HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Topics » Computers & Internet » Computer Help and Support (Group) » So. My cable/phone/intern...

Mon Apr 16, 2012, 03:30 PM

So. My cable/phone/internet provider, Charter Communications, just hijacked Firefox.

When I opened Firefox, Charter popped up a javascript in-browser window (it behaves more like a frame, but has a close button) telling me that there was important information available regarding my account status, please click here immediately. That's nearly a direct quote; I don't have the image in front of me because I took the photos with my phone and they're still on it.

Yes, I forgot to pay the bill. That's not the bad part. What's disturbing, to put it mildly, about this is that their window completely blocked my 'home' page, which happens to be www.google.com. Worse, this window can only be dismissed; it cannot be moved or resized. Now, I know for a certainty that I would never, under any conceivable circumstances, allow Charter permission to display "important information" on my home page without my explicit consent. That goes double for giving Charter permission to preempt the content I expected (in this case, the "main" Google search page) with their own notifications. finally, the page source contains neither the term 'charter' nor Charter's IP address.

Charter's method and tactics demonstrate behavior we've all long and rightly associated with black-hat hackers and two-bit script kiddies. None of the countermeasures I have in place to prevent pop-up spam of various types from ruining my internet experience so much as blinked when this occurred. By doing this, Charter has proven they have, or can have, direct access to my web browser, theirs to use as they see fit at will with no recourse available to me. As a can-of-worms bonus, it could be argued Charter also executed a denial of service attack against Google.

Is this kind of thing now a common practice among internet providers? I've been online since NCSA Mosaic was the browser of choice, and I have never heard of this happening. Yes, I forgot to pay my bill. My fault, but remember, I paid them $144 two days ago. Charter had no reason to do this.

I'm pretty disturbed by this and, I believe, rightly so. They intentionally destroyed the necessary level of trust that must exist between an internet end-user and their service provider. In identical fashion to black-hat hackers worldwide, Charter demonstrated they can manipulate my browser anytime they please if they believe it is an "important reminder". What else are they doing with my PC (my hardware and software, installed and running locally) that I am unaware of?

I don't like this, and I like it less the more I think about it. Does anyone here have any advice on how I should proceed?

14 replies, 10893 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 14 replies Author Time Post
Reply So. My cable/phone/internet provider, Charter Communications, just hijacked Firefox. (Original post)
Occulus Apr 2012 OP
ChromeFoundry Apr 2012 #1
discntnt_irny_srcsm Apr 2012 #2
anti-alec May 2012 #12
ChromeFoundry May 2012 #13
ohheckyeah May 2012 #14
hobbit709 Apr 2012 #3
Occulus Apr 2012 #5
discntnt_irny_srcsm Apr 2012 #4
Occulus Apr 2012 #6
discntnt_irny_srcsm Apr 2012 #7
Occulus Apr 2012 #10
discntnt_irny_srcsm Apr 2012 #11
Go Vols Apr 2012 #8
Occulus Apr 2012 #9

Response to Occulus (Original post)

Mon Apr 16, 2012, 04:00 PM

1. They probably didn't jack your browser...

Since all your traffic runs through their network, they could easily have a transparent proxy inject HTML, JavaScript or other code into your request response. They hijacked your HTTP request and response. If you are using their DNS servers, they can alter the addresses returned for names you query.

With that said... they certainly have the ability to watch all of your traffic and modify the content you are viewing on-the-fly.

Welcome to the future. If you think OnStar cannot enable the microphone or monitor your GPS location when you do not even subscribe to OnStar service in your GM car...You probably sleep better than people who know better.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ChromeFoundry (Reply #1)

Mon Apr 16, 2012, 04:24 PM

2. Big brother...

...is the one who really needs IPv6. IPv4 only allows 4 billion unique addresses. With world population over 7 billion, well you get the idea.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ChromeFoundry (Reply #1)

Tue May 1, 2012, 09:00 PM

12. We recently switched to Comcast after 6 years of Qworst/Centurylink

 

After they constantly refused to upgrade their system from a pisspoor 20M/786K (I hated the upload rate - was enough to bother my wife trying to communicate to her family over video phone) to a modest 30/10 from Comcast.

I ignored the Comcast's DNS - knowing from previous experience to be notoriously unreliable.

I went with OpenDNS - primary is 208.67.222.222 and secondary is 208.67.222.220

We saw a BIG difference in speed compared to QWORST.

We got our first bill - they screwed it up - double charged for install - I'm angry and will be asking them to remove both charges and ask for a complimentary install (they also screwed up my schedule - waiting for an installer to come past 5pm - one showed up nearly at 7:15pm)

Reply to this post

Back to top Alert abuse Link here Permalink


Response to anti-alec (Reply #12)

Wed May 2, 2012, 09:08 AM

13. DNS Benchmark

If you are really looking to squeeze every millisecond out of your DNS queries, you may want to try running a DNS Benchmark to see which service offers you the fastest responses:
http://www.grc.com/dns/benchmark.htm

Reply to this post

Back to top Alert abuse Link here Permalink


Response to anti-alec (Reply #12)

Thu May 3, 2012, 10:58 PM

14. I have a question -

if I change my router from the current setting for DNS that is Automatic from ISP (Comcast) to the OpenDNS will I have any problems if for any reason I want to change back?

How much difference over Comcast did you see with the OpenDNS?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Occulus (Original post)

Mon Apr 16, 2012, 06:18 PM

3. I f you didn't pay the bill, you won't have access to your home page.

what you are getting when you try to go online is this message.
It's the internet variation of "This number is temporarily out of service"

Reply to this post

Back to top Alert abuse Link here Permalink


Response to hobbit709 (Reply #3)

Tue Apr 17, 2012, 12:41 PM

5. but that isnt what happened, exactly

See, this is the weird part. The Google page loaded. It was hidden behind their java pop-up window. Other pages loaded just fine in new tabs; there was never a service interruption.

Just this pop-up window.

Also, and this part is REALLY strange, there are two PCs here, behind a router. The pop-up window appeared on my PC (the account is in my name), but NOT on the other PC.

And again, there was never a service interruption. Google loaded, BEHIND their window, and again, other pages loaded with no problem.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Occulus (Original post)

Mon Apr 16, 2012, 06:38 PM

4. Try pasting...

Last edited Mon Apr 16, 2012, 07:25 PM - Edit history (1)

..."173.194.73.103" (google's IP address) into the address bar instead of www.google.com. See what you get. If your browser goes straight to google then they are just messing with your DNS server.

Do you have a router or do you connect directly to the cable modem?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to discntnt_irny_srcsm (Reply #4)

Tue Apr 17, 2012, 12:44 PM

6. two PCs, behind a router.

See my other response above- there wasn't ever any service disruption, only this service "reminder".

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Occulus (Reply #6)

Tue Apr 17, 2012, 01:25 PM

7. I strongly suspect...

...no code was resident on your PC nor was there any remote control/access involved. More than likely all accounts are registered to automatically receive such a notice at a certain time. Making the payment would cancel the notice. It's most probable that which ever PC you used first to access the internet after the notice default time would have the window appear.

This same type of mechanism operates on public WiFi access points to send you to the login page.

ETA: Was this a one time event or does/did it persist?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to discntnt_irny_srcsm (Reply #7)

Wed Apr 18, 2012, 10:50 AM

10. You're probably right- it was a one-time event

I've been a customer for close to 15 years now. This is the first time I've ever seen or heard of this happening...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Occulus (Reply #10)

Wed Apr 18, 2012, 10:55 AM

11. Have a nice day.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Occulus (Original post)

Tue Apr 17, 2012, 02:53 PM

8. I got the reminder a couple of months ago.

Charter is the only bill I dont do a bank draft on and I forget to pay it often.I used to get a reminder call,now this.Just x it out and keep going for me,it dosent stop internet service.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Go Vols (Reply #8)

Tue Apr 17, 2012, 06:10 PM

9. So this is policy now?

Jesus! Jesus Christ!

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread