Telkom denies putting Web users at risk
Telkom has rejected claims that it is employing the same techniques used by malicious hackers in so-called “man in the middle” attacks to edit code on websites in order to serve the telecommunications operator’s own content to end users.
The code, which MacLean says is only added on non-secure (that is, non-HTTPS) websites, is used to show subscribers to Telkom’s Internet service provider who also use its broadband ADSL service how much bandwidth they have left before they are capped.
“Admittedly this is a relatively benign addition and in fact it may be seen as useful, and I can see it being sold that way to non-technical managers and executives,” MacLean writes. “Do not be fooled, though. Even this simple addition can cause major issues for you. It is impossible for Telkom to know what this addition will do to every website on the Web.”
Telkom, he says, is exposing its users to potential security risks, which he explains in greater technical detail in his blog post.
Worse still, he says, having a server that can manipulate what traffic users are sending and receiving provides a “very easy point for someone to capture traffic” and see what Telkom’s users are doing on the Internet.
Source: Techcentral 9 July 2015