Saturday, March 1, 2008

Hacking Lite - Evading Coffee Shop Banners

This is mostly a note to myself and not intended to express approval of the behavior described ;-)

Occasionally I like to bring my laptop to a nearby coffee shop to get some work done without all of the distractions of my apartment. My favorite place has been a Tanner's Coffee Company within walking distance of my place. It's a little noisy sometimes, and the food isn't the freshest, but the drinks are decent and I seem to get a lot done whenever I'm there.

Their wireless offering injects an ad banner at the top of every page. This alone would not be prohibitively annoying since adblock successfully strips the ads, leaving only the banner, but what does tend to dampen the customer experience is that it breaks some sites, Google Reader in particular. Because of this, I started to do a little tinkering...

I figured they didn't inject all internet traffic, since I'm able to ssh without problems. Maybe they detect requests to servers at port 80? I toyed with the idea of using a local proxy server, blah blah blah...

Turns out, they actually filter on the user agent field within HTTP requests! This means that if you're using Firefox or Safari (or, I imagine, Internet Explorer), the banner will be injected; Opera, however, is ad-free. This also means that simply changing the user agent field that your browser declares in its HTTP requests sets you (ad) free as well.

In Firefox there are a number of ways to do this: install a Firefox extension, or simply add a string value to about:config named:

general.useragent.override

with a value like

Opera/9.26 (Macintosh; Intel Mac OS X; U; en)

as described here. It's probably a good idea to stick with a realistic user agent string as opposed to something arbitrary, since websites like Gmail may switch to less functional versions if they don't recognize your browser.

A quick way to determine your browser's user agent is javascript:document.write(navigator.userAgent).

The service responsible for the ads at this particular Tanner's (I think they're all independently owned) seems to be a company named AnchorFree. Chances are, this technique could work for ad-injection schemes used by other wi-fi spots.

Done and done. Back to high-quality coffee shop web surfing!

5/1/08 update: Okay, I'm dumb. A much easier way to do this is to add the filter

*.anchorfree.*

in AdBlock Plus. This solves the problem much more elegantly and doesn't run into issues with sites not supporting your supposed user agent.

2 comments:

Erik Osterman said...

Nice discovery on overcoming the banners on their free WiFi. I'm going to head over there this afternoon to switch it up a little. Always going to Cafe Balcony can get a little bit boring.

Ultimate Coffee Business said...

when i can't focus writing at home, i prefer coffee shops also.