In what turns out to be a not so open
strategy (hint : airtel has been running 'we are open' sorta ads these days), Airtel it seems is sniffing and censoring CloudFlare traffic in India.
Airtel is sniffing and intercepting ALL unencrypted traffic going upstream from CloudFlare’s India data centres, irrespective of what ISP the user is on. This potentially affects everyone in India accessing ANY of the 2 million+ sites on CloudFlare.
Airtel is sniffing traffic of ALL of CloudFlare’s websites that don’t have Full SSL enabled (which is the default setting on CloudFlare).
All Indian users, even if they are not on Airtel’s network, who access any of 2 million+ websites on CloudFlare have their traffic inspected and sniffed by Airtel. [via]
CloudFlare Confirms Something Is Wrong
"It appears to only affect traffic that is being passed over an unencrypted link.
"It suggests there is some system that is running either at the edge of India's network or within AirTel that is at least conducting infection of host headers in requests." CloudFlare founder Matthew Prince [via]
Update : Airtel has denied this.