by Artem Taranowski
It’s been several months now since the e-commerce related story of Rozetka v. Kyivstar went public.
Then in August, a number of users being provided with internet access services by Kyivstar have experienced quite an effect. Having visited Rozetka Online Store’s website they saw Kyivstar Online Store’s full-screen size ad popped up.
It is not known for sure what exactly has happened back then but some essential circumstances support the following presumption.
To begin with, let’s look at what normally takes place when a user visits a website.
The user inputs the website address. The user’s browser packs the request and directs the packets to the website. The internet service provider just carries the packets redirecting those towards the website. The website’s web server processes the user’s request, packs the relevant content and directs the packets to the user. The internet service provider again just carries the packets redirecting those towards the user. The user’s browser shows the content to the user.
Therefore, the content received is exactly the one the user expects and the website intends to provide upon the request sent by the user.
What has allegedly taken place instead is as follows.
Rather that just pass the packets, the internet service provider looks inside and acquires an information as to what is requested, redirects the packets towards the website, waits for the packets directed to the user by the website upon the request, unpacks those, adds some content, packs those back, and directs them towards the user. So, the user’s browser shows the modified content as if it was original one provided by the website upon the user’s request.
Therefore, the content received is one the internet service provider considers the user should see.
Nothing new, by the way, from the technological point of view. The injecting techniques were exploited by AT&T and Verizon in the US until they have been caught up. And the ad injecting techniques were known before as well.
So what? That is just an ad, one might say. Why is that so important?
In the second place, internet service providers are not supposed to know what content is requested and received by users. But in the first place, under no circumstances may internet service providers change data they transfer. Because yesterday it was just an ad added but tomorrow it well may be any information an internet service provider is asked to or made to provide to us. To you.
Back to the story. If Kyivstar was indeed involved in such an activity then its users can be affected by screening and altering web traffic. And home internet users are not the only who should be concerned. Kyivstar provides corporate customers with internet access services as well.
Комментариев нет:
Отправить комментарий