Charter Is Latest ISP To Plan Wiretapping Via DPI

Charter Communications has begun sending letters to its customers informing them that, in the name of an "enhanced user experience," it will begin spying on their traffic and inserting targeted ads. This sounds almost indistinguishable from what Phorm proposed doing in the UK. Lauren Weinstein issues a call to arms.

Enhanced user experience

Someone needs to tell Charter that you don't "enhance" suck.

Re:Enhanced user experience

Someone needs to tell Charter that you don't "enhance" suck.

IBM:Apple::Comcast:Charter.

Proof by Advertising follows:

IBM: Think.
Apple: Think Different.

Comcast: Suck.
Charter: Suck Different.

Re:Enhanced user experience

Someone needs to tell Charter that you don't "enhance" suck.

That "someone" could be you.

If you live in the Madison, WI area, attend the Madison Broadband Telecommunications Regulatory Board Meeting this Thursday (May 15, 2008) at 5:30pm in Room 103A of the City-County building (210 MLK Blvd). Complain during the Public Comment part of the meeting, which is immediately after Call to Order and Roll Call. I plan to be there.

If you don't live in the Madison, WI area and have Charter as the local franchise, find out when your municipality holds its regulatory meetings. They tend to be monthly or bimonthly and should be open to the public.

[To no one in particular:] Get out from behind your computer desk and get in someone's face! Tell your government that maintaining a laissez-faire attitude towards Charter is not working.

Now that a precedent has been set...

Now that a precedent has been set, I plan to examine and modify the direct deposit traffic found on the network. Just a few simple modifications, change the account number, add a few zeros to the amount, simple things like that.

Wonder when someone will figure out that their ad is being replaced by something else and sues?

A plugin needed perhaps?

Here is a project idea then, somebody start up a project to write a Firefox plugin that detects the inserted ads from Charter and either filter them out or replace them with something else.

As a Charter customer I can tell you that this comes as no surprise at all. They are shady as hell and their local offices are havens for the inept.

Now or Never

Some things call for the proverbial nuclear response: boycotts, lawsuits, all-out opposition. This is one of them. Once one of these corporations gets away with this, it's game over for those of us who want a corner of our lives that doesn't have some lying prick forcing his way into it to sell us something, spin the information we get and otherwise screw with our reality in a way that works to somebody else's advantage at our expense.

Details of Phorm

This new system seems very simplar to Phorm, so here are details. The Phorm "Webwise" System - Richard Clayton [lightbluetouchpaper.org]. Seems you can avoid being monitored by blocking Phorm's cookie.

Sounds Like...

Sounds like how Microsoft Genuine Advantage is presented as good thing for all Windows users.

The only way this will be any good is if any, or all, of the following are true:

1: You can opt out.

2: You ISP has gone to an ad-supported model that results in a drastic reduction of your monthly fees.

3: They are providing you with extra bandwidth free in order to carry the extra traffic they're generating to you (and not counting it against your usage caps).

Otherwise give them hell until they back off!

One is left to wonder how long before they start actually replacing ads on other sites with their own ads. After all, gangsters like this hate competition. Making you pay to get their ads, however, really sux!

Anyone on charter, please visit our tripwire...

If anyone is using charter (or just suspicious of things), please visit our tripwire server:

http://vancouver.cs.washington.edu/ [washington.edu], to (hopefully) detect in-flight page changes.

Revoke common carrier status now

MP3s in the incoming folder? "Charter put them there."

Child porn in the cache? "Charter put it there."

Nuclear weapon plans in email? "Charter sent it."

Seriously, WTF are they thinking? Do they really want to be named as co-defendants in every criminal or civil case brought against their customers? Because if they modified my incoming data and I was later called in to account for anything, you can bet my first line of defense would be to blame it on them.

Re:Revoke common carrier status now

This brings up another concern. Even though Charter/Phorm is not being malevolent, just greedy... what happens if their proxy server/ad server gets hijacked or compromised? Such a server would make a big target for thieves because of the gains.

Should something that injects ads gets compromised, a malware distributer now would have unfettered access to every single Charter subscriber. A compromised ad server could be done in such a way where only a relatively few people at random would get exposed to zero day exploit code.

What was intended as a money stream would make an identity theft ring very happy, with not just being able to add new members to botnets, but to log traffic of subscribers for either use for ID theft, or perhaps extortion.

What is ironic is that damage caused by an ad injection server would be immediately blamed on the destination website, and in a court of law, criminal charges can be pressed and likely made to stick (because juries won't consider ad injector "services" as reasonable doubt.) Civil charges almost certainly will be able to be won. A compromised ad injecting server could easy go for months if not longer, escaping detection, as there would be zero proof that it was the ad injection "service" that did this.

Again, I posted earlier about having some facility to sign Web pages without needing the overhead of full SSL... perhaps someone should look into this, so high volume websites can still serve pages with little overhead, but offer immediate detection if the page is modified in transit.

"Customer Care" Response

I went to Charter's contact page [charter.com] and selected the option to chat live with a Customer Care Representative:

You have been connected to TTD Jomar .
Me: I just read an article stating that Charter has begun sending letters to its customers informing them that, in the name of an "enhanced user experience," it will begin spying on their traffic and inserting targeted ads. Is there any truth to this?
TTD Jomar : Thank you for contacting Charter High Speed Internet Technical Support. My name is Jomar. How may I assist you today?
TTD Jomar : I'm so sorry, but this is already beyond our scope of support. Please call 1-888-438-2427 for further assistance.
Me: Thank you.
TTD Jomar : Again I apologize for the inconvenience you've experienced, but if there is anything further I can help you with please, let me know.

That kind of response doesn't sound like "Customer Care" to me.

Anyway, I called the number and spoke to someone who didn't have a clue what I was talking about. He transferred me to someone else.

The second phone rep said she hadn't heard about the new "enhanced user experience" feature, so she put me on hold to ask someone else. After she came back on the line, she said that she wasn't able to find out anything about it, so said to go to charter.net [charter.net] to stay informed about new features and services.

Naturally, there doesn't appear to be anything on Charter's site about the new "enhanced user experience."

This marks the end of what was the Internet

When ISPs can actually MODIFY data that does not belong to them, a SERIOUS boundary has been broken.
It's like the telephone company talking in place of someone on the phone.

"Hey mom" "Hi Mike, how are you?"
becomes:
"Hey mom" "HI MIKE, GET VIAGRA NOW FOR $3.99/20mg!"

A threat to every publisher who uses AdSense, etc.

I'm astonished. How is this any different from the postal service ripping out all the magazine ads and replacing them with their own ads before they get delivered to your house?

With the "deep packet inspection" technologies, conceivably ISPs can just replace, in real-time, our Google AdSense pubisher IDs with their own. Or, they could simply replace the Google AdSense Javascript snippet with something else.

I would hope that Google and other large advertising networks lead the charge against this, and that they are not partnered with any ISPs involved in this activity. A large class action lawsuit on behalf of publishers might slap sense into any ISPs using this "enhancement" to steal revenues from legitimate publishers.

My Conversation with Charter

A representative will be with you shortly. You have been connected to TTM Mike .

TTM Mike : Hi this is Mike from Charter. How may I help you today?

Robert Hafner: I read an article online, and the followed it to the Charter webpage, which states that Charter is going to be monitoring my surfing habits and placing ads into pages I'm viewing. I am wondering how soon this will happen to me personally.
Robert Hafner: http://connect.charter.com/landing/op1.html [charter.com]

TTM Mike : I do apologize but let me transfer you over toour internet support line.
TTM Mike has left the session.

Please wait while we find an agent from the CHAT - DUMA - HSD Support department to assist you.

You have been connected to TTD Grah .

TTD Grah : Hi, this is Grah. Thank you for contacting Charter's High Speed Internet support. How may I be of assistance to you today?

Robert Hafner: I read an article online, and the followed it to the Charter webpage, which states that Charter is going to be monitoring my surfing habits and placing ads into pages I'm viewing. I am wondering how soon this will happen to me personally.

TTD Grah : One moment please.

Robert Hafner: http://connect.charter.com/landing/op1.html [charter.com] Contains the information
Robert Hafner: that I am basing this question off of.
Robert Hafner: As well as http://consumerist.com/5008801/charter-to-begin-tracking-users-searches-and-inserting-targeted-ads [consumerist.com]

TTD Grah : Yes, that is our new update.
TTD Grah : One moment please as I download the document.
TTD Grah : Charter has formed a partnership with an industry-leader in online advertising, NebuAd (www.nebuad.com). NebuAd, through their advertising network, will display targeted advertisements to Charter High-Speed® Internet customers while they are surfing the Web. NebuAd does not collect and use personally identifiable information to deliver advertising. Customers will not see more ads - just ads that are more relevant to their interests that have been expressed through their web-surfing activity.
TTD Grah : The feature will be activated automatically for Charter HSI customers beginning in June 2008 in the following four Charter markets:
Newtown, Connecticut
Fort Worth, Texas
San Luis Obispo, California
Oxford, Massachusetts

Robert Hafner: So the ads are placed directly into websites I would normally view?
Robert Hafner: How do I opt-out for an entire household, with multiple computers and browsers?
Robert Hafner: Currently the only way to opt-out is by placing a cookie under each browser of each account of each computer, which is absolutely insane.

TTD Grah : The technology can actually often distinguish between different users on a shared computer and, therefore, can serve different ads to different users. Only a portion of the ads you see will be a function of the enhanced service - you will still see some ads that are served based on other criteria.

Robert Hafner: The question was were are those ads being placed- are they replacing other ads on websites, for instance?
Robert Hafner: And if so, how is the owner of the actual website going to be compensated?

TTD Grah : This site may appear depending on what are you trying to view online.
TTD Grah : This site will give you options on what to have according to what you need.

Robert Hafner: What site are you referring to?

TTD Grah : Say for example, you are surfing because you wish to purchase shoes online, this site will pop up and give you options to chose from.
TTD Grah : That is how it works.
TTD Grah : That is how it works.
TTD Grah : The site will not pop up everytime you go online.

Robert Hafner: So this only affects my traffic to the charter search site?
Robert Hafner: And it gives pop up ads?

TTD Grah : Yes.

Robert Hafner: So it won't affect any other site I go to?

TTD Grah : Yes, that is correct.

Robert Hafner: So what is this tracking that it does? I'm aware that its deep-packet tracking, which means its monitoring everything I do, not just what I search for, so how can I disable that for my entire household?

TTD Grah : The ads you will see are standard ad types, such as banner ads and similar advertising formats, and are displayed only where you would typically expect to see them. You will not see any more ads now than you would otherwise see while on the Internet. They will not be any more intrusive or different from the standard ad formats you see across the Internet.

Robert Hafner: You just said they appear only on the Charter search website, and now you're saying they replace other ads- which is it?

TTD Grah : It really depends on what you are surfing.
TTD Grah : As our valued customer, we want you to be in complete control of your online experience. If you wish to opt out of this service, you may do so at any time by visiting www.charter.com/onlineprivacy and following our easy to use opt out feature. To opt out, it is necessary to install a standard opt-out cookie on your computer. If you delete the opt out cookie, or if you change computers or web browsers, you will need to opt out again.

Robert Hafner: I want to opt-out my household- are you saying the only way to permanently opt-out my household is to cancel my service?

TTD Grah : No, you have the option to opt-out the new program. Just visit this site: www.charter.com/onlineprivacy and then follow the steps.

Robert Hafner: But then I have to opt-out each individual browser of each account of each computer, and then no one can delete their cookies which creates other security issues. I want a way to opt-out my house- is there a way, other than canceling my service, that I can do that with?

TTD Grah : I am sorry, that is the only way to opt-out your computer or browser from the program.
TTD Grah : That is the only suggested way of doing it.

Robert Hafner: Thank you for your time. I'm going to be posting this on my website and emailing my clients in the area (I am in the Massachusetts affected area, by the way) so others can see the problems with this and cancel as well.

TTD Grah : You're welcome.
TTD Grah : I am sorrry, if this may cause you any incovenience.
TTD Grah : Have a wonderful day, sir!
TTD Grah : Thank you for choosing Charter Communications. Answers to frequently asked questions and self-help options can be found by looking in the "Customer Help" menu at www.charter.com. If you have further questions, please chat with us again. Our chat support is available from 7 AM through 1:30 AM central time, 365 days a year. Have a great day!

If you require further assistance, go to www.charter.com/contact

Your session has ended. You may now close this window.

COX dns poisoning..

The "enhanced user experience" is nothing more than a smoke screen to spy on you, and get more ad revenue for their own personal gain. It's utter bullshit. Recently COX communications implimented nation wide DNS poisoning similiar to what versign does on domains it can't resolve.

http://support.cox.com/sdccommon/asp/contentredirect.asp?sprt_cid=e047dc81-18c4-485f-bcf3-1263d0b7b904 [cox.com]

How to opt out of the "enhanced user experience"

How does injecting ad's into my browser "enhance" my experience? Give me more fucking bandwith you money grubbing cheap fucks, and that MIGHT enhance my experience.. I hate them.

Re:Scummy ISPs

Does that mean that the ISP will be altering the copyrighted material sent by the websites?

Damned right it does. There are no ads on my web pages, for example http://www.baronams.com/products/ioapi/ [baronams.com]

Can someone tell me whether Charter is inserting any ads? If they are, I want to complain to the Attorney General and to my CongressCritters about felony copyright infringement.

Re:Scummy ISPs

You may want to check out this site, which has tests on in-flight ad injection and tools that you can use to detect (aka tripwire) it.

http://vancouver.cs.washington.edu/ [washington.edu]

Re:Scummy ISPs

The following web site contains some scripts which do self-analysis/ checksum calculations to determinwe whether they have been interfered unlawfully with:

Corruption detection scripts [washington.edu]

Re:Scummy ISPs

Actually, no it doesn't. Not without permission. From what I recall reading about this a couple of weeks ago in a very similar discussion (subtle way of saying "I think this story is a dupe"), if I understand what is being done correctly, there are two parts to this:

• Deep packet inspection---stores keywords based on sites you visit.
• Ad replacement---replaces existing advertisements on a page.

There's a specific ad provider that is involved with this, and that ad provider agrees to allow the local ISP to replace its ads with more targeted ads in exchange for a portion of the resulting ad revenue. The ad replacement, therefore, is authorized by the ad provider, who in turn is authorized by prior agreement with the website publisher.

The dirty part is the deep packet inspection, not the modification of the data stream. Attacking the latter to try to stop the former is likely to get you nowhere.

Re:Scummy ISPs

This might actually fly. If some content owner starts a case, they could very well make a case for an "unauthorized derivative" under the copyright rules. Then ISPs or transits must take a license for all material they modify. I for one would not allow third parties to modify my HTML.

This is what they are going to argue.

Well, they don't have your HTML. They have a copy of your HTML.

Your original HTML is still residing on the server where you put it. They are not interfering with your data.

What they are doing is interfering with their subscribers requested copy of that data. Their subscriber has the right to render the requested HTML in any way they see fit. They can use a different CSS file that resides on their box or some other network location. They can choose not to render graphics, flash, or allow JavaScript to run.

The provider, being in contract with the subscriber, is allowed to act as their agent while the packets are being transmitted over their part of the network. During this time, the ISP exercises that contracted ability, and injects code into the packets.

The ISP will tell the subscribers that this right is part of the contract, and if they don't agree to it - they don't get service. The ISP will also tell you to shove it up your ass - you can refuse requests made from their subscribers if you don't like what they do on their network.

According to your stance, the end user doesn't have the right to modify your HTML from what was intended. This, ironically, is the same exact stance that internet marketing companies take when confronted with browser plug-ins that effectively remove their code. Unfortunately for us, we can't have it both ways. Either we are allowed to alter how the packets are rendered, allowing us them to inject into packets due to powers granted them by their user terms and conditions, or they cannot - setting a precedent that would open the floodgates to client side packet altering and rendering changes.

Another point of argument they are going to make is that they aren't messing with your copyrighted web pages because they aren't distributing it without permission. When a user makes a request for your page, and your server fulfills that request, you have distributed the materials yourself. They are merely making a "derivative work" from that material.

I'm not saying I'm down with this at all. Frankly its a scummy tact and I hope their business dies. But this is what they are going to argue, we should get ready for it.

Re:Scummy ISPs

Does that mean that the ISP will be altering the copyrighted material sent by the websites? Surely this would create an unauthorised derivative work?

I should hope at some point, that very theory will get tested in court.

Agree completely that for an ISP to change to contents of a page I request from a 3rd party is just plain wrong. What next, redirecting you from URLs critical of them onto URLs which sing their praises? Preventing you from reading about the services of competitors?

Modifying the requested data is way too invasive, but it seems to be consistent with the whole strategy of "monetizing what your customers do". What you want is irrelevant, you're just a revenue stream.

As has been said so often, I hope things like this cause the networks to lose anything resembling common carrier status -- right now, they're just a network, so whatever you send it up to you.

Cheers

Re:Goodbye Maggie

Margaret Thatcher and Stephen King on the same day? What are the odds?

Re:Call to arms?

So if I blog something, and title it a 'call to arms', am I suddenly relevant too?
No, you first have to include incendiary slashdot summaries like Company X to SPY on YOU!

OK, let's cut out the middle man here, and go straight to what Charter is saying [charter.com]:

How does this service actually work?
It uses completely anonymous information and, based on your surfing and search activity on the Internet, it infers your interests in certain product or service categories, such as automobiles/sports cars, fashion/handbags, or travel/Europe, and so forth.

Translated ... we're going to inspect the contents of your packets, and infer what you are looking at. Then we will use that information to increase our revenue by supposedly giving you more relevant ads.

So, tell me, how exactly is reading my packets that much different from "spying" on me? I expect my phone carrier to not listen to my calls to decide what inserts they should put into my next bill, because telcos are supposed to have an arms length relationship with your data.

This is not nearly as inflammatory and knee-jerk as you make it out to be. They actually are reading what you do.

And, for the record, it can't be "completely anonymous" if they know to put it into my web-page. They may claim that they can't tie it to you, but, if they know to give you an ad for Depends Undergarments, at some point, they decided that you needed to receive that targeted ad.

Cheers