American provider Comcast cares about its customers and is always ready to warn them that the content that they’re going to download is protected by copyright laws. However, the provider has implemented this system by attacks man-in-the-middle, introducing warnings directly in customer traffic.
Comcast strange behavior attracted the attention of the developer Jarred Sumner (Jarred Sumner), which published a warning screenshot of copyright infringement and the code of the banner on GitHub. The developer said that the house uses Comcast services, and recently began to receive warnings on all home devices connected to the Internet.
Instead of setting a formal application to the client device, provider, anyone about it without telling intercepts traffic unprotected sessions running between user and provider devaysa servers.
Sumner suggests that Comcast’s, most likely, is engaged in-depth analysis of traffic packages or proxies Internet client. This means that the provider is able to modify the traffic plain (not HTTPS-session) in both directions. Theoretically, this technique can be used to deceive users: for example, the victim may assume that there is one website, whereas, in fact, it does redeployed to another.
“In the worst case, this technique can be used to implement the censorship, surveillance or even as a tool for the sale of personal data,” – said Sumner edition of ZDNet.
Members, for the most part, agree with the views of Sumner. In comments on GitHub some of them write that first noticed the appearance of a warning banner in June this year and criticized Comcast steps:
Comcast’s representatives, in turn, reported that the measure is not an innovation, and link to the official paper , dated the beginning of 2011. The document was published on the IETF in the same 2011. To give any comments on the privacy of users and their safety in connection with the use of this technology, the company did not deem it necessary.
Photo: Comcast, Jarred Sumner