What the actual fuck? Comcast INJECTED a popup on a page I was on.

Granted the page didn't have TLS but holy shit.

It's probably because I have people over but wtf lol


fun fact: data plans are ILLEGAL in Oklahoma. so is that kind of injection attack.

@kaniini I'm like actually freaked out. I switched over to my VPN but I don't even know if that'd fully help.


With TLS everywhere it's getting harder to do this but they do this a lot. Chrome will show insecure page warnings because the SSL cert doesn't match.


British Telecom *used* to do similar about 10 years ago but only if you hadn't paid your bill and they would take over an entire page to warn you rather than hijack part of one you are reading.

but I've not seen this for ages, I suspect it is now either illegal or at least highly discouraged anywhere in Europe.

A data cap is increasingly uncommon on a fixed circuit (unless its sold at a really cheap price); you only get them with LTE service on mobile phones nowadays..

@jalcine This has been happening to me for at least a couple years. One was some kind of a service notice, not a data cap warning. I wish I would’ve screenshot it. But yeah, not ok.

@jalcine Not surprised. They(we,formerly) had sandvine and other similar devices in-line with customer traffic since at least 2005. Injection is not much more complex than session resets and route blackholing.

Sign in to participate in the conversation
Social @ PV

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!