Is Your ISP Injecting Ads on websites you visit?

Martin Brinkmann
Apr 17, 2008
Updated • Apr 1, 2014

Internet users have to cope with all kinds of things when they are online. Malware, security vulnerabilities, tracking, phishing, traffic shaping and some, as it seems (thanks Dante for the link), even with Internet Service Providers that inject ads of their own on websites that are visited by their customers. That's what researchers at the University of Washington have discovered after analyzing data sent by 50000 computers in July and August of 2007.

This brings up some interesting moral but also legal questions. Website owners have no idea, and obviously no control, that ads are displayed or altered on their websites. The problem here is that they probably do not have the means to verify that ads are displayed either unless someone would come up with a log that showed which websites have been affected by this practice, or if visitors of their website complain to them about the ads displayed on the site.

Customers however are on the other end of the spectrum. Their traffic is meddled with as they may see more advertisement on sites or different advertisement. To make things worse, it may also be the case that ads may be specifically targeting customers.

ISP names have been published by the researchers already: RedMoon, Mesa Networks, MetroFi and XO Communications, with the last being one of the largest ISPs in the country and only in that list because of a smaller reseller according to an XO spokesman. It will be interesting to access the full list of Internet Service Providers that inject ads in websites without their customers consent.

Update: The topic of injecting ads into websites that their customers visit has really caused that much of a public outcry than it should have. Most newspapers and news agencies, even technology related ones, have not covered ad injection by Internet Service Providers ever since it first became known.

One of the things that users can do to find out if ads are injected by their ISP is to open the very same websites using a virtual private network connection. Or, if they notice that ads are also displayed on their phone's browser when they access websites, they may want to turn off Wi-Fi to see if the ads are still there if a data connection is used instead.

It is quite difficult to catch the ISP in the act, and the best way is to use two different ISPs to see if advertisement is injected or not.


Previous Post: «
Next Post: «


  1. Fool said on April 18, 2008 at 4:39 am

    Like they don’t make enough money off of users

  2. Jonathan said on April 17, 2008 at 4:43 pm

    This is why I use firefox with NoScript! It blocks all ad’s (and any other scripts)until you allow them to run!

  3. Tobey said on April 17, 2008 at 12:11 pm

    o.O That’$ sick !! Money… :|

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.