# Comcast begins man-in-the-middle attacks to showcase copyright notices



## MannDude (Nov 23, 2015)

As per: http://www.neowin.net/news/comcast-begin-man-in-the-middle-attacks-to-show-copyright-notices-on-websites


This is the actual code they inject into web pages ( https://gist.github.com/Jarred-Sumner/90362639f96807b8315b ).


I guess this is yet another reason why normal websites should use HTTPS...


----------



## HBAndrei (Nov 23, 2015)

I'm no US citizen but as far as I've read about Comcast, these guys have no boundaries and no shame in regards to the lengths they'll go to in order to piss off their clients... quite sad and pathetic.


----------



## Licensecart (Nov 23, 2015)

There's no reason why anyone should have http on their website at all when there's LetsEncrypt which is offering free SSLs, and you can get them for $5-$9 for basic SSLs.


----------



## mitgib (Nov 23, 2015)

Licensecart said:


> There's no reason why anyone should have http on their website at all when there's LetsEncrypt which is offering free SSLs, and you can get them for $5-$9 for basic SSLs.



You don't deal with people outside the industry much do you?


----------



## drmike (Nov 24, 2015)

Licensecart said:


> There's no reason why anyone should have http on their website at all when there's LetsEncrypt which is offering free SSLs, and you can get them for $5-$9 for basic SSLs.



Maybe if the whole SSL world was literally simple for mere humans and servers made it mega simple, then maybe traction would happen.  Fact is, I don't even care to fart around with SSLs.  It's up there with other time wasters like running your own mail server.  Both are as fun as a trip to doctor.


----------



## HN-Matt (Nov 24, 2015)

@HBAndrei yeah, super obnoxious.


----------



## drmike (Nov 24, 2015)

HN-Matt said:


> Yeah, super obnoxious.



It's not just Comcast.  Most cable companies in the United States are about equally as retarded.


The one I use went bananas a few months ago when I finally yanked the last bit of their direct plaintext snooping away and put DNS lookups out via crypto and in tunnels.


Next day, BOOM suspicious activity on connection.  Said malware, must be hacked or someone using wifi that is open.  Zero explanation.   But literally < 48 hours after the changes were final that.   It was a PITA getting stuff to stop it with their forced DNS.  No control over the cable modem, although I own it.  They force feed things from there and it's aggressive.  Literally had to segment the network and setup a second access point / router to work around the matter cleanly and safely.


----------



## HN-Matt (Nov 24, 2015)

Shitty cable and no choice where I live too. It's either Shaw or Shaw here, both are awful.

It can be fun leaving certain spaces 'unguarded' in plaintext. Thrilling, even! I bet it might feel like streaking to some. 


There is also the art of brewing your own fermented plain text. If it doesn't turn out to be palatable, just cover some glasses in saran wrap and poke little holes in the top.


----------



## HN-Matt (Nov 24, 2015)

drmike said:


> The one I use went bananas a few months ago when I finally yanked the last bit of their direct plaintext snooping away and put DNS lookups out via crypto and in tunnels.
> 
> 
> Next day, BOOM suspicious activity on connection.  Said malware, must be hacked or someone using wifi that is open.  Zero explanation.   But literally < 48 hours after the changes were final that.   It was a PITA getting stuff to stop it with their forced DNS.  No control over the cable modem, although I own it.  They force feed things from there and it's aggressive.  Literally had to segment the network and setup a second access point / router to work around the matter cleanly and safely.



At least in those situations it's easy (& often amusing) to know who is doing it. Or sad and pathetic. I think it can almost be more fun to let them carry on with the talentless eavesdropping in a sense. An ongoing affirmation of certain true colours, hopelessly cathected. I mean, if the context of the snooping had reached peak asininity long ago, why bother stopping it now? It might even be possible to reverse engineer the lemonaid into lemons.


----------



## drmike (Nov 24, 2015)

HN-Matt said:


> At least in those situations it's easy (& often amusing) to know who is doing it. Or sad and pathetic. I think it can almost be more fun to let them carry on with the talentless eavesdropping in a sense. An ongoing affirmation of certain true colours, hopelessly cathected. I mean, if the context of the snooping had reached peak asininity long ago, why bother stopping it now? It might even be possible to reverse engineer the lemonaid into lemons.



Oh no doubt,  perhaps one of these days I'll run their logs up doing namelookups on every domain that exists 


I don't care what their intents are, I never wanted their DNS crap, often not reliable and slow.  More hoisted upon crap.     Duopoly ISP options just suck.   Competition in the marketplace has ahhh failed due to franchising and exclusive deals.


----------



## InertiaNetworks-John (Nov 24, 2015)

Pretty sure that they have been doing this for quite a few years. No sources, but I remember an old friend had this happen to them about 2-3 years ago.


----------



## MikeA (Nov 24, 2015)

I don't use Comcast, but my cable company has been nothing but great with me so far letting me torrent all of my favorite shows and movies.  Hey, the free static IP was a nice bonus.


----------



## drmike (Nov 24, 2015)

MikeA said:


> I don't use Comcast, but my cable company has been nothing but great with me so far letting me torrent all of my favorite shows and movies.  Hey, the free static IP was a nice bonus.



Darn lucky you are, whichever cable company that is.  I take it this is a regional cable company and not one of the national giants?


I laugh at static IP pricing with cable companies.  Biggies want $20-30 per month per IP.


----------



## MikeA (Nov 24, 2015)

drmike said:


> Darn lucky you are, whichever cable company that is.  I take it this is a regional cable company and not one of the national giants?
> 
> 
> I laugh at static IP pricing with cable companies.  Biggies want $20-30 per month per IP.





It is a big one, but they aren't in the news about enforcing pirated downloads. They require business class for static IPs, I'm on a DHCP range but I've had a fixed IP for years since I originally asked about it (even with long 12+ hour power outages and dozens of modem resets/changes.)


I'd never touch Comcast though.


----------



## HN-Matt (Dec 7, 2015)

drmike said:


> The one I use went bananas a few months ago when I finally yanked the last bit of their direct plaintext snooping away and put DNS lookups out via crypto and in tunnels.



I was researching this today and found that Opera (browser I haven't really started using until recently) is really leak happy with DNS. Apparently older versions used to have a 'Use Remote SOCKS DNS Lookups' option in opera:config, but that isn't there now. I'm either blind or the feature has been removed entirely. It's easy enough to proxy DNS in Firefox, I don't see why any contemporary browser would come without the ability to do so... especially if the option was there in previous versions!


What's next, the deprecation of BBCode?


----------



## gordonrp (Dec 7, 2015)

VPN everything to a DC that you trust. Residential ISPs have been collecting/selling browsing data etc for decades.


----------



## drmike (Dec 8, 2015)

HN-Matt said:


> I was researching this today and found that Opera (browser I haven't really started using until recently) is really leak happy with DNS. Apparently older versions used to have a 'Use Remote SOCKS DNS Lookups' option in opera:config, but that isn't there now. I'm either blind or the feature has been removed entirely. It's easy enough to proxy DNS in Firefox, I don't see why any contemporary browser would come without the ability to do so... especially if the option was there in previous versions!
> 
> 
> What's next, the deprecation of BBCode?



Time for DNSCRYPT:


https://dnscrypt.org/


I utilize that inside of a VPN.


----------



## HN-Matt (Dec 8, 2015)

gordonrp said:


> VPN everything to a DC that you trust. Residential ISPs have been collecting/selling browsing data etc for decades.



"From residential ISP to black market identity broker in less than 10ms or your money back!"



drmike said:


> Time for DNSCRYPT:
> 
> 
> https://dnscrypt.org/
> ...



Seems astonishing to think of how long the internet has been around for and yet one _still_ has to install and configure heaps of extra software for even the most basic protection.


----------



## drmike (Dec 8, 2015)

HN-Matt said:


> "From residential ISP to black market identity broker in less than 10ms or your money back!"
> 
> 
> Seems astonishing to think of how long the internet has been around for and yet one _still_ has to install and configure heaps of extra software for even the most basic protection.



Bahaha!  VPN is a necessity, for safety, sanity, for mixing data brokers up, for shunning pimple faced Lowenders with nothing better to do than DDoS.


We still make glass windows that are insecure as can be.  We still have minor protection even in the real world. Protection is a chore, an ongoing set of best practices and it comes with cost, effort, etc. 


DNSCRYPT is simple, but like most projects the DOCumentation leaves too much to be desired for commoners. (every time I figure on of these 'open' or 'free' solutions out I feel like I've attended a 2 month education course. One of these days I'll do a write up on DNSCRYPT along with with some other stuff I use in a stack on an ARM device.


----------

