Telkom  — probably the largest telephone and Internet provider in South Africa and the only ADSL choice we have for our location — is inserting HTML into websites that I visit.
First, see the screenshot here. The image is http://images.telkomsa.net/ibn/90_s.png .
Second, consider the following HTML found in the same website.
This is the <div> for the overlay shown:
<div id="n_882998037" style="position: fixed; z-index: 9999999999; bottom: 0px; right: 0px;"><img src="http://images.telkomsa.net/ibn/90_s.png" style="width: 250px; height: auto; margin: 20px; padding: 15px; overflow: hidden; border-radius: 10px; box-shadow: rgb(0, 0, 0) 3px 3px 20px 2px; background: none 0% 0% repeat scroll white;"><a href="#" style="font-family: 'Arial Black'; font-weight: bold; font-size: 20px; text-decoration-line: none; position: fixed; right: 20px; margin-right: 5px; margin-top: 20px; color: rgb(128, 128, 128);">×</a></div>
This looks like something used to record the URL of the site holding the inserted HTML (URL elided):
<img src="http://18.104.22.168/ev/882998037.png?0=50fc073bb429a4eb303a6420235e9381&1=delivered&2=<url-visited>" style="display: none;">
I believe these indicate the status of the overlay (“displayed” or “autoclosed”):
<img src="http://22.214.171.124/ev/882998037.png?0=50fc073bb429a4eb303a6420235e9381&1=displayed&2=" style="display: none;">
<img src="http://126.96.36.199/ev/882998037.png?0=50fc073bb429a4eb303a6420235e9381&1=autoclosed&2=" style="display: none;">
Third, consider the following script:
I didn't find this in the rendering of the site, but I did see it in the Sources tab of Chrome's debugger. It appears to include the URL of a script in the page. Here is another for http://www.sabc.co.za/wps/portal/SABC/SABCHOME :
Finally, how do I know 188.8.131.52 is from Telkom? For one thing, it is almost unheard of to find links to the same IP address on multiple websites from different domains. But, more concretely, sites such as the following indicate Telkom SA as the owner:
See also: https://www.google.com/search?q=184.108.40.206
To conclude, I just discovered this because Telkom started showing me these overlays, but I don't know how long they've been doing this. After visiting several sites, I've found that they don't insert the code everywhere, but I don't know which sites do or do not get this treatment.
There are ways to get around this, but the more important question for me is: should this be allowed? I think it should be illegal. It's a violation of my rights as a consumer of the Internet. I should know, at the very least, that the data I request from a website will be transferred to me without mutilation by my service provider. (There are always third-party hacking/phishing concerns, of course, but those should also be illegal.) Now that I know that my ISP is corrupting the data of webpages, how can I believe it will provide me any unsecured webpage without suspecting it of altering the data in transit? Fundamentally, how can I trust what I see and do online?
In a related conclusion, this adds to my conviction that we need to roll out HTTPS ASAP to every website and deprecate the unsecured HTTP, which can allow for this. It's not a solution to every potential problem, but it can help a lot.
I've considered paying for a VPN. I've used ssh tunneling to the US, but the connection was unbearably slow. The latency getting in and out of Africa is really bad. Given that, I haven't been motivated to do more research on the matter.
First, they say “you will not receive further correspondence from Investools at this email address.” Next, they back-step that statement by asking you to “allow 30 days for this to take effect.” Finally, they continue to send you email, which I can only presume will stop 30 days after the first time I unsubscribed.
And the above only hold true for some emails from Investools that include an unsubscribe link. For another category of emails that links to your account preferences, disabling all email sending preferences does not actually prevent any emails from getting sent to you. There is also no mention of allowing 30 days for the change to take effect.
At first, I avoided reporting Investools emails as spam to Google, because I did, after all, subscribe to the service. However, I have come to the conclusion that their emails are definitely spam as they continue to email me despite me performing the action that instructs them to stop. It is absurd that any instruction to cease correspondence should take 30 days to take effect.
6 - 17 July 2015
The summerschool teaches at both beginner and advanced levels via lectures and lab exercises. More info can be found here:
- Utrecht Universitypresent
- University of Texas at Austin
- Washington University in St. Louis
- Anue Systems
- Rockwell Collins
The Amazing Story of Lookout Mountain’s Forgotten Incline Railway | Root...
Harriet Whiteside was one of the richest people in Chattanooga, and the legacy of her controversial railway still shapes Lookout Mountain to
Vodacom-Neotel deal should worry Telkom, says analyst
Industry regulators have approved Vodacom's bid to buy Neotel, along with its fixed-line network, making it a formidable competitor to Telko
Who Has Your Back? Government Data Requests 2015 | Electronic Frontier F...
Follows industry-accepted best practices, Tells users about government data demands, Discloses policies on data retention, Discloses governm
Estonia: A Model for e-Government | June 2015 | Communications of the ACM
Over the next decade, the population of Estonia is expected to soar more than 600% as the country becomes the first in the world to open its
Amazing maps show where Americans come from and who we really are today ...
You'll never look at the country quite the same way after seeing these maps
Galapagos tortoise, aged 150, put down in California - BBC News
A 150-year old Galapagos tortoise has been put down in California after suffering from arthritis and numerous other ailments.
The American Medical Association is finally taking a stand on quacks lik...
A new policy adopted at the association's annual meeting this week will create guidelines for media doctors and pathways of discipline for t
IT salaries in South Africa – what people really earn
The MyBroadband salary survey reveals the average salaries of South African IT and telecommunications professionals
Adblock Plus and (a little) more: Adblock Browser is here
Adblock Browser is here · 2015-05-20 11:07 by Ben Williams. Today we are pleased to announce Adblock Browser for Android, our first foray in