Telkom Internet ISP - Injecting Code into HTML

chubster · Jun 5, 2015

So I found this nice little image popping up on my browser.

and investigated further to try and found out how exactly that happened.

I found this embeded in any page that I access using http://

Code:

<div id="n_42169313" style="position: fixed; z-index: 9999999999; bottom: 0px; right: 0px;"><img src="http://images.telkomsa.net/ibn/70_s.png" style="width: 250px; height: auto; margin: 20px; padding: 15px; overflow: hidden; border-radius: 10px; box-shadow: rgb(0, 0, 0) 3px 3px 20px 2px; background: none 0% 0% repeat scroll white;"><a href="#" style="font-family: 'Arial Black'; font-weight: bold; font-size: 20px; text-decoration: none; position: fixed; right: 20px; margin-right: 5px; margin-top: 20px; color: rgb(128, 128, 128);">×</a></div>

My question is, is it legal in our country for our ISPs to inject code into html pages?

The work around would be to access https:// websites, this isn't my point though.

ponder · Jun 5, 2015

You are being notified about your usage status. People have been biatching that they did not know and now you are complaining that you are being notified. Do you also biatch about other ISPs throwing up a banner when you reach your limit?

chubster · Jun 5, 2015

I think you are missing the point as I stated it in my original post. Telkom does provide a way to send e-mail notifications. So there goes that argument of yours.

The question is, is it legal for any ISP to inject code into your content? What does our laws say about it? Even if it is of "good nature" what else could they be doing? What are our rights?

ponder · Jun 5, 2015

You know what, you're right. This is a better more legal alternative.

User52 · Jun 6, 2015

genetic · Jun 6, 2015

ponder said:
You are being notified about your usage status. People have been biatching that they did not know and now you are complaining that you are being notified. Do you also biatch about other ISPs throwing up a banner when you reach your limit?

+1

MickeyD · Jun 6, 2015

@OP

If you log in using an ISP other than TI, does it remain there?

jackshiels · Jun 6, 2015

ponder said:
You are being notified about your usage status. People have been biatching that they did not know and now you are complaining that you are being notified. Do you also biatch about other ISPs throwing up a banner when you reach your limit?

He's not "biatching". It's a fairly intrusive way to notify.

MickZA · Jun 6, 2015

jackshiels said:
He's not "biatching". It's a fairly intrusive way to notify.

But I'm guessing if you click on it that's it until the next alert trigger is reached plus you probably have the option to turn alerts off totally.

Ranger mentioned they were working on something like this as too many TI subscribers were bitching about their speed because they were unaware of how to check their usage status and were throttled. Seems TI can never win - haters gotta hate.

cavedog · Jun 6, 2015

MickZA said:
But I'm guessing if you click on it that's it until the next alert trigger is reached plus you probably have the option to turn alerts off totally.

Ranger mentioned they were working on something like this as too many TI subscribers were bitching about their speed because they were unaware of how to check their usage status and were throttled. Seems TI can never win - haters gotta hate.

Indeed I think it is genius to be honest. The fact that you can turn them off is good enough if you don't want them then turn them off. I think it would be very very useful for the not so tech savvy consumers that don't know how to check their data usage.

chubster · Jun 6, 2015

MickeyD said:
@OP

If you log in using an ISP other than TI, does it remain there?

No, that specific message stays with Telkom's ISP.

Again, why would that specific code be injected by another ISP?

The problem here is, why are South African ISPs (Telkom being one of them) injecting code into HTML web pages?

This is something usually associated with malicious attack. And not to mention, the biggest problem, breach of privacy. They are modifying my content. And I have to pay for the data used to see their code?

What's next, more adverts that I didn't ask for but I must pay for?

Momer · Jun 6, 2015

I'm also receiving this nice little notification, but the problem is it looks like Telkom is now implementing a daily quota. I have one of their 50GB accounts and started getting this notification after using about 1GB of data and I was blocked at about 2.4GB. This to me is unacceptable. If you pay for 50GB of data you should be able to use it when and where you like, not be limited at 2.4GB a day

Swa · Jun 6, 2015

ponder said:
You are being notified about your usage status. People have been biatching that they did not know and now you are complaining that you are being notified. Do you also biatch about other ISPs throwing up a banner when you reach your limit?

ponder said:
You know what, you're right. This is a better more legal alternative.

View attachment 222822

No the better alternative is to serve up a replacement page with option to then click through. Injecting code breaks some pages/services so legalities aside it's very unprofessional of them.

ambroseg1 · Jun 8, 2015

My wife also got this stupid message while surfing on her phone. I quickly checked if I get the same while surfing on the laptop and got nothing.

Telkom trying to be smart and failing dismally yet again.

ranger · Jun 9, 2015

Momer said:
I'm also receiving this nice little notification, but the problem is it looks like Telkom is now implementing a daily quota. I have one of their 50GB accounts and started getting this notification after using about 1GB of data and I was blocked at about 2.4GB. This to me is unacceptable. If you pay for 50GB of data you should be able to use it when and where you like, not be limited at 2.4GB a day

This is false.

Please PM me your username so I can have a look.

ranger · Jun 9, 2015

Swa said:
No the better alternative is to serve up a replacement page with option to then click through. Injecting code breaks some pages/services so legalities aside it's very unprofessional of them.

This is what we did for uncapped subscribers who reached a FUP limit, but there were lots of complaints about that.

If pages are broken, close the notification, and reload the page ...

ranger · Jun 9, 2015

chubster said:
So I found this nice little image popping up on my browser.

View attachment 222814

and investigated further to try and found out how exactly that happened.

I found this embeded in any page that I access using http://

Code:

<div id="n_42169313" style="position: fixed; z-index: 9999999999; bottom: 0px; right: 0px;"><img src="http://images.telkomsa.net/ibn/70_s.png" style="width: 250px; height: auto; margin: 20px; padding: 15px; overflow: hidden; border-radius: 10px; box-shadow: rgb(0, 0, 0) 3px 3px 20px 2px; background: none 0% 0% repeat scroll white;"><a href="#" style="font-family: 'Arial Black'; font-weight: bold; font-size: 20px; text-decoration: none; position: fixed; right: 20px; margin-right: 5px; margin-top: 20px; color: rgb(128, 128, 128);">×</a></div>

My question is, is it legal in our country for our ISPs to inject code into html pages?

The work around would be to access https:// websites, this isn't my point though.

Would you be satisfied if there were a means to opt out of ever receiving the in-browser notification (which, for example, may be possible only if you have email or sms notifications enabled).

(My comments on the design of this feature was that it should be designed with opt-out, but it went in without an opt-out feature)

ranger · Jun 9, 2015

chubster said:
I think you are missing the point as I stated it in my original post. Telkom does provide a way to send e-mail notifications. So there goes that argument of yours.

Very few people get the notifications. We get hammered by the network field services team on unnecessary call-outs due to our subscribers not knowing their usage status.

The question is, is it legal for any ISP to inject code into your content? What does our laws say about it? Even if it is of "good nature" what else could they be doing? What are our rights?

The alternatives are:
- hard cap
- hard http redirect until users log in (which a large percentage seem unable to do) to acknowledge that they are over quota and won't log a line fault

Please pick one (and PM me your username so I can subject you to it)

ranger · Jun 9, 2015

chubster said:
No, that specific message stays with Telkom's ISP.
And not to mention, the biggest problem, breach of privacy.

How is it a breach of privacy, any more than without the notification?

They are modifying my content.

You can quite easily see the unmodified content.

And I have to pay for the data used to see their code?

The notifications are about 60kB, and your browser should cache them. Every subscriber who sees a 70% notification in the first two weeks will get *much* more than that free (on soft-cap).

Would you be happier if users with email or SMS notifications could opt out of in-browser notifications?

DoodleBug · Jun 9, 2015

Hi all I have a question.

The same popup started showing up at my SOs parents place but shows 100% data usage.

What I cant understand is they are on a 2 Mbps uncapped account and they aren't what I would call heavy bandwidth users.

Any ideas as to why this would be happening on an uncapped account?

Sorry for the side show, but this is the first place I found posting this popup.

Telkom Internet ISP - Injecting Code into HTML

Senior Member

Honorary Master

Senior Member

Honorary Master

Senior Member

Honorary Master

RIP

Expert Member

Executive Member

Honorary Master

Senior Member

New Member

Honorary Master

Honorary Master

Expert Member

Expert Member

Expert Member

Expert Member

Expert Member

Well-Known Member