#warrior 2019-12-21,Sat

↑back Search

Time Nickname Message
00:00 🔗 ShellyRol has quit IRC (Read error: Operation timed out)
00:12 🔗 ShellyRol has joined #warrior
00:19 🔗 tomaspark has joined #warrior
00:54 🔗 kiska has quit IRC (Remote host closed the connection)
00:54 🔗 Flashfire has quit IRC (Remote host closed the connection)
00:54 🔗 Flashfire has joined #warrior
00:54 🔗 kiska has joined #warrior
02:34 🔗 ShellyRol has quit IRC (Read error: Operation timed out)
02:50 🔗 ShellyRol has joined #warrior
02:59 🔗 ivan has quit IRC (Quit: Leaving)
03:00 🔗 ivan has joined #warrior
03:02 🔗 ivan_ has joined #warrior
03:13 🔗 ivan has quit IRC (Ping timeout: 745 seconds)
03:19 🔗 ivan_ is now known as ivan
05:09 🔗 DogsRNice has quit IRC (Read error: Connection reset by peer)
05:12 🔗 mtntmnky has quit IRC (Remote host closed the connection)
05:13 🔗 mtntmnky has joined #warrior
05:36 🔗 atphoenix so I'm reading over https://archiveteam.org/index.php?title=ArchiveTeam_Warrior ... there is a bullet point that says "No ISP connections that inject advertisements into web pages.". One caveat to be aware of is that some ISPs (Comcast) may inject data usage messages into HTTP communications once an account exceeds 500 GB (this may be configurable inside of the Comcast account).
05:37 🔗 atphoenix e.g. https://old.reddit.com/r/Comcast_Xfinity/comments/e0xizg/xfinity_injected_pop_up_about_data_usage/
05:39 🔗 atphoenix I do *not* think Comcast users should be prevented from using the Warrior, as this does not affect all accounts (unlimited accounts don't get the message, and it appears is only starting at 500 GB on the 1 TB accounts)
06:05 🔗 markedL can confirm comcast is still doing this on HTTP
06:09 🔗 atphoenix the Comcast issue can be avoid completely via a VPN service. It may also be avoidable by using a theoretical transparent proxy that looks for, and removes, that Comcast injection, and maybe even submits the appropriate response to the injected message that dismisses it until another 100 GB or so passes by.
06:10 🔗 markedL HTTPS is immune as expected
06:15 🔗 mtntmnky has quit IRC (Remote host closed the connection)
06:15 🔗 mtntmnky has joined #warrior
07:41 🔗 ShellyRol has quit IRC (Read error: Operation timed out)
07:55 🔗 ShellyRol has joined #warrior
10:21 🔗 VADemon__ has quit IRC (Quit: left4dead)
10:58 🔗 coderobe has joined #warrior
14:20 🔗 pinkieval has quit IRC (Ping timeout: 745 seconds)
14:41 🔗 VADemon has joined #warrior
14:41 🔗 VADemon has quit IRC (Read error: Connection reset by peer)
15:02 🔗 VADemon has joined #warrior
16:45 🔗 mtntmnky has quit IRC (Remote host closed the connection)
16:45 🔗 mtntmnky has joined #warrior
16:48 🔗 JAA Fuck Comcast.
16:59 🔗 atphoenix Not a fan of Comcast. They even added the 1 TB data cap to customers that signed up before data caps were a thing. But...given a bad choice between Comcast and Verizon/Yahoo...I have a greater dislike of Verizon.
17:02 🔗 JAA I do not envy you guys for your internet. I have a choice of 20-ish providers here.
17:03 🔗 JAA Anyway, we should add a test for this to the code.
17:05 🔗 JAA Can you or someone else who has Comcast and is getting that message please grab http://example.org/ into a WARC with wget and upload that to https://transfer.notkiska.pw/ ?
17:05 🔗 JAA wget --warc-file example.org-comcast.warc.gz --delete-after http://example.org/
17:06 🔗 JAA (Or wpull/grab-site or some other tool if you prefer that, just something that writes proper WARCs.)
17:19 🔗 atphoenix here is a recent blog post on the issue: https://rietta.com/blog/comcast-insecure-injection/ and reported code: https://rietta.com/blog/comcast-insecure-injection/injection-attack.js
17:20 🔗 atphoenix just to be clear, I don't advise auto-blocking Comcast account holders, but performing periodic HTTP checks to see if the injection is happening? Yes, that makes sense.
17:21 🔗 JAA Yep
17:21 🔗 JAA On a related note, we should add a check for NXDOMAIN hijacking.
17:22 🔗 JAA No idea whether that applies to Comcast (though I wouldn't be surprised one bit), but it does happen on other providers for sure.
17:23 🔗 JAA That said, none of this is actually warrior-specific. It belongs in the pipeline scripts.
17:23 🔗 atphoenix is there a pipeline channel?
17:23 🔗 JAA Nope, but there's #archiveteam-dev for all code dev things.
17:25 🔗 pinkieval has joined #warrior
17:25 🔗 pinkieval has quit IRC (Client Quit)
17:44 🔗 pinkieval has joined #warrior
17:45 🔗 pinkieval has quit IRC (Client Quit)
17:46 🔗 pinkieval has joined #warrior
17:47 🔗 pinkieval has quit IRC (Client Quit)
17:48 🔗 pinkieval has joined #warrior
18:06 🔗 atphoenix by NXDOMAIN hijacking you are referring to things like redirected/customized error pages that modified by the ISP?
18:07 🔗 atphoenix Comcast did that in the past with their "Domain Helper" (as of 2009). I don't think they are doing it now (as of 2012). Per https://corporate.comcast.com/comcast-voices/comcast-domain-helper-shuts-down and https://corporate.comcast.com/comcast-voices/domain-helper-national-rollout-begins and https://corporate.comcast.com/comcast-voices/domain-helper-service-here-to-help-you
18:10 🔗 JAA Yes, that shit.
18:18 🔗 pinkieval has quit IRC (Quit: We're here, we're queer, connection reset by peer.)
18:18 🔗 pinkieval has joined #warrior
18:18 🔗 ShellyRol has quit IRC (Read error: Connection reset by peer)
18:20 🔗 ShellyRol has joined #warrior
18:43 🔗 markedL Warriors can hard code DNS servers pretty easily. This a lot easier than the other possible fixes.
18:45 🔗 JAA And also not a complete fix. Some ISPs are known to hijack DNS packets.
19:19 🔗 MrRadar has quit IRC (Read error: Operation timed out)
19:36 🔗 atphoenix custom DNS doesn't prevent the content injection example I linked to above
19:40 🔗 JAA markedL was talking about the NXDOMAIN thing, I think.
19:41 🔗 markedL indeed, though the little extra clarification doesn't hurt
20:56 🔗 mtntmnky has quit IRC (Remote host closed the connection)
20:57 🔗 mtntmnky has joined #warrior
21:10 🔗 MrRadar has joined #warrior
21:13 🔗 MrRadar has quit IRC (Read error: Operation timed out)
21:15 🔗 MrRadar has joined #warrior
21:19 🔗 MrRadar has quit IRC (Read error: Operation timed out)
21:48 🔗 DogsRNice has joined #warrior
23:05 🔗 kiska has quit IRC (Remote host closed the connection)
23:05 🔗 Flashfire has quit IRC (Remote host closed the connection)
23:05 🔗 Flashfire has joined #warrior
23:05 🔗 kiska has joined #warrior

irclogger-viewer