3 comments

[ 2.4 ms ] story [ 23.8 ms ] thread
Particularly egregious:

> To notify customers, the company will use in-browser, email, and text notifications starting at the 50 percent point.

(emphasis mine)

I'm assuming this is via some sort of injection over unencrypted HTTP?

You will get scripts and arbitarary JS evals appended onto your pages.

Injected inline; sometimes your DNS resolutinos might be hijacked to resolve to a comcast IP afaik

ISPs resort to this stuff because there is no standard protocol for ISPs to notify their customers of anything.