Telkom denies putting Web users at risk


Telkom has rejected claims that it is employing the same techniques used by malicious hackers in so-called “man in the middle” attacks to edit code on websites in order to serve the telecommunications operator’s own content to end users.

Johannesburg-based software developer Robert MacLean warns in a recent blog post that Telkom is adding JavaScript code to websites without the permission of website owners or of Telkom customers.

The code, which MacLean says is only added on non-secure (that is, non-HTTPS) websites, is used to show subscribers to Telkom’s Internet service provider who also use its broadband ADSL service how much bandwidth they have left before they are capped.

“Telkom is very cleverly intercepting certain calls and redirecting them, so that unless you are actively looking for this, it appears transparent to the website and the user. What they are doing is watching for JavaScript files to be requested, and then appending additional code into those files,” he says. This code is then used to manipulate Web pages, he adds.

“Admittedly this is a relatively benign addition and in fact it may be seen as useful, and I can see it being sold that way to non-technical managers and executives,” MacLean writes. “Do not be fooled, though. Even this simple addition can cause major issues for you. It is impossible for Telkom to know what this addition will do to every website on the Web.”

In short, Telkom is adding JavaScript code to each page and that code could interfere with the existing code and Web pages in unforeseen ways and ultimately can break a Web page, MacLean says. “The sheer size and complexity of the Internet says that it is impossible for them to know for sure that they are not breaking a single website.”

Telkom, he says, is exposing its users to potential security risks, which he explains in greater technical detail in his blog post.

Worse still, he says, having a server that can manipulate what traffic users are sending and receiving provides a “very easy point for someone to capture traffic” and see what Telkom’s users are doing on the Internet.
Source: Techcentral 9 July 2015