BT, Sky, and Virgin Enforce UK Porn Blocks By Hijacking Browsers 294
An anonymous reader writes with this story at Ars Technica, excerpting: BT, Sky, and Virgin Media are hijacking people's web connections to force customers to make a decision about family-friendly web filters. The move comes as the December deadline imposed by prime minister David Cameron looms, with ISPs struggling to get customers to say yes or no to the controversial adult content blocks. The messages, which vary by ISP, appear during browser sessions when a user tries to access any website. BT, Sky,TalkTalk and Virgin Media are required to ask all their customers if they want web filters turned on or off, with the government saying it wants to create a "family friendly" Internet free from pornography, gambling, extreme violence and other content inappropriate for children. But the measures being taken by ISPs have been described as "completely unnecessary" and "heavy handed" by Internet rights groups. The hijacking works by intercepting requests for unencrypted websites and rerouting a user to a different page. ISPs are using the technique to communicate with all undecided customers. Attempting to visit WIRED.co.uk, for example, could result in a user being redirected to a page asking them about web filtering. ISPs cannot intercept requests for encrypted websites in the same way.
Nice (Score:2, Interesting)
They enforce the law by breaking the law. Sounds like a good plan if you want to piss everyone off.
Re: Nice (Score:5, Insightful)
Re:Nice (Score:5, Insightful)
Bullshit. I have never had my ISP hijack my connection to either communicate with me, or to get my input. They typically just include a flyer with my monthly bill (which I promptly discard, because I have zero interest in any relationship with my ISP beyond "I give you dollars, you serve up the bits I request").
And it's not hijacking.
I request page X. They serve me page Y that demands that I take some action before they'll let me get to page X. Tell me, AC, how do you define hijacking, if that doesn't do it for you? "Saaay, nice airplane you have here! For your own good, though, we just can't let it go on to Dallas until you give us all your jewelry and electronics".
I do have to wonder, though - What will the UK nannies do if essentially the entire country opts out and says "Yeah, thanks, but we want our porn and violence, thankyouverymuch"?
Re: (Score:2)
Ive never had a paper bill for internet services, not once in 20 years.
MITM legalized at last (Score:2)
Re:MITM legalized at last (Score:5, Informative)
And if you read the article, this only works for unencrypted connections where you should have known that anything can happen.
Re:MITM legalized at last (Score:4, Interesting)
Until relatively recently, these re-directions would adversely affect a debian/ubuntu linux system update procedure. A cron job would apt-get update and pull in new index files. Since the transport was not encrypted, the index files would not be what the apt system were expecting. It would store the content of the redirected web page instead of the proper index files into a cache and then apt-get update would be forever broken until you manually figured out how to delete the corrupted files someplace in /var/*/apt
ISP's and WiFi Access points that do this redirection are the reason why HTTPS everywhere is a good idea.
Re: (Score:3)
Re: (Score:2)
how is my robot going to make a decision??
suppose I am doing curl or wget?
how am I supposed to 'decide' when the site I WENT TO is not the site I was DELIVERED TO?
this is why ssl and vpns are the way of the future. letting the isp see what you do is never good. NEVER.
"but I'm just going to xyz site? whats' the big deal?"
if you have to ask, you will never understand. just trust us, if you don't get it: the spying will only get worse unless we go fully encrypted END TO END.
Re: (Score:2)
I have a contract that says "I will give you X dollars for Y bandwidth each month". And as many overwhelmingly one-sided ISP-favoring clauses as that contract does include, I can comfortably say that not one of them makes any mention whatsoever of "occasionally we'll intercept your session to ask you useless questions".
As for "incapable" - My ability to answer has no r
Re: (Score:3)
Re: (Score:2)
Legal? (Score:2, Insightful)
If this is legal I can only assume it is also legal to hijack these companie's routers and servers. Right? If it is done in good faith. To protect children.
Re: (Score:2)
Not sure these really correlate well. What kind of hijacking are you implying? Do you own their network? How is asking someone to update their terms of service before browsing considered hijacking? I do think its baloney they even have to opt out/in for such a thing but I dont see how asking them their preference before continuing on is a problem.
Re: (Score:2)
There is precedent. GCHQ says it's okay to hijack servers and other equipment for national security purposes. Protecting children is often mentioned in the same breath as national security, so...
You want a family friendly internet? (Score:5, Interesting)
"free from pornography, gambling, extreme violence and other content inappropriate for children"
And I want a user friendly internet, free from governments, corporations, extreme advertising and other content inappropriate for ANYONE.
Cameron, please, for sanity's sake: Stop talking. Or, better, stop breathing.
Re:You want a family friendly internet? (Score:5, Insightful)
it wants to create a "family friendly" Internet free from pornography, gambling, extreme violence and other content inappropriate for children.
No more streaming video like Netflix? Oh, well, guess the kids will have to get their violence the old-fashioned way - from TV.
Re: (Score:2)
Netflix is okay because it has age restrictions to keep kids away from nasty stuff. Presumably normal porn sites that also have restrictions are not blocked either, or is there a double standard?
Re:You want a family friendly internet? (Score:5, Insightful)
better filter out all bible sites, then. there is a lot of extreme violence (much of it by our so-called loving god!) in the OT.
Re: (Score:2)
better filter out all bible sites, then. there is a lot of extreme violence (much of it by our so-called loving god!) in the OT.
And the news ...
Re: (Score:3)
"free from pornography, gambling, extreme violence and other content inappropriate for children"
There goes the new series of Game of Thrones...
Re:You want a family friendly internet? (Score:5, Insightful)
".. other content inappropriate for children"
Curiously they do not block web sites of places like http://www.catholic.org/ [catholic.org], https://www.churchofengland.org/ [churchofengland.org], http://www.jewfaq.org/index.shtml [jewfaq.org], http://www.islamreligion.com/ [islamreligion.com] ... all purveyors of ideas that really screw kids up: make them feel guilty of normal feelings, make them do strange things, ... If they insist on a banned list it would be good to see this sort of site added.
Re: (Score:2)
I figured it's simply a matter of numbers.
When one person says he's heeding the laws of his imaginary friend, you send him to the mental asylum.
When a million or more do it, you call it religion and it gets governmental protection.
Or, in other words, if one person does it, it's insanity. If a thousand do it, it's a cult. If a million does it, it's a religion.
Re: (Score:2)
Didn't I see just this morning something about some Brit (well, Scot, presumably, since it was in Glasgow) who was arrested for an "offensive tweet"?
Sounds like par for the course for the UK....
Re: (Score:2)
WTF is wrong with the UK?
Mario Balotelli, a black football player with a Jewish mother is suspended a game and fined 25k pounds for posting an anti-racist picture about a multicultural Super Mario. [eurogamer.net]
Luis Suarez was essentially forced out of England for using the word negrito while speaking Spanish because it happened to sound like nigger. (While John Terry was given a sentence of half the time for using the word nigger in English.)
Crazy arse porn rules. [independent.co.uk]
A man is threatened with life in jail for swearing too m [bbc.com]
Re: (Score:2)
Don't blame me, I voted for Kodos.
Or, in other words: If voting could change anything, it would be outlawed.
Re: (Score:2)
Entirely depends on the company. In an IT-heavy company, blocking FB would probably LOWER productivity with all the people busy finding ways to get around the block. :)
Prohibitions do not work! (Score:2)
Intentionally running a MITM attack against your customers aside, there is a huge problem with the legislation to begin with. There is a valid answer, and has been for quite a while, for people that want to keep their kids away from porn without the heavy handed Government regulation.
Cybersitter and NetNanny are not for me, but if I had young kids I may use that type of service if I was worried about their access. These companies get paid to manage content for you, and are _completely_voluntary so don't i
Re:Prohibitions do not work! (Score:5, Informative)
Yes. The fact that no such legislation exists. This is a voluntary ISP scheme
Or you could use the service the ISP provides you with for free, that's easy to set up, available in the UK, and works with all network connected devices.
The UK ISP filters are completely voluntary as well.
We tried. No suitable product became available. David Cameron pushed the market into providing such a service. The market obliged. If you really have a problem, you can always choose one of the dozens of ISPs that doesn't offer this service.
Why? You don't even have a choice of ISP in a lot of the US.
Re:Prohibitions do not work! (Score:5, Insightful)
We tried. No suitable product became available.
Which is pretty clear proof that pretty much no-one wants their Internet pre-censored.
David Cameron pushed the market into providing such a service.
And, last I read, something like 4% of people had chosen to have their Internet censored. They're probably the ones who clicked 'Yes' by mistake, thinking it meant 'Yes, I want the Internet, not Davenet'.
Re: (Score:2)
Only if the free market works perfectly. Given that 4% of customers have turned on the filters, clearly there was some demand for this. This is much higher uptake than any software solution, so evidently that was not the solution the 4% wanted, and this is.
So, 4% of the customers wanted filters. 96% did not. We now have a situation w
Re:Prohibitions do not work! (Score:4, Insightful)
Only if the free market works perfectly.
The free market gives people what they want. If there was money to be made selling pre-censored Internet, the service would exist.
But, no, you and Dave say, since the service doesn't exist, companies must be forced to create it, and the vast majority who don't want Davenet must be forced to pay for the few who do.
Why do you want to remove the choice from those 4%?
Those people are free to install filters on their PC or router, or find an ISP that will filter the Internet for them. You're the one forcing your 'choice' on the other 96%, and making them pay for other peoples' choices.
And we know how this goes. We've seen it all before. When it turns out that almost no-one has switched from the Internet to Davenet, you and Dave will announce that 'The Internet is not safe for CHILDRUN!' and now the filter will have to be compulsory. Right?
Re: (Score:3)
It is odd they're so concerned, as it seems parliament was very, very unsafe for children...
Re: (Score:2, Insightful)
Yes. The fact that no such legislation exists. This is a voluntary ISP scheme
David Cameron pushed the market into providing such a service.
Right. He "pushed the market," and yet it's all 100% voluntary. More like coerced them with threats.
Censorship is evil, and so is "voluntary" default on censorship.
Re: (Score:3, Insightful)
So fucking what?
You don't think it's a big deal when worthless government thugs coerce companies into implementing filters they didn't want to implement in the first place? You don't think it's a big deal that we're giving them all the tools they need to start censoring content they don't like, which they're already doing but for "nasty" content only? You don't think it's a big deal that they have all the names of the account holders who opt out of this nonsensical filter (and knowing governments, this will be put to use e
Re:Prohibitions do not work! (Score:5, Interesting)
The UK ISP filters are completely voluntary as well.
Nope, Cleanfeed cannot be opted out of except by blocking it with something like a VPN.
David Cameron pushed the market into providing such a service. The market obliged.
He threatened to legislate, the ISPs decided to develop a crappy, ineffective token service to shut him up rather than deal with being legally required to do the impossible.
If you really have a problem, you can always choose one of the dozens of ISPs that doesn't offer this service.
Nope, Virgin Media is the only choice available to me. My BT line can only get a very unstable 1-2Mb/sec.
Re: (Score:2)
As bad as the US has become, I'm glad I'm not from the UK.
This isn't very different from what most US based ISP's do with DNS these days (go to a non-existent page, and they redirect to their own search/helper site). In the DNS case, it's somewhat difficult to disable (finding the URL where you can set it is difficult), and it will occassionally re-enable itself.
I don't really like any of this crap, but it's been done for a long time and it's not *too* awful (once disabled, everything works as it should; more-or-less a one time setting). The way they get that ans
Re: (Score:2)
I don't really like any of this crap, but it's been done for a long time and it's not *too* awful
This is how these things grow into bigger and bigger problems. When it gets worse, people will be saying, "Well, it's not *that* much worse." Power creep is slow, but it exists. We've already seen this with their stupid filters.
And it's really sad that some people think this is voluntary when there are plenty of implied government threats to get ISPs to implement this.
Re: (Score:2)
This particular filter isn't legislation.
It's the threat of legislation. The government has repeatidly made it very clear that if all major ISPs do not voluntarily set up filtering, they will pass some form of law compelling them to do so. Faced with the prospect of having to comply with some vague and impossible mandate written by an MP who last used a router in woodshop class, they decided it would be better do so as was asked. Though they certainly dragged their feet over it as long as they can.
Brilliant idea (Score:5, Insightful)
Brilliant idea.
Now instead of offering the parents an option to enable a porn filter, little Billy goes to a random kids website and gets asked "Do you want to watch porn?".
But what's "gambling"? (Score:2)
with the government saying it wants to create a "family friendly" Internet free from pornography, gambling, extreme violence and other content inappropriate for children
Would this exclude, say, a site containing a drawing of kids playing a gambling game with a toy gun [pineight.com]?
Use HTTPS (Score:2)
Use HTTPS. The article mentions:
Re: (Score:2)
Subscribe to Slashdot to get HTTPS (Score:3)
Subscribe to Slashdot and you'll see the secure URL.
Re: (Score:2)
The ISP can just drop all packets to the Internet on port 443 until the householder has confirmed his censoring preference.
Re: (Score:2)
lol...no they can't, unless they want a total and utter customer service overload/nightmare.
imagine all the people complaining when they can't connect to their financial institutions and e-commerce sites?
Utter waste of time. (Score:4, Interesting)
Shame the no thanks button is broken with BT. (Score:4, Informative)
The sodding "no thanks" button would just not work so you had to accept the request, then log back into the BT portal to disable it again. Then it finally went.
What also finally went was my patience with BT, ordered my MAC code and migrating to Andrews and Arnold.
BT, you lost a customer over this. Idiots.
as someone having a religious objection to porn (Score:5, Interesting)
Re: (Score:2)
Slight correction: The ruling is not that health practitioners must refer patients for abortion. It related to supervision of staff. There already exists a law which makes it quite clear that no medical professional can be required to be directly involved in abortion against their objections - the dispute was with middle-management staff, who are in charge of managing those who are directly involved. Minor difference, but important to get the details right.
Re: (Score:2, Interesting)
It's a good question, and it may be instructive to look at how these blocks came to be. AIUI it involved pressure from a very few very vocal (I'd say "hysterical") pressure groups that wished The Government Do Something because they're apparently entirely incompetent to do any such thing themselves. Such as getting a home network router that does the filtering, or getting internet service from an ISP that sells "filtered" internet access like those catering specifically to religious users, for example. No,
Filters (Score:4, Insightful)
I don't have a filter on my bookcase.
I don't have a filter on my movie collection.
I don't have a filter on my video game collection.
Why do I need one on my Internet connection?
I work in schools. Nobody's ever really given me a satisfactory answer that doesn't include pushing parental responsibility to a third party.
I'm with Virgin. They haven't asked me yet. The only time I've ever been asked such things is when I signed up to a mobile network and they asked me if I wanted to turn off the filter on the connection. Given that I work IT, the answer was yes. I want as few third parties between me and my service providers as possible, thanks. But the number of times I'll be using 4G to go looking for anything is going to be slim.
By all means ask... but it would have been so much easier to not ask and let those who worry about it fix it for themselves.
Interesting (Score:2)
I see a small percentage of the population complain about something, and if they come off as being on the side of a society approved message ie; "porn is bad" then they can get their way, an inordinate amount of power for a small whiny percentage of the population.
While I understand that parents don't want their young children watching anal fisting porn, it's troubling parents choose to allow others to be responsible for that control.
I see this a lot, parents complaining about the need for more controls and
Re: (Score:2)
I see a small percentage of the population complain about something, and if they come off as being on the side of a society approved message ie; "porn is bad" then they can get their way, an inordinate amount of power for a small whiny percentage of the population
bingo! we have a winner...
The impossible task (Score:5, Insightful)
..with the government saying it wants to create a "family friendly" Internet free from pornography, gambling, extreme violence and other content inappropriate for children
Point #1: You do not 'own' the entire Internet
Point #2: It's not up to you to 'clean up' the Internet
Point #3: It has been proven over and over and over again that 'net nanny' and other censorship does not work
Point #4: Governments will subvert any censorship technology for their own propaganda and agenda purposes, destroying the original (misguided) intent
Point #5: Regardless of whatever you're telling your citizens, you likely will end up discriminating against people who don't want your filtering
Point #6: Ultimately your efforts will fail, for reasons of Point #3, and because people will always find a way around it regardless.
..and finally, not a 'point', but just my personal opinion on the matter: I think any government that engages in censorship are a bunch of fucking assholes who don't deserve to be in power. Leave the Internet alone and let people decide for themselves what they do and do not want their families and themselves to encounter or do there. Police UK-hosted sites against outright illegal activity or content? Yes. Make moral decisions for everyone else? Hell, no.
DVR pops up an ad when I want to watch a recording (Score:2)
Today it is porn, tomorrow it is your political vi (Score:2)
It will not be long that the UK government will choose to put any site they do not like into the black list.
In a few years time, the internet will contain government-approved material only.
If you want to read an opinion that is different than the government's, you will not be able to without turning the filter off.
If you turn the filter off, then you might be flagged as a terrorist.
The sad part in all this is not what the governments are trying to do though...it is the people's reaction. There is a largs pe
It's an election year in the UK in 2015 (Score:2)
Welcome to the nanny state. (Score:2)
Cover the UK with cameras and now forbid what you are allowed to watch in the privacy of your own home.
Fuck Cameron. Seriously. This is insulting.
Eat My Bitstream (Score:2)
Step 1: Pray that the foundational assumptions of state-of-the-art crypto remain true (no P=NP or quantum computer cracking nonsense, please).
Step 2: Rent/buy/lease/colo a VPS or dedicated server in a country that respects users' freedom and doesn't tamper with their network connection.
Step 3: Set up a VPN on said server.
Step 4: Use the latest crypto algs you can get your hands on; apply security patches aggressively; and watch out for notices of weaknesses.
Step 5: Use the VPN on absolutely every device you
Re: (Score:2)
I'm curious about the security implications of them hijacking your session. And, more importantly, whether I get reimbursed if they fuck up and some critical account of mine gets abused.
Re: (Score:2)
Re: (Score:2)
Then have it your way, with DNS and HTTP to all IP addresses other than your ISP's customer support producing "Connection refused". Would that be a better way to do it?
Re: (Score:2)
Can't get to 8.8.4.4 (Score:2)
DNS and HTTP to all IP addresses other than your ISP's customer support producing "Connection refused".
this would not even happen if they were using a different DNS such as google, it only happens with their DNS server
If all other IP addresses give "Connection refused" for customers who haven't yet expressed a censoring preference, then you can't even get to Google Public DNS (8.8.4.4 and 8.8.8.8).
Re: (Score:2)
Re: (Score:2)
You can't trust the integrity of data you receive via http anyway.
Re: (Score:2)
Then they're injecting a Location: header into your connection.
Re: (Score:2)
Re: (Score:3)
where will it all end, though? this does not, as they say, 'scale well'.
suppose everyone who offers inet service wants to do the DPI redirect shit on you? "you cant get to this website unless you take our survey. what was the last car you bought? how much do you make? etc etc."
I understand the free access portals even though I think its still a bad idea to have people 'login' to a free service. but this is your HOME service that you are now being filtered at, unless you 'respond' to this or that quest
Hotspot (Score:2)
I'm curious about the security implications of them hijacking your session.
How is a one-time HTTP hijack worse than a captive portal showing a click-through TOS page when you open your laptop in a restaurant with open Wi-Fi?
Re: (Score:2)
Re: (Score:2)
How is not hijacking HTTP any worse than doing it once ? My ISP just sends me an e-mail if they want to tell me something
You'd be able to access your ISP's mail and its billing department. Everything else, such as third-party webmail and POP3 or IMAP connections, would be hijacked or blocked until the householder expresses a filtering preference.
Where's the need to mess with everybody's HTTP connection ?
To save on costs of fielding telephone calls from people who can't get through to any web site because they don't know where to go to express a filtering preference, and everything but expressing a filtering preference is blocked.
Goatse filtering is a feature (Score:2)
It makes their service less useful
Conservative parents might disagree. They see filtering as a "feature" that lets them use the web as a babysitter without running quite as much of a risk of exposing children to things that parents think their children shouldn't see without context, such as Goatse or Tubgirl.
Re: (Score:3)
Well, then why don't Conservative parents fuck off, do their own parenting, and not insist on foisting laws on the rest of us to keep care of their children?
Outlawing everything you find personally objectionable or that you don't want your children to see if the mark of an asshole.
Re: (Score:2)
Re:Goatse filtering is a feature (Score:4, Insightful)
Re: (Score:2)
Being a stay-at-home mom is expensive (Score:2)
Well, then why don't Conservative parents fuck off, do their own parenting
Because the cost of living has increased to the point where parents have to work instead of staying at home and parenting.
Re: (Score:3, Insightful)
Options for people who are afraid of everything in the name of children:
1) Don't be a parent. Sometimes unexpected things happen, granted.
2) Stop being an authoritarian mental midget and realize that none of this shit even matters.
Re: (Score:2)
All we ask is to not shove the fact you're doing these things in our faces.. Such as.. we believe homosexuality is a sin, but we don't give a damn what you do in the privacy of your bedroom.
How about showing normal signs of affection in public ? Do you have different rules in mind for homo/heterosexual couples ?
Re:Goatse filtering is a feature (Score:4, Insightful)
Yawn, whatever. This is the same "no true Scottsman" crap, because there is no universal definition, and I suspect among themselves 'conservatives' can't agree on a definition.
See, the problem is you still define it in terms of your own damned religion.
So, I'll go with "hate the religious idiot, not the religion".
Any 'Conservative' or religious person who wishes to outlaw stuff on the basis of their religion is worthy of as much contempt as the Taliban, and are little different in my opinion. They're just someone who thinks their religious beliefs should be entrenched in law, and who want reality to be defined in terms of their beliefs.
But, unmistakably, a lot of people who are 'conservatives' (whatever the heck that means) are opposed to government restricting rights, unless it's to impose their own beliefs. And then they're totally fine with it.
So, to exercise my freedom of speech ... to hell with your religion. You are free to believe what you like in private, but leave the rest of us alone.
Re:Stoppit with this hysteria! (Score:5, Insightful)
Seriously, what's in it for the ISP to push these things?
I'm guessing that the gov't is leaning on ISPs to get an explicit buy in/out of filtering per customer. So that later on, when someone in the household stumbles upon that midget porn site, no one can claim shock and offense.
The down side (as others have pointed out) is that little Timmy might be the first one onto the family Internet connection one morning. And the "Do you want to watch porn?" might not get the response intended.
Re: (Score:2)
The down side (as others have pointed out) is that little Timmy might be the first one onto the family Internet connection one morning.
That depends on whether the householder trusts Timmy with the account's billing username and password.
Re: (Score:2)
They have a number of motives:
1. Placate the screaming "think of the children (but not in that way)" Daily Mail reading crowd who are offended by the filthy internet.
2. Build a National Pervert Database to give the police some extra leverage.
3. Put internet censorship infrastructure in place, for when it is needed later. There is already Cleanfeed, but the rules for what goes on it are annoying, so they wanted a system that is easier to use (for them, as in they ask nicely and ISPs block stuff for them).
Re: (Score:2)
Ah well, good thing you've elected people who know what's best for your intellectually inferior populace.
Britain has three parties with insignificant differences. So at least voters have slightly more choice than America, where there are two parties with insignificant differences.
Both Tories and Labour are censorious asshats. No-one knows whether the Lib Dems are the same, because they change policies as soon as they get any power.
Re: (Score:2)
It's like you're not even trying. You're not a real European Parliamentary until you've got at least eleven parties with insignificant differences. Throw in some Christian Democrats, Democratic Christians, Republicans, Peoples' Workers Party, and Christian Democratic Republican Peoples' Workers Party, and you're starting to have real variety.
Re: (Score:2)
Why would you want to defeat it? Your ISP wants to ask you if you want filtering on or off. Just tell them 'off'' and be glad they asked before filtering your requests. Then you can go on with your life without and further redirections.
Re: (Score:2)
Re: (Score:2)
Why do they even have to ask ?
From the summary:
"Sky,TalkTalk and Virgin Media are required to ask all their customers if they want web filters turned on or off"
Re: (Score:2)
Re: (Score:2)
As I understand it, they are required by law. The reasons behind the law are not particularly relevant to them. For those, you would need to ask your legislative representative or research the history of the particular law.
The ISPs only have to decide on the manner with which they comply. Personally, I'd rather they do it this way rather than, say, call me on the phone. My only problem with it is the page could be served to, and answered by, my hypothetical six-year-old.
Re: (Score:2)
Fine.
Are customers required to answer?
I don't know, but I suspect not. But why in God's name would you not answer the question? It's an opportunity to ward off a possible future 'default' setting.
Re: (Score:2)
But why in God's name would you not answer the question?
Plausible deniability. If the government accuses me of not censoring what they think is inappropriate material, I can deny ever having seen the option.
Hosts won't save you here (Score:2)
A hosts file [pineight.com] has many uses, but defeating a captive portal [wikipedia.org] isn't one of them. A competent captive portal will produce "Connection refused" on all ports of all other IP addresses until you've completed the authentication and preference-setting process.
Re: (Score:2)
Good luck. The modem rewrites the MAC on the way out as part of its data link duty, and either the modem or the ISP-owned router on the other side of it drops outbound packets that don't have the subscriber's IP address in the from field.
Re: (Score:2)
Since the DNS *is* "poisoned" (redirected), hosts SHOULD work
That'd be true if DNS poisoning is the only layer that a provider uses to corral users into their captive portal. But based on my own experience with captive portals, that's rarely the case. Say you have 123.45.67.89 www.example.com in your hosts file. Any HTTPS connection to 123.45.67.89:443 will produce either "Connection refused" or a certificate error. Any HTTP connection to 123.45.67.89:80 will produce a Location: redirect to the page for expressing filtering preferences.
Re: (Score:2)
APK!
APK!
APK!
When every site gives "Certificate error" (Score:4, Informative)
How are you going to actually your HTTPS-only web sites when every single site you visit gives "Certificate error" until the householder has confirmed his censoring preference? This happens on open hotspots in hotels and restaurants, for example. The answer to "Why is HTTPS Everywhere preventing me from joining this hotel/school/other wireless network?" in the HTTPS Everywhere FAQ [eff.org] recommends visiting an HTTP-only site first in order to be redirected to the login page.
Re: (Score:2)
If I don't say "yes", the answer is NO.
Then they'll ask the question the other way. There have been lots of articles about the importance of wording questions for voting day, and the number of times that "no" means "yes" because the question is worded "do you want to PREVENT xyz" rather than "Do you want xyz".