Comment 7 for bug 863306

May be related or the same bug - if not I will be happy to open a new bug.

Twice I have had all the files in /var/lib/apt/lists replaced with the splash/clickthrough page from an open wireless access point.

In one case it was in an airport, and the second was in a hotel. In both cases I had previously associated with the SSID of the access point.

So - when I booted the laptop, but before I opened a browser and clocked through the EULA for access, apt grabbed the splash screen and shoved it into each of the files.

Here's an example of the content, from the latest hotel incident:

$cat us.archive.ubuntu.com_ubuntu_dists_oneiric-updates_universe_source_Sources.IndexDiff
<html><head>
<meta http-equiv="Pragma" content="no-cache">
<title>Object Moved
(.30)</title>
<link href="ibahn_theme.css" rel="Stylesheet" type="text/css" media="all">
<link href="menu.css" rel="stylesheet" type="text/css">
</head>
<body><center>
<A href="https://secure34.ibahn.com/purchase/purchase?MA=00-21-5c-95-62-d9&SC=BOSS9&DI=168617112&PN=1&BD=0875c796&PX=false" name=a1>Click Here To Continue</A>
</center></body>
</html>