you're not interesting, was Re: another brick in the wall[ed garden]

Patrick W. Gilmore patrick at ianai.net
Sun May 17 04:38:49 CDT 2009


On May 17, 2009, at 4:34 AM, George Imburgia wrote:
> On Sat, 16 May 2009, Patrick W. Gilmore wrote:
>
>> Assuming something like that happened, will a post to NANOG fix  
>> it?  I don't know.  Certainly has a non-zero chance.   But trying  
>> to get Sprint, or any provider, to change because _you_ think what  
>> they are doing is not sane is, well, not sane.
>
> In '02, I had a similar issue with Comcast, when they silently fired  
> up transparent proxy servers. It became apparent when, while working  
> on a remote web server, I was served up cached copies of the pages I  
> was editing.
>
> My approach was two-pronged. First, I bitched loud and long on some  
> security lists about the MITM attack. Not only was it abusive as it  
> was, the potential for further abuse (tracking, ad insertion, theft  
> of sensitive data and intellectual property...) was significant.  
> Eventually, Ted Bridis of Associated Press picked it up and ran a  
> story. The next day, the issue was on the front page of nearly every  
> newspaper in the english speaking world, and then some, as well as  
> network TV news.
>
> Comcast has a large customer base, particularly in the DC area, and  
> a lot of very influential people (like federal judges) were not fond  
> of having their research and recreational web surfing intercepted.

Then they were silly to think turning off the transparent proxies  
somehow allowed them not to be tracked.

But then, most "influential people" are, at the very least, ignorant  
of technology.


> The proxies went away within a few days, and several jurisdictions  
> passed laws prohibiting this. I'd suspect Sprint is violating some  
> of these laws.

You gave them a business reason (cost more to keep them then turn them  
off) to change their mind.  Good for you.  I doubt the same is true  
for Sprint modulo the laws you mention.  And I'm wondering what laws  
these are, since intercepting port 43 is an extremely common practice.

-- 
TTFN,
patrick





More information about the NANOG mailing list