Spectrum ISP SSL/TLS Interception Bug

Summary

Spectrum/Charter's transparent SSL inspection infrastructure is returning malformed TLS responses, causing ERR_SSL_PROTOCOL_ERROR for users connecting to Cloudflare-proxied sites.

Observed Behavior

Affected ISP: Spectrum / Charter Communications
Error: ERR_SSL_PROTOCOL_ERROR in browsers, packet length too long in OpenSSL
Pattern: Sporadic failures, varies by region/time
Not affected: Other ISPs, VPN users, mobile data

Technical Evidence

OpenSSL Debug Output

openssl s_client -connect staging.drafted.ai:443 -tls1_2 -debug

Expected TLS ServerHello:

16 03 03 ...  (content_type=handshake, version, length)

Actual Response from Spectrum:

read from ... (5 bytes => 5)
0000 - ff ff ff ff ff

Followed by 251 bytes of 0xFF:

0000 - ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
0010 - ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
...

Spectrum ISP SSL/TLS Interception Bug

Summary

Observed Behavior

Technical Evidence

OpenSSL Debug Output

Error Chain