Comcast using man-in-the-middle attack to warn subscribers of potential copyright infringement

By Shawn Knight ยท 7 replies
Nov 23, 2015
Post New Reply
  1. Comcast has resorted to using what’s essentially a man-in-the-middle attack to warn customers that they might be breaking copyright laws. The move, first brought to light by San Francisco-based developer Jarred Sumner, introduces all sorts of privacy concerns.

    As Sumner explained to ZDNet, Comcast is injecting a banner warning in browser sessions in which it believes a user might be downloading copyrighted material. The developer said the ISP is probably using deep packet inspection on subscribers’ Internet and / or proxying subscriber Internet when they want to send messages.

    It’s similar in practice to the warning that Comcast issues Internet users when they’re approaching – or have surpassed – their monthly bandwidth allotment. The copyright warning seems a bit more invasive, however, as it’s based on what you’re doing during a browsing session rather than how close you are to a cap.

    Sumner, who uses his Comcast connection at home, said the warning started appearing on ever single non-HTTPS website on every device on his home’s network. It doesn’t appear as though the warning is effective against sites that use HTTPS.

    The developer added that there are scarier scenarios where this could be used as a tool for censorship, surveillance or to sell personal information.

    Comcast already has in place a controversial six strikes copyright alert system in the US.

    A Comcast representative told the publication that this is “not new” and that its engineers posted an Internet Engineering Task Force (IETP) white paper on the matter in 2011.

    Permalink to story.

  2. Evernessince

    Evernessince TS Evangelist Posts: 2,109   +1,286

    So in other words, they are going to be taking a good peak at your data all because you might be viewing or downloading copyrighted material. I guess the NSA set a pretty good precedent, expect for the part where it's against the law.
    psycros likes this.
  3. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    Well people should't be pirating and they shouldn't be spying. Who's right or wrong? It doesn't matter, they at least have a 152K word, difficult to understand ToS to fall back on which nobody bothered reading before digitally signing.
  4. Lionvibez

    Lionvibez TS Evangelist Posts: 1,268   +437

    This is only going to stop casual users and kids who's parents don't know what they are doing on the computer at night.
  5. yRaz

    yRaz Nigerian Prince Posts: 2,340   +1,436

    yup, the major piracy culprits are paying to use VPNs or Usenet. Although this sort of thing would be most effective against people who don't know how to hide their online activity.

    Either way it's BS, if stuff like this started appearing on my home network I'd switch ISPs in a heartbeat.
    wastedkill and Lionvibez like this.
  6. Lionvibez

    Lionvibez TS Evangelist Posts: 1,268   +437

    Sometimes just using a different dns from your ISP will help to not see these. Before I switched to an unlimited connection I always use open dns and I never saw any of the bandwidth caps messages when I was close.
  7. SirGCal

    SirGCal TS Maniac Posts: 365   +137

    You assume these people have an option of ISPs. Due to the cable laws in many places, they have but one choice. That law needs to go away and do it yesterday....
    psycros likes this.
  8. psycros

    psycros TS Evangelist Posts: 1,877   +1,298

    An ISP that snoops its customers packets its an ISP begging for a huge class action. A slick team of lawyers could take that purposely vague and open-ended ToS and hang Comcast with it.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...