This is a split board - You can return to the Split List for other boards.

Comcast injects Javascript into your webpages

  • Topic Archived
You're browsing the GameFAQs Message Boards as a guest. Sign Up for free (or Log In if you already have an account) to be able to post messages, change how messages are displayed, and view media in posts.
  1. Boards
  2. PC
  3. Comcast injects Javascript into your webpages

User Info: vlado_e

vlado_e
1 month ago#31
Orestes417 posted...
Your definition of critical differs from theirs, and seeing as it's their system to administer they win the argument by default. Although notice that your modem is EOL and thus negatively impacting your service quality is pretty damn critical in ISP terms.

Only as the linked thread claims, there was no such need. So they are still in breach of R3.4.3. Must Ensure Notification Targeting Accuracy. If they don't comply with that, then what else are they not complying with.

Moreover, I couldn't find documentation on Comcast's website about this system. Not in the way that it's being used, at least - the only mention of RFC 6108 I can find is the following:

Constant Guard™ Bot Detection and Notification National Rollout Begins
Published: September 30, 2010

In October 2009, we announced the market trial of our new Constant Guard™ bot detection and notification system. The system was designed to detect bot activity and send customers a "Service Notice" when we believe their computer has been infected with a bot or other malware. Based on the success of the market trial, we have decided to rollout the bot detection and notification system to our entire network over the next few months. For additional information, feel free to visit our blog post or our Constant Guard™ page.


This references the following:

Service Notice Trial Begins
Published: October 8, 2009

Today we announced our new Constant Guard™ security program. We are also testing a feature of Constant Guard™ called a "Service Notice," designed to send customers a message when we believe their computer has been infected with a virus or other malware.

Prior to the start of this trial, we developed the a draft document with the Internet Engineering Task Force (IETF) regarding remediation of malicious bots, available for review and comment by the Internet community at http://tools.ietf.org/html/draft-oreirdan-mody-bot-remediation. In addition, for the same purposes, we have developed a draft document with the IETF which describes in detail how the Service Notice system works, available at https://datatracker.ietf.org/doc/draft-livingood-web-notification/.


These come from here:

http://networkmanagement.xfinity.com/

However, both only reference the Service Notification in passing and don't elaborate, both concern the Constant Guard system which is monitoring for INFECTED machines. There is no mention about being notified about service upgrade through their Service Notification. As per the link in the OP, multiple Comcast representatives didn't even know about that thing. So, where is this "documentation" about it that I can't seem to find yet actual users should be able to know about?
We do what we must / because we can. / For the good of all of us. / Except the ones who are dead.

User Info: Orestes417

Orestes417
1 month ago#32
I'd be willing to bet 99 percent of this topic "intercepts and tampers with" web pages on a regular basis. How do you think ad blockers and antimalware tools work? And I guarantee you businesses and schools are filtering and altering things that come through their firewall. So yes, it is absolutely normal. You're just objecting to a particular usage.

And read the damned RFC linked in the initial topic for Christ's sake. The fact a usage isn't explictily laid out does not exclude it from being valid.
When nothing remains everything becomes possible.

User Info: vlado_e

vlado_e
1 month ago#33
Orestes417 posted...
The fact a usage isn't explictily laid out does not exclude it from being valid.

It means it's not actually communicated at all to the users, however. Having documentation does not mean that you have presented it. The end user is supposed to be notified. That's what any network I've used that does network traffic filtering does. And adblockers or antimalware tools also tell you that, you can, however, only opt-in to them, they aren't forced on you. You can opt out at any point, too. So your analogy is broken - "some things do something vaguely similar, therefore, this is fine".
We do what we must / because we can. / For the good of all of us. / Except the ones who are dead.

User Info: KillerTruffle

KillerTruffle
1 month ago#34
Orestes417 posted...
If it works as intended and goes away after the user acknowledges it then it's serving it's intended purpose.

Except any pop-up like that, no matter what it says, if it manages to sneak by, I will look for any possible way I can to terminate that window/process *without* clicking anything on the ad itself - even (or should I say especially?) the little X at the top. There are so many cases of injected code installing malware on computers the instant the little X is clicked to close the window, no way in hell I'd touch that.
"How do I get rid of a Trojan Horse?" -Sailor_Kakashi
"Leave it outside the gates of Troy overnight." -Davel23

User Info: KillerTruffle

KillerTruffle
1 month ago#35
vlado_e posted...
It means it's not actually communicated at all to the users, however. Having documentation does not mean that you have presented it.

This totally made me think of Douglas Adams. heh

“But the plans were on display…”
“On display? I eventually had to go down to the cellar to find them.”
“That’s the display department.”
“With a flashlight.”
“Ah, well, the lights had probably gone.”
“So had the stairs.”
“But look, you found the notice, didn’t you?”
“Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”
"How do I get rid of a Trojan Horse?" -Sailor_Kakashi
"Leave it outside the gates of Troy overnight." -Davel23

User Info: Orestes417

Orestes417
1 month ago#36
KillerTruffle posted...
Orestes417 posted...
If it works as intended and goes away after the user acknowledges it then it's serving it's intended purpose.

Except any pop-up like that, no matter what it says, if it manages to sneak by, I will look for any possible way I can to terminate that window/process *without* clicking anything on the ad itself - even (or should I say especially?) the little X at the top. There are so many cases of injected code installing malware on computers the instant the little X is clicked to close the window, no way in hell I'd touch that.


Like I said, they could've done it other ways. Like a hard redirect you have no choice but to acknowledge. The popup is relatively polite by comparison.
When nothing remains everything becomes possible.

User Info: vlado_e

vlado_e
1 month ago#37
Orestes417 posted...
KillerTruffle posted...
Orestes417 posted...
If it works as intended and goes away after the user acknowledges it then it's serving it's intended purpose.

Except any pop-up like that, no matter what it says, if it manages to sneak by, I will look for any possible way I can to terminate that window/process *without* clicking anything on the ad itself - even (or should I say especially?) the little X at the top. There are so many cases of injected code installing malware on computers the instant the little X is clicked to close the window, no way in hell I'd touch that.


Like I said, they could've done it other ways. Like a hard redirect you have no choice but to acknowledge. The popup is relatively polite by comparison.

"It could have been worse" doesn't lead us anywhere not matter how many ways you say it. It's literally a nonsensical deflection. It's just a step away from the "African children" appeal.

I keep asking - where and how was this communicated to the user? Why and how you take that as "can it be any worse", I don't really understand.
We do what we must / because we can. / For the good of all of us. / Except the ones who are dead.

User Info: Orestes417

Orestes417
1 month ago#38
vlado_e posted...
Orestes417 posted...
KillerTruffle posted...
Orestes417 posted...
If it works as intended and goes away after the user acknowledges it then it's serving it's intended purpose.

Except any pop-up like that, no matter what it says, if it manages to sneak by, I will look for any possible way I can to terminate that window/process *without* clicking anything on the ad itself - even (or should I say especially?) the little X at the top. There are so many cases of injected code installing malware on computers the instant the little X is clicked to close the window, no way in hell I'd touch that.


Like I said, they could've done it other ways. Like a hard redirect you have no choice but to acknowledge. The popup is relatively polite by comparison.

"It could have been worse" doesn't lead us anywhere not matter how many ways you say it. It's literally a nonsensical deflection. It's just a step away from the "African children" appeal.

I keep asking - where and how was this communicated to the user? Why and how you take that as "can it be any worse", I don't really understand.


Was I replying to you? No I was not. the point is unrelated.

Now, as for you. First, feel free to point to the law that says they're required to inform the user of such actions. Once you can do so I'll consider wasting my time and energy going through documentation you're more than free to read yourself.
When nothing remains everything becomes possible.

User Info: tearast

tearast
1 month ago#39
vlado_e posted...
tearast posted...
vlado_e posted...
tearast posted...
vlado_e posted...
Orestes417 posted...
the kneejerk s***

Right, so you think it's fine for a third party to add whatever they want to pages you request?

Yea, got a problem? It's a free market, you FREELY agreed to their ToS. How about you LEAVE if you don't like it?

Is it in the ToS? Feel free to link me to the appropriate section there. The support guy from Comcast quotes an RFC and it even seems their usage of their system does not fall within the requirements described there. Unless it's been changed, that is - it's after all, an RFC.

Can you confirm it follows the documentation strictly? I already think it desn't, but can you prove it conforms on all accounts?

So... you haven't even read the ToS? Then why are you commentating on a topic you clearly have no knowledge of?


So, you can't even prove that it's "fine", yet you comment saying that?

If you had read the ToS and educated yourself before speaking on a subject you know nothing about, you would know where it says that in the ToS.

User Info: LazyyAmerican

LazyyAmerican
1 month ago#40
This the beginning of the end for the internet or the beginning of pitchforks, rage, and backpedaling from corporations till an acceptable amount of greed sticks?
You've got ten minutes. There's policies even your section have to follow
I'll be sure to forward your message to the president.
  1. Boards
  2. PC
  3. Comcast injects Javascript into your webpages

Report Message

Terms of Use Violations:

Etiquette Issues:

Notes (optional; required for "Other"):
Add user to Ignore List after reporting

Topic Sticky

You are not allowed to request a sticky.

  • Topic Archived