Related: #164.

Right one the face of RTI and indian Internet Users

These ad servers are vulnerable to open redirect as well. Tried reporting to CERT-IN but

@apsatwal i guess the certs mail box is full ..........

Update 1: MTNL is also now injecting ads in both incoming and outgoing mails sent through their mail service. Outgoing is a common thing. A lot of webmail services add their signature line or at least they used to. But MTNL is going one step ahead and they are also tampering with INCOMING MAILS and insert their ads in them.

Update 2: The modified mails are now linking to this domain: http://mtnlads.in/ which appears to be their upcoming gateway that might let you book ads for websites/mails that are tampered by MTNL.

Update 3: I have prepared my appeal for the RTI and would be sending it tomorrow. If anyone want to see a copy, it can be accessed here.

As per above website title "MTNL Advertisements made by Carizen"
The domain mtnlads.in has been booked by Carizen Software (P) Ltd. with their homepage at www.carizen.com a Chennai based company appears to be the technology partners. As per info available on their website they already offer an email hosting solution by the name safentrix.in with option to serve advertisements.

And their tech partner for ad-injection is Abeer Media and their subsidiary Adphonso. Just imagine how much private data is being leaked into private hands. Woo.

In the injected ad links the utm_source is abeer
www.caringpapa.com/landing/health/tax/?utm_source=abeer&utm_source_code=CP2818&utm_medium=bannertax&utm_content=bannertax&utm_campaign=affiliate

Just an update. BSNL has also responded with the same excuse. Article 8(1)(d).

https://drive.google.com/file/d/0B7GnL1EQD2WZX0dBNkZjSmhzeDQ/view

https://drive.google.com/file/d/0B7GnL1EQD2WZbk9Sa0sxdkQzUTQ/view

I filed an appeal with MTNL and they have responded to two questions now. They continue to block responses to other questions based on 8(1)(d).

Based on this response... MTNL claims that absolutely no data is being collected during the process. They got this information through a certificate from the vendor. Now if we assume that the vendor is Abeer Media and the technology has been developed by Adphonso... This is a possible lie as Adphonso website clearly states that they collect tons of information to personalize ads.

Of course, Adphonso could possibly disable the data collection feature on the platform. Question is... Is this enough? As long as they inject the ads, they can collect a lot of data whenever they want. They can track what websites are being visited by the user at any given time without any court order. This is in addition to all the revenue that is being made without caring about the user's security and privacy. Revenue which is being stolen from the content providers on the web including the MediaNama website which does not run on HTTPS.

I am kind of clueless on what I can do now. I can possibly go to the CIC. Or file a complaint with TRAI. Both of which I have not done until now so I have no idea how to proceed. Hoping to get any kind of feedback and suggestions on what can be done now. Cheers.

PS: I have also sent an appeal to BSNL in response to their non-answers. I assume they would be sending the exact response as MTNL as they did before.

Got another letter from BSNL today. BSNL's Appellate authority states that the CPIO has applied his wisdom in answering/not-answering the questions so all is well.

https://drive.google.com/open?id=0B7GnL1EQD2WZeWx2T3lZQW5mOFE

PS: I am no longer pursuing this issue. I would update this thread when MTNL responds to the appeal I sent them few weeks ago.

Here is new advertisement redirect by BSNL
For non existing domains BSNL nameservers now redirect to http://id.domain-error.com

$ dig dddsasdffggh.hc
; <<>> DiG 9.8.3-P1 <<>> dddsasdffggh.hc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47480
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;dddsasdffggh.hc.       IN  A

;; ANSWER SECTION:
dddsasdffggh.hc.    86400   IN  A   52.76.130.169

Here expected answer was NXDOMAIN

@apsatwal check the server port which you are doing querying too

Here is another private ISP using misleading adv techniques, sending complete user details i.e. IP address, DSL Username along with advt

MTNL also seems to be using phozeca these days. Can you tell the name of the ISP?

It is Connect Broadband a subsidiary of Videocon Group

Has anyone tried filing a complaint on the grounds of security and privacy? Asking them questions around commercials, scale of the programme and so on is what is getting stonewalled under the garb of trade secrets

@anomalizer yes

phozeca jquery inject

php.net serving advt, thanks to phozeca

Fake site notifications

Fake Notification thanks to phozeca, and a redirect to infected pdf?

Possible exploit of CVE-2016-1681?

Many of these ad redirects go to pages that ask you to download malware installation files etc. Needless to say millions of BSNL subscribers might be infected with these malwares/viruses. I wonder, How is a govt owned company being able to do this and escape the public and laws of this country?

@Sushubh Thank you for your efforts. Did you try approaching TRAI?

Any updates on this?
I'm also experiencing ad injection from BSNL Boradband on these days

any Updates?

This repository is for the 2015-16 campaign. It's no longer maintained. Please use the Internet Freedom Foundation's forum to discuss this and bring it to their attention for follow-up.