Comcast DMCA div injection

Discussion of other internet issues.

Moderator: EasyList authors

Post Reply
terabit
Guest

Comcast DMCA div injection

Post by terabit » Mon Apr 25, 2016 6:17 pm

Greets,

Comcast apparently mounts a man-in-the-middle attack against it's users when a DMCA notice is sent against their IP.
Image

Above is a screenshot of their HTTP man in the middle DIV injection.

The following ABP filter blocks this:

###comcast_content

Hope this gets added! cheers :)

--terabit

terabit
Guest

Post by terabit » Mon Apr 25, 2016 6:31 pm

to add on this https://tools.ietf.org/html/rfc6108

User avatar
smed79
Liste AR Author
Liste AR Author
Posts: 9222
Joined: Sun Jan 17, 2010 4:00 am
Reputation: 21
Location: /tmp

Post by smed79 » Mon Apr 25, 2016 6:50 pm

@terabit submit an issue report when you see the comcast alert message rules#issuereport
•► Before posting, to find your answer fast, read Forum « RULES » and use « Search »
••► Don't post clickable links » use inline text bbcode notation « [ C ] » or « [ code ] »

WarFame
Postaholic
Postaholic
Posts: 713
Joined: Fri Nov 27, 2015 1:35 pm
Reputation: 0

Post by WarFame » Mon Apr 25, 2016 7:06 pm

Tip: Use HTTPS Everywhere. It should prevent entities like Comcast from modifying pages that support HTTPS like Imgur. It will also prevent them from knowing what you do on those sites.

terabit
Guest

Post by terabit » Mon Apr 25, 2016 7:52 pm

I am using HTTPSeverywhere but some sites just don't use HTTPS since they don't host what they consider "sensitive" content.

Issue report submitted: https://reports.adblockplus.org/c6dc284 ... e6a12ed546

User avatar
fanboy
EasyList Author
EasyList Author
Posts: 9449
Joined: Wed Sep 05, 2007 8:17 pm
Reputation: 3

Post by fanboy » Mon Apr 25, 2016 9:21 pm

how many sites does it occur on?

terabit
New Member
New Member
Posts: 1
Joined: Tue Apr 26, 2016 1:50 am
Reputation: 0

Post by terabit » Tue Apr 26, 2016 1:53 am

just about every site that's HTTP

httpseverywehre fixes the problem but not every site has HTTPS. they use their position as ISP to inject content into HTTP pages without user consent (this is pretty much worse than ads , this is wiretapping+malware except a very large and powerful corporation is doing it to enforce DMCA)


Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest