ADSL cap warning not a man-in-the-middle attack: Telkom

Kosmik

Honorary Master
Joined
Sep 21, 2007
Messages
20,099
Re-direct and injection are certainly not the same thing, from reading that article, certainly sounds like an injection. Now if the were to re-direct the page when first opened to a warning page for a few seconds, that would be a re-direct.
 

Johand

Expert Member
Joined
Jan 21, 2005
Messages
1,399
It reminds me of the joke "When you make somebody breakfast in bed the least you should expect is Thank You. Not all this who are you and what are you doing in my house nonsense."

Good intentions horrible execution :) Telkom overstepped the line!
 

Nephew_

Senior Member
Joined
Sep 2, 2009
Messages
623
Yes, Telkom, I know I am out of cap. Do you really have to remind on every freakin page I visit, on every device? Really?
 

jetlee

Senior Member
Joined
Oct 31, 2006
Messages
746
OK, I havent seen it, so I may be well off the mark .. but that flow is for WiFi Auth .. not the telkom cap notification, so it isnt clear if its altering page content or not. If its Injecting javascript, as the article says, then it may well be both man in the middle and cross site scripting, both of which are serious security vulnerabilities ..

IMHO, anything trying to change your web content, after the server has served it, whether for invisible proxy caching or for adverts .. is a massive security concern.
 

jetlee

Senior Member
Joined
Oct 31, 2006
Messages
746
Also, as an aside, I have a very different usage pattern when using an authenticated WiFi hotspot, than my own internet, for very good reason .. following a Wifi hotspot workflow, for a private internet connection, is madness .. from a security perspective.
 

alexandergrahambell

Well-Known Member
Joined
Jul 4, 2013
Messages
102
It's helpful and I like it. Does that make me stupid, vulnerable to snooping by the CIA and the ANC, technologically illiterate, a Telkom fanboi, someone who shouldn't be trusted with a four digit calculator or all of the above?
 

garp

Executive Member
Joined
Aug 2, 2004
Messages
7,766
In order to inject the script it means their servers have to parse html intended for you, and you only. This is not on. They should rather just redirect users when the cap is used, or even better send an sms.
 

ranger

Expert Member
Joined
May 2, 2007
Messages
2,047
Yes, Telkom, I know I am out of cap. Do you really have to remind on every freakin page I visit, on every device? Really?
No, we don't. Click the notification, log in, click acknowledge.

Then, if you don't want it in future, click on the notifications menu item, and uncheck the 'In-browser notification'.

Depending on feedback, we could make the 100% notification work like the 80% and 90% notification (if you click it, it gets disabled).
 

ranger

Expert Member
Joined
May 2, 2007
Messages
2,047
We need to remember that this is coming from the company that believes "security is a personal decision": http://mybroadband.co.za/news/security/78873-adsl-router-security-concern-in-sa.html :sick:
"D-Link’s technical supervisor, Altus Lourens, explained that by default all of their routers have the remote management feature on port 80 disabled.

Lourens added that this is also true for the firmware supplied to Telkom Internet for the D-Link routers they sell."

So, Telkom supplies the modem with the remote administration feature disabled by default, must they prevent users from enabling features that are available?
 

ranger

Expert Member
Joined
May 2, 2007
Messages
2,047
In order to inject the script it means their servers have to parse html intended for you, and you only. This is not on. They should rather just redirect users when the cap is used, or even better send an sms.
1)We did for a brief period redirect customers when they reached their quota. You had to log in to the portal, and click a button to continue in Softcap mode. With this configuration, the call centre complained that they were unable to handle the volumes of calls for users who didn't know their password and were complaining that we cut them off from the internet.
2)New customers (for the past 3 years or so) automatically have email or SMS notifications enabled, and all customers can enabled them. However, we still have a large percentage of our customers who log line faults when they don't know they are over quota.
3)You can disable the in-browser notification the first time you see it ... if you aren't able to, you probably don't have email or SMS notifications enabled ...
 
Top