Main Area and Open Discussion > Living Room

Rogers ISP in Canada launches MITM attacks on customers

(1/1)

Renegade:
This is rather interesting - an ISP attacking its customers:

http://www.reddit.com/r/canada/comments/2nv1un/rogers_still_using_content_injection_after_7/

Rogers ISP in Canada launches MITM attacks on customers

A security video on the topic:

http://2014.video.sector.ca/video/110367213

See 3:31 in the video for another Rogers MITM attack.

The video goes into some good depth on how the ISP is attacking customers.

Here's one good post from the Reddit thread:


This is borderline criminal. They are modifying the content of a webpage that you are accessing. They are actively injecting their code in a page that you have requesting...

It's beyond a simple gaffe... If they wanted to, they could use this to change what's written in a article from the Globe & Mail or from the CBC...

When they start doing this, there is usually no end...

Now imagine if they decided to change any comment that they find damageable to their brand on twitter or facebook or reddit...

Now imagine they changed the prices on their competitor's website (Bell, Telus) to make them look more expensive than their own...

That's why everyone should always browse the net at the least in HTTPS... Wikipedia article on HTTPS

What you need to know is that HTTPS, when activated, creates an encrypted conduit between you and the webpage you are accessing. It also minimize the amount of information your ISP can intercept when you are browsing the net.

Whenever you do your banking or buying from a reputable site, HTTPS is enabled by default. You can also browse Reddit in HTTPS mode.

Everyone here should be using HTTPS Everywhere from the good people at the Electronic Frontier Foundation. INSTALL IT !

--- End quote ---

Renegade:
Apparently, this is also illegal (in vid at 14:00):

http://laws-lois.justice.gc.ca/eng/acts/T-3.4/page-12.html#h-19

Content of Messages

Marginal note:Content of messages

36. Except where the Commission approves otherwise, a Canadian carrier shall not control the content or influence the meaning or purpose of telecommunications carried by it for the public.
--- End quote ---

Deozaan:
I don't get it. My ISP will sometimes make little notices appear in order to warn me of upcoming outages due to maintenance, etc. Is that illegal, too? I don't see the problem here.

And there's no date that I can see in the image. How do we know it's not 7 years old?

Renegade:
I don't get it. My ISP will sometimes make little notices appear in order to warn me of upcoming outages due to maintenance, etc. Is that illegal, too? I don't see the problem here.

And there's no date that I can see in the image. How do we know it's not 7 years old?
-Deozaan (December 01, 2014, 01:46 AM)
--- End quote ---

I know this is completely idiotic (really, it drives me nuts), but whether or not something is "wrong" depends on where you live. Hop over an invisible line, and POOF! Things become legal/illegal / right/wrong.

That's just the Canadian Telecommunications Act. Morality and the laws of the universe may differ elsewhere, apparently.  :-\

Aside from any legality there... if your communications are being subjected to injection, can you trust them? The **ONLY** answer is **NO**, unless you're insanely gullible. Compromised is compromised. This is a security issue, and not really very open to any kind of "interpretation". Either an attack vector is open or it isn't. That attack vector is either being exploited, or it isn't. There's no "gray" area here. It's all black and white. 1s and 0s. True and false.

The ISP here is exploiting an attack vector. Period.

(Keep in mind that there are no "MITM agreement" conditions set in contracts. e.g. "I agree to let my ISP exploit MITM attacks against me whenever they think it's good for me.")

But, aside from my pissy attitude towards all that, about the 7-year thing, check the video. It's a recent one from a security source with the same kind of MITM attack. He walks through it all and explains a truckload.

The video is rather long though. It's meant for computer geeks and not the general public, so it gets into SYN/ACK and all kinds of messy goodness.

ewemoa:
Unfortunately, not unheard of behavior for ISPs in other areas of the world.

Navigation

[0] Message Index