AT&T Wi-Fi hotspot caught injecting ads into web pages - mendelfroule

Even another major public hotspot supplier has been caught injecting ads into exploiter's web browser.

AT&T, which offers public Wi-Fi hotspots across the U.S., was caught putt ads on websites in extraordinary places by Jonathan Mayer, a lawyer and Ph.D. candidate in computer science at Stanford University.

Mayer was at Dulles Airport last week when he noticed Stanford's site suddenly showing ads for jewelry and AT&adenosine monophosphate;T services—ads that he'd never seen on the university locate before. Other sites were also screening ads in odd floater, Mayer said.

It appears AT&ere;T was partnering with a third-party company RaGaPa that specializes in "Hot spot Branding." The service of process would add three contrasting bits of computer code into a browser tablet to inject unauthorized ads on a site, including a backup ad just in case a specific browser wouldn't lean JavaScript.

UPDATE: An AT&T spokesperson sent PCWorld the following statement:

"We trialed an advertising program for a circumscribed time in two airports (Dulles and Reagan National) and the trial has ended. The visitation was depart of an on-going effort to explore alternate ways to deliver a free Wi-Fi service that is safe, secure and fast."

Screenshot

An example of an ad injected ended the FCC's website while on an AT&T free airport Wi-Fi hotspot.

The problem with injecting ads where they shouldn't be is that they can introduce protection issues where previously there were none. Mayer also argues that this doings can break sites and expose a user's web browser activity to "an unrevealed" third-party—RaGaPa in this suit.

The story behind the story: Injecting unloved ads into user's browsers has been something of an issue in recent years. In September 2022, Comcast was also caught injecting ads at its public hotspots for the company's own services. In 2012, the Marriott hotel chain was doing something like. About 200 shady Chrome extensions were also into the practice, which Google began clamping down on in April.

It's fixable

The good tidings is there's a quick repair for any hotspot where you discover ad injectant. Download the web browser extension HTTPS Everywhere from the Electronic Frontier Foundation. HTTPS Everywhere works with Chrome, Firefox, and Opera, and forces your browser to use an HTTPS encrypted connection with any situation that offers one. Anno Domini injection practices like RaGaBa's cannot bear upon HTTPS encrypted sites.

It is also wise to connect to a virtual private network (VPN) when using public Wi-Fi to protect yourself against malicious activity such Eastern Samoa mankin-in-the-intervening attacks that often try to frivol away you into handing over personal information so much as land site login information.

This article was updated at 11:27 AM Pacific on Wednesday, August 26 with a statement from AT&T.

Source: https://www.pcworld.com/article/423257/att-wi-fi-hotspot-caught-injecting-ads-into-web-pages.html

Posted by: mendelfroule.blogspot.com

Share this post