topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 7:02 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Rogers ISP in Canada launches MITM attacks on customers  (Read 4180 times)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Rogers ISP in Canada launches MITM attacks on customers
« on: November 30, 2014, 07:34 PM »
This is rather interesting - an ISP attacking its customers:

http://www.reddit.co...t_injection_after_7/

rogers mitm.pngRogers ISP in Canada launches MITM attacks on customers

A security video on the topic:

http://2014.video.se...r.ca/video/110367213

See 3:31 in the video for another Rogers MITM attack.

The video goes into some good depth on how the ISP is attacking customers.

Here's one good post from the Reddit thread:


This is borderline criminal. They are modifying the content of a webpage that you are accessing. They are actively injecting their code in a page that you have requesting...

It's beyond a simple gaffe... If they wanted to, they could use this to change what's written in a article from the Globe & Mail or from the CBC...

When they start doing this, there is usually no end...

Now imagine if they decided to change any comment that they find damageable to their brand on twitter or facebook or reddit...

Now imagine they changed the prices on their competitor's website (Bell, Telus) to make them look more expensive than their own...

That's why everyone should always browse the net at the least in HTTPS... Wikipedia article on HTTPS

What you need to know is that HTTPS, when activated, creates an encrypted conduit between you and the webpage you are accessing. It also minimize the amount of information your ISP can intercept when you are browsing the net.

Whenever you do your banking or buying from a reputable site, HTTPS is enabled by default. You can also browse Reddit in HTTPS mode.

Everyone here should be using HTTPS Everywhere from the good people at the Electronic Frontier Foundation. INSTALL IT !

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Rogers ISP in Canada launches MITM attacks on customers
« Reply #1 on: November 30, 2014, 07:57 PM »
Apparently, this is also illegal (in vid at 14:00):

http://laws-lois.jus....4/page-12.html#h-19

Content of Messages

Marginal note:Content of messages

36. Except where the Commission approves otherwise, a Canadian carrier shall not control the content or influence the meaning or purpose of telecommunications carried by it for the public.

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Rogers ISP in Canada launches MITM attacks on customers
« Reply #2 on: December 01, 2014, 01:46 AM »
I don't get it. My ISP will sometimes make little notices appear in order to warn me of upcoming outages due to maintenance, etc. Is that illegal, too? I don't see the problem here.

And there's no date that I can see in the image. How do we know it's not 7 years old?

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Rogers ISP in Canada launches MITM attacks on customers
« Reply #3 on: December 01, 2014, 06:53 AM »
I don't get it. My ISP will sometimes make little notices appear in order to warn me of upcoming outages due to maintenance, etc. Is that illegal, too? I don't see the problem here.

And there's no date that I can see in the image. How do we know it's not 7 years old?

I know this is completely idiotic (really, it drives me nuts), but whether or not something is "wrong" depends on where you live. Hop over an invisible line, and POOF! Things become legal/illegal / right/wrong.

That's just the Canadian Telecommunications Act. Morality and the laws of the universe may differ elsewhere, apparently.  :-\

Aside from any legality there... if your communications are being subjected to injection, can you trust them? The **ONLY** answer is **NO**, unless you're insanely gullible. Compromised is compromised. This is a security issue, and not really very open to any kind of "interpretation". Either an attack vector is open or it isn't. That attack vector is either being exploited, or it isn't. There's no "gray" area here. It's all black and white. 1s and 0s. True and false.

The ISP here is exploiting an attack vector. Period.

(Keep in mind that there are no "MITM agreement" conditions set in contracts. e.g. "I agree to let my ISP exploit MITM attacks against me whenever they think it's good for me.")

But, aside from my pissy attitude towards all that, about the 7-year thing, check the video. It's a recent one from a security source with the same kind of MITM attack. He walks through it all and explains a truckload.

The video is rather long though. It's meant for computer geeks and not the general public, so it gets into SYN/ACK and all kinds of messy goodness.

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

ewemoa

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 2,922
    • View Profile
    • Donate to Member
Re: Rogers ISP in Canada launches MITM attacks on customers
« Reply #4 on: December 02, 2014, 05:05 AM »
Unfortunately, not unheard of behavior for ISPs in other areas of the world.
« Last Edit: December 02, 2014, 09:40 PM by ewemoa »