Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

ISP Is Bypassing Firefox's Location Bar Search

CmdrTaco posted more than 4 years ago | from the that's-not-kosher dept.

Firefox 385

It was only a matter of time before ISPs began doing more than just redirecting failed DNS requests to their own pages. An anonymous reader writes "It looks like the largest ISP in Hong Kong has started bypassing search results from Firefox's location bar (which typically uses Google), forcing their own search provider (yp.com.hk) onto their users. ... Can an ISP just start re-directing search traffic at will?"

cancel ×

385 comments

Sorry! There are no comments related to the filter you selected.

Sure they can (1, Insightful)

yakatz (1176317) | more than 4 years ago | (#32014972)

As shown by the recent Comcast - FCC ruling, ISPs can barely be regulated at all (and therefore can do anything they want).

Re:Sure they can (4, Insightful)

NervousNerd (1190935) | more than 4 years ago | (#32015000)

It looks like the largest ISP in Hong Kong

I never knew that Hong Kong was in the United States.

Re:Sure they can (1)

yakatz (1176317) | more than 4 years ago | (#32015028)

I mean in general ISPs can not be registered.
But once one is doing it, the rest will follow.

Re:Sure they can (1)

yakatz (1176317) | more than 4 years ago | (#32015268)

sorry: regulated

Re:Sure they can (2, Funny)

rattaroaz (1491445) | more than 4 years ago | (#32015582)

Caffiene deficiency this morning? ;)

Re:Sure they can (1)

yakatz (1176317) | more than 4 years ago | (#32015678)

Slightly off-topic, but ... A relevant first post is hard to come by, so I tried very hard to get it out quickly.

Re:Sure they can (3, Funny)

Dishevel (1105119) | more than 4 years ago | (#32015750)

Well. Thank God that like most /.'ers you realize that getting FP is way more important than the content of your post.

Re:Sure they can (1)

commodore64_love (1445365) | more than 4 years ago | (#32015762)

Well you're still wrong. State governments have the same power to regulate an Internet Monopoly as they do to regulate the Electric Monopoly or Natural Gas Monopoly. Your local government could very easily put the squeeze on Comcast and require them to fall into line.

As for this article:

I don't understand how the ISP hijacks the request. If I type "slashdot" doesn't Firefox automatically convert that to "google.com/search?q=slashdot" and produce results? I don't see how the ISP can interrupt a valid URL request.

Re:Sure they can (4, Funny)

Jurily (900488) | more than 4 years ago | (#32015242)

I never knew that Hong Kong was in the United States.

It's rude to derail a rant with logic.

Re:Sure they can (5, Informative)

Cryonix (1234264) | more than 4 years ago | (#32015310)

My US ISP recently started doing this (windstream.com). This was done without any real notice and turned on by default. Granted, there is a link in the redirected search results to turn it off.

Re:Sure they can (0)

Anonymous Coward | more than 4 years ago | (#32015698)

Same thing happened to me with windstream. That's pretty fucked.

Re:Sure they can (4, Insightful)

eldavojohn (898314) | more than 4 years ago | (#32015126)

As shown by the recent Comcast - FCC ruling, ISPs can barely be regulated at all (and therefore can do anything they want).

Well, as someone else pointed out, this is an ISP in Honk Kong, not the US. While most of the "harmonizing" efforts of the Chinese government have been passive toward the consumer of the "non-harmonious" content, I would fear that this is a sort of precursor towards ISPs in China being required to pass search terms linked to individuals/accounts/addresses to the government for non-harmonious search terms indicating a level of dissent associated with that individual. Call me a tin foil hat but I haven't been too impressed with what's going on out in China. While you might claim it's overhead and too expensive, I guess we might start talking about https (port 443 secure) traffic even for search terms to avoid this inspection? Even that's naive though as the government could just ask the inside search provider for the data ... or failing that block the that port on that provider.

Re:Sure they can (4, Informative)

Bryansix (761547) | more than 4 years ago | (#32015306)

This IS Slashdot right? Let's look at the technical limitations here. As long as your ISP does not block DNS requests then you can use any DNS provider you want and therefore bypass any redirection. If an ISP started blocking the use of other DNS server then I'd say it's time to jump ship.

Re:Sure they can (5, Informative)

Eponymous Coward (6097) | more than 4 years ago | (#32015546)

They don't block DNS requests, they just send all port 53 traffic to their DNS server.

There are a lot of areas with a single good internet option (where 'good' means decent bandwidth and latency). Jumping ship may not be a realistic option.

VPN (2, Insightful)

drolli (522659) | more than 4 years ago | (#32015002)

Use a VPN provider of your choice.

Re:VPN (2, Insightful)

cc1984_ (1096355) | more than 4 years ago | (#32015092)

Use a VPN provider of your choice.

And immediately get throttled by the ISP for using encryption

Re:VPN (1)

Sir_Lewk (967686) | more than 4 years ago | (#32015286)

Does this actually happen in practice? Most people who use VPNs use it because they work from home and their work requires it. I don't think we are at the stage yet where all VPN traffic is assumed to be evil.

In the past I've had more success torrenting things with comcast while VPN'd into my school, then without a VPN at all. Not that my story is evidence of much, but I haven't witnessed any sort of throttling like you claim.

Re:VPN (2, Informative)

poetmatt (793785) | more than 4 years ago | (#32015686)

not happen, happened. Lots of ISP's worldwide, not US only, want you to have a business connection just for daring to establish a VPN connection over it. Usually it ends up being somewhere between 10 and 40$ extra a month depending on country/currency/etc to do so.

right now however, in the us, comcast is staying away from that stuff, at least temporarily. Or if they do throttle, it's on the low end speeds. On my 22/10 they are not throttling anything, nor are they sending warnings and I use what comcast considers massive amounts of bandwidth per month for games/downloads/videos/netflix (>500GB).

Outside the us, these throttling attempts are quite regular. Especially rogers, etc.

Re:VPN (0)

Anonymous Coward | more than 4 years ago | (#32015346)

A VPN to google? A VPN to an isp that currently doesn't do this just delays the enevitable.

MitM of Google (1)

nweaver (113078) | more than 4 years ago | (#32015010)

We've seen a few ISPs that MitM www.google.com in DNS (you can check for yourself in Netalyzr [berkeley.edu] .

Does anyone know (save me looking at a TCPdump) what domain name firefox uses, is it www.google.com or something else, for the google searches?

Re:MitM of Google (3, Informative)

yakatz (1176317) | more than 4 years ago | (#32015238)

Re:MitM of Google (2, Informative)

Sir_Lewk (967686) | more than 4 years ago | (#32015550)

Thank [deity].

I saw that this article was tagged "opendns" and for a moment thought with horror that people were tagging it that as a kind of suggestion that using OpenDNS was a solution to this. It seems like every single fucking time an article comes up about ISPs doing something wrong (generally messing with NXDOMAIN) people come out of the woodwork to suggest using OpenDNS, even though they do the exact same thing and there are plenty of perfectly standards compliant and free DNS providers to chose from.

You link is actually incredibly relevant, thanks.

Re:MitM of Google (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32015252)

It's www.google.com. That's why OpenDNS forges DNS responses for that domain name to redirect to an OpenDNS server. I am really looking forward to DNSSec and SSL keys in the DNS. If the ISPs can't keep themselves from meddling with the traffic, the traffic needs to be authenticated and encrypted to foil their attempts.

Re:MitM of Google (0)

Anonymous Coward | more than 4 years ago | (#32015388)

And then the ISPs will put a stop to dnssec to protect their profits.

Re:MitM of Google (1)

Eponymous Coward (6097) | more than 4 years ago | (#32015580)

Or they will just put their cert into your browser so they can "optimize your web experience".

Re:MitM of Google (0)

Anonymous Coward | more than 4 years ago | (#32015524)

netalyzer is detected by NOD32 as transmitting a threat

4/28/2010 11:19:26 AM HTTP filter file http://n1.netalyzr.icsi.berkeley.edu:80/file/id=43ca253f-21694-9652fbe7-411e-4f9f-b3a7/name=eicar-standard-av-test-file.com Eicar test file connection terminated - quarantined .... Threat was detected upon access to web by the application: C:\Program Files\Java\jre6\bin\java.exe.

Re:MitM of Google (2, Informative)

nweaver (113078) | more than 4 years ago | (#32015564)

The EICAR test "virus" is used to see if you have working AV which is blocking threats that are downloaded from the network.

Please see the FAQ [berkeley.edu] .

Nope (4, Funny)

ffreeloader (1105115) | more than 4 years ago | (#32015016)

Can an ISP just start re-directing search traffic at will?

Not in my book. My ISP started doing some redirection and they got an immediate complaint from me. In person, at their local office. If there was an alternative to their service I would have switched ISP's immediately.

Re:Nope (3, Funny)

Anonymous Coward | more than 4 years ago | (#32015064)

... and how did that work out for you?

Re:Nope (1)

sadness203 (1539377) | more than 4 years ago | (#32015166)

Even if it didn't work, the act in itself is great. If more people were doing that, things might change a bit more.

Congratulation to ffreeloader for doing the right thing.

Re:Nope (4, Insightful)

ffreeloader (1105115) | more than 4 years ago | (#32015236)

Who knows? They have been quite responsive to complaints about services in the past. Even if I don't get an immediate response my voice was heard. They do know at least one of their customers was angry about their conduct. Should I just silently accept them screwing with me and not voice my concerns? That seems to me a guarantee that they won't change their ways.

From your post it seems that you think not standing up for yourself is the way to change things. Don't vote. Don't express your opinion. Be a martyr. How's that working for you? Effecting a lot of change in society are you?

Re:Nope (0)

Anonymous Coward | more than 4 years ago | (#32015606)

Are they still redirecting or not? It's a valid question.

Re:Nope (3, Funny)

John Hasler (414242) | more than 4 years ago | (#32015620)

> Should I just silently accept them screwing with me and not voice my
> concerns?

No. You are supposed to rant selfrightously about evil, greedy corporations and demand that the government "regulate" them into forcing whatever it is that you want on all their customers whether they want it or not, but never make any attempt to communicate your concerns to the company in question. That's the Slashdot way.

Re:Nope (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32015260)

... and how did that work out for you?

I'm sorry, but the proper way to formulate this question is:
"How's that hopey, changey thing working out for ya?"

Re:Nope (1)

kz45 (175825) | more than 4 years ago | (#32015338)

"Not in my book. My ISP started doing some redirection and they got an immediate complaint from me. In person, at their local office. If there was an alternative to their service I would have switched ISP's immediately."

I love how the general slashdot public has this "I should be able to do what I want with my property" attitude with things like file sharing. But when an ISP decides to use that same logic (since you are using their lines to access the Internet) you get pissed off.

Re:Nope (1)

John Hasler (414242) | more than 4 years ago | (#32015478)

> I love how the general slashdot public has this "I should be able to do what
> I want with my property" attitude with things like file sharing. But when an
> ISP decides to use that same logic (since you are using their lines to access
> the Internet) you get pissed off.

I see no contradiction in this specific case. They can do what they want with their property and he can take his business elsewhere if he doesn't like it. He did them the courtesy of telling them what they were doing that he didn't like so that they could consider changing it.

Re:Nope (1)

ffreeloader (1105115) | more than 4 years ago | (#32015638)

Who says I support "file sharing", as in taking copyrighted work without permission?

I have never downloaded a song or movie. I have always purchased all my music, and never buy movies as that doesn't interest me. I just don't buy any music any more. But, that's because of the actions of the RIAA. If they acted ethically I would most likely still be buying music that interests me.

You make some huge assumptions with absolutely no evidence to back them up. You can search all my posts here and you will never find me supporting perceived theft as a way to combat out-of-control copyright laws. You will find me arguing against that kind of behavior.

Re:Nope (1)

Eponymous Coward (6097) | more than 4 years ago | (#32015674)

When you buy an internet connection, I would say there is an implied warranty of merchantability that includes integrity of communication.

You should be able to assume that your inbound and outbound internet traffic isn't effectively altered.

Re:Nope (1)

DiademBedfordshire (1662223) | more than 4 years ago | (#32015680)

When I lease the line it becomes my property, the same when I lease an apartment. The landlord can't come in with out my express permission unless it is a great emergency and I expect my ISP to act the same way.

Re:Nope (3, Insightful)

corbettw (214229) | more than 4 years ago | (#32015690)

If you're paying for a service that requires using someone's else property, they have voluntarily transferred some of their interest and rights in that property to you. Your landlord can't come into the house you're renting from him just because he feels like it, even if a clause permitting it is in the lease agreement. In the same way, if an ISP sells you access to the Internet, they can't start blocking you from certain parts of it without changing the agreement, which requires your consent (after all, it's a contract, and contracts require all parties to agree to it).

Whether the courts would agree with this interpretation is another matter, but this is the way I see it.

Re:Nope (1)

RemoteSojourner (973910) | more than 4 years ago | (#32015736)

Silly Logic. ISP is providing a service and it's okay to get pissed off.

Re:Nope (1)

VisiX (765225) | more than 4 years ago | (#32015492)

The fact that this is modded funny just shows how desperate a situation we are in.

Re:Nope (1)

value_added (719364) | more than 4 years ago | (#32015658)

My ISP started doing some redirection and they got an immediate complaint from me. In person, at their local office.

I imagine that approch would yield a response that consisted of little other than a look of confusion of amazement, or a blank stare that barely suppressed the "I wish this guy would stop talking and go away."

When I call ATT and they discover I have fixed IP addresses, I immediately get transferred in a flurried confusion to second level tech support. When the next level discovers my connection doesn't require PPPoE, I get transferred again. The higher you go, the better your chances of resolving issues, but the less they care about your opinions. And if they do care, the most you can hope for is sympathy. They're typically a customer of the ISP just like you are, and subject to the same problems.

I find comfort in the fact that ATT's employees (field techs included) have to wait on hold and deal with the same idiots the rest of us deal with.

Jews (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32015022)

There is almost certain to be a Sino-Jew behind this treachery.

In China? (0)

Anonymous Coward | more than 4 years ago | (#32015030)

Of course they can. It's China. They outed the almighty Google and they can tell their citizens to do whatever they want.

Re:In China? (1, Funny)

Pharmboy (216950) | more than 4 years ago | (#32015224)

They outed the almighty Google...

Google is gay?

Re:In China? (5, Funny)

Nadaka (224565) | more than 4 years ago | (#32015548)

If any high tech company is going to come out of the closet, it would be apple.

Re:In China? (1)

Minwee (522556) | more than 4 years ago | (#32015634)

Google is gay?

You never wondered about the rainbow colours in their logo?

time for end to end encryption (3, Insightful)

Anonymous Coward | more than 4 years ago | (#32015056)

If these idiots are too dumb to handle being a dumb pipe, we have no choice but to encrypt everything.

Obligatory (-1, Offtopic)

Yvan256 (722131) | more than 4 years ago | (#32015060)

MISTER PROSSER: I’m afraid you’re going have to accept it! This bypass has got to be built and it is going to be built. Nothing you can say or do -

ARTHUR DENT: Why has it got to be built?

MISTER PROSSER: Wha - what do you mean, “why has it got to be built?” It is a bypass! You’ve got to build bypasses!

ARTHUR DENT: Didn’t anyone consider the alternatives?

MISTER PROSSER: There aren’t any alternatives! But you are quite entitled to make any suggestions or protests at the appropriate time!

ARTHUR DENT: Appropriate time?

MISTER PROSSER: Yes.

ARTHUR DENT: The first I knew about it was when a workmen arrived at the door yesterday.

MISTER PROSSER: T- oh!

ARTHUR DENT: I asked him if he’d come to clean the windows and he said he’d come to demolish the house! He didn’t tell me straight away of course. Oh no. First he wiped a couple of windows and charged me a fiver. Then he told me.

MISTER PROSSER: But Mister Dent the plans have been available in the planning office for the last nine months!

ARTHUR DENT: Yes! I went round to find them yesterday afternoon. You’d hadn’t exactly gone out of your way to pull much attention to them have you? I mean, like actually telling anybody or anything.

MISTER PROSSER: The plans were on display.

ARTHUR DENT: Ah! And how many members of the public are in the habit of casually dropping around the local planning office of an evening?

MISTER PROSSER: Er - ah!

ARTHUR DENT: It’s not exactly a noted social venue is it? And even if you had popped in on the off chance that some raving bureaucrat wanted to knock your house down, the plans weren’t immediately obvious to the eye were they?

MISTER PROSSER: That depends where you were looking.

ARTHUR DENT: I eventually had to go down to the cellar!

MISTER PROSSER: That’s the display department.

ARTHUR DENT: With a torch!

MISTER PROSSER: The lights, had probably gone.

ARTHUR DENT: So had the stairs!

MISTER PROSSER: Well you found the notice didn’t you?

ARTHUR DENT: Yes. It was on display in the bottom of a locked filing cabinet, stuck in a disused lavatory with a sign on the door saying “Beware of the Leopard”. Ever thought of going into advertising?

MISTER PROSSER: It’s not as if it is a particularly nice house anyway.

ARTHUR DENT: I happen rather to like it!

MISTER PROSSER: Mister Dent!

ARTHUR DENT: Yes. Hello.

MISTER PROSSER: Have you any idea how much damage that bulldozer would suffer if I just let it roll straight over you?

ARTHUR DENT: How much?

MISTER PROSSER: None at all!

Re:Obligatory (0)

Anonymous Coward | more than 4 years ago | (#32015164)

Oblig? SRSLY?

TLDR, brah

Re:Obligatory (1)

Yvan256 (722131) | more than 4 years ago | (#32015372)

Title is by-passing. I was expecting a funny reply about "you've got to build bypasses!" in the "letter from your ISP" format.

Man in the Middle (0)

Anonymous Coward | more than 4 years ago | (#32015070)

Isn't this basically a Man in the Middle attack?

Can you circumvent by specifying your own set of DNS servers(instead of the DHCP assigned ISPs)?

Re:Man in the Middle (2, Informative)

Nadaka (224565) | more than 4 years ago | (#32015200)

You can try. It might even work this time. But they can also choose to misdirect the request based on the IP address because they literally are the man in the middle, your traffic must pass through their routers.

Re:Man in the Middle (1)

Volante3192 (953645) | more than 4 years ago | (#32015230)

Or run your own DNS server?

Obviously (0)

Anonymous Coward | more than 4 years ago | (#32015082)

Yes.

Re:Obviously (1)

Pharmboy (216950) | more than 4 years ago | (#32015302)

Best answer so far. Yes they can. The real question should be "SHOULD they do this".

Re:Obviously (1)

Yvan256 (722131) | more than 4 years ago | (#32015384)

No.

Re:Obviously (1)

Nadaka (224565) | more than 4 years ago | (#32015572)

Obvious answer as well. The real question is, what can you do about it?

Encryption (5, Insightful)

dmbasso (1052166) | more than 4 years ago | (#32015088)

And that's why we should start using encryption for everything...

Re:Encryption (4, Insightful)

JesseMcDonald (536341) | more than 4 years ago | (#32015612)

Remember that encryption won't help without authentication; your ISP will just MITM all your encrypted traffic. You need to know who you're really talking to.

Re:Encryption (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32015754)

It's obviously better with authentication, but even if you don't authenticate and they MitM you, you're costing them some resources. Best of all, a Man in the Middle might not know whether you have authentication or not. If you know the other guy's key id and the MitM thinks you don't, then you've just honeypotted them.

I have the perfect solution (1)

Bob Cat - NYMPHS (313647) | more than 4 years ago | (#32015746)

Use Google's DNS.

8.8.8.8
8.8.4.4

Pretty easy to remember, too.

Not much evidence yet... (5, Insightful)

Interoperable (1651953) | more than 4 years ago | (#32015094)

The article is a single post on a forum from one user with no follow-up. Can anyone else confirm the allegation?

Re:Not much evidence yet... (3, Informative)

sam0737 (648914) | more than 4 years ago | (#32015510)

It's PCCW. What I have heard is they are hijacking NXDOMAIN, but not sure about redirecting the location bar. Maybe Firefox will try to lookup for domain for single name hostname, hence giving an impression that it redirects if your "search term" is just one word.

Re:Not much evidence yet... (4, Informative)

jimicus (737525) | more than 4 years ago | (#32015628)

Indeed, the poster only discusses what happens when he puts the name of a website into Firefox's address bar. By default, that will carry out a DNS lookup and if that lookup fails, Firefox will redirect to a Google "I'm feeling lucky" result.

Lots of ISPs are intercepting failed DNS requests and injecting their own ad page, there's usually a way to bypass this.

Your asking like this is a crime in china... (0)

Anonymous Coward | more than 4 years ago | (#32015104)

remember this is china...they can redirect other countries traffic and get away with it by bowing and saying sowwie a few times...

Clearly illegal (0)

Anonymous Coward | more than 4 years ago | (#32015128)

At least in countries with sane laws, this is a man-in-the-middle attack on the communication between the user and Google, in the course of which data is falsified. I believe we call people who do something like that "terrorists" nowadays.

Sleezy (4, Interesting)

nicolas.kassis (875270) | more than 4 years ago | (#32015144)

This is as sleezy as it gets for an ISP. I hope firefox and google setup some sort of trusted cert and use HTTPS for the traffic from that bar. That might make it much harder for them to do men in the middle attacks of the sort. Google could sue the ISP for impersonation or something similar.

Why? (1, Informative)

B5_geek (638928) | more than 4 years ago | (#32015152)

For the love of $deity why would _anybody_ still be using the DNS server that their ISP provides?
Ignoring the multiple FREE DNS providers out there, it is trivally easy to setup your own caching DNS server regardless of the OS platform you use.

With the abundance of 'old' computers that most people upgrade from, it shold be standard practice to setup an old box as a firewall/dns server.

Re:Why? (0)

Anonymous Coward | more than 4 years ago | (#32015304)

I had to do this at my parents house. Their provider (I forget the name but it's a cable co) does this. They have an opt-out cookie, but that doesn't really work for all applications.
4.4.4.1-4.4.4.6 ftw

Re:Why? (1)

Get on the boat (1601391) | more than 4 years ago | (#32015314)

Must have missed "Manual DNS server configuration" next to step 2: Plugging in your new PC.

Re:Why? (1)

Anne_Nonymous (313852) | more than 4 years ago | (#32015320)

>> With the abundance of 'old' computers that most people upgrade from, it shold be standard practice to setup an old box as a firewall/dns server.

Imagine how much power we'd save if everybody did this.

Re:Why? (4, Insightful)

koreaman (835838) | more than 4 years ago | (#32015322)

Do you really believe the average firefox user has the technical know-how to even understand what a DNS server is, let alone how to setup and configure one, even if it is "trivially easy" for you? Please...

Re:Why? (1)

wondafucka (621502) | more than 4 years ago | (#32015400)

For the love of $deity why would _anybody_ still be using the DNS server that their ISP provides? Ignoring the multiple FREE DNS providers out there, it is trivally easy to setup your own caching DNS server regardless of the OS platform you use.

With the abundance of 'old' computers that most people upgrade from, it shold be standard practice to setup an old box as a firewall/dns server.

Really? You can set up a firewall/dns box, but you aren't familiar with laziness. Also, for the majority of internet users, setting up a firewall / dns server is not trivial. For a majority of internet users, changing the desktop background is not trivial. This affects non-nerds....you know, most people.

Re:Why? (0)

Anonymous Coward | more than 4 years ago | (#32015408)

You're being silly, right? You can't possibly think that everyone's that computer literate, can you?

Re:Why? (2, Insightful)

_Shad0w_ (127912) | more than 4 years ago | (#32015488)

It's also very easy for your ISP to intercept all DNS queries, regardless of where they're being sent, and handle them themselves. I know of an ISP that does this.

It would, of course, be possible to run an encrypted tunnel to a remote machine with a caching DNS server on it, then direct all your queries to that. I suspect this is far beyond the ken of most normal users. Just setting up a caching name server is beyond the ken of normal users. Most of them can handle turning computers on and click icons. Some of them have problems with that.

Re:Why? (1)

The MAZZTer (911996) | more than 4 years ago | (#32015522)

8.8.8.8 and 8.8.4.4. That is all.

Routine Altering of DNS? Really? (1)

Petersko (564140) | more than 4 years ago | (#32015526)

"For the love of $deity why would _anybody_ still be using the DNS server that their ISP provides? Ignoring the multiple FREE DNS providers out there, it is trivally easy to setup your own caching DNS server regardless of the OS platform you use."

Because the internet stoppped being just for techies 10 years ago? Step out of your little bubble, you dweeb, and look around. First you have to give a crap about the concept of a DNS, which is exactly one step too far for the vast majority of folks.

Rightly so, too. If my family had to worry about things like that they would never have gotten any further than the occasional email.

In my past I've frequently been in your position - wondering why the whole world doesn't give a crap about some ridiculous thing I think is incorrect. However, this year I'm turning 40, and for some reason I'm starting to get the other perspective. The "ridiculous" is on the other side.

Re:Why? (0)

Anonymous Coward | more than 4 years ago | (#32015594)

For the love of $deity why would _anybody_ still be using the DNS server that their ISP provides? Ignoring the multiple FREE DNS providers out there, it is trivally easy to setup your own caching DNS server regardless of the OS platform you use.

With the abundance of 'old' computers that most people upgrade from, it shold be standard practice to setup an old box as a firewall/dns server.


You're not really in touch with the "common man" very often, are you?

Re:Why? (0)

Anonymous Coward | more than 4 years ago | (#32015614)

Unfortunately DNS is still mostly unauthenticated. It's a connectionless protocol, so it's easily redirected. There are quite a few networks where packets to port 53 will always end up at the ISP's DNS server. Should you decide to use a different port, there's certainly a deep packet inspection rule waiting to be activated to catch that too. It's time for DNSSec and opportunistic encryption with DNS-supplied keys. (I should note that SSL keys in DNS are a real killer application for DNSSec, so ISPs won't be able to just disable DNSSec.)

That said, for now most people who care about this kind of stuff can work around meddling ISPs by using a public DNS server (not OpenDNS, they redirect www.google.com) or running a DNS server locally (here's one for Windows: Unbound [unbound.net] ).

Making their own argument for net neutrality... (4, Insightful)

MikeRT (947531) | more than 4 years ago | (#32015178)

Most people still believe that just because you can legally do something, doesn't mean you should. When businesses do every sneaky, duplitious thing they can to make a buck, they push that natural tendency toward expecting civility and something resembling high-mindedness in civilized people straight into the Socialist camp.

As a Capitalist, that really offends me. If businesses want to be treated laissez faire then they damn well better learn to make society not feel like they're a bunch of crooks who care so little about the common good that if regulators aren't going Big Brother on them every nanosecond they'll steal everything that isn't nailed down and cheat everyone who isn't paying 110% attention to every detail of their lives.

Re:Making their own argument for net neutrality... (3, Insightful)

Anonymous Coward | more than 4 years ago | (#32015656)

Indeed! Adam Smith's laissez faire was based on thousands of small, independent businesses --not a few monopolies. Perhaps that is why in Europe people are not bothered by the idea of government intrusion in controlling their lives, but rather big business intrusion and controlling their lives.

Re:Making their own argument for net neutrality... (1, Informative)

jimicus (737525) | more than 4 years ago | (#32015662)

As a Capitalist, that really offends me. If businesses want to be treated laissez faire then they damn well better learn to make society not feel like they're a bunch of crooks who care so little about the common good that if regulators aren't going Big Brother on them every nanosecond they'll steal everything that isn't nailed down and cheat everyone who isn't paying 110% attention to every detail of their lives.

... which is precisely why there is regulation in every civilised society on the planet, and no such thing as a 100% capitalist society.

Re:Making their own argument for net neutrality... (1)

John Hasler (414242) | more than 4 years ago | (#32015742)

> ...a bunch of crooks who care so little about the common good that if
> regulators aren't going Big Brother on them every nanosecond they'll steal
> everything that isn't nailed down and cheat everyone who isn't paying 110%
> attention to every detail of their lives.

That pretty much describes the entire human race. Including the "regulators".

They can if they're in China (3, Insightful)

elrous0 (869638) | more than 4 years ago | (#32015228)

This is, after all a Chinese city redirecting search traffic away from Google. Hardly surprising, considering the recent lack of love between the Chinese government and Google (even though Hong Kong is *supposedly* exempt from much of China's more repressive policies)

Re:They can if they're in China (0)

Anonymous Coward | more than 4 years ago | (#32015768)

Verizon does it to me here in America!

Posting anonymously due to the user agreement with Verizon.

This is why we need net neutrality (4, Insightful)

Fallen Kell (165468) | more than 4 years ago | (#32015262)

A perfect example of why we need net neutrality rules in place. An ISP should not be allowed to modify packets or redirect packets to/from known destinations.

More profit! (1)

redscare2k4 (1178243) | more than 4 years ago | (#32015278)

1) Be an ISP
2) Create an online shop ala amazon.
3) Redirect all users to your shop
4) Profit!

Re:More profit! (4, Funny)

Yvan256 (722131) | more than 4 years ago | (#32015442)

They could even be sleazy and open up shops that almost look like the same name depending on the font used.

Shop at Arnazon.com!

Re:More profit! (0)

Anonymous Coward | more than 4 years ago | (#32015456)

Won't work in "western" countries because they'd at least get sued for trademark infringement by Amazon, etc.

DNS not Search Bar (0)

Anonymous Coward | more than 4 years ago | (#32015316)

FTA, it's a DNS issue, not a search bar takeover.

Geez! I tell ya... (0)

Anonymous Coward | more than 4 years ago | (#32015356)

I just want direct access to the Internet backbone! Enough of this shit. I've heard more than one story about ISPs doing stuff like redirecting connections, monitoring people, disallowing access to certain sites or services (e.g. bit torrent). I just want to tap into the backbone!

communist China (0, Flamebait)

SethJohnson (112166) | more than 4 years ago | (#32015382)



Isn't it ironic that the strongest bastion of communism is actually the most viciously capitalistic business environment?

Seth

My ISP has been doing this for some time now (3, Interesting)

the plant doctor (842044) | more than 4 years ago | (#32015420)

I use a small, local telephone company for my DSL. They're reliable, not the fastest or the cheapest, but hey, it's pretty much a monopoly unless I want the cruddy cable service provider that is unreliable in their connectivity and just as expensive.

For six years now I've dealt with this. At work I just type a keyword and end up at the site I wanted. At home I do that by mistake and I get a page with an advertisement for something local saying the page couldn't be found.

Extremely annoying, but I don't have much choice as I don't want cable or their cruddy service, so I deal with it.

Re:My ISP has been doing this for some time now (0)

Anonymous Coward | more than 4 years ago | (#32015748)

My ISP (UPC Ireland) do it, but at least they're kind enough to tell you how to disable it, even if the answer is at the bottom of a page, 6 links in, down in the depths of their website.

Kindness is relative I suppose.

Probably NXDOMAIN wildcarding.... (5, Informative)

nweaver (113078) | more than 4 years ago | (#32015654)

What firefox does is first try to do DNS lookups for:
foo
foo.com
www.foo.com

before launching the google search.

Thus NXDOMAIN wildcarding (which is unfortunately growing very common, distressingly so in our data) will mess up the firefox behavior by causing one of the three names to resolve to the "helpful" search page belonging to the ISP.

Yes (1)

Danathar (267989) | more than 4 years ago | (#32015726)

They can if they are in China.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>