Comcast is proxying all unencrypted content – DEV Community
Brian
Posted on
Nov 29, 2018
I originally posted this on the originally unsecure platform, facebook. I should edit this for grammar, but I just wanted to bang it out, because you know… job/work.
I cannot stand #comcast, no one that knows me finds this surprising, I’m forever ranting about them. The fact that Comcast is the only option for so many people is ridiculously sad. My job requires me to be on the internet constantly, I do a lot of security research and general research.
Today, I found the most horrific thing a security nerd can find. Comcast is FORCING all unencrypted traffic through Comcast proxy servers. I don’t have a choice, I wasn’t asked, or notified (I’m sure the TOS that’s 938429 pages long mentioned it). This enables Comcast to inject anything they want into your unencrypted web browsing.
If you want to see technical details about what these jackholes are doing, see here:
I tested a popular website, (a only website) with and without a VPN on, and the difference in HTML delivered was comcast HTML injection, which included 3rd party asset calls, analytics tracking, etc.
I want to protect my entire network (including all those people in my home) against this kind of absolutely unacceptable spying, however it gets fugly, because as cord cutters, we use streaming services, and Netflix and Hulu are NOT VPN friendly. These services actively block VPNs because viewers can appear to be in a different geological location (ODIN FORBID YOU NOT BEING AN AUTHORIZED AREA), so if I run my whole house through a VPN, then we won’t be able to use streaming services.
I’ve been considering deploying a local forced proxy for any port 80 traffic to be forced through a VPN connection at MY gateway and not comcast’s. Nearly every streaming service uses HTTPs, so this wouldn’t diddle with streaming services.
The point of this rant is to SHAME comcast, not that they care in the least about consumers. You may constantly see ads for VPNs as you browse online, and these are the reasons why, you absolutely CANNOT trust your local service provider when it hijacks your content and modifies it before it gets to you. Ask China what it’s like to have all your traffic monitored and modified before it gets to you. Comcast could potentially change anything before you have a chance to read the original version. If Comcast obtains a CA that browers accept, they would then be able to hijack your HTTPS connections, which is ABSOLUTELY concievable at this point.
Websites that use web application firewall services like Cloudflare are also subjected to this kind of risk. Cloudflare inspects all traffic to and from source servers, so it’s a single point that could modify, track, and potentially block content. If a BlackHat were to compromise Cloudflare, thousands of ecommerce businesses could be at risk of having traffic snooped. Same with Comcast, if (AND WHEN) they are compromised, they could modify YOUR traffic so that you’re seeing what someone else wants you to see.
Trust no one. Especially worthless corporations like Comcast.
Pilot Network – Proxy Server IP Address – Windows – SuitableTech
For networks using a proxy server to filter content, you might be required to enter the proxy IP address and port number into the Beam Desktop App to direct data traffic appropriately.
The instructions below are based on Windows 10 locate your Proxy Server IP Address:
In the Windows search bar, type “Internet Options”.
Select Internet Options from the results list.
Click to open the Connections tab.
Click the LAN settings button.
Notice in the Proxy Server section:
If a proxy server is in use, the checkbox next to “Use a proxy server for your LAN (These settings will not apply to dial-up or VPN connection) will be marked.
The proxy server address and port in use for HTTP/HTTPS traffic will be displayed.
Note: Under the Automatic Configuration settings, if Use automatic configuration script is checked, the address listed may contain a file (proxy auto-config) script. In this case, you will be required to download the file to determine your proxy address and port.
Please contact your IT/network administrator for additional assistance locating your proxy information.
Disabling proxy settings on Google Chrome – Linksys Official Support
A proxy server is an application or system that acts as an intermediary between your computer and the Internet. Enabling this service can cause problems in accessing Internet websites because the proxy server settings have been configured. By default, the proxy server feature of the Google Chrome™ browser is disabled. However, if it is enabled, this article will guide you on how to disable it.
Step 1:Double-click the 2:Click the icon located at the upper left corner of the Google Chrome 3:Click Settings on the drop-down menu.
Step 4: Click the Show advanced settings… option.
Step 5:Under the Network category, click Change proxy settings tab. It will automatically bring you to the Connections tab of the Internet Properties window.
Step 6:Click LAN settings.
Step 7:Click Use a proxy server for your LAN. Then click on OK to apply the changes.
QUICK TIP: You only need to do these steps once as Google Chrome saves this setting. On the other hand, if you have other browsers that you use, you will have to disable the proxy server settings of those browsers, lated Articles:Disabling proxy settings on Internet ExplorerDisabling Proxy Settings on the Internet Explorer when Using Windows VistaClearing the cache of your Mozilla Firefox browser using a Mac® computerDisabling Proxy Settings on Mozilla Firefox
Frequently Asked Questions about comcast proxy server
Does Comcast use a proxy server?
Comcast is FORCING all unencrypted traffic through Comcast proxy servers. … This enables Comcast to inject anything they want into your unencrypted web browsing.Nov 29, 2018
How do I find out what my proxy server is?
Errors & TroubleshootingIn the Windows search bar, type “Internet Options”.Select Internet Options from the results list.Click to open the Connections tab.Click the LAN settings button.Notice in the Proxy Server section: … The proxy server address and port in use for HTTP/HTTPS traffic will be displayed.
Is it safe to disable proxy server?
Disabling proxy settings on Google Chrome™ A proxy server is an application or system that acts as an intermediary between your computer and the Internet. Enabling this service can cause problems in accessing Internet websites because the proxy server settings have been configured.