Where Security and Life Meet.
You are currently browsing articles tagged signature.
It looks like I caught another in-flight modification for one of this blog’s visitor. This one injects the script “http://127.0.0.1:1025/js.cgi?pa&r=” into web pages viewed, and seems to be injected by Check Point’s ZoneAlarm, as part of it’s privacy control settings.
I’ve created a relevant signature, and added it to this blog. It will make it’s way into a future release of the WordPress Web Tripwire Plugin.
I noticed another event generated by a triggering of a web tripwire on this blog. The injection revolved around an inserted piece of JavaScript “http://1.2.3.4/bmi-int-js/bmi.js“, and then various calls to the script surrounding images in the page code. The purpose of the script is to reduce bandwidth utilisation by serving lower quality versions of the images from the ISPs transparent proxy server. A quick search reveals that this has been noted by Vodafone users, Vodafone being primarily a mobile phone telecommunications company. I’m assuming that they don’t like paying customers swamping their 3G network with images. So no Flickr for you on Vodafone, now go and surf nicely like they want you too :)
Either way, I’ve now written a signature which will alert users if Vodafone, or other providers inject this script into the page.
Recent Comments