Google confirms that the extra cookies and the extra packets are not coming from its site. “The sections in [Robb Topolski’s] report that talks about Google are accurate,” says company spokesman Michael Kirkland. “We’re obviously aware of this issue and are looking into it.”
Forging packets as coming from a (somewhat) trusted source and using it to load your own code into the browser? If any hacking group were doing it, the feds would be working to roll them up. But gosh, if there’s a contract with an ISP, there’s probably a clause in your terms of service that requires to to let yourself be pwned (unless it’s by someone the ISP doesn’t approve of, in which case you’ll be thrown off their network instead). Oh, and if it turns out there’s no such clause, that would mean your ISP could be engaged in a conspiracy to violate antihacking statutes for profit. Whee.