Cox Comm. Injects Code Into Web Traffic To Announce Email Outage

An anonymous reader writes "Cox Communications appears to be injecting JavaScript and HTML into subscribers' traffic, as part of their effort to announce an email service outage. Pictures showing the popup."

Is this News?

[omega6]

Providers have been doing similiar things for a while...If you want security, use https.

Re:Is this News?

[Pedrito]

No, not like this. At least I've never seen it before. This is intrusive. I've had it show up in my browser at least 3 times in the past couple of hours and it's about a service I don't even use. I don't care if their e-mail is out. I don't use their e-mail. I don't want this stuff and there ought to be a simple way to opt out.

Re:Is this News?

[sabri]

No, not like this. At least I've never seen it before. This is intrusive. I've had it show up in my browser at least 3 times in the past couple of hours and it's about a service I don't even use. I don't care if their e-mail is out. I don't use their e-mail. I don't want this stuff and there ought to be a simple way to opt out.

There is, it is called: Vote With Your Money...

Re:Is this News?

[mwvdlee]

there ought to be a simple way to opt in.

FTFY

Re:Is this News?

[Pedrito]

Actually, that's exactly what I'm going to do now. I was already pissed because my connection has been going down a lot lately. Then they pull this crap. Bye Cox!

Re:Is this News?

[GoodNewsJimDotCom]

Too bad you can't vote with your money when there is a monopoly/oligopoly. I remember Comcast suing the government for competing in certain areas. Why isn't UPS and Fedex suing the Post Office?

Alternative title: Cox acting like a bunch of dicks.

Re:Is this News?

[guttentag]

It's the modern equivalent of the phone company playing a recorded message while you are talking to someone on the phone. Or the post office opening your mail and gluing a message to the contents, ransom-note-style, about your mail carrier being out sick. It wouldn't happen. But cox wants to condition people to think of the web like cable TV, where thy can cover part of the picture with service announcements. The FCC needs to weigh in on this and stop it.

Re:Is this News?

I just love Cox. That's my favorite part of the internet. I'm on Cox for several hours a day, every day. You might say I'm a Cox addict. If Cox wants to deliver a friendly payload during my regular service, I don't find that hard to swallow. I'm quite pleased when Cox injects this sort of material for me and I'm always eager for more. If you haven't tried Cox, you really should. There's nothing quite so fulfilling or satisfying as Cox.

Re:Is this News?

[theskipper]

Or instead there ought to be a simple way to just opt in. Or they could produce a FF/IE addon. Or put a big notice on their homepage with this info. Or automated social media notifications. Etc.

Messing with DNS to redirect bad domains to ad parking pages is still around but no one cares anymore. However, this is right in the user's face which feels different, like it's an offensive volley, like one ISP is finally ready for war. The first battle in ISPs training users to accept a tainted connection.

In all honesty, I think they picked the perfect application to start the ball rolling. Few average Joe customers would argue against email outage notifications because it seems like it's an important function that the ISP should provide. More importantly users are used to dynamic pages now, it "feels" like a Facebook or Twitter thing. So in their mind it's probably ok, or at least something that would be hard to argue against from a layman's perspective.

So it's a good starting point to start boiling the frog. I'll bet that their internal calculations show no more than one year to completely boil the poor beast (i.e. ad insertions). That's the holy grail.

Re:Is this News?

[DarkTempes]

You can use noscript or any adblock addon to block this.

Look for something like <script src="http://184.178.98.*/static/FloatingContent/243/floating-frame.js" type="text/javascript"></script> in the head.
Craft rules as appropriate.

Re:Is this News?

[craigminah]

Don't want to complain or you might get Cox blocked.

Re:Is this News?

[sjames]

That and they need someone to deliver the last leg on unprofitable routs. More privatized profits and socialized losses.

Re:Is this News?

[paiute]

http://www.esquire.com/blogs/politics/post-office-default-11215023

"In other words, we can no longer have nice things from what is still, in theory, our government, because we have placed what is still, in theory, our government into the hands of vandals and madmen, so the solution is to hand everything over to a private sector that repeatedly has shown that, in the pursuit of an extra nickel in profits, it would sell your grandmother to the Somali pirates and drill an oil-well in Lincoln's nose on Mount Rushmore."

Re:Is this News?

[Kjella]

So... Your Cox has been down more than you'd like, and you can't get your Cox to stay up? Getting rid of it entirely is an option, I suppose, but I keep hearing about medications that claim to keep your Cox up any time you want it up.

Well his email is down, so he hasn't been getting any of the many, many, many offers to fix this.

Re:Is this News?

[martin-boundary]

Wrong. Injecting HTML code into an HTTP stream breaks the end-to-end principle. With HTML5 being as complex as it already is and web apps doing all sorts of Weird JavaScript Shit(TM), there is no way anyone can guarantee that adding HTML snippets _anywhere_ won't break a user's session. This isn't fixable on the user end, this is buggy behaviour in the network.

They should have warned us

[icebike]

Shouldn't they send an email warning us about injecting stuff in our web traffic?

Re:They should have warned us

[WWJohnBrowningDo]

I just injected a woosh into your HTTP stream.

You should feel it soon; or maybe it'll just go over your head again.

The amusing part

is that it refers to Outlook Express, a mail client that was deprecated over 5 years ago.

Nice single point of attack

Just compromise Cox's servers, and deliver your payload. Very blackhat friendly.

Re:Nice single point of attack

[jomama717]

It's simpler than that, once ISP popups become a regularity blackhats have an incredibly simple popup to copy that people will assume is their ISP, so all must be well. "Click here, and enter your account ID to find out if you are affected"...

In fact, is everyone absolutely certain this is actually Cox and not some malware outbreak masquerading as the ISP?

My ISP does this for far worse reasons.

[damnbunni]

I use Millenicom, who resells Sprint, and in my area Sprint started injecting JavaScript into every page that comes over HTTP to recompress all the jpegs to a much lower quality setting.

That, at least, I could block. Now they just recompress all jpegs that come over http to a horrible level. If I want to keep the internet from looking like ass, I have to use a secure tunnel. Which is obnoxiously slow on 3G.

(Unfortunately, there's nothing Millenicom can do about it. It's up to Sprint. And there's no opt-out.)

Raise your hand..

[claar]

Yep, I received this too, right on Netflix. Um, thanks, Cox, but even if I used your email service, I'd really rather watch my movie..

Keep your hands off my traffic, please. Is it too much to ask for you to simply carry my bits back and forth for the agreed-upon amount?

Bad practice..

[Nezic]

So now internet companies are essentially trying to train users to trust whatever information shows up on a web page that claims to be from 'known' sources?

After all the problems that spoof emails cause for people who don't know better, you'd think an internet provider *would* know better.

Causing web outage to announce email outage?

[billstewart]

I'm sorry, but if you're injecting Javascript and other text into my web sessions, that's a Web Outage (and a serious security threat.) If you're doing it to announce that your email service is down, that's probably annoying to customers who do use your email service, and much more annoying to customers who don't.

(Unlike many people here, I actually do use my ISP's email service, because it includes a shell account where I'm running procmail, in addition to the spam filtering they do, so email that gets forwarded by my primary email address does go through there. But otherwise I'd be running the filters somewhere else. And it still doesn't justify breaking my http sessions.)