February 28, 2011

Déjà Vu: ISP Hijacking Google (and Other) Pages for Ads Via DPI - "Deep Packet Interference"

Greetings. Regular readers may recall the considerable furor that was triggered a bit over three years ago, when I revealed and demonstrated that a Canadian ISP was testing Deep Packet Inspection (DPI) techniques to insert their own informational messages above the Google Home Page and other Web site pages.

At the time, I explained that the JavaScript method employed depended on the use of unencrypted (non-https:) connections, and I noted that it would be a simple step to full-blown ISP-based ad insertion (without the permission of the affected sites) via the same intrusive mechanism.

Now come reports that cable ISP Mediacom has pulled the trigger on this escalation, by actually inserting their own promotional ads above other sites' pages, such as Google in this example.

Starting from this point forward, I urge the use of the (apparently previously "uncoined") term "Deep Packet Interference" (conveniently also "DPI") for this sort of unacceptable chicanery.

Google now supports https: connections that block such behavior, but you do need to explicitly specify the "https://" URL prefix to enable the encrypted path when using Google Search (some other Google services use https: by default -- there are some complex technical issues involved in this area).

And perhaps Toward Pervasive Internet Encryption: Unshackling the Self-Signed Certificate now has some additional significance -- with the proviso that I now definitely believe that a variety of techniques other than traditional PKI certificate-based encryption systems are worthy of major consideration toward achieving the goal of pervasive crypto across all aspects of the Internet.

In the meantime, Mediacom's apparent commercial interference with the communications between Web sites and their users provides a red flag warning -- and a vivid example -- of the extreme level of packet tampering that some ISPs are apparently ready, willing, and able to deploy.


Posted by Lauren at February 28, 2011 05:46 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein