Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Friday November 14 2014, @11:53PM   Printer-friendly
from the check-your-contracts dept.

On refreshing my user page on /., I just received a pop-up informing me that I need a new modem. I don't really need a new modem — it is just that Comcast would like to use my house as a wireless POP, providing WiFi service to anyone with a Comcast login.

Since I have wifi in my house, I have zero interest in providing a location from which Comcast can provide wireless service to all and sundry, so the pop-up was a little annoying.

Nevertheless, the wider issue is Comcast deploying technologies to monitor and modify http: requests on the fly?

Have other Comcast users here seen this?

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Informative) by Anonymous Coward on Friday November 14 2014, @11:57PM

    by Anonymous Coward on Friday November 14 2014, @11:57PM (#116075)

    Cox has been doing this for months, I've noticed it for approximately a year.

    • (Score: 1) by tnt118 on Saturday November 15 2014, @02:07AM

      by tnt118 (3925) on Saturday November 15 2014, @02:07AM (#116103)

      I had the same thing happen, saved some screenshots, and was ready to raise holy hell if it continued. After around 3 times I haven't seen it since, and that was probably about 9 months ago.

      --
      I think I like it here.
  • (Score: 2) by c0lo on Saturday November 15 2014, @12:05AM

    by c0lo (156) on Saturday November 15 2014, @12:05AM (#116077) Journal

    On refreshing my user page on /., I just received a pop-up informing me that I need a new modem.
    ...
    Have other Comcast users here seen this?

    Nasty habits you have, mate. Ever since I left the evilgreen feta site, I haven't seen an ad; maybe you should try it too
    (grin)

    (sure, it also helps that I'm not located in US and thus not a Comcast user. If quitting that site doesn't help, maybe you should try this as well)

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0
    • (Score: -1, Troll) by Anonymous Coward on Saturday November 15 2014, @11:20AM

      by Anonymous Coward on Saturday November 15 2014, @11:20AM (#116170)

      I still go there primarily for the comments. The comments here are too frequently naive or just outright idiotic.

  • (Score: 3, Informative) by forsythe on Saturday November 15 2014, @12:06AM

    by forsythe (831) on Saturday November 15 2014, @12:06AM (#116078)

    Yes. [arstechnica.com] Here, even. [soylentnews.org]

    • (Score: 2) by frojack on Saturday November 15 2014, @04:50AM

      by frojack (1554) Subscriber Badge on Saturday November 15 2014, @04:50AM (#116127) Journal

      I don't see it, but then I have a business class connection paid by my day job, and I don't lease a wifi access point from them.
      Since they can't serve wifi from it, they don't seem to bother me with pop-ups. (Not that I would likely notice them anyway).

      I've never met anyone who claims to takes advantage of that xfinity connection they offer for customers. Its so irritating that I had to tell my phone to forget the access point name because your phone just attempts to connect with each xfinity hotspot as you walk or drive leaving you with no connection or a dead battery from all the aborted association attempts.

      --
      No, you are mistaken. I've always had this sig.
  • (Score: 1, Interesting) by Anonymous Coward on Saturday November 15 2014, @12:10AM

    by Anonymous Coward on Saturday November 15 2014, @12:10AM (#116079)

    the mpaa might be interested, because if isp's start intercepting and modifying http responses, it may lobby to have isp's check for copyright violations and modify http responses to inform the requester to include a dmca notice, rendering arguments like what iinet used in australia moot

    isp's might be digging their own graves with more than one shovel here. will be interesting to see how it plays out

    • (Score: 1) by anubi on Saturday November 15 2014, @09:32AM

      by anubi (2828) on Saturday November 15 2014, @09:32AM (#116162) Journal

      I feel that its great Comcast has been documented as doing this...

      Then it does not look so bad if the rest of us get something, alter it ( i.e. clean it up and remove some annoyances ), then pass it on.

      I know we have been doing it for years, but its awful hard for someone else to tell us we can't do it if they are doing the same thing.

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
  • (Score: 3, Insightful) by dyingtolive on Saturday November 15 2014, @12:13AM

    by dyingtolive (952) on Saturday November 15 2014, @12:13AM (#116081)

    If it's only that site, nothing of value is lost. :P

    --
    Don't blame me, I voted for moose wang!
    • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @03:34PM

      by Anonymous Coward on Saturday November 15 2014, @03:34PM (#116200)

      For me, it's multiple, random pages that end with

      </body>
      </html>

      It looks like they find that pattern, and insert their javascript above it. Apparently, this privilege is part of their TOS.

  • (Score: 5, Insightful) by tibman on Saturday November 15 2014, @12:32AM

    by tibman (134) Subscriber Badge on Saturday November 15 2014, @12:32AM (#116084)

    ISP: Sir, we'd like to give you a new modem for FREE!
    User: No thanks, i own my own and it works fine.
    ISP: But this new modem will get you online faster than before.
    User: What exactly are you giving me? I already have a DOCSIS 3 modem and your service isn't even close to pushing that.
    ISP: This has all your networking in one small box. No separate wifi or router anymore. Isn't that great?
    User: My cable hookup is on one far corner of the house so i have a wifi access point in the middle of the floorplan using POE. Also, i like having my own switches and router to better control what has access to what. Does your router support iptables or something that granular?
    ISP: It sounds like you need a year of nearly free telephone and cable. For only 5$ more a month you can get all your favorite channels.
    ...

    --
    SN won't survive on lurkers alone. Write comments.
    • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @04:15PM

      by Anonymous Coward on Saturday November 15 2014, @04:15PM (#116205)
      Free?

      Not free. Modem rental fee. Even if it starts free. It won't stay free. Like my 'free' DTA boxes. That they started charging for 6 months later.

      AND you want to use my connection to provide wifi to people who are not me?

      How bout hell no.
  • (Score: 1) by dltaylor on Saturday November 15 2014, @12:36AM

    by dltaylor (4693) on Saturday November 15 2014, @12:36AM (#116085)

    Would the ubiquitous use of HTTPS stop this?

    • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @12:42AM

      by Anonymous Coward on Saturday November 15 2014, @12:42AM (#116086)

      Only a principled stand against giving Comcast money of any kind by its customers that hate it so much could stop these sociopaths.

      Too bad it is also the one thing that will never happen.

      • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @01:25AM

        by Anonymous Coward on Saturday November 15 2014, @01:25AM (#116094)

        Principled, right.....
        That's really going to get another connection option where I live.

      • (Score: 2) by Tork on Saturday November 15 2014, @02:57AM

        by Tork (3914) on Saturday November 15 2014, @02:57AM (#116110)
        Yeah, too bad the hilariously impractical solution will never happen.
        --
        Slashdolt Logic: "25 year old jokes about sharks and lasers are +5, Funny." 💩
    • (Score: -1, Offtopic) by Anonymous Coward on Saturday November 15 2014, @12:42AM

      by Anonymous Coward on Saturday November 15 2014, @12:42AM (#116087)

      Would the ubiquitous use of HTTPS stop this?

      No!

      Mod me informative already... Jesus fucking wept a thousand atheistic tears.

      • (Score: 1) by jmorris on Saturday November 15 2014, @04:17AM

        by jmorris (4844) on Saturday November 15 2014, @04:17AM (#116123)

        Of course it would. And if ISPs and other transit points keep modifying traffic like this it will drive adoption of https a lot faster than paranoid fear of the NSA ever could. Most folks aren't actually that afraid of the government but pop up ads? Those are about as popular as venereal disease.

        And no, your ISP can't touch https by poisoning DNS unless they can also get you to accept software from them. Then they could install a wildcard key or a whole new signing authority into your browsers and as far as security goes, game over dude! So keep this in mind if your ISP ever wants you to install -anything-. This isn't the 1990's when Windows was too crufty to support reliable Internet out of the box and a 'sign up kit' was standard. Be suspicious of any 'free gifts' from them.

        Still I'd bet against it ever being attempted. None of those exploits are likely to work against Mac, Linux, Android, iOS, devices, etc. so any attempted tampering would have to target only Windows and be very careful to pass traffic for other platforms unmolested. And still they would eventually get caught and the poopstorm would be truly epic. Tamper with https and you are tapping into people's finances.

    • (Score: 2) by Fnord666 on Saturday November 15 2014, @01:37AM

      by Fnord666 (652) on Saturday November 15 2014, @01:37AM (#116095) Homepage

      Would the ubiquitous use of HTTPS stop this?

      A VPN service certainly would.

      • (Score: 2) by darkfeline on Saturday November 15 2014, @08:01AM

        by darkfeline (1030) on Saturday November 15 2014, @08:01AM (#116155) Homepage

        Until they ban VPN (and SSH, and DNS (except for Authorized Comcast Family Safe Consumer DNS), and anything that could possibly tunnel a connection), unless, of course, you would like to upgrade to the Business Package, only $1000 extra per month, plus or minus a few zeros, extra fees may apply.

        --
        Join the SDF Public Access UNIX System today!
    • (Score: 2) by TheGratefulNet on Saturday November 15 2014, @04:12AM

      by TheGratefulNet (659) on Saturday November 15 2014, @04:12AM (#116121)

      yes, of course. https is end-to-end, not hop-by-hop. the isp can't see thru your https stream. same as vpn.

      --
      "It is now safe to switch off your computer."
      • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @09:48AM

        by Anonymous Coward on Saturday November 15 2014, @09:48AM (#116164)

        Only if you assume the cert mechanisms aren't the sad joke they are.

  • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @12:55AM

    by Anonymous Coward on Saturday November 15 2014, @12:55AM (#116089)

    seen this from both TW and verizon. the technology has been in place for at least 5 years

    • (Score: 2) by urza9814 on Monday November 17 2014, @05:36PM

      by urza9814 (3954) on Monday November 17 2014, @05:36PM (#116826) Journal

      Interesting...when you saw it on Verizon, was it FiOS or DSL? I've been on FiOS for three years now and have never seen this.

  • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @02:58AM

    by Anonymous Coward on Saturday November 15 2014, @02:58AM (#116111)

    I would open a problem ticket every time this happened. Death of a 1000 pin pricks to those pricks. Make them waste help desk resources answering tickets every time they do that. File a complain with the FCC, too.

  • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @03:03AM

    by Anonymous Coward on Saturday November 15 2014, @03:03AM (#116113)

    What bothers me is the fact that certain poorly programmed devices may *expect* a certain reply or a timeout and literally have no error checking if through some "magic" different content was returned.

    I'm thinking specifically of URLs that are called by embedded hardware (like TVs and their spying) where it's trying to get a binary update or some kind of "trigger" is being sent out over HTTP POST. If those requests are modified or altered without actually returning a non-200 HTTP status code, those devices may crash or receive an improper payload.

    I can't think of a known example off the top of my head, but I think some hackjob coder somewhere probably had only a status check such that an HTTP (200 OK) from a known URL would be instantly interpreted as a binary firmware update... Which would then now brick the device.

    Perhaps this may interrupt a web 911 call.... Now I'm thinking :)

  • (Score: 2) by TheGratefulNet on Saturday November 15 2014, @04:16AM

    by TheGratefulNet (659) on Saturday November 15 2014, @04:16AM (#116122)

    I run a vpn tunnel for everyday traffic. when I start to really use it (file downloads, for example), I notice that my router stops sending data, or rather, the upstream default router disconnects me. I have to power cycle my router (docsis) and then I get a new link, a new IP and I'm good for another few hours.

    if I don't run a vpn, I have not seen my connection killed.

    start the vpn and a few hours later, whammo - connection has no pings to my wan peer router.

    I don't know why comcast is doing this, but my hardware is fine and a reboot of the router always restores the connection again.

    its gotton to the point where I have to have an automated job that clicks a relay and resets the modem when my pings stop happening. sigh... ;(

    but running a vpn is one of the ways I fight back against net spying and data mods on the fly. and no, I won't buy one of their routers - this is the whole point of docsis - so that I buy and OWN my own. and no, it will never ever come with wifi included. in fact, I almost never run wifi at home. I don't trust it and I only enable it for short durations when I actually need it, then turn it right off when I'm done.

    wish I had another isp choice, but comcast is essentially my only choice ;(

    --
    "It is now safe to switch off your computer."
    • (Score: 2) by frojack on Saturday November 15 2014, @05:00AM

      by frojack (1554) Subscriber Badge on Saturday November 15 2014, @05:00AM (#116128) Journal

      Why don't you complain to Comcast?

      You are paying for the service, you should be able to use it, unless there is some provision that you can't use a VPN on a dhcp line.
      Maybe they are short of IP space and want to charge you for a static or something, so they short lease you forcing the VPN to break connection on each new IP.

      I keep ssh connections open for days at a time, but I don't use a VPN.

      --
      No, you are mistaken. I've always had this sig.
    • (Score: 2) by frojack on Saturday November 15 2014, @05:06AM

      by frojack (1554) Subscriber Badge on Saturday November 15 2014, @05:06AM (#116130) Journal

      Looks like VPNs ae perfectly allowed: http://customer.comcast.com/help-and-support/internet/using-a-vpn-connection [comcast.com]

      But you are not alone
      http://www.komonews.com/news/local/Telecommuters-facing-gridlock-with-latest-Comcast-modem-281330431.html [komonews.com]

      Although those guys were using Comcast's modem. I'm guessing if you bought your own, they have zero incentive to help you solve the problem.

      --
      No, you are mistaken. I've always had this sig.
      • (Score: 2) by iwoloschin on Saturday November 15 2014, @02:06PM

        by iwoloschin (3863) on Saturday November 15 2014, @02:06PM (#116192)

        Zero incentive!?

        If the grandparent doesn't like Comcast's lack of service they can just take their service to another provider!

        ...oh...Comcast is the only high speed provider in town...? Well, sounds like they're screwed then.

  • (Score: 2) by arashi no garou on Saturday November 15 2014, @02:37PM

    by arashi no garou (2796) on Saturday November 15 2014, @02:37PM (#116193)

    I'm on Comcast with a Comcast-provided modem and my own router, and I haven't seen anything like this. But, I use OpenDNS configured in the router, and I use ad blockers in my web browsers. I'm not sure if any or all of those items is blocking it, or if they just aren't doing it in my market.

    • (Score: 0) by Anonymous Coward on Saturday November 15 2014, @03:38PM

      by Anonymous Coward on Saturday November 15 2014, @03:38PM (#116201)

      It's part of their campaign to get everyone to transition to DOCSIS 3. If you're renting a comcast modem, they'll just send you a new one. OpenDNS won't stop it, because they're editing the HTML of third party sites. Adblockers may stop it, unless they insert their javascript into a site that you have whitelisted.