Time |
Nickname |
Message |
00:00
🔗
|
|
ShellyRol has quit IRC (Read error: Operation timed out) |
00:12
🔗
|
|
ShellyRol has joined #warrior |
00:19
🔗
|
|
tomaspark has joined #warrior |
00:54
🔗
|
|
kiska has quit IRC (Remote host closed the connection) |
00:54
🔗
|
|
Flashfire has quit IRC (Remote host closed the connection) |
00:54
🔗
|
|
Flashfire has joined #warrior |
00:54
🔗
|
|
kiska has joined #warrior |
02:34
🔗
|
|
ShellyRol has quit IRC (Read error: Operation timed out) |
02:50
🔗
|
|
ShellyRol has joined #warrior |
02:59
🔗
|
|
ivan has quit IRC (Quit: Leaving) |
03:00
🔗
|
|
ivan has joined #warrior |
03:02
🔗
|
|
ivan_ has joined #warrior |
03:13
🔗
|
|
ivan has quit IRC (Ping timeout: 745 seconds) |
03:19
🔗
|
|
ivan_ is now known as ivan |
05:09
🔗
|
|
DogsRNice has quit IRC (Read error: Connection reset by peer) |
05:12
🔗
|
|
mtntmnky has quit IRC (Remote host closed the connection) |
05:13
🔗
|
|
mtntmnky has joined #warrior |
05:36
🔗
|
atphoenix |
so I'm reading over https://archiveteam.org/index.php?title=ArchiveTeam_Warrior ... there is a bullet point that says "No ISP connections that inject advertisements into web pages.". One caveat to be aware of is that some ISPs (Comcast) may inject data usage messages into HTTP communications once an account exceeds 500 GB (this may be configurable inside of the Comcast account). |
05:37
🔗
|
atphoenix |
e.g. https://old.reddit.com/r/Comcast_Xfinity/comments/e0xizg/xfinity_injected_pop_up_about_data_usage/ |
05:39
🔗
|
atphoenix |
I do *not* think Comcast users should be prevented from using the Warrior, as this does not affect all accounts (unlimited accounts don't get the message, and it appears is only starting at 500 GB on the 1 TB accounts) |
06:05
🔗
|
markedL |
can confirm comcast is still doing this on HTTP |
06:09
🔗
|
atphoenix |
the Comcast issue can be avoid completely via a VPN service. It may also be avoidable by using a theoretical transparent proxy that looks for, and removes, that Comcast injection, and maybe even submits the appropriate response to the injected message that dismisses it until another 100 GB or so passes by. |
06:10
🔗
|
markedL |
HTTPS is immune as expected |
06:15
🔗
|
|
mtntmnky has quit IRC (Remote host closed the connection) |
06:15
🔗
|
|
mtntmnky has joined #warrior |
07:41
🔗
|
|
ShellyRol has quit IRC (Read error: Operation timed out) |
07:55
🔗
|
|
ShellyRol has joined #warrior |
10:21
🔗
|
|
VADemon__ has quit IRC (Quit: left4dead) |
10:58
🔗
|
|
coderobe has joined #warrior |
14:20
🔗
|
|
pinkieval has quit IRC (Ping timeout: 745 seconds) |
14:41
🔗
|
|
VADemon has joined #warrior |
14:41
🔗
|
|
VADemon has quit IRC (Read error: Connection reset by peer) |
15:02
🔗
|
|
VADemon has joined #warrior |
16:45
🔗
|
|
mtntmnky has quit IRC (Remote host closed the connection) |
16:45
🔗
|
|
mtntmnky has joined #warrior |
16:48
🔗
|
JAA |
Fuck Comcast. |
16:59
🔗
|
atphoenix |
Not a fan of Comcast. They even added the 1 TB data cap to customers that signed up before data caps were a thing. But...given a bad choice between Comcast and Verizon/Yahoo...I have a greater dislike of Verizon. |
17:02
🔗
|
JAA |
I do not envy you guys for your internet. I have a choice of 20-ish providers here. |
17:03
🔗
|
JAA |
Anyway, we should add a test for this to the code. |
17:05
🔗
|
JAA |
Can you or someone else who has Comcast and is getting that message please grab http://example.org/ into a WARC with wget and upload that to https://transfer.notkiska.pw/ ? |
17:05
🔗
|
JAA |
wget --warc-file example.org-comcast.warc.gz --delete-after http://example.org/ |
17:06
🔗
|
JAA |
(Or wpull/grab-site or some other tool if you prefer that, just something that writes proper WARCs.) |
17:19
🔗
|
atphoenix |
here is a recent blog post on the issue: https://rietta.com/blog/comcast-insecure-injection/ and reported code: https://rietta.com/blog/comcast-insecure-injection/injection-attack.js |
17:20
🔗
|
atphoenix |
just to be clear, I don't advise auto-blocking Comcast account holders, but performing periodic HTTP checks to see if the injection is happening? Yes, that makes sense. |
17:21
🔗
|
JAA |
Yep |
17:21
🔗
|
JAA |
On a related note, we should add a check for NXDOMAIN hijacking. |
17:22
🔗
|
JAA |
No idea whether that applies to Comcast (though I wouldn't be surprised one bit), but it does happen on other providers for sure. |
17:23
🔗
|
JAA |
That said, none of this is actually warrior-specific. It belongs in the pipeline scripts. |
17:23
🔗
|
atphoenix |
is there a pipeline channel? |
17:23
🔗
|
JAA |
Nope, but there's #archiveteam-dev for all code dev things. |
17:25
🔗
|
|
pinkieval has joined #warrior |
17:25
🔗
|
|
pinkieval has quit IRC (Client Quit) |
17:44
🔗
|
|
pinkieval has joined #warrior |
17:45
🔗
|
|
pinkieval has quit IRC (Client Quit) |
17:46
🔗
|
|
pinkieval has joined #warrior |
17:47
🔗
|
|
pinkieval has quit IRC (Client Quit) |
17:48
🔗
|
|
pinkieval has joined #warrior |
18:06
🔗
|
atphoenix |
by NXDOMAIN hijacking you are referring to things like redirected/customized error pages that modified by the ISP? |
18:07
🔗
|
atphoenix |
Comcast did that in the past with their "Domain Helper" (as of 2009). I don't think they are doing it now (as of 2012). Per https://corporate.comcast.com/comcast-voices/comcast-domain-helper-shuts-down and https://corporate.comcast.com/comcast-voices/domain-helper-national-rollout-begins and https://corporate.comcast.com/comcast-voices/domain-helper-service-here-to-help-you |
18:10
🔗
|
JAA |
Yes, that shit. |
18:18
🔗
|
|
pinkieval has quit IRC (Quit: We're here, we're queer, connection reset by peer.) |
18:18
🔗
|
|
pinkieval has joined #warrior |
18:18
🔗
|
|
ShellyRol has quit IRC (Read error: Connection reset by peer) |
18:20
🔗
|
|
ShellyRol has joined #warrior |
18:43
🔗
|
markedL |
Warriors can hard code DNS servers pretty easily. This a lot easier than the other possible fixes. |
18:45
🔗
|
JAA |
And also not a complete fix. Some ISPs are known to hijack DNS packets. |
19:19
🔗
|
|
MrRadar has quit IRC (Read error: Operation timed out) |
19:36
🔗
|
atphoenix |
custom DNS doesn't prevent the content injection example I linked to above |
19:40
🔗
|
JAA |
markedL was talking about the NXDOMAIN thing, I think. |
19:41
🔗
|
markedL |
indeed, though the little extra clarification doesn't hurt |
20:56
🔗
|
|
mtntmnky has quit IRC (Remote host closed the connection) |
20:57
🔗
|
|
mtntmnky has joined #warrior |
21:10
🔗
|
|
MrRadar has joined #warrior |
21:13
🔗
|
|
MrRadar has quit IRC (Read error: Operation timed out) |
21:15
🔗
|
|
MrRadar has joined #warrior |
21:19
🔗
|
|
MrRadar has quit IRC (Read error: Operation timed out) |
21:48
🔗
|
|
DogsRNice has joined #warrior |
23:05
🔗
|
|
kiska has quit IRC (Remote host closed the connection) |
23:05
🔗
|
|
Flashfire has quit IRC (Remote host closed the connection) |
23:05
🔗
|
|
Flashfire has joined #warrior |
23:05
🔗
|
|
kiska has joined #warrior |