[AusNOG] Telstra's Texan Teaser - Tin Foil Stetsun anyone?

Eric Pinkerton Eric.Pinkerton at stratsec.net
Mon Jun 25 11:40:14 EST 2012


>Is this not standard behaviour for most anti-nasty installations on desktops? 

This thought had crossed my mind, not least because it buggers with peoples webstats/analytics in much the same way but I had discounted it because the user agent is different from the real request, and would be key to determining if the handset in question was vulnerable to say, a drive by attack.  Also the sequence is wrong - legit request typically lands first, and also both requests seem to be independent (ie if legit request get's a 404, the other request still appears)

> Maybe smartphones are doing the same thing and/or Telstra is emulating that behaviour for themselves...

If it was an anti malware offering then I would have expected them to test and refine it to a point where it is of some use, and then had the marketeers doing singing and dancing before enrolling all of their customers.  Finally It happens on Telstra's http proxies, not on the handset/browser/client etc, etc.
 

-- 
Message  protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.http://www.mailguard.com.au/mg




More information about the AusNOG mailing list