ISPs Inserting Ads Into Your Pages

TheWoozle writes "Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I'm sure that they weren't asked for permission either."

Suprise!

[dotHectate (975458)]

It's not like we pay them for our internet access or anything.

Oh wait, we do... crap.

Re:Suprise!

[Qzukk (229616)]

I thought my ISP was doing this but when I called to complain the helpful tech support person told me that the sites I was visiting must have added new ads to them, since they would never do such a thing. Thanks for reassuring me, John!

So, slashdot, why are you running 50 ads at the top of every page? I thought when I subscribed I wouldn't have to see these anymore, but since you don't have a friendly guy I can call to talk to about it, I'll have to assume you're trying to screw me over here.

Re:Suprise!

[pipatron (966506)]

Don't worry! Your Free Market(tm) will take care of this! You can always chose not to have internet, or lay your own fiber! Completely realistic options. It's not my fault you can't afford that. You should have started an ISP just like everyone else!

Re:Suprise!

[tha_mink (518151)]

Reminds me of how back when cable TV started up the idea is that you were paying for more channels and you wouldn't have to deal with ads. Looks like some things never change.

Actually, I'm more pissed as a content provider then I am as a consumer. How dare they! If I wanted advertising on my content, I'd put it there, and get paid for it. For me, this is totally stealing from content providers and not just annoying to consumers. I mean, isn't that like making money off of other peoples content? Wouldn't that be more like a telephone company forcing you to listen to an add before you place or receive a call? Imagine....

Phone rings and you pick up....

(You) - Hello? (Automated Hell) - Hello, this is A-T-And T, we have a call for you, but first, we'd like you to enjoy a message from our sponsors...
(You) - Click!

Fuck that! Stealing content...bullshit.

Re:Suprise!

[OnlineAlias (828288)]

I am pissed that they are even addressing my http stream through proxy. Technically, that is eavesdropping my session. Not to mention that just looking for the place to insert the ad will most certainly screw up many web applications. Once an ISP crosses this line there is no limit on what they can do. Things like feeding you a bogus SSL cert while making it appear perfectly legit and decrypting your traffic, redirecting entire web sites, blocking content without your knowledge...it goes on and on. The ISP even having this information in their logs starts a huge slippery slope.

Everyone, immediately call a lawyer and run away from any ISP that does this. You have been warned.

Re:Suprise!

[N7DR (536428)]

I tell you, I am highly ticked off that, at least where I live, there's no way to get a broadband ISP who promises to deliver one thing: a pipe. That's all I want: a pipe. I can't be alone. Just give me a pipe and leave me to use it the way I want to. Don't filter my e-mail. Don't redirect my DNS queries. Don't disallow traffic to/from ports. Don't block pings. Just give me a pipe. What's so hard about that? Good grief, if you want to, you can even charge me extra.

I am almost always against laws (which are often worse than the ill they are trying to right), but it seems to me that there ought to be some sort of regulation that requires ISPs (since they are mostly effectively monopolies) to offer a transparent pipe for those who want to avoid all their obnoxious practices.

Re:Suprise!

[Timothy Brownawell (627747)]

Clearly you're not familiar with CALEA. They not only log your traffic, they store all the packets so the courts can request them later.

Um, how? Even a 10Mbit pipe is 108GB / day. So how much bandwidth does a typical ISP use, and where do they get enough storage to remember it all?

Re:Suprise!

[Tim C (15259)]

Like creating a derivative work? This is taking someone else's work in transit from server to client, inserting other content into it, then sending this modified version on to the client instead.

This isn't like creating a derivative work, it is creating a derivative work. They're even profiting from it, as they're selling the ad space thus created.

Re:Suprise!

[gnuman99 (746007)]

No. This is NOT GeoCities. GeoCities added adverts to the websites you hosted with them. You knew EXACTLY what they do in return for "free" webspace. This is like getting a colo box so you can reach your customers better (ie. not relying on the shared webhost), make sure you have clean pages to attract customers then some fucker comes along and sticks adds on *your* page without *your* permission.

What GeoCities does is OK. The content provider has to agree.

What some ISPs do in return for free internet is OK too (add popups or whatever) - at least that what used to happen. In this case customers KNOW that the popups are from the ISP. But popups *must* be separate from the webpage, not in it.

But if you come along and *insert* ads on my pages and thus benefit from my work, I have no choice but to sue. That is copyright violation. Period. They are costing the content provider money.

Re:Suprise!

[speaker of the truth (1112181)]

It seems to be more and more common to see games in PC and console games

I'd be asking for a refund if this weren't the case!

Re:Suprise!

[Reaperducer (871695)]

Yes they have. It's called "product placement", and it's getting more invasive.

More invasive? Time to go back to the history books, Sonny.

Things used to be much worse. Advertisers would have their logos splashed all over TV shows and movies. On TV news they would be on the anchor desks, in the backgrounds, even on the clothes the anchors would wear.

There's a great exhibit in the Old Louisiana State Capitol [glasssteelandstone.com] that is an old TV news set from the 50's. The news was called something like "The Esso Seven O'Clock News" and there's a big Esso logo on the front of the desk, and I think one on the microphone as well as other places.

Quite an eye-opener. At least modern product placement is subtle. I think we're just getting more sensitive to it.

What about code validation?

[throup (325558)]

I know this won't be everyone's primary concern, but what happens to all of those pages carefully crafted to adhere to a specific standard eg HTML 4.01, XHTML 1.1 or whatever else you may choose? Surely, unless these uninvited contributions also adhere to that specific standard, we have no hope of producing standards-compliant documents.

Re:What about code validation?

[Jamu (852752)]

I had that with my old ISP (Virgin.net). I wrote a simple webpage in HTML 4.01, checked it was valid with W3C's Markup Validation Service, and then uploaded it. When I checked it there was script just after the html element but before the head. Not what I wanted to see on a page that not only asserted I knew something about writing HTML, but also had the W3C validation link at the bottom.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><s cript src="http://www.virgin.net/js/random_ad.js" language="javascript"></script>
<!-- Document is valid. However, Virgin.net inserts a <script> element here -->
<head>
<...

Re:What about code validation?

[Bogtha (906264)]

Unfortunately, Internet Explorer is also oblivious to XHTML 1.1's existence, which means you'll be turning away the majority of your visitors (assuming typical demographics).

On the one hand...

[niceone (992278)]

On the one hand I'd be really annoyed* if my ISP did this to me, on the other hand maybe there are some people who wold prefer ads and a cheaper monthly fee?

And on the third hand... isn't this going to break a whole bunch of websites? I'm having a hard time imagining how they could do it without major side effects.

(* I'd be wanting to stuff a few ads up their HTTP stream, I can tell you)

Re:On the one hand...

[Dutch_Cap (532453)]

And on the third hand... isn't this going to break a whole bunch of websites? I'm having a hard time imagining how they could do it without major side effects.

Don't worry, I'm sure it's been thoroughly tested with Internet Explorer.

Re:On the one hand...

[bruns (75399)]

From my experience (I've worked at and built enough ISPs) that even if they find a way to potentially reduce the customers cost per month (ie: through ads), they won't pass the savings to the customer - ever.

Why? Profit. It's a great motive.

I've known about this for a while...

[Saint Aardvark (159009)]

When I worked at the helpdesk of a small ISP [dowco.com], we were approached by this company [adzilla.com] to see if we were interested in letting them test their ad-inserting proxy server on our customers. I protested that it was scummy and might lead to legal trouble (I was guessing) over changing pages in-flight, but my bosses didn't listen. That was back in 2002 or 2003, and I left shortly after to take another job. No idea what's going on there now.

I'm moving to a new ISP [uniserve.com] since my current one [www.shaw.ca] has started blocking port 25 in and out. I run my own mail server, so I appreciate that Uniserve's TOS [uniserve.com] explicitly allow servers (clause #19). However, they also explicitly say that they insert ads:

65. UNISERVE shall have the right, without notice, to insert advertising data into the Internet browser used by a UNSERVE customer, and transferred to a UNISERVE customer over UNISERVE's network, so long as this does not involve UNISERVE establishing the identity of the customer to whom such data is sent.

Needless to say I'm not happy about that, but in Vancouver my choices are limited: Telus (who'll censor web pages [thetyee.ca] if they belong to a union striking against them), Shaw, or a handful of small ADSL ISPs that all seem to be much the same. Uniserve seems the best of a bad bunch.

Re:I've known about this for a while...

[Mr. Slippery (47854)]

However, they also explicitly say that they insert ads:

As a content provider, I didn't give them any licence to create derivative works. Creating versions of my pages with ads, is clearly creation of a derivative work.

But of course, it's much more important for copyright law to prevent me from copying a CD for a friend, then to prevent some large ISP from violating my moral rights [wikipedia.org] by whoring out my content.

Belkin sucks!

[Werrismys (764601)]

One belkin ADSL modem actually did this. Every couple of days or couple of thousand port 80 request it displayed their ad instead.

They later issued a new firmware that disabled this. But not before I had issued them a "fuck off" feedback. I have never bought another belkin product since and I strongly urge no-one else to do so either. Fuck them.

Links to Belkins suckiness (Re:Belkin sucks! )

[Werrismys (764601)]

Belkin hardware sucks: http://www.google.fi/search?hl=fi&q=belkin+router+ adware [google.fi]

Yes I know their hardware sucks for other reasons also.

Opt Out Link

[cybermage (112274)]

The company that runs the box the ISP installed provides an opt-out option. Go to this page [nebuad.com] and click opt-out.

I think their behavior with this product is reprehensible. Pass the link on to anyone you know who is affected and encourage them to call their ISP and complain every day until it's removed. If all their call center does is get complaints, they'll reconsider whether it's making them any money.

Copyright Bonanza

[Doc Ruby (173196)]

The content in my pages is copyright implicitly, even if I don't register or even declare it in the pages. The right my ISP has to copy it is only for the purpose of publishing it in the transaction I have explicitly permitted: publishing it on URL requests.

If my ISP copies it for any other purpose, like inserting ads, or copies it into (or as) some other context, like an ad page, it's violating my copyright.

Every copyright violation - every page - makes them liable for a fine. That can really stack up, and costs a lot more than each page view generates in ad revenue.

Unless I've signed away my copyright in some contract with the ISP. Which I personally haven't. Nor should you.

If you have retained your copyright, and your ISP violates it, you should look forward to them handing over their business ownership to pay the damages. Email your lawyer from your other account and get the ball rolling. Why should corporate copyright holders have all the fun?

How to take advantage of this

[IdahoEv (195056)]

It would seem pretty straightforward to document uses of your website to sell ads, so that you could sue ISPs for copyright violation. This seems pretty straightforward to me.

1) Generate a unique id for every webpage transmitted. php's uniq() function would be fine. Embed it in the page.
2) Generate a checksum before transmitting the page. Save the id and the checksum, perhaps in a mysql database, when transmitting the page.
3) Embed a javascript that can compute the checksum of the document at the user's end. Have it transmit the checksum back to the server.
4) If the checksum doesn't match, have the javascript transmit the content of the page and it's headers, and perhaps even a traceroute, back to the server.
5) Server stores all of the above in a "pages corrupted in transmission" log.

Log analysis should then give you a list of ISPs who have consistently corrupted your pages, details on what they inserted, and documented # of violations with date and time. You can take this documentation to the court and say "Look! Earthlink/Megapath/AT&T/Whoever has illegally copied my website to market their own advertisements 12,432 times in the last year!". Demand remuneration.

6) Profit!
7) Reduce ISP's willingness to fsck with other people's content and thereby make the world a better place.

8) (Optionally) Have your own javascript strip their ad and/or put a banner at the top that notes "Your ISP has attempted to illegally insert their own advertising into our website, thereby making money off you and me without either of our permission. We strongly suggest you switch internet service providers." -- try to get user pressure on the ISP.

I'm about to head out on a 10-day vacation. When I get back, if one of y'all hasn't written this yet I'll start on it myself.

Phone service providers are doing this too

[suv4x4 (956391)]

So if you mom is suddenly very excited on the phone about the latest washing powder or insists that you shave only with 5-blade Gillette for best results, you should know better.