Re: OT: Inserting Ads without breaking the SSL

[Andrew van der Stock <vanderaj () greebo net>]

Check out Marketscore - a spyware/trojan type of thing is installed  
on the user's PC and intercepts SSL. That's why all the major banks  
in the region (Australia and NZ) block customers who are infected  
with this "acceleration tool".

thanks,
Andrew

On 22/04/2006, at 4:03 AM, Saqib Ali wrote:

> This is a little bit off-topic. But I need to solve this mystery:
>
> Recently a provider in Santa Clara, CA started to provide free Wifi
> service. The only catch is that they insert Adds on the webpage see:
> http://www.metrofi.com/advertisers.html (screenshot at the very  
> bottom).
>
> This does not require installation of any software. So seems to me
> their proxy is somehow modifying the HTML webpage to add the Ads.
>
> I would like to find out how this is done so that the intergrity of a
> SSL enabled page is not lost.
>
> Thanks
>
> --
> Saqib Ali, CISSP, ISSAP
> Support http://www.capital-punishment.net
> -----------
> "I fear, if I rebel against my Lord, the retribution of an Awful Day
> (The Day of Resurrection)" Al-Quran 6:15
> -----------
>
> ---------------------------------------------------------------------- 
> ---
> This List Sponsored by: SPI Dynamics
>
> ALERT: "How A Hacker Launches A Web Application Attack!"
> Step-by-Step - SPI Dynamics White Paper
> Learn how to defend against Web Application Attacks with real-world
> examples of recent hacking methods such as: SQL Injection, Cross Site
> Scripting and Parameter Manipulation
>
> https://download.spidynamics.com/1/ad/web.asp? 
> Campaign_ID=701300000003gRl
> ---------------------------------------------------------------------- 
> ----

Attachment: smime.p7s
Description: