|
I have here something that has no information available on Google. According to Wikipedia: quote:At one point, NebuAd had signed up more than 30 customers, mostly Internet access providers,[4] its agreements with providers covering 10 percent of the broadband users in America.[5] Due to fallout following public and Congressional concern, NebuAd's largest ISP customers have all pulled out. quote:NebuAd's solution has three main parts: Hardware hosted within the ISP that is capable of inserting content into pages, an off-site server complex to analyze and categorize the contents of users' Internet communications, and relationships with advertising networks willing to present NebuAd's targeted advertising.[8] Is this a hardware MITM/ad-injection box like I think it is?
|
#
?
Apr 18, 2015 20:29
|
|
|
|
| # ? May 6, 2024 16:26 |
|
|
Based on some of the news articles about the resulting lawsuits, it looks like it did deep packet inspection on your traffic, built a profile of you, then used that to send you targeted advertising. The description from Wikipedia makes it look like it could inject content into pages that were being served to you, but it seems more like the ad networks were serving up boxes that the device would then populate with an ad tailored to you. So basically exactly what everyone is doing nowadays.
|
|
#
?
Apr 18, 2015 21:07
|
|
|
you ate my cat posted:So basically exactly what everyone is doing nowadays. Except you can pay more to your ISP in order to opt-out-but-not-really-lol.
|
|
#
?
Apr 21, 2015 16:18
|
|
|
Angry Fish posted:Except you can pay more to your ISP in order to opt-out-but-not-really-lol. That's what's great about AT&T's new service, you can pay $30 a month for a fake email from them.
|
|
#
?
Apr 22, 2015 18:00
|
|
|
...cookies accomplish the same exact thing, right?
|
|
#
?
Apr 24, 2015 10:48
|
|
|
sports posted:...cookies accomplish the same exact thing, right? Cookies don't spy on every web page you visit and insert their own ads based on your profile.
|
|
#
?
Apr 24, 2015 17:39
|
|
|
sports posted:...cookies accomplish the same exact thing, right? This sounds a lot closer to what Superfish does, using a man-in-the-middle system to inject ads into webpages that don't necessarily have any agreement with the advertisers.
|
|
#
?
Apr 26, 2015 02:18
|
|
|
atomicthumbs posted:Cookies don't spy on every web page you visit and insert their own ads based on your profile. Actually that's more or less what (eg) Google analytics, Facebook share buttons, etc do. They're not technically capable of spying on every webpage, but they do spy on every web page they're linked into, which is a significant portion of them. Have you really never had the experience of an item you browsed onto "following" you around the internet? Welcome to 2010. Paul MaudDib fucked around with this message at 08:00 on Apr 26, 2015 |
|
#
?
Apr 26, 2015 07:57
|
|
|
Are SSL websites protected from this sort of shady business? Provided you don't have a trusted cert from a CA on your computer to explicitly allow an appliance in the middle resigning everything....
|
|
#
?
Apr 28, 2015 00:09
|
|
|
Paul MaudDib posted:Actually that's more or less what (eg) Google analytics, Facebook share buttons, etc do. They're not technically capable of spying on every webpage, but they do spy on every web page they're linked into, which is a significant portion of them. I have, but this box is special exactly because it spies on every web page.
|
|
#
?
Apr 28, 2015 03:32
|
|
|
SSH IT ZOMBIE posted:Are SSL websites protected from this sort of shady business? Provided you don't have a trusted cert from a CA on your computer to explicitly allow an appliance in the middle resigning everything.... Default SSL configurations will often downgrade to insecure versions of SSL if a MITM attacker like this box pretends that your browser doesn't support TLS, and I think potentially they could do a downgrade attack all the way to HTTP. If the site lets you connect by plain HTTP then such an attacker can also redirect your connection from https to http and keep you there by rewriting all the URLs and so on, ala SSLStrip. You can help that from the client side with HTTPS Everywhere, or the server can forward all insecure connections to HTTPS - in this case you will probably get stuck in a redirect loop and time out. Or if any resources like ads, etc are loaded over http, that can be hijacked even if the main page can't. In theory if everyone does everything right - yes, you're protected, the most it can do is drop your connection. But it would mean making breaking changes and cutting off the people who don't update their software, and everyone's way too concerned about what happens when Grandpa logs on with a 1994-vintage copy of Netscape Navigator to do that. Plus serving SSL connections takes far more CPU cycles, it costs money to get an SSL cert signed, and people just don't do their jobs. Trusted-cert attacks aren't unheard-of either, that's what Superfish was doing. And that's basically what a bunch of corporate security software, net nannies, and even antivirus software does. Kaspersky 2015 is doing this and I need to figure out how to turn it off. Paul MaudDib fucked around with this message at 02:33 on Apr 29, 2015 |
|
#
?
Apr 29, 2015 02:17
|
|
|
|
| # ? May 6, 2024 16:26 |
|
|
Paul MaudDib posted:Default SSL configurations will often downgrade to insecure versions of SSL if a MITM attacker like this box pretends that your browser doesn't support TLS, and I think potentially they could do a downgrade attack all the way to HTTP. If the site lets you connect by plain HTTP then such an attacker can also redirect your connection from https to http and keep you there by rewriting all the URLs and so on, ala SSLStrip. You can help that from the client side with HTTPS Everywhere, or the server can forward all insecure connections to HTTPS - in this case you will probably get stuck in a redirect loop and time out. Or if any resources like ads, etc are loaded over http, that can be hijacked even if the main page can't.  The worst part was that Kaspersky and Avast and a few others make you vulnerable to FREAK/CRIME for months after that poo poo got patched by other vendors. (Kaspersky in particular had a forum post about FREAK vulnerability for a least a month, that's when I stopped keeping up with it.) While we're at it, why do so few sites use PKP Headers? https://tools.ietf.org/html/rfc7469 deimos fucked around with this message at 23:04 on Apr 29, 2015 |
|
#
?
Apr 29, 2015 23:01
|
|
