If you have not heard the controversy over Rogers' latest stunt, read this article. Unsurprising, isnt it; for Rogers? Seriously, does anyone at Rogers understand the security implications of this? Do they understand how incredibly stupid this is? They are just asking that their customers be phished. Should this become the norm, malicious websites will begin to copy these headers and scare Rogers customers into “logging in” to resolve the matter, at which point they will have a username and password that the customer users.
Harmless you ask? What if the customer uses a credit card to pay off their bill? And what if the malicious website, upon successful “login”, asks which credit card company they use to pay their Rogers bill as a way of “verifying” their identity? Sound stupid? Have you ever called Rogers and had to verify your identity by divulging a few pieces of private information to every single person you speak to? People will fall for this. However, you say what credit card company would allow someone to login to a website without having a credit card account number? At least one, and that's all it takes for this to be a lucrative endeavour for the phishers.
"This is useful information for the customer to have," says Taanta Gupta, Vice President of Communications at Rogers. Way to spin things; I should not even be quoting that tripe. The information is only useful because Rogers implements a confusing bandwidth cap to their “unlimited” Internet experience that trips up honest people like, say my brother who went over a similar bandwidth cap simply by playing Xbox Live!.
If Rogers actually wanted to put the customer first, they would be investing in increasing these bandwidth caps or eliminating them altogether. Instead, they are investing in ways to dilute the quality of our Internet experience. This new technology is not about providing you with a useful service. This is about testing the waters for providing Rogers with a very useful new profit stream that will mimic Google's Ad Words in all the ways that matter to an entity hell-bent on profit maximization at the expense of the best interests of its customers.
The most fundamental services that you expect from Internet service providers are that they provide the content that you have requested and that they deliver this content unmodified. This latest controversy is evidence that Rogers does not care about the principles that built the Internet into the awesome thing it is today. It is evidence that companies such as Rogers actually despise the Internet, because it routes around their distribution channels. They are beginning to get desperate. Do not let these desperate measures succeed.