from Hacker News

Ask HN: My ISP is injecting code to pages. What measures can I take?

by bbayer on 3/28/19, 3:15 PM with 4 comments

Today I saw a strange pop up entitled with logo of my ISP while I was browsing a random page. First I thought it was an ad added by site owner but when I check closely it was even on an another pop up. I checked the source and saw that it was clearly coming from somewhere else. An iframe added to page by using a JS script that sourced from direct IP address. No domain, just an IP and path. I am sure it wasn't part of site because iframe was just a static page. It doesn't contain any tracker links that can be seen every ad today. When I refreshed the page, pop up disappeared.

This page could be my mail or bank account or anything that might contain private information. Is there any practical way to prevent something like this?

  • by richinfante on 3/28/19, 3:41 PM

    > An iframe added to page by using a JS script that sourced from direct IP address

    This can kind of page tampering happen if your connection to the website is not encrypted (http:// instead of https://)

    For practical defense against this, you can install the HTTPS Everywhere browser extension: https://www.eff.org/https-everywhere which attempts to redirect you to secure versions of websites.

    If there's no secure version of the site available, there's not much you can do to prevent this besides changing your ISP or using a VPN, however this just moves the trust issue to a different entity.

  • by noonespecial on 3/28/19, 3:25 PM

    >This page could be my mail or bank account or anything that might contain private information.

    They should not be able to read or inject into any URL that starts with https:// so your mail, bank, paypal etc should be OK.

    That said, any tampering at all is a really sucky thing to do. If you can't switch ISP's I'd get a VPN subscription somewhere and send all of your traffic through it.

  • by uberman on 3/28/19, 3:22 PM

    It might help to ensure your DNS is not provided by your ISP. You might also want to look into a "VPN".