0 Members and 1 Guest are viewing this topic.
“Our research group was surprised to hear that some ISPs have started ‘injecting advertisements into web pages requested by their end users,’ according to a recent Slashdot article,” say four University of Washington researchers.“They use a transparent web proxy to insert javascript and/or HTML with the ads into pages returned to users,” posted TheWoozle last year.In their Detecting In-Flight Page Changes with Web Tripwires, Charles Reis, Steven D. Gribble and Tadayoshi Kohno, from the University of Washington, and Nicholas C. Weaver, from the International Computer Science Institute, say changes include pop-up blocking scripts planted by client software, ads injected by ISPs, and, “even malicious code likely inserted by malware using ARP poisoning”.They also found alterations by client software could cause harm, such as introducing cross-site scripting vulnerabilities into most pages a client visits.“To help publishers understand and react appropriately to such changes, we introduceweb tripwires - client-side JavaScript code that can detect most in-flight modifications to a web page,” they say, discussing several designs, “intended to provide basic integrity checks for web servers”.They’re more more flexible and less expensive than switching toHTTPS, and don’t call for changes to current browsers, say the four
