Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.3K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Andrew Zonenberg

@nuintari @todb @malwaretech @iagox86 @charlvdwalt @pluralistic I'm pretty sure Juno or NetZero or one of the other cheap/free dialup providers of the early 2000s did this.

May 13, 2025, 04:34 AM·Public·Web
1boost·5favorites
Public
JP

@azonenberg @nuintari @todb @malwaretech @iagox86 @charlvdwalt @pluralistic another example I can think of is that as recently as the late 10s, there was still the issue of cell vendors inserting mobile subscribers’ MSISDNs (or similar tracking ref) using HTTP transproxies for all non-HTTPS traffic - I recall this with at least one of the big US networks, and Vodacom in ZA also did something like it. probably many others worldwide if you dig around

Public
Leeloo

@froztbyte @azonenberg @nuintari @todb @malwaretech @iagox86 @charlvdwalt @pluralistic
Nowadays they just have access to your phone directly. Even huge advertisers like Google have access to running their code on most phones without any oversight or user permission.

Public
Ed Chivers

@azonenberg @nuintari @todb @malwaretech @iagox86 @charlvdwalt @pluralistic BT did this here in the UK with a technology called "phorm". I remember there was a hell of a stink about it and they ditched it after a year or so. news.bbc.co.uk/1/hi/technology

The irony that this page isn't HTTPS and I can't change it to HTTPS, and searches from the main website drop it down to HTTP as well isn't lost on me...

(I can only guess they have a different host for their older articles that doesn't support SSL).

news.bbc.co.ukBBC NEWS | Technology | BT advert trials were 'illegal'
Quiet public
Neil Craig

@http_error_418 @edchivers @azonenberg @nuintari @todb @malwaretech @iagox86 @charlvdwalt @pluralistic About news.bbc.co.uk being available over `https:`?
That should happen relatively soon actually. It's an old tech stack serving it that I am working on a project to replace with a proper managed archive and as part of that we will make news.bbc.co.uk `https:` before it's absorbed into our new web archive on www.bbc.co.uk. We've had a few delays due to a re-org.

Quiet public
Advanced Persistent Teapot

@azonenberg @nuintari @todb @malwaretech @iagox86 @charlvdwalt @pluralistic it was a very big thing on public WiFi hotspots. It would break a lot of websites cos the advertising code would just jam new HTML elements in, shitty JavaScript, conflicting versions with what the page authors used... It was a nightmare

ExploreLive feeds
About