December 08, 2007

Google Hijacked -- Major ISP to Intercept and Modify Web Pages

Blog Update (January 6, 2008): Would You Know if Your ISP Tampered With Your Web Pages?

Blog Update (December 30, 2007): Harbinger of 2008: ISPs Plow Forward with Internet Intrusion Plans

Blog Update (December 14, 2007): Rogers Replies re Web Ambushing: White is Black, Up is Down, Ignorance is Strength


Update (December 10, 2007 3:30 PM PST): Rogers has now publicly confirmed the activities described below.


Greetings. Please observe closely the image to your left, showing the home page for Google Canada (click the image for a full-sized, full-resolution version).

Does anything seem a bit odd about the normally clean and pristine Google front door? What the blazes is all that ISP-related verbiage taking up the top third of the page? Why would Google ever give an ISP permission to muddy up Google's public face that way?

Well, as you've probably already guessed, Google didn't give this ISP any such permission. The ISP simply decided to modify Google on their own, demonstrating a real world example of ISPs Spying On and Modifying Web Traffic that I was discussing yesterday.

Just brought to my attention today by a concerned reader who chose Google for his example, what you're looking at is reportedly an ongoing test by Rogers in Canada, scheduled for deployment to Rogers Internet customers next quarter.

In case you're curious, "ISNS" on the test Google interception page apparently stands for Internet Subscriber Notification System. For the morbidly curious, here's the javascript and associated code that enables this procedure, which can presumably be applied to any http: (unencrypted) traffic.

While Rogers' current planned use for this Deep Packet Inspection (DPI) and modification system (reportedly manufactured by "In-Browser Marketing" firm "PerfTech") is for account status messages, it's obvious that commercial ISP content and ads (beyond the ISP logos already displayed) would be trivial to introduce through this mechanism. By the way, PerfTech is even using Google for one of its linked promotional examples on the PerfTech home page. I wonder if they bothered to ask Google's permission for that?

Anyway, the fact that there's an opt-out present for future account status messages on the Rogers page insertions hardly changes the extremely problematic and network neutrality unfriendly aspects of such situations, as I noted in yesterday's blog item.

Question: Will Web service providers such as Google and many others, who have spent vast resources in both talent and treasure creating and maintaining their services' appearances and quality, be willing to stand still while any ISP intercepts and modifies their traffic in such a manner?

I can't say for sure of course, but I suspect that a likely reaction might be discerned by paraphrasing Bugs Bunny: "Eh, he don't know them very well, do he?"

--Lauren--

Blog Update (January 6, 2008): Would You Know if Your ISP Tampered With Your Web Pages?

Blog Update (December 30, 2007): Harbinger of 2008: ISPs Plow Forward with Internet Intrusion Plans

Blog Update (December 14, 2007): Rogers Replies re Web Ambushing: White is Black, Up is Down, Ignorance is Strength

Posted by Lauren at December 8, 2007 09:14 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein