

[StormyWeather]

I just gave my mac book pro the same my wife. I had purchased it to learn macos, and have a nice snappy laptop instead of my d620. I what I learned in a month now that I macos developers are childish to the point of hobbling their products. Take connecting to a SMB share. I was connecting to a samba share, and but was still treated to a picture of an 80's era IBM clone with a blue screen. I wish when my mac book locked up with some remote desktop sessions and a lot of firefox tabs open that I could have gotten a cryptic blue screen error code to figure out what caused the ktrap. Sure maybe I could have figured out where the log files are and hoped for a dump, but an error code that could be google is much easier.

Overall I found my Linux and win systems to be more stable. Mac seems to expect everyone to stay on the apple plantation, and and if they do so it works well.

Re:Is this News?

I take online classes through a NY state college. I hope time warner doesn't start doing this. If I had an exam session time out or crash while I was taking it because of this shit, I would flip a shit the likes of which has never been seen.

Re:Is this News?

[eugene+ts+wong]

That would be more like a denial of service. Some people think that it sucks, but I personally consider it a stranger doing a good deed.

Re:Is this News?

[kmoser]

Money shot?

Re:Is this News?

[sjames]

It's called a typo. There's no need to slit your wrists over it.

Re:Is this News?

[Mabhatter]

I have to admit, if its a pop-up ad then they are not hiding anything... Like say changing DNS resolution, or replacing ads in other websites pages.

How ARE they supposed to tell subscribers about something? They can't send an email because they are taking downtime. They could call everybody? SMS? But in the short term, they own the end-client connection, so adding an extra message doesn't seem so bad.

I kind of wish you could have a service like this for local weather and alerts. We have similar push alerts for TV and Radio, but more people spend their time on HTTP traffic than anywhere else now. It would be an easy spec to knock out... You just need a way to trust the messages are from your Internet provider via their equipment and not leave the thing wide open. It would also be very clever for mobile users as well. They would get the local alerts when they star up their browsers.

Re:Is this News?

[tepples]

Mailinator is among the first domains to get blocked.

Re:Is this News?

[Mabhatter]

No, it's more like the postman adding an extra separate note when they deliver other mail to your mailbox... And you're complaining about the postman opening your mailbox.... Or the phone company playing a message when you pick up the phone to dial.

As this is a pop-up ad, I'm afraid the FCC would agree with them. They are not changing anybody else's page, just adding a note when you make a connection to THEIR NETWORK. Wifi hot spots do this all the time and people are fine. I suppose they could just redirect ALL your HTTP traffic until you click to acknowledge the message. It's THEIR NETWORK, they have a right to send customers physically connected a message.

Re:Is this News?

I'm sorry, I do use the service and I have to ask how "Vote with your Money" is going to effect a company that brought in 9.1 billion dollars in 2010. Even with this major fiasco, I cannot see the number of people needed to make a dent leaving the service. Where I live, and when it works, it is the best service available. Please do not get me wrong. I am in no way defending this as a three day outage should be unheard of in this day and age. The question of what has happened is not being answered. What could possibly happen to take a major ISP email service offline for three days? Their current statement:

"This question is still unresolved
  Posted by Frankie
16 Dec 2012 11:00 AM
Get this RSS feed
Our teams are making progress in our email service restoration efforts. Through our investigation, we have isolated the cause of the failure to the email system platform which ultimately affected both the primary and secondary failover (back-up) systems. Currently, all incoming messages are queued in our system and we expect to deliver messages to customers on a rolling basis as we bring the systems back online.

  Teams across all levels of our organization remain intensely focused on the restoration efforts. Unfortunately, we do not expect services to be restored today. We do understand the impact this is having on our customers, which is why we have deployed every resource possible to working this issue. While we are focused on restoring email access as quickly as possible, the multiple components and processes that make up our email system require care, and some time, to bring them back online.

  Our next scheduled update is 3pm, however we will update this Alert with new information as we have it.

- Frankie

Cox Support Forums Moderator"

states that their primary and secondary systems are effected. In a company that large, what could have possibly brought this system down for three days and counting?

Re:Is this News?

No, not like this. At least I've never seen it before. This is intrusive. I've had it show up in my browser at least 3 times in the past couple of hours and it's about a service I don't even use. I don't care if their e-mail is out. I don't use their e-mail. I don't want this stuff and there ought to be a simple way to opt out.

Are you sure that they didn't just contract with doubleclick to target COX customers with an ad that was an outage notification rather than an ad? In other words, non-COX customers would have seen an ad for the new Chevy Globalwarm 9000 Truck instead of the COX message in that space? Sure, still intrusive, but if that's what's happening here, blame google/doubleclick for their targetting powers, not COX for any packet stream modification (which is not how that ad would be appearing).

Re:Is this News?

Lets take it a bit further.. The ISP teams up with ad marketing companies, and solicit ads straight to your browser. We knew this day would eventually come.

Re:Is this News?

Yes, but as the ISP you ARE the MITM. You can easily do a grep against any html content page that is being transmitted and search for *. and viola done.

With interest in keeping the browser from taking a shit, you wouldn't inject in say any other stream other than text/html. Playing devils advocate. I fucking hate their level of control.

Re:Is this News?

[Seumas]

How ARE they supposed to tell subscribers about something? They can't send an email because they are taking downtime. They could call everybody? SMS?

Why do they need to tell them about it? If you aren't trying to use your email, then you don't care if it is out. If you are trying to use your email and the service is out, your email won't work and you'll receive an error message (stating that it can't connect to the server, for example). It seems like a pretty self-evident thing.

If you're trying to avoid unnecessary service calls, then simply update your website so that when someone visits, it warns of what services are experiencing outages and then update your phone system (just like the power company does) so that if you're calling from an area with an outage, it tells you about it as soon as you dial in, rather than wasting the time of a customer service rep.

Re:Is this News?

Yep, that's pretty much it.

Re:Is this News?

[Compaqt]

While not wanting to single out the USPS, shouldn't firms in general be required to "fully fund" their employee benefits?

Otherwise, you're basically running a gambling operation and using the peoples pension funds to finance current operations.

Re:Is this News?

Except this is nothing like wifi hot spots, they don't redirect your http traffic, they change the website you're viewing to show their notice.

Re:Is this News?

[TheCarp]

Yes, of course. However they are being asked to do it with a highly accelerated time table, far beyond what anyone else does, and it is, pretty much singly, what put them in the red. Prior to these new and specific requirements, they had surpluses in their budget.

http://www.bloomberg.com/news/2012-08-02/understanding-the-post-office-s-benefits-mess.html

That is not an article that I have read before, actually, I am going to read it now, previous ones I have seen have either come down on the post office side, as I took, or the "but the other agencies are the ones screwing people and this is exactly correct" side... this one, so far, looks a bit more middle of the road, it should be interesting.

However, the point is, this single change is what brought them from surpluses to deficits, not them losing in the market, or being replaced. They are still the largest carrier, moving the most packages of anyone around (unless somebody knows different? They were a few years back).

Re:Is this News?

Dicks acting like a bunch of Cox?

They should have warned us

[icebike]

Shouldn't they send an email warning us about injecting stuff in our web traffic?

Re:They should have warned us

[WWJohnBrowningDo]

I just injected a woosh into your HTTP stream.

You should feel it soon; or maybe it'll just go over your head again.

Re:They should have warned us

[TheGratefulNet]

the email would go:

"we are announcing that our email service is currently out.

PS: if you didn't get this mail, let us know and we'll send it again."

signed "IC&H". not sure what that refers to. must be a victim of circumstance..

Re:They should have warned us

meta-woosh

Re:They should have warned us

> I just injected a woosh...

It's spelled whoosh, you ignorant slut!

Have to explain everything to these people...

Re:They should have warned us

Here's a nickel, get yourself a sense of humor.

Re:They should have warned us

[uninformedLuddite]

go get routed

Posting from Cox in Irvine, CA

[spire3661]

Not seeing any sort of injections here. I do have DNS set to 8.8.8.8. though.

Re:Posting from Cox in Irvine, CA

[Dan667]

that is google's dns. It would be useful to know what is the best dns to use.

Re:Posting from Cox in Irvine, CA

[DeusExCalamus]

Using Google DNS & L3 DNS here (Gulf Coast). It doesn't matter what DNS provider you use, I don't think, it hits you anyway. I don't think the west coast is affected by the outage, though. At least, that's what Cox says.

Re:Posting from Cox in Irvine, CA

[muon-catalyzed]

What the DNS has to do with injecting code into webpages? Do they inject stuff into banking or SSL connections too? Isn't this against net neutrality or something? I mean how cocky the ISP has to be to actually resort to this kind of s****.

Re:Posting from Cox in Irvine, CA

[neokushan]

What's "best" depends on what your needs are and where you are. For many people, their ISP's DNS should be faster than a 3rd party, but that depends on their ISP being somewhat competent and not dicks who will redirect you whenever they can.

Google's DNS is a solid one, it's generally got a fairly low ping and, surprisingly, they don't filter anyhting or inject ads (they may be tracking your every site request though, so it depends on how you feel about them. Easiest to remember, though: 8.8.8.8

My personal favourite is OpenDNS - fast, they refuse to filter sites if governments request it (such as thepiratebay) and I've yet to have them ever go down. Easy enough to remember - 208.67.222.222 (or 208.67.220.220). They also have a dashboard you can use to filter out sites and such, or adjust their anti-malware protection.

I actually use a combination of the above, primary being OpenDNS, Google as a secondary and my own ISP's as a tertiary backup. Haven't had DNS issues in years.

Re:Posting from Cox in Irvine, CA

[dbIII]

Do they inject stuff into banking or SSL connections too?

There are ways to do that (eg. using the IMHO dangerous and pointless perversion of a https proxy that gets both ends to trust the thing in the middle - you can buy appliances that do that), but unless you are working for a place that wishes to snoop on all their employees encrypted web traffic and using their web connection it's not likely to happen.

Re:Posting from Cox in Irvine, CA

[dbIII]

What the DNS has to do with injecting code into webpages

It doesn't have anything to do with DNS since the injecting is something done with a web proxy. A way round it is to get your web traffic via a different port (requires agreement from the webserver on the other end) or to completely leapfrog their web proxy and use a different one at the end of a VPN.
All these things of course depend on your ISP upstream letting you do it. It's trivial for an ISP to block all direct connections of any kind if they really want to be restrictive, and with transparent proxies it can even look like a direct connection (eg. all name requests can be sent to their name server even if you ask for one of the google ones).

However I don't really see injection of a notification message as a major abuse of a web proxy. I think people are upset because they didn't realise that such a thing has been possible for many years, and may be thinking it's a new thing that will drown them in advertisements in the future.

Re:Posting from Cox in Irvine, CA

I've seen a lot of people suggest "just use Google DNS", but frankly it's a disturbing trend (unless, naturally, your existing DNS provider is even less trustworthy.)

By using Google's recursive DNS servers you should be aware that you're offering them even more information about your online habits, as if they probably didn't have enough already. I'm pretty sure that a capitalist company like Google isn't offering free recursive DNS for purely altruistic purposes (or just to 'speed up browsing').

It's also no secret that Google are proposing including the original source IP in EDNS in recursive lookups too, again obstensively for routing edge services, but of course it also has that side effect of offering all that extra juicy information to slurp up.

Before I get jumped on as a troll, I'm not anti-Google or pro-anything else, I'm not suggesting you run away from Google and use $competitor, which basically is a choice of no difference, I'm just saying before you decide to move all your services over like that, just think about the disconcerting amount of trust being placed in a company that is in the business of getting as much personal information about you as possible for their ad networks.

Re:Posting from Cox in Irvine, CA

[stephanruby]

Not seeing any sort of injections here. I do have DNS set to 8.8.8.8. though.

Can you receive email? If you can, you're probably not affected anyhow.

Re:Posting from Cox in Irvine, CA

[icebraining]

I'm pretty sure that a capitalist company like Google isn't offering free recursive DNS (...) just to 'speed up browsing'

Why not? They spend a lot of money keeping Search as fast as possible, because they know that requests above a certain threshold lead people to search less, meaning less ad impressions, meaning less revenue. So what's so implausible about spending some more money on a few DNS servers?

And the data from a DNS server is almost useless; just the domain (not even full URL) and the IP, which often is of some router in front of dozens or hundreds of clients. Considering that a huge percentage of websites out there have some kind of JS code from them (e.g. Analytics, AdSense, etc), it hardly seems worth it to mess their data with such noise.

Re:Posting from Cox in Irvine, CA

[DarwinSurvivor]

If you find a way to inject data (in a useful way) into an HTTPS stream without adding your own certificate to the person's computer, there are a LOT of government agencies that would LOVE to talk to you.

Re:Posting from Cox in Irvine, CA

After seeking out the privacy information regarding Google DNS, I stand corrected - they do not permanently store the IP, nor associate it with other Google account data. So there's a completely unfounded knee-jerk claim not based on fact, I owe Google an apology.

However, I'd hardly call knowing which domains an IP visits (web and non-web) 'almost useless' - that's exceptionally valuable information, especially combined with existing data. As far as websites go - according to w3techs, although 74.5% of sites that use known ad networks are accounted for by AdSense, this is only 18.5% of all known sites; so you can see how much additional coverage this brings to web alone. To put it another way - would you be happy for a third party to analyse and associate with you every DNS lookup you perform? (again, which Google do not do)

Anyway, moot point - Google are not being evil over this (although I find their claim that they perform the bare minimum of logging to be funny - what they state they log is closer to rabid magpie log mode for a normal DNS server setup.)

Re:Posting from Cox in Irvine, CA

[chriscappuccio]

As soon as some government attorney decides OpenDNS could face a criminal or civil penalty, their "refusal to filter" will disappear.

Re:Posting from Cox in Irvine, CA

[rk]

Are we not nerds here? It is not the slightest bit difficult to run one's own caching DNS server. I use Cox HSI and haven't seen any examples of this, myself. Does some of it require a DNS hack to work?

Re:Posting from Cox in Irvine, CA

[kasperd]

I've seen a lot of people suggest "just use Google DNS", but frankly it's a disturbing trend (unless, naturally, your existing DNS provider is even less trustworthy.)

Many other DNS providers have a history of sending incorrect DNS replies in order to hijack connections. Those hijackings are mostly aimed at http connections, but due to the way the protocol works, there is no way to distinguish, and other connections will be hijacked as well.

Google Public DNS has never manufactured such incorrect DNS replies. Given that track record Google Public DNS is one of the most trustworthy DNS services.

Criticism against Google Public DNS generally has the form: "If I had access to all that information, I would find way to profit from it. So, that must be Google's plan as well." Whenever you see criticism matching that form, you should assume it is slander regardless of who it is aimed against. Instead look for documentation.

Often when companies are snooping on information, they are leaving some way to find out. For example if you can document, that simply looking up a domain name through Google Public DNS can cause that domain name to show up in other places, then you'd have a case. But you'd have to use something unique. I just attempted the following experiment: I send a lookup of 3fb25482acdae1c8f977889ac870275630d9807a.some-random-string.org to 8.8.8.8 and to 8.8.4.4. If the random string at some point in the future shows up in a Google search, then that would be suspicious. Just for tracking purposes, the first label in that domain name is actually SHA1 of the random string, I used.

Re:Posting from Cox in Irvine, CA

[kasperd]

My personal favourite is OpenDNS

OpenDNS does have a history of hijacking connections by forging DNS replies. At some time in the past attempting to look up google.com on any of the OpenDNS servers would actually give you an IP address owned by OpenDNS. OpenDNS has stopped hijacking of google.com domains. I don't know what convinced OpenDNS to stop doing that.

Re:Posting from Cox in Irvine, CA

[neokushan]

I had not heard of this happening before, do you have a link with more information or anything? That does sound particularly dodgy.

Re:Posting from Cox in Irvine, CA

[kasperd]

do you have a link with more information or anything?

• http://forums.opendns.com/comments.php?DiscussionID=226
• http://www.dslreports.com/forum/remark,21284386
• http://news.ycombinator.com/item?id=136270
• http://en.wikipedia.org/wiki/OpenDNS#Issues.2C_conflicts_and_Google_redirection

Re:Posting from Cox in Irvine, CA

[Zero__Kelvin]

DNS merely resolves domain names to IP Addresses. It doesn't matter what DNS use. It has nothing to do with this.

Important Notice! Email Outage

We apologize for the inconvenience. Cox is experiencing a residential email outage in your area.

If you use Outlook Express or another email client you are able to send email. However, incoming email is not available at this time. Incoming messages are being stored and should be available when service is fully operational.

Restoring service remains our top priority. Unfortunately, we estimate at this time service may not be restored until tonight. We again apologize for the inconvenience. Please visit cox.com/support for regular updates.

Thank you,
Cox Communications

The amusing part

is that it refers to Outlook Express, a mail client that was deprecated over 5 years ago.

Re:The amusing part

[neokushan]

Having worked for an ISP not that long ago, I can confirm that a LOT of people still use this.

Re:The amusing part

[PopeRatzo]

is that it refers to Outlook Express, a mail client that was deprecated over 5 years ago.

I remember deprecating Outlook Express at least 10 years ago.

Re:The amusing part

Windows Mail replaced Outlook Express and functions nearly the same.

Re:The amusing part

[Phroggy]

Outlook Express replaced Internet Mail and News, and was nearly the same.

Windows Live Mail replaced Windows Mail, and was mostly the same, but dropped support for Usenet newsgroups.

Mail is now the included client in Windows 8, and has dropped support for POP3, but added ActiveSync.

Re:The amusing part

[X0563511]

Windows Mail replaced Outlook Express and "functions" nearly the same.

FTFY.

Re:The amusing part

A LOT of people get viruses too. //people are lazy and stupid for the most part

Re:The amusing part

[theskipper]

I remember defenestrating Outlook Express at least 10 years ago.

Re:The amusing part

Mail is now the included client in Windows 8, and has dropped support for POP3, but added ActiveSync.

Had to google to confirm this because I couldn't believe it. Jesus christ, a default mail program that can't use POP3 mail. What a fucking shame.

Re:The amusing part

[RulerOf]

Mail is now the included client in Windows 8, and has dropped support for POP3, but added ActiveSync.

Oh thank the heavens.... POP3 is so terrible that I'd actually rather be shoehorned into something proprietary but near-universally supported. I really do hope that support for it starts disappearing, because I just want to smack anyone who thinks that suggesting "We support POP" is a good answer to the "How do I get email on device or application X" question.

Re:The amusing part

wrong. outlook express lives, like windows xp, until april 2014.

Re:The amusing part

My idiotic workplace has required we support POP for those clients whose email we don't really want to host server-side (IT NEEDS CAPACITY DERP DERP); my answer is always "don't host those people", but try telling that to your boss...

If they are doing this....

Who knows what else they are injecting.....

Re:If they are doing this....

Yes, you need to be sure what Cox is injecting.

A lot of people think Cox suck and other are so fed up that they felt blown by Cox and their service. I'm sure doing business with Cox is hard for some folks, but then again, there have been some good times where there harsh feelings have gone limp.

CAPTCHA: "meanings"

Re:If they are doing this....

Some people like a good Cox injection every now and then

You are right.

This is the not the first time they have done this. I feel that they are listening/eaves dropping between me and my communication with another server. I wish there was a law that would stop them. Reminds me of the great firewall of china.

Layer 7 switches

[suso]

Well hey, someone has to put those layer 7 switches to good use.

Nice single point of attack

Just compromise Cox's servers, and deliver your payload. Very blackhat friendly.

Re:Nice single point of attack

[ELCouz]

I agree with you... not very secure!

Re:Nice single point of attack

[jomama717]

It's simpler than that, once ISP popups become a regularity blackhats have an incredibly simple popup to copy that people will assume is their ISP, so all must be well. "Click here, and enter your account ID to find out if you are affected"...

In fact, is everyone absolutely certain this is actually Cox and not some malware outbreak masquerading as the ISP?

nothing of that nature here

[kbdd]

Nothing to be found here. Yet, I have no email. Running Firefox with default settings.

the truth is out there

[Joe_Dragon]

the truth is out there

Well, DUH!

[Crypto+Gnome]

Obviously Cox are a bunch of DICKS.

It's your own fault for not realising it.

For those who wonder why people think this is EXTREMELY POOR FORM:
- Their ability to do this is based on them intercepting all your HTTP data, all the time, every day - insert massive invasion of privacy yadda yadda etc etc etc

Re:Well, DUH!

Wait. You mean ALL of my traffic to the internet is passing THROUGH my ISP?! Outrageous. That isn't what I pay them for!

Re:Well, DUH!

[sjames]

There IS a rather large difference between blindly passing packets through the network and inspecting each one deeply enough to inject additional content into the stream.

Re:Well, DUH!

You mean ALL of my traffic to the internet is passing THROUGH my ISP?!

Parsing your random web page views, inserting their own content, and then passing it on to you. It's the ultimate man in the middle attack.

Cox: Hey, buddy! The email service is down.
Customer: Ahh! How did you get into my house?!
Cox: Don't worry, we'll fix the email outage soon.
Customer: What? You're trespassing, get the **** out!
Cox: Our service guarantee includes notifying you.
Customer: No! Get out!
Cox: (consults the service handbook) Okay, hug time!

Re:Well, DUH!

[hraponssi]

no, they are a bunch of cox. now, if only my wife also was so much into my cox and injecting it everywhere..

Re: Well, DUH!

Aaah, levity at last. :)

Re:Well, DUH!

There IS a rather large difference between blindly passing packets through the network and inspecting each one deeply enough to inject additional content into the stream.

There's also a rather large difference between performing deep packet inspection and injection, and simply sending your traffic through the same transparent proxy service they use for delivering locally cached web content. Which is what they're doing here, they're just adding a header to the page with the script element in it.
While I agree it's possible to do this with DPI, it's expensive in terms of resources and largely a waste of time when content caching is already in place and works far better for large volumes of customers.

i dont care....

[metalmaster]

about your damned severe weather advisory! So what if a tropical storm is going to destroy my property, You're interrupting my TV time

Illegal?

[Jane+Q.+Public]

"At least I've never seen it before. This is intrusive."

I'm not certain, but isn't there a law against messing with your packet stream, and inserting their own content?

It might depend on your user agreement, but I would never intentionally agree to a provision that would let my ISP alter my content.

Re:Illegal?

[girlintraining]

I'm not certain, but isn't there a law against messing with your packet stream, and inserting their own content?

There used to be. Nowadays is the law is basically "You, pathetic peon citizen. Them, corporation. They win."

Re:Illegal?

[Jane+Q.+Public]

"There used to be. Nowadays is the law is basically "You, pathetic peon citizen. Them, corporation. They win.""

Funny. But I don't think it's quite that bad in the U.S. yet. In fact, I have been beginning to see a popular trend in the opposite direction. The pendulum swings...

Re:Illegal?

Technically, it's their network. It's only your network on the other side of your firewall.

Now, if you're running noscript and have not allowed cox.com (.net, whatever), and you still receive the pop-up, that might be hacking...

Re:Illegal?

[j00r0m4nc3r]

Yeah, but you're paying for the bandwidth, and they're wasting it. So really they should be sending you a check to offset the cost of their intrusion every time they do it...

Re:Illegal?

I'd love to see some examples of this 'trend' - all I see is:

Nobody really getting particularly pissed off that Google is requiring all new users to sign up for Google Plus.
Nobody really getting particularly pissed off that Microsoft built in that "Smart Screen" feature which allows them to spy on your downloads.
Nobody really getting particularly pissed off that EVEN FUCKING UBUNTU is going down the tubes in terms of giving two shits about being noncommercial and protecting users' privacy.

There is a good reason I am set up with an Italian collective for my email services.

autistici.org

Re:Illegal?

> I'm not certain, but isn't there a law against messing with your packet stream, and inserting their own content?

It's a copyright violation at least. The website you visit owns the copyright on the page it serves... they are creating a derivative work by adding their own stuff to that page. I am sure that they dont have the authorization to do that from the copyright owners.

Unfortunately... the group serving the page is the one harmed in this, so they are the only ones with standing to seek a remedy. The consumer of the page has none.

Re: Illegal?

Autistici? Really

Re:Illegal?

You don't know shit, either. Thanks for sharing your ignorance.

Re:Illegal?

[Grishnakh]

Google Plus sucks, granted. What's this "Smart Screen" feature? I'm not a Windows user, and certainly not a Win8 user (who is? It isn't very popular).

As far as Ubuntu going down the tubes, the Linux-oriented boards are full of people bitching about Ubuntu, Unity, Gnome3, Unity+Amazon, etc. Since Unity was pushed out by Ubuntu, other distros, especially Linux Mint, have grown greatly. Ubuntu tries to claim they're still the most popular and that everyone loves Unity, but that's probably bullshit, esp. since Mint seems to have become so popular and gets a lot of word-of-mouth support in the forums. XFCE has also gained a lot of new users. If anything, maybe you're not seeing as much bitching about Ubuntu's privacy and commercialization issues because all the users who cared about those things ditched Ubuntu when Unity was rolled out, and moved to other distros, so now they have no reason to complain loudly about these moves by Ubuntu (which came well after Unity was deployed), and instead their only comment is "ahhh, another reason I'm glad I dumped that turd and switched to $DISTRO."

Re:Illegal?

I'd love to see some examples of this 'trend' - all I see is:

Nobody really getting particularly pissed off that Google is requiring all new users to sign up for Google Plus.

You know you can immediately delete the Google Plus profile after making the account, right?

I'm not defending Google, and I think it's bullshit for them to try to force G+ on you when all you want is email, but at least it is good to know that the new users aren't forever stuck with it.

Re:Illegal?

I moved to Ubuntu for stability and, as it happens, the power of the hardware (System-76). I got 11.10 (Oneiric) with Unity. After about 6 months of living with it I did some research and changed the interface back to a "normal" GNOME GUI - two drop menus at the top left and lots of space to put link icons there too, tray at top-right, and a few desktop icons (mainly left over from using Unity!)

Win8, OTOH, forces everyong to use a GUI that's really quite well designed for tablets and phones, but cumbersome and obtrusive for desktops and laptops and content producers.

Re:Illegal?

It's only illegal if they cross the streams.

Re:Illegal?

[Jane+Q.+Public]

"Nobody really getting particularly pissed off that Google is requiring all new users to sign up for Google Plus. Nobody really getting particularly pissed off that Microsoft built in that "Smart Screen" feature which allows them to spy on your downloads. Nobody really getting particularly pissed off that EVEN FUCKING UBUNTU is going down the tubes in terms of giving two shits about being noncommercial and protecting users' privacy."

(1) The pissed-off people (and I personally know many) simply never signed up, or signed up and then ceased using it when they found out the policies. Pretty much by definition, the only users you will see there are those who ARE NOT pissed off!

(2) Do you see lots of knowledgeable people buying them? I don't.

(3) There have been some rather seriously raging rants about it all over the internet. You didn't notice?

Re:Illegal?

[Jane+Q.+Public]

"Unfortunately... the group serving the page is the one harmed in this, so they are the only ones with standing to seek a remedy. The consumer of the page has none."

Not true. Especially if the consumer is visiting a page or service for which they pay for access.

The consumer also likely has standing in a "breach of contract" suit, "failure to perform" (services paid for) suit, "contract interference" (between you and the paid-for service) suit, and possibly standing in a prosecution for violating Federal laws, which were specifically intended to protect the consumer from such things.

Re:Illegal?

Doesn't interfering with transmitted content affect their common-carrier status?

Golly

[Impy+the+Impiuos+Imp]

I have never used my ISP-provided email address since abandoning AOL as my provider some time before half of you were born, and that's about 5 moves and 8 providers ago.

Re: Golly

Fuck off, Dad. P.S. How's Mom?

Slashdot injects animated gifs in RSS feed

Seriously, guys. I don't want to download them over mobile. Stop this crap.

Re:Slashdot injects animated gifs in RSS feed

[Colonel+Korn]

Seriously, guys. I don't want to download them over mobile. Stop this crap.

Install a system-wide ad blocker on your phone.

My ISP does this for far worse reasons.

[damnbunni]

I use Millenicom, who resells Sprint, and in my area Sprint started injecting JavaScript into every page that comes over HTTP to recompress all the jpegs to a much lower quality setting.

That, at least, I could block. Now they just recompress all jpegs that come over http to a horrible level. If I want to keep the internet from looking like ass, I have to use a secure tunnel. Which is obnoxiously slow on 3G.

(Unfortunately, there's nothing Millenicom can do about it. It's up to Sprint. And there's no opt-out.)

Re:My ISP does this for far worse reasons.

[timothyb89]

I seem to remember a similar issue when I had an Evo 4G device from Sprint a couple of years ago. The device came preconfigured with a system-wide HTTP proxy that was not only incredibly slow, but also compressed images badly. It would also affect most methods of tethering, if memory serves. Perhaps you're seeing the same proxy?

As far as I know there isn't actually any requirement by the network to proxy anything, and I've been able to disable it from the system settings on all of my devices since I learned about the proxy. I'm not sure if you have any access to the configuration for your wireless modem, but you might be able to disable it from there.

Re:My ISP does this for far worse reasons.

[X0563511]

Yea, it's obnoxiously slow because the images haven't been compressed to shit.

They are trying to hide that your connection is garbage.

I have Sprint myself. Horribly slow.

Re:My ISP does this for far worse reasons.

[BradleyUffner]

I use Millenicom, who resells Sprint, and in my area Sprint started injecting JavaScript into every page that comes over HTTP to recompress all the jpegs to a much lower quality setting.

That, at least, I could block. Now they just recompress all jpegs that come over http to a horrible level. If I want to keep the internet from looking like ass, I have to use a secure tunnel. Which is obnoxiously slow on 3G.

(Unfortunately, there's nothing Millenicom can do about it. It's up to Sprint. And there's no opt-out.)

How does that even work? The javascript would run locally on your computer, what effect would recompressing the images that area already downloaded have, other than pissing people off?

Re:My ISP does this for far worse reasons.

I use Millenicom, who resells Sprint, and in my area Sprint started injecting JavaScript into every page that comes over HTTP to recompress all the jpegs to a much lower quality setting.

Most Satellite and 3G carriers perform similar tricks over HTTP. If you ever find a site not rendering, as parent noted, try it over HTTPs and magically it will work. For Verizon Wireless I can attest to being unable to update quantities in my cart at Amazon.com, Blizzard forums never working due to XML parsing errors ... the list goes on. Switch over to HTTPs ... everything suddenly works.

I ended up voting with my wallet and dropping the USB modem I had with Verizon. Much happier now. I would suggest folks with alternatives to Cox do the same if Cox is unwilling to provide an "opt-out" to this change.

Re:My ISP does this for far worse reasons.

[damnbunni]

It's a proxy alright, but it's handled transparently by the network, not by any proxy settings on my end here.

I have to define a system-wide proxy in order to get around it. It's very annoying.

Re:My ISP does this for far worse reasons.

[damnbunni]

No, it's a latency issue; adding the forward makes interactivity horrible.

Actually transferring data is fine. I get between 1.2 and 2.1 megabit speeds most of the time.

Re:My ISP does this for far worse reasons.

[damnbunni]

The JavaScript effectively redirected all image requests to a proxy, with 'Press Alt-R to reload this image at full quality' as a mouseover text on everything. If you reloaded it, you'd get full quality.

It was really annoying, but less so than the current 'you get a recompressed image no matter what, ha ha.'

What a crap

[Janek+Kozicki]

Give me some news for nerds, not this regional crap. I don't care what is Cox & don't what to know.

They are looking for spin-2 particles at LHC, and they have a hint about two Higgs bosons. IPv6 isn't adopted yet. Quantum computers are being sold commercially. Ziegler et al. are setting up a quantum encrypted communication channel over a satellite link! There was life on earth 60 billion years earlier than previously thought.

Guys, that's what I call news. I know all that from reading slashdot (you can look it up yourself). Who cares, really, about this Cox crap?!

C'mon, do your moderating job on http://slashdot.org/recent

Re:What a crap

[DarkTempes]

You'll care when your ISP starts doing this because no one cared when it happened to others...

First they inject for "emergency notifications" and then next they'll inject for "advertisements to keep your bill down" or something even worse.

Re:What a crap

[Kjella]

IPv6 isn't adopted yet.

That's your idea of news, that nobody gives a crap and continue to not give a crap about IPv6? Personally I feel the last oh... decade? or so of IPv6 stories have been flogging the same dead horse.

Re:What a crap

If you don't think ISPs infringing on your HTTP isn't something a nerd should care about, then I don't think you are much of a nerd. So suck on that.

And whoever modded parent as "insightful" should have their head examined.

Re:What a crap

Even if you don't live in the area, don't use Cox, or are even in the US, this is still news. I've called out some articles for not being news recently, but this is actual news. That affects nerds. Who are pretty much the only ones in a place to understand or care about it.

Re:What a crap

[DMUTPeregrine]

Cox is one of the larger US cable ISPs. This is certainly regional to the US, but not exactly a minor detail.
Also, you may want to check on that 60 billion years. That's a bit longer (over 45 billion years) than the age of the universe. You want "million".

Re: What a crap

I agree. In other /. News, wanking off makes you blind. Personally I'm only carrying on until I need glasses.

Re:What a crap

[Spamalope]

...next they'll inject for "advertisements to keep your bill down" or something even worse.

This is cable. Originally you paid for cable because there were no ads.

They'll say it's to keep your bill down, then raise rates. Complain and they'll say the increases would have been higher.

If they're nice they may offer a higher tier plan without injected ads so you can pay a fee for them to suck less.

In phase two the injected ads will be flash video and will count against your (newly reduced!) bandwidth cap. The ad server will query your bandwidth usage and serve full HD ads at double the normal frequency to enhance overage charges if you're close to or over your cap.

Re:What a crap

It's because the transitional techs make it transparent to you and always will. The nerd-fags on this site don't actually understand what they foam at the mouth over. They are just following the herd.

Re:What a crap

This is cable. Originally you paid for cable because there were no ads.

This is totally incorrect. Originally you paid for cable because your reception was poor. That's all cable was, retransmitted broadcast tv. The first cable channel without ads was HBO in the mid 70's.

Raise your hand..

[claar]

Yep, I received this too, right on Netflix. Um, thanks, Cox, but even if I used your email service, I'd really rather watch my movie..

Keep your hands off my traffic, please. Is it too much to ask for you to simply carry my bits back and forth for the agreed-upon amount?

Re:Raise your hand..

[cawpin]

I agree but do have a question. When did the warnings start? I've been online all day today and haven't seen it.

Re:Raise your hand..

[claar]

I only received one around perhaps 3pm central?

It was a single overlay window with the Cox logo, white box, black text, in the bottom-right corner of the Netflix browse titles page, with small red x in the corner to close the overlay.

Obviously injected, very obnoxious, but not intrusive to the browsing experience. Not an acceptable practice for an ISP.

  -Ben

Re:Raise your hand..

Obviously injected, very obnoxious, but not intrusive to the browsing experience. Not an acceptable practice for an ISP.

Indeed, what if someone was backing up their website via HTTP and had this injected into their stream? Bad, bad, bad.

Re:Raise your hand..

Keep your hands off my traffic, please. Is it too much to ask for you to simply carry my bits back and forth for the agreed-upon amount?

You didn't complain about their hands on your traffic when you accessed the Netflix content which they have locally cached on their servers, courtesy of Netflix and Akamai. And you didn't complain when they used traffic shaping to send your requests for un-cached Netflix data not over their general Internet peering links, but rather across a dedicated link where they peer directly with Netflix.

No, I'm not suggesting Cox is doing anybody any favors. I'm just pointing out that nobody seems to have any problem with the "meddling" when it gives them a performance advantage over that of a plain old unmolested bit stream.

The best thing to do is call and complain to their customer support line. They do this type of thing in order to reduce the volume of support calls they get, if these types of mechanisms actually cause an increase in call volume they WILL stop doing it.

Re:Raise your hand..

[petermgreen]

You didn't complain about their hands on your traffic when you accessed the Netflix content which they have locally cached on their servers, courtesy of Netflix and Akamai.

That doesn't require any "meddling", it's up to a website operator (and their contractors if relevant) to decide where to deliver content from, if they choose to host servers with the customer's ISP that is their prerogative,

OTOH if cox is messing with the packets to put in a caching system without netflix's cooperation then that is bad.

And you didn't complain when they used traffic shaping to send your requests for un-cached Netflix data not over their general Internet peering links, but rather across a dedicated link where they peer directly with Netflix.

Why would they need to use "traffic shaping"? normal internet routing protocols should do this just fine!

IMO an ISPs job is to get your packets to/from the entity you are communicating with quickly, cheaply and unmolested. If two entities (ISPs or otherwise) determine that traffic between them (whether generated by themselves or by their customers) is heavy enough to justify a dedicated link then setting one up is a normal and expected thing to do not "meddling".

I'm just pointing out that nobody seems to have any problem with the "meddling" when it gives them a performance advantage over that of a plain old unmolested bit stream.

I've seen quite a few complaints about the way mobile internet providers often recompress images. That gives a performance boost but it comes at the price of making websites look ugly and possibly causing more serious problems for other applications. Ultimately people are only going to complain about something if they notice it and people are only going to notice something if it causes them problems. That is just human nature.

Sadly while big customers can negotiate contract terms that require an unmolested connection retail customers usually don't have enough leverage to do that so if meddling causes problems their only real options are to either put up with it, switch to another ISP who could do the same thing at any time (and that is assuming there even is another reasonable ISP choice in the area) or use a tunnelling solution (which shields the packets from the meddling but adds latency, cost and an extra point of failure).

Re:Raise your hand..

I'm just pointing out that nobody seems to have any problem with the "meddling" when it gives them a performance advantage over that of a plain old unmolested bit stream.

It's not "meddling" when they give you the exact data that you asked for.

No means no

[karniv0re]

All these Cox injections are wearing me out. I have a headache and I'm really just not in the mood.

How is this news?

Most ISPs have this ability.

SOURCE: ISP

Don't you guys hate it

When your Cox unexpectedly pops up like that?

Alternative

[MichaelSmith]

Cox should just have sent an email to the affected users.

Adsense

[hey]

I wonder if they could have done the same thing with Adsense.
Target the ads for a specific area.

Re:Adsense

[Skapare]

I don't get adsense anymore.

Still waiting for a 360 from lockerz

Anyone else?

All jokes aside.

I like how they are all legitimate now.

Mod Parent Up

[skywire]

It's about time someone with a three-digit IQ weighed in.

Re:Mod Parent Up

[rHBa]

Sorry, misread your post. Replying to remove accidental negative mod point.

Bad practice..

[Nezic]

So now internet companies are essentially trying to train users to trust whatever information shows up on a web page that claims to be from 'known' sources?

After all the problems that spoof emails cause for people who don't know better, you'd think an internet provider *would* know better.

stop injecting cox into my

pr

Causing web outage to announce email outage?

[billstewart]

I'm sorry, but if you're injecting Javascript and other text into my web sessions, that's a Web Outage (and a serious security threat.) If you're doing it to announce that your email service is down, that's probably annoying to customers who do use your email service, and much more annoying to customers who don't.

(Unlike many people here, I actually do use my ISP's email service, because it includes a shell account where I'm running procmail, in addition to the spam filtering they do, so email that gets forwarded by my primary email address does go through there. But otherwise I'd be running the filters somewhere else. And it still doesn't justify breaking my http sessions.)

That wasn't an outage - it was a test

My intuition says the mail outage may have been faked as an excuse to test and demonstrate widespread ad injection tech on the sly.

Only for people that have the Cox software?

I run Linux, I see none of these pop-ups.

Re:Only for people that have the Cox software?

[Skapare]

Cox has software? Ask them for the Linux version. They will ask you to use Windows. Your tell them you need Linux for the security. They will ask you why you need security. Tell them it's to keep bad companies from messing with your web browsing.

Re:Only for people that have the Cox software?

It's going to be tons of fun to deal with Comcast when I move next year. They have Windows software that they use to install their internet. I'm tempted to pretend that I don't have a computer and instead only use the internet for my Roku.

Wait, there are sites that don't use https yet?

Oh, right, I'm on one. _

Re:Wait, there are sites that don't use https yet?

[Skapare]

Probably due to underpowered servers.

Is there a standard?

[Kaenneth]

Is there any standard (but unused...) messaging system for an upstream provider to send a network status message to its users?

Like DHCP, something that should only work on the local network, and can't work cross-network?

If there was, and it was available, would you just turn it off anyway?

Hell, with everyone going to streaming video instead of TV, what's going to happen to the Emergency Broadcast System?

Tornado? what Tornado? I was watching Netflix...

Re:Is there a standard?

Hell, with everyone going to streaming video instead of TV, what's going to happen to the Emergency Broadcast System?

Tornado? what Tornado? I was watching Netflix...

Weather alert radio. If you are paying for netflix or sat TV, a radio should be fairly affordable to you.

Or, register for text spam from your local news channel if you can't afford the radio.

Work yourself around it

[Skapare]

Surf using HTTPS only. Not all web sites over this, yet. But more and more complaints to them about their lack of support for secure communications could get more to see the need.

Use an offsite provy via a secure vpn/ssh. Rent a VPS for a few more a month (VPS providers are not known to be doing this, yet). Or rent one of those free-for-a-year micro instances at a cloud provider and run your own proxy and connect via ssh.

This post has been sponsored by your own ISP.

Re:Work yourself around it

[dalias]

Or just have the good sense to purchase business-class service. I really doubt they do this crap to their business class. Most of the time, business class is only marginally more expensive than residential, and has none of the restrictions such as no-server rules or other crippling of the connection. Sometimes it's even the SAME price; this seems very common in the case of DSL but I'm not sure about cable. Often you can get one or more static ips at little cost that way, too.

Re:Work yourself around it

[tepples]

Surf using HTTPS only. Not all web sites over this, yet.

And they won't until April 2014, when Internet Explorer for Windows XP reaches its end of life. Until then, roughly 14 percent of all traffic comes from web browsers that don't support Server Name Indication, which is the only way that shared hosting providers can feasibly offer HTTPS. The most popular browsers with SNI-ignorant SSL stacks are IE on XP and Android Browser on Android 2.x.

Re:Work yourself around it

Unfortunately business class cox is quite a bit more, 10/2 service is 200 a month whereas residential is 65 a month for 25/2.5 service.

Re:Work yourself around it

[Antique+Geekmeister]

Or they can use IPv6 and IP based web servers, instead of the amazing crap that is server name based virtual hosting and which has *never* worked well.. Avoiding the guesswork, rewriting, and redirecting rules of name based virtual hosting is one of the best justifications I know for using IPv6.

Re:Work yourself around it

[Dwonis]

I agree, but we'll have to wait for XP to die to switch everyone over to IPv6, too. :)

Re:Work yourself around it

[petermgreen]

Or they can use IPv6 and IP based web servers

I'd bet that most users who don't have SNI supporting browsers don't have access to IPv6 servers either. IIRC IPv6 on windows XP is turned off by default which for most users means it may as well not be there.

instead of the amazing crap that is server name based virtual hosting and which has *never* worked well.

I've been using it for years with no problems. If you are going to claim something that is used by almost every hosting provider on the planet and by many private servers too has "never worked well" you'd better come up with some convincing evidence.

Avoiding the guesswork, rewriting, and redirecting rules of name based virtual hosting is one of the best justifications I know for using IPv6.

umm at least with apache there doesn't seem to be much difference. With IP based vitual hosting you tell it what IP you want to go with each site. With name based virtual hosting you tell it a list of names to go with each site.

Re:Work yourself around it

[RandomJoe]

Good grief, where?!? Or perhaps that's to an actual business?

I have Cox Business at home, started out at 8/1 but they've since upgraded me to 15/3 - and my actual speed tests always give me more like 30/15! With 5 static IPs I pay $105/month. The breakdown shows the base service is $85/mo with one IP, each additional IP is $5/mo.

I had the residential service before, at the time (a few years ago) I paid $44/mo for the "standard" speed (can't remember what it was). Both of these are Internet-only, no TV or phone.

Can't say whether it's more reliable than the residential service, I never really had trouble with it either.

Re:Work yourself around it

That's the price they list on cox.com, If you do a 3 year term they discount it quite a bit but I'm paying $65 a month with no contract for 25/2.5 service now. With a 3 year contract I can pay like $85 a month for 10/2 service, quite a service drop with quite a price hike. Cox's business class prices suck. If U-verse was here I'd be on it in a heartbeat, $80 a month for 24/3 service with no caps would be nice.

Re:Work yourself around it

IPv6 works great in XP, just have to manually enable it unfortunately.

Re:Work yourself around it

[Antique+Geekmeister]

Please excuse my language: I just spent a long time with a partner who insisted on doing things _very much_ the hard way.

> I'd bet that most users who don't have SNI supporting browsers don't have access to IPv6 servers either. IIRC IPv6 on windows XP is turned off by default which for most users means it may as well not be there.

Please separate the requirements of their browsers from the requirements of their servers. The need for SNI is primarily due to the difficulties of SSL key handling: when you connect to an IP address for an encrypted SSL connection, which is tied to the IP address and the host's SSL keys associated with that IP address.

SNI provides some useful workarounds for that requirement, but it's often been awkward to scale and to support. Profound difficulties occur when supporting the name-based virtual servers for people and software _who refuse to follow the best practices_. The results can be nightmarish. If I, as a user, use "www.example.com" instead of "example.com" and they're both at the same IP address, I can often wind up with completely different web pages and little hint of what I did wrong, and then call tech support about the problem. Similarly,

It's a problem I, or my colleagues, run into several times a year.

> umm at least with apache there doesn't seem to be much difference. With IP based vitual hosting you tell it what IP you want to go with each site. With name based virtual hosting you tell it a list of names to go with each site.

The difference is that there are often many ways to reach exactly the same IP address with alternative hostnames in the URL, such as DNS aliases, putting a "." on the end of the hostname (which is completely valid in DNS and prevents the addition of an automatic local domain extension), shortened hostnames if your local DNS supports adding the local domain, modified /etc/hosts files on the client, (which is still far too common a practice from very, very old setup documentation), internal DNS versus DNS entries in sites that use load balancers or static NAT, and others. Couple this with old and poorly managed configuration files complex ourtward facing environments, and a long QA and release process, as is common in large environments, and the slightest name-based misconfiguration can corrupt the entire site and be very awkward to trace back.

There is also the very confusing behavior when common software configurations start putting IP address "127.0.0.1" and "::1" in the webserver's /etc/hosts with the fully qualified hostname. This is actually quite common, but it means that the web server itself can't reliably detect whether the web server is running properly running. Going to the IP address by typing it directly is not necessarily the same virtual host, and redirects will go to the /etc/hosts specified "127.0.0.1". This makes testing the primary web service from the same host itself quite chaotic.

The IP based virtual hosting not only allows far easier management of these configurations, it allows vastly simplified packet analysis to trace and analyze the virtual host specific network traffic. For that reasoon alone, I urge partners and colleagues to switch to IPv6 IP based virtual hosts for crowded externally facing virtual hosts, and to feel free to use IPv4 virtual hosts for internal NAT'ed addresses.

Re:Work yourself around it

[kasperd]

but we'll have to wait for XP to die to switch everyone over to IPv6, too

I have a translation solution that can get those XP clients to talk to IPv6 servers (it works a bit like NAT46).

Re:Work yourself around it

[petermgreen]

Please separate the requirements of their browsers from the requirements of their servers.

You can only deploy something if it works with your clients. Practically speaking for a public facing web server that means supporting all common* client setups**. For the moment neither SNI or IPv6 has sufficiently wide support in client setups to make deploying it on a public facing website reasonable. Therefore the only reasonable way to deploy SSL on a public facing website at the moment is to have a dedicated IPv4 address for each certificate which given the current IPv4 address shortage means that bottom of the barrel web hosting plans won't be doing it.

I expect SNI support to become ubiquitous before IPv6 support and connectivity does but I could be wrong.

Profound difficulties occur when supporting the name-based virtual servers for people and software _who refuse to follow the best practices_. The results can be nightmarish. If I, as a user, use "www.example.com" instead of "example.com" and they're both at the same IP address, I can often wind up with completely different web pages and little hint of what I did wrong, and then call tech support about the problem.

That could probably be avoided by having a policy of configuring servers to respond to both the bare domain and www. in the same way unless specifically requested otherwise.

There is also the very confusing behavior when common software configurations start putting IP address "127.0.0.1" and "::1" in the webserver's /etc/hosts with the fully qualified hostname. This is actually quite common, but it means that the web server itself can't reliably detect whether the web server is running properly running. Going to the IP address by typing it directly is not necessarily the same virtual host, and redirects will go to the /etc/hosts specified "127.0.0.1". This makes testing the primary web service from the same host itself quite chaotic.

I can see that being a problem in situations involving mixed name based and IP based virtual hosting. Still it's an easy enough one to avoid once you know about it. It's probablly best to avoid having a machine's primary name reflect one of the names it hosts anyway as it can make things very confusing if services move around.

The IP based virtual hosting not only allows far easier management of these configurations, it allows vastly simplified packet analysis to trace and analyze the virtual host specific network traffic.

Yes I can see that.

Still I don't think requiring a bit more care to deploy correctly is synonymous with "never worked well"

For that reasoon alone, I urge partners and colleagues to switch to IPv6 IP based virtual hosts for crowded externally facing virtual hosts

Are you saying you advocate people run public websites on IPv6 only today? (thus making them inaccessible to a substantial fraction of internet users)
Are you saying that if SNI and IPv6 support were both ubiquitous among the clients you are interested in you'd advocate using IPv6 than SNI? (IMO this is perfectly reasonable but for public websites it's a long way off)

*exactly where you draw the threshold of "common" depends on how many users you are prepared to lose
**Where setup includes the browser, the OS, the internet connection etc.

Re:Work yourself around it

Are you fucking claiming that Internet Explorer (only when running on Windows XP) doesn't support SSL?

God damn, slashdot.

Re:Work yourself around it

[tepples]

Internet Explorer on Windows XP supports SSL but does not support Server Name Indication, which means it doesn't usefully support the combination of SSL and name-based virtual hosting.

Paranoia Confirmed

Last night while trying to access my email on Cox it was down but then I noticed my traffic being redirected in odd and strange ways. I said out loud "I know it seems paranoid, but I think Cox is hijacking my traffic, I'm getting off of this site!". Now I read this and my paranoia is confirmed. I may as well think that my additional paranoid thoughts are true on this subject such as when the Cox internet goes down many times it is their DNS server which tanks because they have too many monitoring and traffic shaping measures employed and it just stalls out every now and again. They also seem to serve up ads with the same technique I was having a huge problem with OS X and checked my system up and down to find everything was fine. The only thing that changed was the ISP and I quickly switched to the Google public DNS servers. Since then I've had much more up time and way less ads. Netflix is almost twice as fast too. Don't let COX sell your privacy up the river I recommend for everyone to drop their COX DNS servers starting today.

Re:Paranoia Confirmed

[jittles]

I quickly switched to the Google public DNS servers. Since then I've had much more up time and way less ads. Netflix is almost twice as fast too. Don't let COX sell your privacy up the river I recommend for everyone to drop their COX DNS servers starting today.

*raises eyebrow* Are you sure you didn't accidentally hit the fast forward button? I don't see why Google's DNS would cause videos to play almost twice as fast... But I suppose they could be injecting JS to hit the fast forward button for you. ;)

oh neat!

official corporate correspondence via html & javascript on domains they don't own?... brb: gone phishing ^_^

ironic captcha: warrant

Not all web sites support HTTPS

[tepples]

Unless the web site that you're reading doesn't offer a secure protocol. Slashdot, for example, redirects HTTPS to HTTP unless you subscribe. A lot of smaller sites don't offer HTTPS at all, possibly because they're on a shared hosting plan. Entry-level shared hosting plans tend not to include HTTPS for reasons involving outdated browsers (mostly IE on Windows XP and Android Browser on Android 2.x) and the IPv4 address shortage. I recently moved my own web site from Go Daddy to WebFaction because WebFaction offers SNI hosting, which is a form of HTTPS that works pretty much everywhere but those two outdated browsers, at no additional charge.

Re:Not all web sites support HTTPS

[X0563511]

That is not a client problem in both cases. If you offer HTTP you should be offering HTTPS as well.

You don't have to force it - this lets you use it unencrypted if circumstances (such as old or incompatible browsers as you mention).

Re:Not all web sites support HTTPS

I think we'd be out of IPv4 addresses if every domain offered SSL.

Re:Not all web sites support HTTPS

[tepples]

That is not a client problem in both cases. If you offer HTTP you should be offering HTTPS as well.

Then how do so many popular shared hosting providers get away with not offering HTTPS?

Re:Not all web sites support HTTPS

[Zero__Kelvin]

Don't think. You weaken the nation.*

*In case it isn't clear to some mod who is thinking of modding this post as a troll or flamebait, you don't need, or want for that matter, a different IP Address for SSL. It is the same IP, with a different port number.

Re:Not all web sites support HTTPS

[X0563511]

Just because it's a tradition or what everyone else does, doesn't mean it's right.

Re:Not all web sites support HTTPS

[unrtst]

Then how do so many popular shared hosting providers get away with not offering HTTPS?

1. SNI (Server Name Indication) is somewhat new. The operators may not know about it, may not know enough about it, or their tools (deployment/config/etc) may not support it (yet, or at the version they bought).

2. SSL incures more overhead. They're trying to run cheap, and this runs counter to cheap. They can offer slightly more expensive plans including SSL.

3. (most likely, IMO) because SNI isn't 100% supported. They could care less about what your users experience is, but your experience (their direct customer) could cause a SIGNIFICANT increase in support costs. Imagine a user getting a vhost that says they include support for HTTPS (with an asterisk pointing to fine print saying it's via SNI), and then when the user goes to their new HTTPS site, they end up on someone elses site, or a generic placeholder page... "WTH! Where's my HTTPS site?!?".

IMHO, SNI should be an opt-in option from all/most shared hosting providers. IE, they shouldn't offer it by default, and should make it clear what the limitations are. For the biggest and cheapest of shared hosting providers, especially those where the service is secondary to their primary service (ex. GoDaddy), it doesn't surprise me in the least that they don't offer it.

Re:Not all web sites support HTTPS

[tepples]

Try telling that to someone like CronoCloud, who claims that questioning the tradition of not allowing startup companies to develop and sell video games in certain genres is a waste of time.

Ad Injection

[jomama717]

Who's to say some significant fraction of popup adds we see in general browsing aren't injected by the ISPs? The actual content providers could be totally unaware while the ISPs are selling ad space on any site, what a cash cow.

ISP: Hey, company X - for $100,000 we can make sure your ads are seen on 3% of all requests in region R, on sites with content targeted at demographic D.
Company X: Is that legal?
ISP: Of course! It's right here on page 17 of the terms and conditions...

Why wouldn't they??

Re:Ad Injection

[zippthorne]

Makes sense. The cable companies already do this with television ads. It's only a matter of time if they're not doing it already. Too bad there's no alternative in my area for broadband.....

Is it possible to browse https most places?

Social-engineering a cert installation

[tepples]

If you find a way to inject data (in a useful way) into an HTTPS stream without adding your own certificate to the person's computer

The easiest way is to just con users into installing a certificate. After several failed connections on port 443, the next hit on port 80 will be MITM'd to say "Have you been getting certificate errors? This certificate allows devices using this Internet connection to connect to secure websites. Here's how to install it:" followed by instructions pertinent to the User-agent that retrieved the page.

DNS hijacking

[technosaurus]

And what is to keep them from routing everything from pagead2.googlesyndication.com doubleclick.net, etc... to their own server at XXX.XXX.XXX.XXX? absolutely nothing, I do it locally using /etc/hosts as a browser independent ad blocker, but they could set up their primary dns server to steal all of google's (and others') ad revenue that Cox customers would have generated. I just threw together a working prototype using bash and netcat in about 10 lines. But why stop there, they could mirror popular CDNs with mostly static content too and inject even more revenue (ajax.googleapis.com/... for example which not only serves jquery and many popular js libraries but also static ads at imagead?...some.swf) Also did this in 5 more lines of shell + sed (obviously you wouldn't use a shell script for a production server, but it would have taken me a lot longer to do it in C)

But why stop there, route all competitor domains to similar sites owned by Cox.
But why stop there when they could layer all payment code with a "protective" Cox wrapper for a measly 10% of each transaction...
But why stop there, just make everything on the internet Cox

All completely possible. ...anyone switching to opendns yet?

Who cares if its fraudulent? It will generate enough revenue to buy our way out of it right... right?

Re:DNS hijacking

[adibe]

Now that's a great idea for a discounted internet service.
I'm sure that many would pay $5-$10/mo. for a high-speed internet connection but with all ads supplied by the ISP.

Re:DNS hijacking

[Z00L00K]

All completely possible. ...anyone switching to opendns yet?

I did set up my own DNS server instead - free from both OpenDNS and the ISPs filtered version.

You only need a Linux box and Bind.

Re:DNS hijacking

Why both with the dns part? Since they control the routing, they could just route everything for 74.125.227.45, 74.125.227.57 and 74.125.227.58 to their own server at XXX.XXX.XXX.XXX

Seriously ...

[sgunhouse]

Being a web browser support person, I get to hear about ISPs injecting code in web pages frequently, first time was ... what, 7 years ago? Of course, usually that was ads; in that sense at least Cox is not trying to sell you anything.

First case I recall was a Canadian ISP injecting their own ads into search results. More recently there's a low-cost ISP in India which will inject ads in any (insecure) web page.

Of course, I'm not going to pay for someone's service and tolerate them inserting pop-up ads into the pages I see. If they were giving the service away for free or at a substantial discount (like NetZero does) then that's one thing, but paying near full price for something like that doesn't cut it.

More invasive than that

Actually it's far more invasive than that, it means they actually LISTEN to the phone conversation and choose the correct GAP in that conversation to inject their javascript. They don't just randomly shove in javascript into a HTTP socket, they have to be watching the traffic.

So they're giving themselves the basis for monitoring your URL surfing later too.

So when they inject adverts, or sell your surfing habits to others, they can point to this and point out that they've been monitoring web surfing and injecting message 'for service quality purposes' for a long time. And thus the change is actually minor, because you like quality service don't you?

Remember phone logs? Tony Blair demanded that phone records for everyone be kept for 2 years and available on demand, he pushed it through the EU when the UK had the chair. His argument was that 'this data is already kept for billing purposes so it changes nothing'. So he opened the basis for spying on everyone, just in case sometime in future they commit a crime. And his lawyer game was, "well it's recorded for billing" so it's only a minor change. The minor change being to keep it for 2 years and replace the warrant with a RIPA letter from one of Murdochs employees in the police.

Your surfing is already monitored, so it makes no difference if we also monitor it on behalf of Govt/RIAA/Voting Corp/Marketing Corp/Fox News/News International...

Does Cox supply Belkin routers?

[Spamalope]

http://hardware.slashdot.org/story/03/11/11/0031204/belkin-to-offer-firmware-fix-for-router-hijacking

Charter acts like cox

[presspass]

Charter cable in Michigan does this if your bill is overdue.

Dicks. Oops, I mean Cocks.

Or go legal.

[dutchwhizzman]

Or file a complaint for violation of Net Neutrality by modifying part of your internet traffic to their leisure. Also, as a content provider, you could sue for breach of copyright. They are putting their preferred content in other people's web sites without their explicit permission. I'd say that's reason to sue for anyone offering content to Cox subscribers, not?

Re:Or go legal.

[Fnord666]

Also, as a content provider, you could sue for breach of copyright.

This assumes that the actual content providers care and are willing to take action. I'm guessing that they are not. This might also open a can of worms that you would prefer stay closed. For example, by blocking ads in your browser you could be considered in breach of the content provider's copyright. Frankly I'm surprised that content providers haven't taken this approach before now.

Complain

[MrL0G1C]

So if you have Cox, complain to them, if enough people threaten to leave they might actually listen, bringing up suggestion of class action lawsuits might help too.

corporate.investor.orderinfo@cox.com

HTTP not just for web pages

[fa2k]

HTTP is used for many purposes besides delivering HTML pages. This is a stupid idea.

Cox probably only injects it when the response has the correct MIME type, so you don't get it in images and binaries. Still, there is a huge amount of XML and HTML that is never intended to be seen by the user: automatic update checks can break, all kinds of mobile applications and other networked applications, aggregator services, etc. Some IM programs use HTTP-like requests.

There was a good analogy above, that this is like playing a recorded message when someone makes a phone call, before transferring it to the correct recipient. As you can imagine, this would screw up faxes and modems quite bad.

Now that I'm done complaining, I should come up with an alternative. The best candidate is email, but the email was down so it wouldn't help much. They surely should put up a big message on the home page, as many people will be going there to look up the phone number for tech support. Apart from that, I think the correct way to handle it is to do nothing. This HTTP injection technique may be appropriate for urgent security problems, but not for announcing an outage.

Re:HTTP not just for web pages

[fa2k]

[What Cox is doing] is a stupid idea.

FTFM

Isn't this illegal?

[acoustix]

This is basically a man-in-the-middle attack.

Re:Isn't this illegal?

[digitalaudiorock]

I was going to ask the same thing. How can it possibly be legal for an ISP tamper with the content like this? I'll bet this would even trick NoScript into assuming the javascript came from the same site as the page. If this is legel, I'm a bit stunned. It certainly shouldn't be.

Bend Broadband

[chriscappuccio]

Bend Broadband (Bend, OR) has been doing this for at least 3 years by now. Is this seriously the first time anyone has noticed this?

The new Emergency Broadcast System

[Bretski]

Not much difference between this and the "emergency alert system" on radio and TV. Content is interrupted and "important" messages are broadcast in its place. Maybe this needs some coordination and oversight by the FCC, and this could become a good thing. Compared to 20 years ago, very few people would realize any benefit from the TV/radio emergency broadcasts, unless it was on the Internet somehow like this.

IPv4-only ISPs

[tepples]

For that reasoon alone, I urge partners and colleagues to switch to IPv6 IP based virtual hosts for crowded externally facing virtual hosts

Let me know when all home DSL ISPs, all home cable ISPs, all home fiber ISPs, all satellite ISPs, and all mobile ISPs are routing IPv6. Otherwise, users behind an IPv4-only ISP will likely end up failing to connect to externally-facing hosts that you set up because there's no A record, only AAAA.

Invasive

[sanitysama]

This has been popping up while I'm browsing porn and it's making me extremely nervous.

Re:Invasive

[Old+Wolf]

This has been popping up while I'm browsing porn and it's making me extremely nervous.

So you're saying that the Cox outage was already happening?

TOR

will give you a clear internet windscreen.

I for one am not surprised

[Crypto+Gnome]

The Cable Companies want you to PAY for cable TV even though you still have to watch advertisements.

Now Cox Communications are doing functionally the same thing in your internet.

Are you ABSOLUTELY certain that those ads you see weren't actually injected by Cox just like these outage notices?

Vote with your wallet people, this is yet another deliberate attempt to completely screw up everything we love about the internet.

Re:I for one am not surprised

I wish I could, but the only other isp anywhere near me is at&t, and they don't service my apt :(

Breaking News

[viperidaenz]

ISP does what they told you they would!

If you don't want this kind of thing happening, read the terms of service before you sign up.

Easy solution

[njahnke]

Just email everyone about the problem!

Its not really inserting code into packet

[syleishere]

Its not really advanced DPI filtering injecting code on a packet per packet basis, most likely what they doing is using firewall to redirect all port 80 outgoing traffic through a proxy like squid, nginx etc and those programs have a simple config type file you can edit to insert what you want. Its really an evasion of privacy to do this, even more so because hollywood and music industries latest way to make money is say, make a crappy cd of music, post it on a torrent, then go sue any IPs downloading it, asking ISP's to invade users privacy to snoop their traffic to obtain this information, yes, what a joke. What is really going to happen if ISP's continue down this road of not protecting users privacy, users will start using third parties to bypass their ISP's filtering and inspection, opening up a whole new problem of possible malware etc. I mean look at problem with not offering windows7 or windows8 free to begin with, people download and install it and take the malware just to get it free, at least OS's like linux have it right here. In my opinion if ISP's are doing any kind of packet inspection at all, yes its almost like having to pay a cable company to watch their ads, then their service should be sold at a reduced cost, and it should be made public their terms of service for handing you over to joe and pop music store law firm for downloading anything as well so you can take appropriate measures to bypass their inspection to protect their own privacy through encrypted VPN's or whatever they can.

How to notify email users

[hicksw]

Couldn't they, you know, send their email customers an email?

Nah, probably get blocked as spam.

Who have they outsourced their email administration to?
--
Never attribute to stupidity that which can be explained by greedy self-interest.