On Thu, 2002-02-07 at 20:33, J Edgar Hoover wrote: > This allows them to not only log all http requests, but to also log the > response. Apparently they aren't using it to maximize bandwidth, because it's not > configured to serve cached data. How do you know that it's not configured to serve up cached content? > And yes, they have purchased a lot of the specific, unique hardware that > is required to do all this logging. Once again, where's your inside knowledge of this? > If a comcast victim/customer sends a packet to port 80 at any IP address, > it is intercepted by the Inktomi Traffic-Server, the contents of the > packet are examined for the GET url and the "Host:" field. The Inktomi > Traffic-Server then sends the http request on to your destination from > it's address with modified content and headers. It then caches the > returned data, changes both the header and the content, and sends the > packet to your machine with the spoofed IP of the server you had > requested. This is standard behavior for a transparent web proxy. Nothing new here. These have been around for a while, and Inktomi is not the only company to deploy one. Hell, you can do this with squid and ipchains: http://www.linuxpowered.com/archive/mini/TransparentProxy.html#toc5 > This allows them to monitor and change (or insert ads into) what > you read. It most certainly does. How do you know that they aren't already? They probably aren't though, because as of 6 months ago, none of the major players had the ability to insert content into requests. (more on this later). > Interestingly, regardless of what IP you address the packet to, the > Inktomi Traffic-Server reads the Host: field to determine where to send > the packet. Once again, standard behavior for a proxy request. Most (if not all) proxies are dependant on a partial HTTP/1.1. implementation, and without the host header, all would be lost... > US Code TITLE 18, PART I, CHAPTER 119, Sec. 2511. (2) (a) (i) > "...a provider of wire communication service to the public shall not > utilize service observing or random monitoring except for mechanical or > service quality control checks." AFAIK, this isn't snooping. I don't see the big deal. Most dialup users are surfing transparently through a cache; the next big thing is supposedly edge appliances that do this as a feature. Disclaimer: I do have inside knowledge. Not of Inktomi, but of a former employer who manufactured a multi protocol transparent proxy capable of real-time modification of content. It was pretty sweet technology. > Does federal law only apply when a little guy snoops on a big > corporation? Where are the feds now? They're monitoring this whole exchange through the carnivore they installed at mae-[east|central|west] :-) -jon -- jonat_private || www.divisionbyzero.com gpg key: www.divisionbyzero.com/pubkey.asc think i have a virus?: www.divisionbyzero.com/pgp.html "You are in a twisty little maze of Sendmail rules, all confusing."
This archive was generated by hypermail 2b30 : Fri Feb 08 2002 - 17:39:40 PST