dannyman.toldme.com


Technical, Technology, Testimonials

Southwest WiFi and Net Neutrality

Good news! Southwest Airlines offers wifi on my flight! Only $5 introductory price! I have to try this out!

The service is “designed by Yahoo!”

It is kind of really really slow to make connections.

Wait . . . WTF is this?!!

Southwest Header Injection

Yup. Southwest Airlines wifi does HTTP session hijacking to inject content in to your web pages.

This is a perfect illustration of the need for net neutrality: your Internet Service Provider should not interfere with your ability to surf web pages. This would be comparable to your phone company interrupting your telephone calls with commercials. Outrageous! Wrong! Bad!!

(On Mei’s computer there are actual ads in the blue bar on top, but my AdBlock plugin filters those.)

It gets worse from there. On the “designed by Yahoo!” experience you can surf on over to Yahoo! just fine. But I’m a Google man. Here’s what Google looks like:

You Can't Get There From Here

Work-around #1: On sites that support them, use HTTPS URLs. Those are encrypted, so they can’t be hijacked. So, where http://www.google.com/ fails, https://www.google.com/ gets through!

But my little WordPress blog lacks fancy-pants HTTPS. And the session hijacking breaks my ability to post.

Work-around #2: If you have a remote shell account, a simple ssh -D 8080 will set up a SOCKS proxy, and you can tell your web browser to use SOCKS proxy localhost:8080 . . . now you are routing through an encrypted connection: no hijacking!

Update: they charge is $5/segment, so $10 if your plane stops in Las Vegas, and you get to type your credit card number a second time. Though, on the second segment, Google loads okay, but I still had to route through the proxy because the magic header was blocking WordPress’ media interface.

Update: holy packet loss, Batman!

0-20:20 dannhowa@dannhowa-w510 ~$ ping -qc 10 www.yahoo.com
PING any-fp.wa1.b.yahoo.com (72.30.2.43) 56(84) bytes of data.

--- any-fp.wa1.b.yahoo.com ping statistics ---
10 packets transmitted, 8 received, 20% packet loss, time 10011ms
rtt min/avg/max/mdev = 805.813/1669.936/3452.445/936.527 ms, pipe 4
0-20:21 dannhowa@dannhowa-w510 ~$ ping -qc 10 www.google.com
PING www.l.google.com (74.125.19.99) 56(84) bytes of data.

--- www.l.google.com ping statistics ---
10 packets transmitted, 6 received, 40% packet loss, time 11460ms
rtt min/avg/max/mdev = 661.391/2203.774/4022.638/1383.736 ms, pipe 5

At least they aren’t discriminating at the packet level.

Update: it sucked less later on, but still incredible latency:

0-21:07 dannhowa@dannhowa-w510 ~$ ping -qc 10 www.yahoo.com && ping -qc 10 www.google.com
PING any-fp.wa1.b.yahoo.com (98.137.149.56) 56(84) bytes of data.

--- any-fp.wa1.b.yahoo.com ping statistics ---
10 packets transmitted, 8 received, 20% packet loss, time 8998ms
rtt min/avg/max/mdev = 699.470/1023.412/2003.447/481.359 ms, pipe 3
PING www.l.google.com (74.125.19.147) 56(84) bytes of data.

--- www.l.google.com ping statistics ---
10 packets transmitted, 8 received, 20% packet loss, time 9003ms
rtt min/avg/max/mdev = 690.500/1201.541/2052.341/483.891 ms, pipe 3

The Gogo Wireless on Virgin America always worked way better than this, and Google covers the cost over the holidays. And as far as I know: no session hijacking!

Share this:

Read More

Next:
Previous:
Categories: Technical, Technology, Testimonials