My ISP is modifying HTTP traffic, how can i respond?

[orangpelupa]

Hello B3D.

My ISP, its the biggest ISP in my country and it is country-owned. Since last december or november, they suddenly starting to modify HTTP.

so all website will have additional "Advert block" from my ISP. This also affect all HTTP application (html5 games, etc). This advert also seems to be placed on slow-ass server. It makes loading web pages much slower. I circumvented this by manually adding the hostname into host file to 127.0.0.1.

any idea how can i respond? I though of their act as copyright infiringement, because they modify websites without permission... (there's a copyright law in my country where modifying copyrighted content without permission is forbidden, example is modifying music).

thanks

 

[Davros]

The website minus the area's set aside for adverts may be copyrighted
ps: what adverts are banned by the dutch ?

 

[tongue_of_colicab]

I think he means the ISP adds an extra frame including ads instead of blocking them.

Maybe he's back in his own country? I've never heard of a Dutch ISP doing something like this and there aren't any state owned ISP 's.

 

[orangpelupa]

sorry the confusion. yeah im back to my country

yeah theres extra frame above every http website. and sometime also under them.

 

[Malo]

This happens on every computer? Usually that's a result of malware on the computer modifying your browsing.

 

[Davros]

whats your normal country ?

 

[orangpelupa]

@Malo
yes.
actually its not me who first noticed it because i use adblock but people on discussion forum. The ad is also served through official ISP domain with the ISP ads (new package, wifi zone locations, etc).

@Davros
its

Spoiler

Indonesia

 

[orangpelupa]

btw here;s the script

Spoiler

<script type="text/javascript">if(self==top){var idc_glo_url = (location.protocol=="https:" ? "https://" : "http://");var idc_glo_r = Math.floor(Math.random()*99999999999);document.write("<scr"+"ipt type=text/javascript src="+idc_glo_url+ "cfs.u-ad.info/cfspushadsv2/request");document.write("?id=1");document.write("&amp;enc=telkom2");document.write("&amp;params=" + "4TtHaUQnUEiP6K%2fc5C582Ltpw5OIinlRdpAJ1RZnHLIyqVWd7viL5FOUlrn1Ke2qjonUrEZc%2fz37ZOYWiADAbujuNLc400xSKL3yk1uqThfvFXVqyoDiK%2bVVQGgVu8v6%2b587E8hqcGBuurxwxxdrI5qbjPRO9uElIG%2bi4hKJTOD9OFLdvYkjhD4bmR3HG%2fjYcR6AAoSDaoDIB5Nt2uPlpvAF%2br%2fL6qMAwjrq4Awwtm45HBfwSKlaH2ZhKitgml2BksACiLpeCDrGmBZ5pIRZc%2fa6ZBIli3%2fEWv4kLABK8p8TK6qsnqPoBx4532Fojy6bARKJlJTUVs3sZNnbF3WjNjGwmBDU8u3F1Fp0qd%2f8NCnMlmtkRY2QidD6rp%2ffnewwlfD7IW9UuodbeBVE%2bByFVPUaLZy3TE7kgyx3AZIm6AOFkuuw4RWdwBENMq1p9mBvnDa5PahhcmV2TrwTdNezN8jnGfXZBdL2k6pk5wfBcWqKxe1u%2bX92in4nmnVVHZDvjaE1VtqC%2bjx4TOhzGeJfTZb%2fenFFx0rM");document.write("&amp;idc_r="+idc_glo_r);document.write("&amp;domain="+document.domain);document.write("&amp;sw="+screen.width+"&amp;sh="+screen.height);document.write("></scr"+"ipt>");}</script>

isnt that tracking our web-surfing? O_O
im not good at programming

 

[orangpelupa]

OMG
even HTTPS is intercepted and modified!!!! the goddamn ad script also appears on HTTPS website (inclusing B3D). How the heck they are doing this to HTTPS?

their support page http://www.telkom.co.id/hubungi-kami/customer-service (blank)
their official ad website http://u-ad.info/site/about (my ISP market this as a new age of digital advertising).

anybody knows how to add custom firewall rules to block a domain? i have a router with OpenWrt.
currently i blocked it client-side with hosts file.

EDIT:
lol i'm DUMB. of course this page showin the script. i posted the script here ROFL LOL LOL. im dumb. So HTTPS is still fine.

EDIT2:
ok OpenWRT added the rules to route the ad domain to 127.0.0.1

 

[Blazkowicz]

With your ISP doing some "weird" things, I want to share that comment made by someone in a discussion on a story named "Inside North Korea's Naenara Browser"

The context (from the news blurb) :

The country is known to tightly control the communications and activities of its citizens and that extends online, as well. Robert Hansen, vice president of WhiteHat Labs at WhiteHat Security, and an accomplished security researcher, recently got a copy of Naenara and began looking at its behavior, and he immediately realized that every time the browser loads, its first move is to make a request to a non-routable IP address, http://10.76.1.11./ That address is not reachable from networks outside the DPRK.

"Here's where things start to go off the rails: what this means is that all of the DPRK's national network is non-routable IP space. You heard me; they're treating their entire country like some small to medium business might treat their corporate office," Hansen wrote in a blog post detailing his findings. "The entire country of North Korea is sitting on one class A network (16,777,216 addresses). I was always under the impression they were just pretending that they owned large blocks of public IP space from a networking perspective, blocking everything and selectively turning on outbound traffic via access control lists."

The comment
http://yro.slashdot.org/comments.pl?sid=6687101&cid=48775119

 

[Rurouni]

North Korea just want to control their information. Telkom ISP wants to make extra profits.