Web Integrity Checker – ISPs Inserting Ads Into Web Content

Use Netsparker

A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing.

Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I’m sure that they weren’t asked for permission either

From Slashdot.

It seems some ISPs have bought a device from Fair Eagle, which is basically a spam box – it attempts to insert ads into all HTTP traffic that passes through it.

This is where the Web Integrity Checker from Washington University comes in.

The University of Washington security and privacy research group and ICSI have created a measurement infrastructure. By visiting our web page, you are helping out with our experiment. (Thank you!) In the process, we’ll help you figure out if some “party in the middle” (like your ISP) might be modifying your web content in flight. We also plan to share our overall results with the public.

Just by visiting this page, your web browser is participating in our experiment. We are detecting whether some “party in the middle” is modifying a set of test web pages, and the results of the tests are shown below. If you do not see a “change found” message below, then we did not detect any modifications to the test pages.

UW CSE and ICSI Web Integrity Checker

Details on how it works are at the bottom of the page.

Posted in: Legal Issues, Privacy

Latest Posts:

Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

11 Responses to Web Integrity Checker – ISPs Inserting Ads Into Web Content

  1. Nobody_Holme October 30, 2007 at 12:22 pm #

    Well **** me… Thats even worse than just giving us terrible performance like NTL do… (well, okay, Virgin Media now) I’m thinking theres laws against this kinda stuff in this country…

  2. Sandeep Nain October 30, 2007 at 2:16 pm #

    Damn such ISPs.. this is all unfair.
    you paying your ISP to provide service and yet they do this kinda stuff to make more money
    And usually end-users believe that its the website which is showing all these annoying adverts and pop-ups. End result: websites loose their visitors.
    There must be some laws against such activities.

    PS: Happy to know that my ISP is not inserting any adverts. :)

  3. fazed October 30, 2007 at 4:17 pm #

    hmm fair play to them
    for the idea but anyone doing
    this should be shot.
    I wouldn’t mind if they gave you
    free service because they would
    make enough revenue from showing
    the ads on every page you visited.

  4. Pantagruel October 30, 2007 at 5:40 pm #

    So basically your internet provider, usually commited to keeping your inbox spam free, will inject ‘customized’ SPAM.

    Wonder what happens if the proxy gets h4x0r3d and starts injecting malicious code instead of SPAM.

  5. fazed October 30, 2007 at 7:27 pm #

    Sounds like potential for mass phishing..

  6. dre October 31, 2007 at 6:45 am #

    I think it’s great and more power to them. If Google can monopolize on everything Javascript, I don’t see why your ISP shouldn’t also be able to do so. It’s your own damn fault for allowing cookies and/or Javascript (or Java applets, Flash, Actionscript, VBScript, ActiveX, PDF, Quicktime, or whatever else browser plugin support)…

    Of course, I also think the UW Web Integrity Checker is a wonderful idea. People should learn about who is influencing them and why.

    People should also start using inbound WAF’s that remove potentially malicious iframes or Javascript, but then allow them to be whitelisted on a case-by-case basis. I’ve heard of Palo Alto Networks, but there is also their open-source project, Whitetrash. Using (or forwarding) OpenDNS is also a plus, as would be null routing or firewalling various sensitive IP prefixes, maybe ones pulled via a DNS or BGP RBL.

    Point of this: don’t trust the web, but help your ISP monotize itself. They are going to need the help, what with the problems the secret working group is attempting to address – let alone the stupid threat of net-neutrality.

  7. srinivas October 31, 2007 at 12:17 pm #

    ISP’s don’t have any right to serve ads to their users. These kind of techniques are a boon for money seeking ISP’s. Sooner or later we are going to face these ads as we surf web when more ISP’s jump into this business. Users of such ad serving ISP’s have only one thing to do. They should warn their ISP’s to stop serving ads. If they don’t listen, cancel your subscription and choose a new ISP which does not serve ads.

    What happens when the ISP’s serve inappropriate ads when the kids and teenage guys n girls surf the web.

  8. Sandeep Nain October 31, 2007 at 2:04 pm #

    @dre, no thats not right. There is a major difference in services provided by ISP and those provided by Google.

    1. Google services are free for end users where ISP is charging the end users for their services
    2. Google is putting adverts on the websites created by google itself (except adsense where website owner uses google services) where ISP is inserting adverts in a 3rd party website.

    Therefore its totally unethical to insert adverts byISP and must be banned.

    No doubt disallowing Javascript, Floash, Activex etc etc will make the web browsing much safer and advert free but it is not practical. you are talking about going atleast one or two decade back when these technologies didnt exist and web was boring. Nobody wanna do so and this is not the solution. There must be some rules and legislations to be put.

  9. Nobody_Holme November 1, 2007 at 3:08 pm #

    Meh? Just adblock anything from the intercept box… That should kill it. Dunno what you can do if you run opera, exploder, or any of the others, but hey…

    (also, yeah, i’m clean. Didnt think Richard Branson needed to stoop that low to make money)

  10. dirty November 6, 2007 at 6:18 pm #

    so they over-charge us for services and then subject users to this $***?!?! unbelievable!

  11. Sir Henry December 14, 2007 at 7:05 pm #


    I disagree with your sentiments on the basis that I pay for them to provide me with access, not content. I think that this is the veritable “inch before the foot” in that, if ISP’s can get away with this, what is to stop them from not only pushing content upon you, but dictating what content you should or should not see? I am very leery of this and feel that they should not be allowed to do such a thing.

    Apart from that, however, I do think that simply whitelisting scripts is a good start to alleviating this headache.