Comcast is proxying all unencrypted content – DEV Community
Nov 29, 2018
I originally posted this on the originally unsecure platform, facebook. I should edit this for grammar, but I just wanted to bang it out, because you know… job/work.
I cannot stand #comcast, no one that knows me finds this surprising, I’m forever ranting about them. The fact that Comcast is the only option for so many people is ridiculously sad. My job requires me to be on the internet constantly, I do a lot of security research and general research.
Today, I found the most horrific thing a security nerd can find. Comcast is FORCING all unencrypted traffic through Comcast proxy servers. I don’t have a choice, I wasn’t asked, or notified (I’m sure the TOS that’s 938429 pages long mentioned it). This enables Comcast to inject anything they want into your unencrypted web browsing.
If you want to see technical details about what these jackholes are doing, see here:
I tested a popular website, (a only website) with and without a VPN on, and the difference in HTML delivered was comcast HTML injection, which included 3rd party asset calls, analytics tracking, etc.
I want to protect my entire network (including all those people in my home) against this kind of absolutely unacceptable spying, however it gets fugly, because as cord cutters, we use streaming services, and Netflix and Hulu are NOT VPN friendly. These services actively block VPNs because viewers can appear to be in a different geological location (ODIN FORBID YOU NOT BEING AN AUTHORIZED AREA), so if I run my whole house through a VPN, then we won’t be able to use streaming services.
I’ve been considering deploying a local forced proxy for any port 80 traffic to be forced through a VPN connection at MY gateway and not comcast’s. Nearly every streaming service uses HTTPs, so this wouldn’t diddle with streaming services.
The point of this rant is to SHAME comcast, not that they care in the least about consumers. You may constantly see ads for VPNs as you browse online, and these are the reasons why, you absolutely CANNOT trust your local service provider when it hijacks your content and modifies it before it gets to you. Ask China what it’s like to have all your traffic monitored and modified before it gets to you. Comcast could potentially change anything before you have a chance to read the original version. If Comcast obtains a CA that browers accept, they would then be able to hijack your HTTPS connections, which is ABSOLUTELY concievable at this point.
Websites that use web application firewall services like Cloudflare are also subjected to this kind of risk. Cloudflare inspects all traffic to and from source servers, so it’s a single point that could modify, track, and potentially block content. If a BlackHat were to compromise Cloudflare, thousands of ecommerce businesses could be at risk of having traffic snooped. Same with Comcast, if (AND WHEN) they are compromised, they could modify YOUR traffic so that you’re seeing what someone else wants you to see.
Trust no one. Especially worthless corporations like Comcast.
How To Check the Proxy Server Settings on Your Computer
If you feel your Internet connection is slower than what it should be or you notice that certain websites get blocked while browsing, it could be because all your Internet traffic is going through a proxy server.
A proxy server is basically just another computer that sits between you and your ISP. It’s usually configured in corporate environments to filter web traffic going to and from employee computers. In this article, I’ll show you how you can check your proxy settings to see if your computer is indeed using a proxy server or not.
In most cases, you won’t actually be able to turn off the proxy server, since it is controlled by an administrator. However, there are times when personal computers accidentally or maliciously get set to use a proxy server.
Check Proxy Settings in Windows
In Windows, most browsers will use the proxy settings that are set on the computer. Each browser has a settings page to adjust proxy settings, but they normally just link to the settings dialog in Windows itself.
In Windows 10, there are two ways to go about changing the settings: via the Settings app or via the traditional Control Panel. I’ll mention both methods here because the Control Panel method is what you’ll need to use for Windows 7, 8 or Windows Vista.
Windows 10 Settings App
Click on Start and then click on the gear icon (Settings) at the far left. In Settings, click on Network & Internet.
In the left-hand pane, click on Proxy at the very bottom.
Here you have all the settings that are related to setting up a proxy in Windows. It’s basically split into two configurations: either Automatic or Manual proxy setup. In 99% of the cases, everything should be set to Off. If anything is turned on, your web traffic could be going through a proxy.
If you’re using an older version of Windows or if you just like the old way, you can edit the same settings via the Control Panel. Note that whichever way you choose to edit the settings, there are only one set of proxy settings in Windows.
Once you open Control Panel, just click on Internet Options.
In the Internet Options dialog, go ahead and click on the Connections tab and then click on LAN settings at the bottom.
Here you will see all the same settings as in the Settings app shown above. Anything you configure here will show up there and vice versa.
Check Proxy Settings in Mac OS X
If you are using a Mac with OS X, then the procedure is similar. You have to change the proxy settings in System Preferences as this is where most browsers check automatically.
Open System Preferences and click on Network. On the left-hand side, make sure to select the connected or active network connection. You can have different proxy settings for each type of network connection.
At the bottom, click on the Advanced button. Click on the Proxies tab and you’ll see a bunch of different protocols you can configure.
For example, if you click on Web Proxy (HTTP), you’ll be able to enter the proxy server IP address, port number, username and password.
Check Proxy Settings in Linux
In Linux, it really depends on what distribution you are running. Mostly, though, it’s going to be some version of KDE or GNOME. For example, in Linux Mint Cinnamon, which is based heavily on GNOME, you would click on the button and then click on System Settings.
Next, you would scroll down to Hardware and then click on Networking.
Finally, if you click on Network Proxy, you can choose from Automatic or Manual.
This is pretty much the same procedure for Ubuntu also, which uses Unity and GNOME. It’ll be different if you are using a different desktop environment. If you have any questions, feel free to comment. Enjoy!
Configure Network Proxy Settings – Norton Support
When you use a proxy server to connect to the Internet, you must specify the proxy server details. The Network Proxy Settings window lets you enter automatic configuration settings, proxy settings, and proxy server authentication settings. The Network Proxy settings let you connect to the Internet while you perform tasks such as activating the service or accessing the support options.
Configure Network Proxy Settings
Open your Norton device security product.
If you see the My Norton window, next to Device Security, click.
In the Norton product main window, click.
In the Settings window, click.
In the Network Proxy Settings row, click.
In the Network Proxy Settings window, do the following:
If you want your browser to automatically detect network connection settings, under Automatic Configuration, check.
If the proxy server requires an automatic configuration URL, under Automatic Configuration, check. Type the URL of the PAC file in the box.
If your network uses a proxy server, under Proxy Settings, check. In the Address box, type the URL or IP address of your proxy server, and in the Port box, type the port number of your proxy server. You can specify a value from 1 to 65535.
If your proxy server requires a user name and password, under Authentication, check. Type the user name in the box and password in the box.
In the Network Proxy Settings window, click.
Need more help?
Turn Norton Firewall on or off
Learn more about Network Proxy Settings
The solution made it easy for me to handle my issue.
Help us improve this solution.
Thank you for helping to improve this experience.
What would you like to do now?
Browse for solutions, search the Norton Community, or Contact Us.
Operating System: Windows
Last modified: 07/30/2021
Frequently Asked Questions about xfinity proxy settings
Does Xfinity use a proxy server?
Comcast is FORCING all unencrypted traffic through Comcast proxy servers. … This enables Comcast to inject anything they want into your unencrypted web browsing.Nov 29, 2018
Should proxy settings be on or off?
It’s basically split into two configurations: either Automatic or Manual proxy setup. In 99% of the cases, everything should be set to Off. If anything is turned on, your web traffic could be going through a proxy.Oct 2, 2017
What are network proxy settings?
The Network Proxy Settings window lets you enter automatic configuration settings, proxy settings, and proxy server authentication settings. The Network Proxy settings let you connect to the Internet while you perform tasks such as activating the service or accessing the support options.Jul 30, 2021