Excitel Broadband is injecting javascript in your browsing sessions. Be careful with this company.

[Akshat Jain]

This is really serious, and for Excitel, the ISP that claims to be so pro user, this does not fare well. I expected this from bigger corporations like Airtel, BSNL and the argument that they gave is simply illogical. There are a ton of different ways to tell your users about a new feature, but privacy invasion is never one of them.

 

[thebluehue]

That's not a lot. Govt. usually has lim devices at ISP edge to track/store/monitor/change anything. The best solution would be for websites to just move to using SSL. VPN would not give you peering speeds/cache node hits. Maybe making only destination port 80 traffic hit the VPN may work out.

 

[Sushubh]

excitel is still injecting the code. Amazon homepage never loads properly for me in the first attempt. i think customers would have received the message by now. maybe they could stop with javascript injection now? god knows what kind of idiots we are dealing with here.

even worse is the fact that amazon.in just does not like to open with https. it redirects to http if i try to load it on https.

 

[thebluehue]

@Sushubh Maybe try contacting Amazon about it. Would be interesting to see what happens.

 

[philip marlowe]

Injection is stopped since Sunday. Amazon can do one thing if they want their customers to be protected - Switch to HTTPS.

It's nothing new. If a site is not using HTTPS anyone can have problems with privacy.

 

[Sushubh]

Amazon not using https does not give you the right to inject code in their website's source code. that is what hacking is essentially. you are just doing it at isp level instead of user level or server level. code injection is just as bad as malware attacks and spyware. no matter what your intentions are.

 

---

[philip marlowe]

Hi Shubh,

I know well your position on this and I've already shared ours.

 

[Oblivious]

wish we had plans similar to excitel bb in mumbai as well

 

[angryduck]

From their privacy policy:

"The Company plans to display targeted advertisements based on personal information. Advertisers (including ad serving companies) may assume that people who interact with, view, or click on targeted ads meet the targeting criteria - age, gender, address etc."

This thread has got me quite concerned. Hopefully there won't be any similar funny business with ad popups too.