Alert

Now that the so-called “six-strikes” copyright alert system has gone into effect at the top US ISPs, we’re finally learning exactly how customers will be affected. Comcast has posted a brief overview of how it will handle things, and it involves a blatant browser hijack for repeated infringers.

According to Comcast, the first three incidents of alleged infringement will result in a browser popup that can be dismissed. On the fourth allegation, Comcast will hijack the browser completely and redirect users to a notice that cannot be dismissed. This is the beginning of the “mitigation phase.” Customers that reach this stage will have to call a Comcast Customer Security Assurance rep and discuss the matter. Exactly what is required to get the notice removed is not made clear.

The browser redirect should not affect any VoIP services or Comcast email — handy because the alert is accompanied by an email from Comcast with details of the alleged infringement. The company insists that at no point in the six-strikes system will a customer have their account terminated. However, browser hijacking makes a connection essentially unusable and presents security issues.

It’s only a matter of time before an internet ne’er-do-well comes up with a script that produces a window identical to Comcast’s notice. It would be trivial to stick malicious code into such a popup, or to simply trick users into paying a “fine.” Comcast says you can make sure the notice is legitimate by checking your Comcast email for the official message. This seems like a a fairly poor solution.

Comcast did not elaborate on how the browser hijack was being accomplished. If it is a simple DNS redirect, switching to a third-party DNS server (like Google or OpenDNS) would bypass it. If the ISP is somehow inserting JavaScript to take over the browser, blocking scripts could set things straight. If there is a way, the internet will find it.