It's almost unimaginable today that browser traffic used to be unencrypted and people in your network or down the line to your target could see and modify your traffic.
In 2013 I wrote an article about how to turn a Squid proxy into a code injection attack mechanism [1] (which many free proxies did at the time [2]). The most "harmless" would just replace the ads you see with their own, the worse ones used browser events to report all keystrokes or mouse positions to the attackers.
And yet, every time there's an article about TLS, we have the same debate here with a few people arguing that their personal websites don't need HTTPS...
This page is over ten years old. Back then, it was relatively easy to use ARP spoofing on the local network, identify your workstation as the gateway to the Internet and does MitM.
One of the slightly more subtle tricks that took a long time for people to identify was to modify ad banners so that they pointed to another provideur. Servers were fixed, image sizes were standardised, etc. This also required much less computing power and bandwidth.
There's a student residence that displayed a lot of ads for Bible studies and gay porn about fifteen years ago.
This wouldn't work nowadays if the majority of traffic was encrypted using TLS and authenticated using certificates.
The bad old days, when things were slower and unencrypted. I'm glad we have TLS (almost) everywhere these days but I'm not so impressed by how badly the "new" web performs.
Ha, fun to see this again! Back before everything was HTTPS, it was fun to use the Browser Exploitation Framework (https://beefproject.com) which had a script included that did this. Though in those cases I wasn't in control of the gateway, so ARP spoofing was required to get other devices to route through me.
geek_at|1 year ago
In 2013 I wrote an article about how to turn a Squid proxy into a code injection attack mechanism [1] (which many free proxies did at the time [2]). The most "harmless" would just replace the ads you see with their own, the worse ones used browser events to report all keystrokes or mouse positions to the attackers.
[1] https://blog.haschek.at/2013/05/why-free-proxies-are-free-js...
[2] https://blog.haschek.at/2015-analyzing-443-free-proxies/
Espressosaurus|1 year ago
It's hard to ignore when randos are screwing with you in real-time.
I'm sorry that open view of the internet ended, but it also ended far later than it should have by rights.
purerandomness|1 year ago
Beretta_Vexee|1 year ago
One of the slightly more subtle tricks that took a long time for people to identify was to modify ad banners so that they pointed to another provideur. Servers were fixed, image sizes were standardised, etc. This also required much less computing power and bandwidth.
There's a student residence that displayed a lot of ads for Bible studies and gay porn about fifteen years ago.
This wouldn't work nowadays if the majority of traffic was encrypted using TLS and authenticated using certificates.
rnts08|1 year ago
BizarroLand|1 year ago
popey|1 year ago
https://web.archive.org/web/20060315081659/http://www.ex-par...
fanf2|1 year ago
bclemens|1 year ago
jwineinger|1 year ago
alsetmusic|1 year ago
https://news.ycombinator.com/item?id=39734943