Dear ZDNet: Comcast Has Been Sketchily Injecting Messages Into User's Browsers For Years (original) (raw)

from the old-news-bad-news dept

Comcast has been dutifully modeling its behavior in such a way so as to fill up Techdirt’s story pages for years now. So, when we come across a story somewhere discussing how Comcast is doing some bad new thing, it’s tempting to simply assume it’s true and move on. Such might be the case for some readers of ZDNet’s recent post about how Comcast was injecting notices into browsers warning of potential copyright infringement.

The cable and media giant has been accused of tapping into unencrypted browser sessions and displaying warnings that accuse the user of infringing copyrighted material — such as sharing movies or downloading from a file-sharing site. Jarred Sumner, a San Francisco, Calif.-based developer who published the alert banner’s code on his GitHub page, told ZDNet in an email that this could cause major privacy problems.

Well, sure, this is horrible, and it is a privacy issue — but it isn’t new. In fact, Comcast as been doing some flavor of this sort of browser injection for the better part of a decade. The company started this practice way back in 2009, using the tactic to warn users of potential malware infections, and there was even discussion about expanding the use for other security purposes in 2011. More specifically on browser injections being used as a copyright warning system, our own Karl Bode noted in 2013 that this was all specifically laid out in Comcast’s six-strike plan. Per Karl’s post, Comcast isn’t even alone in using this tactic.

Comcast has now put information on their implementation of six strikes online. According to the nation’s largest broadband company, their version of the program will involve a persistent nagging pop up that continues to alert the user after the fourth warning. Time Warner Cable, who outlined their version of the plan to me last November , stated they’re using a similar pop up warning system that blocks browsing until users acknowledge receipt of “educational” copyright materials.

None of that is to say that the privacy and security concerns aren’t very real, of course, and ZDNet does a nice job of discussing those concerns. But it’s not new. Perhaps the better conversation to be had is why anyone in their right minds would think that Comcast deserves anyone’s trust to the level where users’ browsers should be injected with copyright violation notices in a system rife with abuse from pretty much every player involved.

Filed Under: alerts, copyright, deep packet inspection, injection
Companies: comcast