Web Integrity Checker – ISPs Inserting Ads Into Web Content

A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing.

Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I’m sure that they weren’t asked for permission either

From Slashdot.

It seems some ISPs have bought a device from Fair Eagle, which is basically a spam box – it attempts to insert ads into all HTTP traffic that passes through it.

This is where the Web Integrity Checker from Washington University comes in.

The University of Washington security and privacy research group and ICSI have created a measurement infrastructure. By visiting our web page, you are helping out with our experiment. (Thank you!) In the process, we’ll help you figure out if some “party in the middle” (like your ISP) might be modifying your web content in flight. We also plan to share our overall results with the public.

Just by visiting this page, your web browser is participating in our experiment. We are detecting whether some “party in the middle” is modifying a set of test web pages, and the results of the tests are shown below. If you do not see a “change found” message below, then we did not detect any modifications to the test pages.

UW CSE and ICSI Web Integrity Checker

Details on how it works are at the bottom of the page.

Posted in: Legal Issues, Privacy

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

11 Responses to Web Integrity Checker – ISPs Inserting Ads Into Web Content

  1. Nobody_Holme October 30, 2007 at 12:22 pm #

    Well **** me… Thats even worse than just giving us terrible performance like NTL do… (well, okay, Virgin Media now) I’m thinking theres laws against this kinda stuff in this country…

  2. Sandeep Nain October 30, 2007 at 2:16 pm #

    Damn such ISPs.. this is all unfair.
    you paying your ISP to provide service and yet they do this kinda stuff to make more money
    And usually end-users believe that its the website which is showing all these annoying adverts and pop-ups. End result: websites loose their visitors.
    There must be some laws against such activities.

    PS: Happy to know that my ISP is not inserting any adverts. :)

  3. fazed October 30, 2007 at 4:17 pm #

    hmm fair play to them
    for the idea but anyone doing
    this should be shot.
    I wouldn’t mind if they gave you
    free service because they would
    make enough revenue from showing
    the ads on every page you visited.

  4. Pantagruel October 30, 2007 at 5:40 pm #

    So basically your internet provider, usually commited to keeping your inbox spam free, will inject ‘customized’ SPAM.

    Wonder what happens if the proxy gets h4x0r3d and starts injecting malicious code instead of SPAM.

  5. fazed October 30, 2007 at 7:27 pm #

    Sounds like potential for mass phishing..

  6. dre October 31, 2007 at 6:45 am #

    I think it’s great and more power to them. If Google can monopolize on everything Javascript, I don’t see why your ISP shouldn’t also be able to do so. It’s your own damn fault for allowing cookies and/or Javascript (or Java applets, Flash, Actionscript, VBScript, ActiveX, PDF, Quicktime, or whatever else browser plugin support)…

    Of course, I also think the UW Web Integrity Checker is a wonderful idea. People should learn about who is influencing them and why.

    People should also start using inbound WAF’s that remove potentially malicious iframes or Javascript, but then allow them to be whitelisted on a case-by-case basis. I’ve heard of Palo Alto Networks, but there is also their open-source project, Whitetrash. Using (or forwarding) OpenDNS is also a plus, as would be null routing or firewalling various sensitive IP prefixes, maybe ones pulled via a DNS or BGP RBL.

    Point of this: don’t trust the web, but help your ISP monotize itself. They are going to need the help, what with the problems the secret working group is attempting to address – let alone the stupid threat of net-neutrality.

  7. srinivas October 31, 2007 at 12:17 pm #

    ISP’s don’t have any right to serve ads to their users. These kind of techniques are a boon for money seeking ISP’s. Sooner or later we are going to face these ads as we surf web when more ISP’s jump into this business. Users of such ad serving ISP’s have only one thing to do. They should warn their ISP’s to stop serving ads. If they don’t listen, cancel your subscription and choose a new ISP which does not serve ads.

    What happens when the ISP’s serve inappropriate ads when the kids and teenage guys n girls surf the web.

  8. Sandeep Nain October 31, 2007 at 2:04 pm #

    @dre, no thats not right. There is a major difference in services provided by ISP and those provided by Google.

    1. Google services are free for end users where ISP is charging the end users for their services
    2. Google is putting adverts on the websites created by google itself (except adsense where website owner uses google services) where ISP is inserting adverts in a 3rd party website.

    Therefore its totally unethical to insert adverts byISP and must be banned.

    No doubt disallowing Javascript, Floash, Activex etc etc will make the web browsing much safer and advert free but it is not practical. you are talking about going atleast one or two decade back when these technologies didnt exist and web was boring. Nobody wanna do so and this is not the solution. There must be some rules and legislations to be put.

  9. Nobody_Holme November 1, 2007 at 3:08 pm #

    Meh? Just adblock anything from the intercept box… That should kill it. Dunno what you can do if you run opera, exploder, or any of the others, but hey…

    (also, yeah, i’m clean. Didnt think Richard Branson needed to stoop that low to make money)

  10. dirty November 6, 2007 at 6:18 pm #

    so they over-charge us for services and then subject users to this $***?!?! unbelievable!

  11. Sir Henry December 14, 2007 at 7:05 pm #


    I disagree with your sentiments on the basis that I pay for them to provide me with access, not content. I think that this is the veritable “inch before the foot” in that, if ISP’s can get away with this, what is to stop them from not only pushing content upon you, but dictating what content you should or should not see? I am very leery of this and feel that they should not be allowed to do such a thing.

    Apart from that, however, I do think that simply whitelisting scripts is a good start to alleviating this headache.