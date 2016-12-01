Hacker News new | comments | show | ask | jobs | submit login
Comcast still uses MITM JavaScript injection to serve unwanted ads and messages (privateinternetaccess.com)
37 points by Deinos 1 hour ago | hide | past | web | 13 comments | favorite





If this was another ISP, I might be irritated, or even angry. But I can't work up the effort.

I mean, this is Comcast we're talking about. Even by the very low standards of ISPs, they're pretty nasty and generally unpleasant. What did you expect?

reply


> ... has access to your browsing history, your search history, your entire internet history ...

That's a bit over the top. They'll only have access to data that you already knew lots of people have access to anyway. Not HTTPS sites where they'll only have the domain name. So they won't have your Google search history but will for Bing which bizarrely defaults to HTTP.

reply


Good guess but you're wrong. They also get meta data like size of page loads Wich is more than enough to find out what Wikipedia entry you are looking at [there's a paper].

reply


I've blacklisted Xfinity WiFi on my phone. Just isn't worth it.

reply


Use HTTPS when it is available

reply


https://www.eff.org/HTTPS-EVERYWHERE is an absolute must-have browser extension for this.

reply


I have this extension and Comcast. I didn't even notice they were injecting things

reply


I don't have that extension, I do have Comcast, and I don't see injected Comcast content. Either uBO or another blocker (belt and suspenders) is blocking that, or they don't do it in my region, or my block, or whatever.

reply


They only inject when you're on "xfinitywifi" networks and if you've pirated something and they want to inform you that you've been caught, iirc.

reply


Not true. They've been injecting ads to my android phone which is served by a wireless device I own. And I haven't pirated anything. I had to switch to Firefox with ublock to fix it.

reply


It's really annoying when they inject warnings of the "You downloaded so and so TV show illegally".

Comcast, all my p2p traffic is encrypted. How do you know what it is? What're you trying to tell me about the safety of using your pipes for encrypted communication?

Switching to https makes the warnings go away. At least there's that.

(before anyone gets up in arms, I pay for cable as part of my subscription, I just don't have a TV to plug said cable into and I don't like broadcast TV, so i download)

reply


Click-bait title. The article itself even says "Comcast is only currently using their javascript injection ability to serve customer account related information". Also, Private Internet Access is far from a disinterested party here.

While we should all be outraged that AT&T, Comcast, Verizon and the like are MITMing our HTTP connections, nobody should be surprised at their ability to do so. In this post-privacy world, only strong end-to-end encryption can provide security. Also, don't forget that PIA and other VPNs are just as able to do this as Comcast.

reply


"Post-privacy"; a little dramatic don't you think?

> The concept of universal individual privacy is a modern construct primarily associated with Western culture, British and North American in particular, and remained virtually unknown in some cultures until recent times. According to some researchers, this concept sets Anglo-American culture apart even from Western European cultures such as French or Italian. Most cultures, however, recognize the ability of individuals to withhold certain parts of their personal information from wider society—closing the door to one's home, for example.

> The distinction or overlap between secrecy and privacy is ontologically subtle, which is why the word "privacy" is an example of an untranslatable lexeme, and many languages do not have a specific word for "privacy".

https://en.m.wikipedia.org/wiki/Privacy

reply




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: