Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Wednesday November 25 2015, @02:35AM   Printer-friendly
from the anybody-surprised? dept.

From ZDnet:

If Comcast thinks you're downloading copyrighted material, you can be sure it'll let you know. But how it does it has raised questions over user privacy. The cable and media giant has been accused of tapping into unencrypted browser sessions and displaying warnings that accuse the user of infringing copyrighted material -- such as sharing movies or downloading from a file-sharing site.

Jarred Sumner, a San Francisco, Calif.-based developer who published the alert banner's code on his GitHub page, told ZDNet in an email that this could cause major privacy problems. Sumner explained that Comcast injects the code into a user's browser as they are browsing the web, performing a so-called "man-in-the-middle" attack. (Comcast has been known to alert users when they have surpassed their data caps.) This means Comcast intercepts the traffic between a user's computer and their servers, instead of installing software on the user's computer.

A Comcast spokesperson said in an email on Monday that this is "not new," adding that engineers "transparently posted an Internet Engineering Task Force (IETF) white paper about it" as early as 2011, which can be found here.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by physicsmajor on Wednesday November 25 2015, @04:11AM

    by physicsmajor (1471) on Wednesday November 25 2015, @04:11AM (#267865)

    Citation needed. I'm very skeptical that T-Mobile did this in any transparent way.

    Even if they did, do they publish how they detect a given stream is audio and not - for example - realtime data from the LHC? Or a low-resolution webcam? Are they assuming based on the protocol? How does that work out for them with encrypted traffic?

    Finally, even if all the above questions are satisfactorily answered, what happens when some bright folks find a novel, more efficient way to transmit audio - but T-Mobile's magical detection service doesn't recognize it as audio? They have a massive barrier to entry compared to existing players.

    This is why you never want the ISP playing favorites. It always, without fail, ends up favors existing players and stifling new entrants. If T-Mobile can handle this data, they should price and meter it accordingly to all users. End of story.

    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 1, Informative) by Anonymous Coward on Wednesday November 25 2015, @05:49AM

    by Anonymous Coward on Wednesday November 25 2015, @05:49AM (#267887)

    I wish I had a citation for you, but the method is not published, and no one is brave enough to blog about it. Here are the details:

    Unencrypted HTTP traffic on ports 80 and 8080 with Content-Type: audio is unthrottled and unmetered.

    T-Mobile Music Freedom traffic is not charged and does not appear on your bill.