Team-BHP > Shifting gears > Gadgets, Computers & Software
Register New Topics New Posts Top Thanked Team-BHP FAQ


Reply
  Search this Thread
51,881 views
Old 9th July 2015, 11:54   #1
Team-BHP Support
 
Rehaan's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 24,347
Thanked: 35,685 Times
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

'Water-boarding at Guantanamo Bay' sounds like a fun weekend activity, to those who don't know any better.


Hopefully this post will help you know better -- about what's happening to you right now, without you even realising it.

Internet providers like Airtel & MTNL are intercepting your browsing data, and injecting it with additional ads & JavaScript code.

Their goal? To earn additional revenue from you. Yes, additional revenue on the connections & services you've already paid for!


To illustrate this with an analogy, it is like:
• Your car audio system inserting its own ads between songs you're playing via your iPod.
• Your cell phone provider squeezing ad messages into your WhatsApp conversations with friends.
• Your phone calls being interrupted by an audio ad every hour.
• The pizza delivery guy swapping out one slice of your pizza with something you didn't order.

Here's an example of what it looks like on MTNL. It's not easy to spot, since it only happens occasionally:
Name:  MTNL 2 Capture.PNG
Views: 27284
Size:  558.8 KB

The only way I spotted it was because I know what ads on Team-BHP are supposed to look like (hint: not this!):
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-mtnl-3-capture.png

The highlighted code is NOT originally present on the Team-BHP webpage. MTNL has changes the contents of the page:
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-mtnlinjectingadssourcecode.png

They even place their rogue ads on top of legitimate ads:
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-mtnl-capture.png

Dear Esteemed Customer, you might even get ads without a close button!
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-mtnl-no-close-button.png

The CEO of Adphonso (the partner ad network) even pretended to be a MTNL customer who was in favour of it. Insta-ban
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-adphonsoceofakemtnluser.png

With new advertisers coming on board (eg. BankBazaar), you will no longer be able to easily identify the ads as the rogue ones from MTNL!
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-mtnlinsertingadsbankbazaar.jpg

It gets worse! Soon they will be injecting:
  • Animated ads : They are already experts in awful graphic design. This will just take it to the next level!
  • Frames : Shifts the whole webpage to one side and inserts their ads beside it (or on both sides).
  • Interstitials : A full-screen splash page ad before you are taken to your desired destination.
  • Appear anywhere : Bad enough that they appear, but now they'll appear anywhere on the page.
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-mtnlwifiadtypes.jpg

It's also reported that:
• The maximum number of pop-up ads per device per day is restricted to 5.
• There seems to be no process in place to seek consumer consent before pushing ads into their browsing sessions.

AIRTEL

A Few weeks back Airtel was also busted for injecting JavaScript code from an Israeli company Flash Networks into webpages:
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-airtel-vk4ltpo2-copy-copy.jpg

Flash Networks then sent a ridiculous copyright infringement notice to the Bangalore techie who uncovered this malpractice.

Who is Flash Networks? Their LinkedIn page says:
Flash Networks is a global leader in optimization and monetization. Our solutions, enables operators to boost network speed, optimize video and web traffic, and generate over-the-top revenues from the mobile Internet.
Hmmm... I wonder what Airtel is interested in here?

Ironically, Airtel thinks all its customers are idiots, and claims the injected JavaScript is only to "track data usage". Rubbish. There's absolutely no need to inject JavaScript to do that.

Last edited by Rehaan : 9th July 2015 at 11:57.
Rehaan is offline  
Old 9th July 2015, 11:54   #2
Team-BHP Support
 
Rehaan's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 24,347
Thanked: 35,685 Times

IT'S WAY WORSE THAN YOU THINK...

I'm sure you realise that this is messed up. However, allow me to illustrate how much worse it truly is...


Your Security is Compromised:
• This is nothing short of a 'Man In The Middle' attack from our ISPs! (Definition = where the attacker secretly alters the communication between two parties who believe they are communicating directly with each other).
• The ISPs have the potential to do ANYTHING that a webpage can do - play audio, show an image, trigger a pop-up, redirect you to another site, attempt to access your webcam, record audio, etc. Imagine that.
• Unethical business practices draw all sorts of advertisers. Expect adware, malware & phishing to sneak through soon enough.
Bye-bye Privacy:
• These 3rd party partners have the ability to see what you're browsing (even in private browsing mode).
• Ad networks love being nosy about user behaviour. Expect them to collect & sell data about your browsing habits too.
• Your landline phone number is used as an identifier for the ads. Combine this with the above point, and it's a ridiculous breach of privacy (not to mention potential for tele-marketing).
Hello Inconvenience:
• Slower page loads, since the content goes through an additional ad-server.
• Content on the websites you visit is covered by the rogue ads.
• The ads have a tiny close button that doesn't even work correctly.
• They'll use any possible invasive or irritating tactic to ensure you notice the ad.
Websites are the losers:
• The injected content covers ads from legitimate advertisers, blocking what the they have rightfully paid for.
• Most users will blame the website for having these awful ads, since they don't realise it's their shady ISP doing this!
Is it even Legal?
• Here's what section 79 of India's IT act has to say:
Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!-it_act_capture.png

Last edited by Rehaan : 9th July 2015 at 11:56.
Rehaan is offline  
Old 9th July 2015, 11:56   #3
Team-BHP Support
 
Rehaan's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 24,347
Thanked: 35,685 Times
re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

HOW CAN WE STOP THIS?

Raise Awareness:
• Most people don't even realise this has been happening! Spread the word.
• Complain to the government via PGPortal
• Write an email to the MTNL abuse address - networkabuse@bol.net.in
• If you run a website or blog, educate your visitors about the issue.
In the Meanwhile; Protect Yourself:
• Use HttpS versions of sites, if available. (The encryption makes them harder to snoop on).
• Use a browser extension like Https Everywhere
• Use a VPN (secure connection to another ISP)
• Note: Simply blocking the ads is not a real solution. The ISP & ad network will still be able to see your browsing data.
• Note2: If there are any unsecured elements on the page, secure connections (https) can be compromised by these injections.
Get Social:
• Educate your friends. Click to share on : Facebook / Twitter / Google+ / LinkedIn

Last edited by Rehaan : 9th July 2015 at 12:03.
Rehaan is offline  
Old 9th July 2015, 12:22   #4
Distinguished - BHPian
 
mayankk's Avatar
 
Join Date: Apr 2010
Location: New Delhi
Posts: 5,218
Thanked: 8,532 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Ive seen this. Its sort of easy to make-out. At least with MTNL.
They do run some current things, but all of a sudden, there'll be one floaty ad on the lower right saying "Good governance day offer, till 31st December 2014!! Subscribe now to MTNL broadband."
Er, one, its 2015, and two, I'm already ON mtnl, morons.

The problem with this is, since MTNL is so efficient, and IT savvy, these ads get served occasionally with a wait time of 30 seconds to infinity, and the page doesn't load at all!
To get rid of this, open up your router in a browser, and under access management, block these two:

adphonso.com

203.94.243.40

Like so:
Name:  routerurlfilter.png
Views: 24536
Size:  21.8 KB
I understood this method here:
http://www.yogeshsarkar.com/blog/201...k-mtnl-popups/

This ought to take care of MTNL, since bad-mouthing doesnt matter to them.

For airtel, I'm sure if you search, you can fish up a similar solution.
And going after them of Social media.

PS:Adblocker plugin on chrome works as well, but it causes occasional mangled pages.
mayankk is offline  
Old 9th July 2015, 12:43   #5
Team-BHP Support
 
Rehaan's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 24,347
Thanked: 35,685 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Quote:
Originally Posted by mayankk View Post
To get rid of this, open up your router in a browser, and under access management, block these two:
While this hides the ads, it is only a half-way-there solution : since it doesn't really take care of all aspects of the problem.

Namely, your data is still going through adphonso's servers, and all the privacy and security issues still exist. (Though it might also be inserted with Javascript - but i did not come across that code in my brief look).

It's a decent interim solution, as long as you know that it hasn't truly solved the problem

Last edited by Rehaan : 10th July 2015 at 15:15. Reason: Clarification
Rehaan is offline  
Old 9th July 2015, 12:50   #6
Senior - BHPian
 
Join Date: Jul 2006
Location: Bombay
Posts: 1,436
Thanked: 2,343 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Thanks Rehaan for highlighting this. You're absolutely correct that its an invasion of the users privacy and degrades the user experience, plus its clearly illegal. for users of data usage based internet plans, its cheating, since you're now also paying for the bandwidth consumed by those ads.

All the more shameful and surprising that this is coming from MTNL, if the government operators behave in an illegal manner, then what can one expect from the private players?

Will definitely take up the issue with MTNL at all forums.
Lalvaz is offline  
Old 9th July 2015, 12:58   #7
Team-BHP Support
 
tsk1979's Avatar
 
Join Date: Feb 2005
Location: San Jose, CA
Posts: 23,730
Thanked: 23,287 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Under the Indian IT act, if this is illegal, can an FIR be filed against MTNL?
Only a MTNL customer can do so I guess.
tsk1979 is offline  
Old 9th July 2015, 13:12   #8
Distinguished - BHPian
 
mayankk's Avatar
 
Join Date: Apr 2010
Location: New Delhi
Posts: 5,218
Thanked: 8,532 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Quote:
Originally Posted by Rehaan View Post
While this hides the ads, it is only a half-way-there solution : since it doesn't really take care of all aspects of the problem.

Namely, your data is still going through adphonso's servers, and all the privacy and security issues still exist.

It's a decent interim solution, as long as you know that it hasn't truly solved the problem
Oh?
I thought since its been blocked at the router level, all to and from is stopped?
You mean to say, all this does is stop the ads popping up?
mayankk is offline  
Old 9th July 2015, 14:15   #9
BHPian
 
latentpotential's Avatar
 
Join Date: Oct 2012
Location: Pune (1-4 DND)
Posts: 509
Thanked: 419 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Quote:
Originally Posted by mayankk View Post
Oh?
I thought since its been blocked at the router level, all to and from is stopped?
You mean to say, all this does is stop the ads popping up?
Yes, at your router, you have stopped the ad. BUT at the MTNL level, the ad has already been injected in to your pages, which means that your traffic has gone through the ad servers.
latentpotential is offline  
Old 9th July 2015, 14:47   #10
BHPian
 
Join Date: Oct 2012
Location: Bangalore
Posts: 666
Thanked: 683 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Quote:
Originally Posted by latentpotential View Post
Yes, at your router, you have stopped the ad. BUT at the MTNL level, the ad has already been injected in to your pages, which means that your traffic has gone through the ad servers.

OK , from what I understand the ad server is the one that injects java scripts and snoops on your data ? adphonso is the only one to do that ? How many such adservers are there ? Is there a list of such servers ? How will I know through which adserver my data is being routed ?
girimajiananth is online now  
Old 9th July 2015, 15:40   #11
BHPian
 
dar3dev|l's Avatar
 
Join Date: Dec 2009
Location: Munich, DE
Posts: 292
Thanked: 98 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Just curious to know, is Team-bhp completely on Https ? That way atleast users accessing our website are not troubled with it and ofcourse unregistered folks can still see our ad's and not what ISP shows them.
dar3dev|l is offline  
Old 9th July 2015, 16:51   #12
BHPian
 
Join Date: Oct 2007
Location: Bangalore
Posts: 239
Thanked: 353 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

This code injection and pushing of Ads in this manner is quite dangerous.
Using secure protocols like Https is the only way to go for individual users, as they do not have the resources to technically stop this.

On the other hand, this issue shall be published again and again so that operators face the negative business environment.
CarJunki is offline  
Old 9th July 2015, 17:17   #13
Senior - BHPian
 
fine69's Avatar
 
Join Date: Dec 2008
Location: New Delhi
Posts: 1,594
Thanked: 1,467 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Quote:
Originally Posted by mayankk View Post
Ive seen this. Its sort of easy to make-out. At least with MTNL.....
This ought to take care of MTNL, since bad-mouthing doesnt matter to them.
When it comes to getting any MTNL broadband related issue fixed no amount of calls/emails/written complaints to Nodal Officers, Public Grievance Officers etc. works. I have to bribe my area lineman everytime who in turn gets any and every issue fixed. That's the state of affairs here so yes, no amount of bad-mouthing can EVER work with them.
Quote:
Originally Posted by tsk1979 View Post
Under the Indian IT act, if this is illegal, can an FIR be filed against MTNL?
Only a MTNL customer can do so I guess.
I'm an MTNL customer and would love to file an FIR if the Act permits. But would the cops really accept my FIR in the first place?
fine69 is offline  
Old 9th July 2015, 17:30   #14
BHPian
 
varunanb's Avatar
 
Join Date: Oct 2014
Location: Chennai
Posts: 232
Thanked: 258 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

Thanks Rehaan for the detailed explanation. You explained the problem very well, that even I could understand. Im a stranger to IT and my knowledge is limited to using them.

Many organizations have invested in e-commerce as the future of all bussiness and now with most cash transactions are online, a layman like me has no chance to identify right and wrong. I hope there are strict regulations and are enforced rigourously.
varunanb is offline  
Old 9th July 2015, 18:11   #15
Team-BHP Support
 
Zappo's Avatar
 
Join Date: Oct 2005
Location: Hyderabad
Posts: 5,944
Thanked: 2,742 Times
Re: Shady Business: Airtel & MTNL injecting advertisements / js into websites you visit!

I think as Rehaan suggested, if every person starts putting up complaints on the PGPortal against MTNL as well as Airtel for putting their customer's transactions in jeopardy it should start getting enough attention. May be even start twitting, posting on FB etc. about such malpractices (these are malpractices on mltiple counts in my opinion)

P.S.: Strangely though I dont recall having seen BSNL resort to these practices as yet! May be they are better off or else are more sensible?!! LOL

Last edited by Zappo : 9th July 2015 at 18:13.
Zappo is offline  
Reply

Most Viewed


Copyright ©2000 - 2024, Team-BHP.com
Proudly powered by E2E Networks