Airtel's mystery code raises privacy concerns

[AMG]

Telecom giant Airtel has been accused of injecting lines of code into its users' web browsers without their knowledge, whenever they visit a web page via its 3G network.

Thejesh GN, an information activist and programmer has exposed how the telecom operator inserts Javascript code and iframes into a user's browsing session. He traced the IP address from which the code originated and found that it belonged to Bharti Airtel.

Thejesh also posted the code on the GitHub repository. It's not clear what the purpose of the code is but it certainly raises a privacy flag. Airtel or a third party could be tracking user behaviour and even monetizing it. These scripts are also used for inserting advertisements into the webpage based on the user's browsing pattern. The tactic is clearly a violation of user consent as the code is inserted without his knowledge and even of net neutrality as the original content is altered.

http://timesofindia.indiatimes.com/...ses-privacy-concerns/articleshow/47599548.cms

 

[booo]

Thejesh's github repo has been DMCAed.

Re: DMCA Take Down Notice June 5 2015

My name is [PRIVATE] and I am a director and CEO of Flash Networks Ltd. ("FN"). I am sending this letter to advise you that information published on GitHub's website is infringing upon copyright owned by FN:

1. FN is the sole owner and proprietor of software product commercially known as Layer8 which FN developed and markets ("Layer8").
   
   
2. Layer8 is a "closed source" proprietary software. The use thereof is subject to receipt of a license from FN against payment of fees and or royalties and otherwise is subject to commercial and legal terms acceptable to FN.
   
   
3. FN has discovered to its astonishment that sections of the Layer8 source code appear on your website at the following address:
   
   https://github.com/thejeshgn/airtel-3g-script-injection.
   
   
4. The user that uploaded the infringing material is Thejesh GN (https://github.com/thejeshgn).
   
   
5. The publication of the Laye8 source code at the above URL as aforesaid is a severe violation of FN copy and other intellectual property rights and is a gross misappropriation of one of FN most valuable assets.
   
   
6. For clarification, the entire web page detailed above is infringing on FN's proprietary software. For examples only, the following pages, included in the web page are infringing to FN:
   
   a. https://github.com/thejeshgn/airtel-3g-script-injection/blob/master/Anchor.js
   
   b. https://github.com/thejeshgn/airtel-3g-script-injection/blob/master/Anchor_beautified.js
   
   c. https://github.com/thejeshgn/airtel-3g-script-injection/blob/master/flashnetworks.png
   
   d. https://github.com/thejeshgn/airtel...ej_in_screenshot_from_2015-06-03_18:49:39.png
   
   
7. This letter is official notification under the Digital Millennium Copyright Act (”DMCA”), and I seek the removal of the aforementioned infringing material from your servers. I request that you immediately notify the infringer of this notice and inform them of their duty to remove the infringing material immediately, and notify them to cease any further posting of infringing material to your server in the future.
   
   
8. Please also be advised that law requires you, as a service provider, to remove or disable access to the infringing materials upon receiving this notice. Under US law a service provider, such as yourself, enjoys immunity from a copyright lawsuit provided that you act with deliberate speed to investigate and rectify ongoing copyright infringement. If service providers do not investigate and remove or disable the infringing material this immunity is lost. Therefore, in order for you to remain immune from a copyright infringement action you will need to investigate and ultimately remove or otherwise disable the infringing material from your servers with all due speed should the direct infringer, your client, not comply immediately.
   
   
9. Also the continued publication shall in all certainty cause FN irreparable harm and severe damages and shall materially jeopardize its business operations.
   
   
10. I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.
    
    
11. I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.
    
    
12. I have read and understand GitHub's Guide to Filing a DMCA Notice.
    

Should you wish to discuss this with me please contact me directly.

Thank you.

[PRIVATE]

 

[Spacescreamer]

Thejesh GN, a programmer based in Bangalore tweeted that Airtel was injecting lines of code into users' browsing sessions over its 3G network without their knowledge.
Thejesh dug further and revealed that Airtel had actually partnered with Ericsson, which in turn was using the services of a company called Flash Networks to inject this code into web pages you were browsing. He published the code to GitHub, a web-based code repository -- and promptly received a cease and desist legal notice from Flash Networks for exposing proprietary code.

In reaction, Airtel has issued a statement saying that the code is part of a tool it's working on to help users keep track of their data consumption but has now stopped using it.

Experts say that if this is true, Airtel is guilty of privacy violation of its users by spying on their online behaviour.

When questioned, an Airtel spokesperson said:
"This is a standard solution deployed by telcos globally to help their customers keep track of their data usage in terms of mega bytes used. It is therefore meant to improve customer experience and empower them to manage their usage. One of our network vendor partners has piloted this solution through a third party to help customers understand their data consumption in terms of volume of data used. As a responsible corporate, we have the highest regard for customer privacy and we follow a policy of zero tolerance with regard to the confidentiality of customer data."

http://www.hindustantimes.com/techn...-in-webpages-you-browse/article1-1356693.aspx

 

[Santa Maria!]

MTNL broadband also injects stuff into web pages... pretty arrogantly in fact. They usually show a popup ad about some MTNL offer. It's pretty annoying and often also steals focus from the main web page, so you really have to move your hand to the mouse and then close the popup.

 

[Crapmypants]

is this anything like the lenovo superfish issue i.e. do they intercept a connection with a fake ceritficate?

 

[nimod]

Imagine what Airtel will do to users using their proposed 'free internet for all'.
Obiviously, no privacy.

 

[mk76]

'free internet for all'.

Reminds me of Kingsman

 

[axeman]

Yup, just checked on MTNL. Looks like the exact same tech.

 

[Mr.J]

MTNL broadband also injects stuff into web pages... pretty arrogantly in fact. They usually show a popup ad about some MTNL offer. It's pretty annoying and often also steals focus from the main web page, so you really have to move your hand to the mouse and then close the popup.

Yup, just checked on MTNL. Looks like the exact same tech.

Does it continue after you change DNS settings?

Try Google's DNS (8.8.8.8 OR 8.8.4.4) or OpenDNS (208.67.222.222 OR 208.67.220.220)

 

[Santa Maria!]

Does it continue after you change DNS settings?

Try Google's DNS (8.8.8.8 OR 8.8.4.4) or OpenDNS (208.67.222.222 OR 208.67.220.220)

I'd say so. I was always using the Google DNS, right from the beginning. (Not sure if DNS would really play a part in something like this?)
I'm not on MTNL any more though... I switched to Hathway after I shifted.

 

[iPwnz]

"India's No.1 network". The notice by FN further shows how grossly these corporate parties operate. Do they really think that a DMCA will silence the people? How would the poor guy prove it without the codes? Its like the notice came as a request from Airtel to FN. Another reason to hate Airtel.[DOUBLEPOST=1434005930][/DOUBLEPOST]I mean they are intimidating him to be silent on the matter.[DOUBLEPOST=1434006917][/DOUBLEPOST]"Dear @FlashNetworks: the Javascript code you inject surreptitiously might be proprietary, but it most certainly isn't "confidential". — Pranesh Prakash (@pranesh_prakash) June 9, 2015"
^summed up my thoughts.