Originally Posted by kemmer
Woah, really? That's pretty cool.
Bad thing is that it also logs where you go, and all that data (all GETs, POSTs, etc) are sold to marketing people.
It screws ad sites over because they get revenue with their ads, and instead, some other place steals their ad placement for their own stuff.
It screws users over because they are not getting the true website they go to -- it has been tampered with in transit.
Both of these things can cause a lot of hairy issues... for example pr0n ads on disney.com causing parents to litigate, when its really the ISP's ad injector that was doing it.
Its just a matter of time before one of those ad injector systems takes site login and passwords for E-mail sites like Yahoo, then spews out spam using people's address book.
Best remedy is to use SSL for everything, but that kills performance. Google is working on something to prevent ad injections (classic man in the middle attack) as well but without SSL's performance drain.