Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How One Man Fought His ISP's Bad Behavior and Won

Soulskill posted about 10 months ago | from the i-bet-he-had-lasers dept.

The Internet 181

An anonymous reader writes "Eric Helgeson documents his experience with an unscrupulous ISP that was injecting affiliate IDs into the URLs for online retailers. 'It appears that the method they were using was to poison the A record of retailers and do a 301 redirect back to the www cname. This is due to the way apex, or 'naked' domain names work.' Upon contacting the ISP, they offered him access to two DNS servers that don't perform the injection, but they showed no indication that they would stop, or opt-out any other subscribers. (It was also the only wireless provider in his area, so he couldn't just switch to a competitor.) Helgeson then sent the data he gathered to the affiliate programs of major retailers on the assumption that they'd be upset by this as well. He was right, and they put a stop to it. He says, 'ISP's ask you to not do crummy things on their networks, so how about they don't do the same to their customers?'"

Sorry! There are no comments related to the filter you selected.

Fucking GAY!!!' (-1)

Anonymous Coward | about 10 months ago | (#45834819)

horse cock!

Repost! (-1)

Anonymous Coward | about 10 months ago | (#45834825)

Read it on Reddit hours ago.

Re:Repost! (-1)

Anonymous Coward | about 10 months ago | (#45834969)

Thanks for the update. Now that you've informed us, you can safely go back to all the other drooling mouth-breathers at reddit and continue your circle-jerk.

Re:Repost! (5, Funny)

228e2 (934443) | about 10 months ago | (#45835209)

I think I read 75% of the things here elsewhere around a day in advance.
Slashdot isn't (well, in its prime) where you come for breaking news, it's where you go (again, back in its prime) for great intellectual technological discussions.

Re:Repost! (1, Offtopic)

ArchieBunker (132337) | about 10 months ago | (#45835449)

Most of the "news" on here is days or even weeks old by the time its posted. I remember when sites actually linked to slashdot for news.

Use public DNS (5, Informative)

DigiShaman (671371) | about 10 months ago | (#45834829)

Google DNS is 8.8.8.8. and 8.8.4.4
Open DNS is 208.67.222.222 and 208.67.220.220

Norton Safe Connect (personal use, not for business) is 199.85.126.10 and 199.85.127.10. Supposed to protect against malware, phishing sites, and scams.
https://dns.norton.com/dnsweb/homePage.do [norton.com]

Re:Use public DNS (-1, Troll)

game kid (805301) | about 10 months ago | (#45834845)

A good suggestion, though I wouldn't trust Google not to do the same or worse with their DNS.

Re:Use public DNS (5, Informative)

Nerdfest (867930) | about 10 months ago | (#45834955)

You can try this [google.com] tool to check your existing DNS for performance and behaviour. Google's is very well behaved by the way, so please don't spread FUD.

Re:Use public DNS (5, Informative)

Nerdfest (867930) | about 10 months ago | (#45834979)

I should add that both Google DNS and OpenDNS support DNS-SEC which is nice as well. OpenDNS also supports a form of DNS request encryption which hides even the sites you go to.

Re:Use public DNS (2)

Nerdfest (867930) | about 10 months ago | (#45835149)

Sorry, looks like I was incorrect. OpenDNS does not seem to support DNSSEC. It does support DNSCrypt.

Re:Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835187)

Sorry, looks like I was incorrect. OpenDNS does not seem to support DNSSEC. It does support DNSCrypt.

And, supposedly DNSCurve - even better!

DNSSEC sucks compared to DNSCurve - it uses poor and slow crypto, it only provides signing, and it does not encrypt the channel. There is no privacy with DNSSEC!

Re:Use public DNS (4, Interesting)

arth1 (260657) | about 10 months ago | (#45835031)

You can try this [google.com] tool to check your existing DNS for performance and behaviour. Google's is very well behaved by the way, so please don't spread FUD.

I think his point was that Google's DNS is very well behaved now, but that there is no guarantee that any DNS run by a major advertisement funded business won't, in the future, be tempted to put profit over principles.
Blind trust is seldom a recipe for long term success. Uncertainty and doubt might be in order.

Re:Use public DNS (5, Insightful)

Anonymous Coward | about 10 months ago | (#45835077)

I think the point is that Google pwns every bit of information about you.

It's not good enough that they track you at every site that uses Analytics, every site that uses AdWords, every site you go to from their search engine, every site you visit with their Toolbar in play. (I'm forgetting a hundred other ways they suck your data.)

Nah, not good enough. Why not tell google every single DNS lookup you ever make??

Why do people mistrust the NSA so much and yet think Google is some kind of sparkly-super-shiny white hat? They work very hard to provide you with tons of free services that give them this wealth of information about you. WHY do they give you these????

Re:Use public DNS (3, Insightful)

aevan (903814) | about 10 months ago | (#45835235)

Google hasn't (to my knowledge) black-bagged anyone.

On the other hand, there are powerpoints saying they'll hand off the info to the people who then will do it...

Re:Use public DNS (1)

drkim (1559875) | about 10 months ago | (#45835505)

Google hasn't (to my knowledge) black-bagged anyone...

Even if they had, where could you look it up?

Re: Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835575)

Even if they had, where could you look it up?

Bing.

Re: Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835649)

Bingo.

Re: Use public DNS (1)

Anonymous Coward | about 10 months ago | (#45835667)

was his name-ooooohhh!

Re:Use public DNS (1)

zippthorne (748122) | about 10 months ago | (#45835239)

If NSA would provide a DNS that was as up-to-date and so-far non-shady as google's, people would probably use that as well.

It's not so much that google is better than the NSA, but you do have the choice not to use certain services, and it is obvious that they must be monitoring them somehow.

Other services that google uses to track you that are not opt-in are less well-liked.

Re:Use public DNS (2, Informative)

Anonymous Coward | about 10 months ago | (#45835267)

The privacy policy for Google Public DNS is different than that for the rest of Google. It's also public. You can, you know, read it, then you can stop spreading FUD. https://developers.google.com/speed/public-dns/privacy

Therefore more Google = less tracking (2)

raymorris (2726007) | about 10 months ago | (#45835665)

> It's not good enough that they track you at every site that uses Analytics,
> every site that uses AdWords, every site you go to from their search engine,
> every site you visit with their Toolbar in play. (I'm forgetting a hundred other ways they suck your data.)

Factoring in a few of the other ways you didn't list, like sites with YouTube videos, we can guess Google is aware of about 85% of consumer web traffic. Using their DNS would tell them the only the hostname of the other 15%, and only once per TTL. So call that 7% from using Google's DNS.

Using anyone else's DNS gives that other company 100% of your lookups rather than the 0% they had before. 100% is a lot more than 7% or 15%, so you're giving up a lot more privacy by using any DNS other than Google.

In other words, Google already knows which sites you're visiting - you got to those sites by searching Google. Why would you also give that information to some other company?

That was my thought process after I found that Chrome is so good for web development. I'm using Chrome, so Google has a profile of my web surfing. There is no reason to let another company have the same information, so I'm better off using Google services all around. (Besides the fact that Google provides good services, which get better as they are integrated.)

Re:Use public DNS (2)

Decker-Mage (782424) | about 10 months ago | (#45835169)

On the other hand (I'm also an economist, sue me!), when/if Google were to try this, there would be open rebellion among the interneterati. Not that most people would even notice, but then again, they don't seem to think much, if at all, about the NSA spying scandals either. For those of us that actually might care about this, couple of clicks or one shell-script and we're invisible.

Re:Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835277)

On the other hand (I'm also an economist, sue me!), when/if Google were to try this, there would be open rebellion among the interneterati.

In light of the lack of noticeable response after Google replaced 2/3 of the search results with ads (some for third parties and some for Google's own non-search services), that seems an unlikely prediction.

Re:Use public DNS (4, Interesting)

adolf (21054) | about 10 months ago | (#45834981)

A good suggestion, though I wouldn't trust Google not to do the same or worse with their DNS.

Trust? Why is trust necessary? Because it's hard to look at the address bar and see that you haven't [amazon.com] wound up at an affiliate link [amazon.com] ?

Re:Use public DNS (1)

Decker-Mage (782424) | about 10 months ago | (#45835173)

The one day I don't have mod-points. +5 ROFLMAO.

Re:Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835753)

Anyone using the google/doubleclick/nsa dns is a total and complete idiot anyway.

Re:Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835017)

No, Google wouldn't do that with their DNS. It'd be much easier to do that in their browser.

Re:Use public DNS (1)

Runaway1956 (1322357) | about 10 months ago | (#45835351)

As Nerdfest points out, Google makes namebench available for free. It does help to locate the best DNS server available in your area. In fact, I have used namebench a number of times, and Google's servers always rank high in the results. Seldom are they "the best", but they always rank high. Depending on the criteria you use to determine "the best", there are always much worse servers than Google's. The only criteria that you might use that would ever disqualify Google's DNS servers, is if you put in "not Google". There has never been any evidence that Google misuses or abuses it's DNS servers. If you have any such evidence, I would be happy to see it.

Re: Use public DNS (3, Informative)

corychristison (951993) | about 10 months ago | (#45834865)

Personally use 4.2.2.[1-6]
I think they are provided by Level 3. Get great response time here in the Canadian Prairies.

I've never trusted my ISP's DNS servers.

Re: Use public DNS (1)

Anonymous Coward | about 10 months ago | (#45835019)

you can just run your own server and configure it with the roots. there is absolutely no
performance reason not to, unless you think you're going to get alot of cache locality
with your fellow subscribers

am i missing something? its usually just a single yum/apt-get command

Re: Use public DNS (1)

Decker-Mage (782424) | about 10 months ago | (#45835185)

Proper configuration is the part that kills most servers and it isn't something to take lightly. Distributed Denial of Service (DNS amplification) attacks are enabled by any idiot setting up a DNS server without knowing WTF they are doing. So yeah, go ahead and do it.

Re: Use public DNS (1)

Runaway1956 (1322357) | about 10 months ago | (#45835369)

The typical workstation DNS server doesn't serve anyone outside of the local LAN. And, if it were configured to serve requests from the WAN, it's unlikely that your personal server would attract much notice outside of your LAN.

DDOS attacks don't rely on private DNS servers. It's really that simple.

Re: Use public DNS (2)

DamonHD (794830) | about 10 months ago | (#45835503)

Really depends what you mean by 'private'.

I've been running my own (mine/company) Internet-facing DNS almost since there was live IP in the UK and I got caught out by this.

And I still see people regularly *trying* to use my DNS for amplification, ie probing, or at least laundering their attacks, but give up, after I made the appropriate fixes.

And I'm not alone. (See recent item on The Register for example.)

Rgds

Damon

Re:Use public DNS (1)

jones_supa (887896) | about 10 months ago | (#45834907)

Those work a bit slower as they are not in your network.

Re:Use public DNS (1)

DigiShaman (671371) | about 10 months ago | (#45834935)

Depends. For many small ISPs, they are closer in hop count in the network, but often hosted on slower hardware or the cache has expired due to TTL; in which case they look up to the root servers anyways. In the case of Comcast, they're moving away from local managed DNS servers to public ones for their subscribers. In their case, that would be 75.75.75.75 and 75.75.76.76. In short, the turn around in packet responsiveness may be slower to Googles DNS servers by 20 to 30ms, but the CPU response on the backend more than makes up for it. Depending on where you live and who's your ISP, YMMV.

Re:Use public DNS (1)

adolf (21054) | about 10 months ago | (#45834951)

Those work a bit slower as they are not in your network.

Not necessarily.

Google's DNS, along with some/all of the L3 servers use Anycast [wikipedia.org] to automagically find the closest one (of many), network-wise.

And in any event, they work faster than my own ISP's nameservers.

Re:Use public DNS (1)

Anonymous Coward | about 10 months ago | (#45834915)

Good suggestion, but not always useful: some of scummier ISPs actually intercept and spoof DNS traffic, which is trivial to do.

Re:Use public DNS (1)

Anonymous Coward | about 10 months ago | (#45834959)

As others have mentioned, that doesn't help if your ISP is intercepting and rewriting DNS traffic. Remember that DNS is almost always UDP and pretty much always completely unencrypted.

Re:Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835013)

OpenDNS does not support DNSSEC. They do not validate DNSSEC enabled domains, which make it quite less useful than Google's DNS server which does support DNSSEC.

For people that wander about this, DNSSEC would prevent this type of redirection attack.

Re:Use public DNS (0)

Anonymous Coward | about 10 months ago | (#45835043)

OpenDNS is a nxdomain hijacking bitch.

Re:Use public DNS (1)

bloodhawk (813939) | about 10 months ago | (#45835055)

seriously you are suggesting someone concerned about abuse of information use a google DNS Server?

Re:Use public DNS (2, Informative)

Anonymous Coward | about 10 months ago | (#45835073)

Other dns servers as well.

Cisco
128.107.241.185
192.135.250.69

Verizon (Level3) Nameservers
4.2.2.1
4.2.2.2
4.2.2.3
4.2.2.4
4.2.2.5
4.2.2.6

SpeakEasy Nameservers
66.93.87.2
216.231.41.2
216.254.95.2
64.81.45.2
64.81.111.2
64.81.127.2
64.81.79.2
64.81.159.2
66.92.64.2
66.92.224.2
66.92.159.2
64.81.79.2
64.81.159.2
64.81.127.2
64.81.45.2
216.27.175.2
66.92.159.2
66.93.87.2

ORSC Public Access DNS Nameservers
199.166.24.253
199.166.27.253
199.166.28.10
199.166.29.3
199.166.31.3
195.117.6.25
204.57.55.100

Sprintlink General DNS
204.117.214.10
199.2.252.10
204.97.212.10

Comcast
75.75.75.75
75.75.75.76

Never know when a server will be unreachable. It's nice to have a list saved locally you can lookup.

Re:Use public DNS (1)

AK Marc (707885) | about 10 months ago | (#45835621)

198.6.1.3

NS1 for the former great UUNET. No idea who runs it now after the MCI buyout and possible transfers since, but it's never let me down.

Re:Use public DNS (1)

matria (157464) | about 10 months ago | (#45835121)

Well that was interesting. I don't know exactly what was going on, but when I changed by router's DNS from the default (ISP-provided) to one of these, there was a startling improvement in initial page load speeds for several sites that I checked.

Re:Use public DNS (3, Interesting)

Runaway1956 (1322357) | about 10 months ago | (#45835385)

You may use a random server supplied by any person on the internet. Results will be random, of course. Why not use a tool designed to find the best servers FOR YOU? You could see an even greater improvement.

https://code.google.com/p/namebench/ [google.com]

Default ISP servers are often the worst of the worst.

Re:Use public DNS (1)

matria (157464) | about 10 months ago | (#45835413)

Thank you very much! Over the years I have gotten many useful apps and utilities from posts like this.

Re:Use public DNS (1)

matria (157464) | about 10 months ago | (#45835467)

Rather amusing. The six top recommended servers were exactly those posted above.

Re:Use public DNS (1)

Runaway1956 (1322357) | about 10 months ago | (#45835857)

I might suspect that you are geographically close to the poster above, then. ;)

I'm glad you found it useful!

Re:Use public DNS (2, Interesting)

Pichu0102 (916292) | about 10 months ago | (#45835143)

Downside of using shared DNS servers is that some servers, like those for Sony's PSN, try to get you to download from servers based on your DNS server.

Why? I have no clue. However, it kills your connection speed until you reset it to your local ISP's DNS servers. Be wary.

Re:Use public DNS (3, Interesting)

Centurix (249778) | about 10 months ago | (#45835275)

Nope, even using Google's DNS won't save you: ISP's hijack DNS that aren't theirs [hackercodex.com]

For me I had to use DNSMASQ on my router and add: bogus-nxdomain=209.222.14.3 to stop Telstra from "helping" my DNS requests when using 8.8.8.8 and 8.8.4.4...

DNSSEC (3, Insightful)

tepples (727027) | about 10 months ago | (#45834831)

From the featured article: "There is currently no way to validate the DNS record you’re being served is what the person hosting the website intended." Apparently the author hasn't heard of DNSSEC.

Re:DNSSEC (0)

Anonymous Coward | about 10 months ago | (#45834875)

Nobody actually uses DNSSEC, it's too much of a pain to work with because of issues like expiring certificates.

Re:DNSSEC (1)

Nerdfest (867930) | about 10 months ago | (#45834987)

I've used DNSSEC for the last couple of years and haven't had any problems at all. It's also quite easy to set up, under Linux at least. I would assume other OS's are similar.

Re:DNSSEC (0)

Anonymous Coward | about 10 months ago | (#45834883)

Whole lot of browsers and other end-user software have DNSSEC enabled, yah? What, no?

Oh...

Re:DNSSEC (4, Funny)

SuricouRaven (1897204) | about 10 months ago | (#45835479)

It's scheduled for widespread deployment some time between the domestic service rollout of IPv6 and the year of linux on the desktop.

Not wireless (5, Informative)

Anonymous Coward | about 10 months ago | (#45834881)

(It was also the only wireless provider in his area, so he couldn't just switch to a competitor.)

No, the blog says:

You may be asking why don’t I switch ISPs? Well they are the only one besides a wireless provider in my area.

Which means there are 2 ISPs. The one he's using is not wireless, and the other one is wireless.

Re:Not wireless (0)

Anonymous Coward | about 10 months ago | (#45834913)

Good correction.

Re:Not wireless (0)

Anonymous Coward | about 10 months ago | (#45835161)

(It was also the only wireless provider in his area, so he couldn't just switch to a competitor.)

No, the blog says:

You may be asking why don’t I switch ISPs? Well they are the only one besides a wireless provider in my area.

Which means there are 2 ISPs. The one he's using is not wireless, and the other one is wireless.

Which could basically mean that one ISP is viable, and one is not. Obviously there is a reason he did not switch providers, and instead went through quite a bit to have his current provider correct things.

Just because you may have some other choice in your area doesn't mean it's a viable one for your needs. If I had a choice between a 50Mb fiber link and going back to a 3Mb DSL link, you better believe I'd be bitching instead of switching.

Re:Not wireless (1)

tysonedwards (969693) | about 10 months ago | (#45835243)

In all likelihood, he probably had the choice of four Satellite internet providers, and possibly even some Cellular ones too.

That's not to say that if he caught DNS Injection that he would likely be happy with the service.

Re:Not wireless (1)

FuzzNugget (2840687) | about 10 months ago | (#45835249)

OK, so it means it was less of a pain to fight his dirt bag ISP than to switch to the one that is inherently shitty.

Yes, that's how shitty wireless ISPs are.

Which ISP? (2)

jones_supa (887896) | about 10 months ago | (#45834919)

Name of the ISP please?

Re:Which ISP? (1)

Anonymous Coward | about 10 months ago | (#45834963)

"Then I noticed one of the affiliate’s name was Arvig, which happens to be my ISP."

Re:Which ISP? (0)

Anonymous Coward | about 10 months ago | (#45834973)

Arvig (in the article)

Re:Which ISP? (2)

Crudely_Indecent (739699) | about 10 months ago | (#45834975)

FTA: Arvig

what a stupid fuck (0)

Anonymous Coward | about 10 months ago | (#45834933)

he should NOT have responded back to the ISP with details of his actions (reporting the hidden redirects to retailers and affiliate networks); the first seven words of last sentence was enough. then left it up to THEM (by way of termination of affiliate accounts, denial of commission payments, etc) to make this "service" and the party company the ISP deals with worthless due to lack of participating merchants and affiliate networks. if the ISP kept the revenue stream but later removes the alternate (clean) name servers, or does not disclose the practice of DNS redirect, THEN take a more aggressive stance, including contact with the state ag and puc.. with the final 'nuclear' option being becoming an affiliate of an affected merchant or merchants, and then filing a lawsuit against the ISP, and the company they contract the service from, for fucking up his own affiliate links.

A company with little big man syndrome (3, Interesting)

Anonymous Coward | about 10 months ago | (#45834953)

Being from the part of Minnesota that Arvig is based in, I can tell ya, this behavior is very typical of them.

When I had gotten set up upon moving into the area, the install tech bragged how all the homes (over 200 of them) on this part of town were all connected on 1 cable loop. It was a heads up from the tech that I should have paid attention to. I ended up cancelling my service early due to a consistent 1mb down every Friday and Saturday when I was paying for 10mb. Customer service actually said "we guarantee up to 10mb" "10mb is the maximum you will get"

So many have switched over to 4g hotspots, they actually cut the offices hours here.

Public DNS considered harmful (4, Interesting)

kriston (7886) | about 10 months ago | (#45834977)

Saw this in Reddit this morning but thanks for reposting it.

Seriously, the drawback to using public DNS like OpenDNS and Google DNS is that they present a serious performance problem.

Even though the physical DNS servers are "anycast" and geographically diverse, the IP addresses are still the same. Threrefore, the large content delivery networks (CDNs) like Akamai and LimeLight still use the IP address of the DNS server to judge your location.

Therefore, any service that uses a CDN (even Google's use them in spite of their own network) will really serve your content out of a data center that is not geographically or logically near your machine's location.

The article (if you read it) mentions that his ISP, like most that have similar revenue-extracting services, really does offer alternative DNS servers that do not pack affiliate cookies. You should use those if you want to enjoy high-performance, edge-serve content via Akamai (AKAM) and LimeLight (LLNW).

Otherwise, you'll all get your edge content served from some random data center in the central USA.

Re:Public DNS considered harmful (0)

Anonymous Coward | about 10 months ago | (#45835033)

Fairly sure I read /. comment saying this is a solved problem.

Re:Public DNS considered harmful (2)

jd2112 (1535857) | about 10 months ago | (#45835059)

>

Otherwise, you'll all get your edge content served from some random data center in the central USA.

Unless you happen to be in central USA, in which case content will be served from a server somewhere near Timbuctu.

Re:Public DNS considered harmful (1)

MarkRose (820682) | about 10 months ago | (#45835125)

In my experience, using public DNS has solved far more problems. Quite often ISP DNS servers are slower to respond, do nasty things like wildcard unresolvable addresses to some dumb search page, and, as you mention, cause CDN requests to be directed to overloaded and bandwidth starved edge servers (and the YouTube CDN in particular when the ISP has its own video service...).

Re:Public DNS considered harmful (5, Interesting)

drmofe (523606) | about 10 months ago | (#45835133)

I commented on the reddit thread in the same vein as you and got downvoted. So I did some research. Several contributors to that thread suggest that Google DNS has solved the CDN problem by adding and original IP field that the CDN can use to geolocate the subscriber. This is due to Google implementing edns-client-subnet EDNS0 extensions as of late-2011.

Re:Public DNS considered harmful (1)

kriston (7886) | about 10 months ago | (#45835201)

Yes, that is, if the CDN has also implemented EDNS0 extensions, which some have not.

Thanks for the info!

Re:Public DNS considered harmful (1)

kriston (7886) | about 10 months ago | (#45835223)

For public wireless networks, there is a popular solution to extract revenue, aptly named the Revenue eXtraction Gateway, or rXg, by http://www.rgnets.com/ [rgnets.com] . It explicitly and effectively works by filtering content and inserting advertisements along with the usual wireless gateway tricks.

This is an honest revenue extraction service and, while it can be done at the ISP level, it does not pack affiliate cookies. It's probably one of the more legitimate ones available. It does require a significant back-end infrastructure to support its operations, though, which may or may not cover expenses.

Three words (1)

aaarrrgggh (9205) | about 10 months ago | (#45834991)

VPN.

Not much else you can do.

Re:Three words (1)

rubycodez (864176) | about 10 months ago | (#45835067)

your vpn is going to have another end, which could have the same problems as your end

Re:Three words (1)

Decker-Mage (782424) | about 10 months ago | (#45835425)

your vpn is going to have another end, which could have the same problems as your end

Really depends on if and how your VPN handles DNS leakage. As always, caveat emptor. I picked mine on the basis that I had a choice of whether and how it was handled before I paid.

huh (-1)

Anonymous Coward | about 10 months ago | (#45835021)

http://transfersrumours.blogspot.com/2013/12/manchester-united-robin-van-persie-are.html

Ya Free Market! (0)

Anonymous Coward | about 10 months ago | (#45835039)

A whole 2 ISPs to choose from, only one of which offers wireless! Obviously a problem of too much choice http://www.economist.com/node/17723028

Re:Ya Free Market! (0)

Anonymous Coward | about 10 months ago | (#45835135)

good fer you, I only have one choice. I hate Comcast.

Re:Ya Free Market! (1)

tysonedwards (969693) | about 10 months ago | (#45835251)

There are plenty of people out there (myself included) who wish they could get Comcast. Satellite sucks...

Illegal behavior (4, Insightful)

WaffleMonster (969671) | about 10 months ago | (#45835049)

It would have been better to contact FBI and report this fraud. Whoever the hell runs fwdsnp.com needs to spend some time in jail.

Re:Illegal behavior (3, Informative)

eladts (1712916) | about 10 months ago | (#45835131)

It would have been better to contact FBI and report this fraud. Whoever the hell runs fwdsnp.com needs to spend some time in jail.

This isn't just plain fraud, it's wire fraud [cornell.edu] . The penalty for it is up to 20 years in prison.

Re:Illegal behavior (4, Informative)

Anonymous Coward | about 10 months ago | (#45835285)

I think you are confused.

It was a CORPORATION that was scamming money out of affiliate links, so everything is A-OK!

Of course, we punish the little people for exactly the same thing:

http://www.justice.gov/usao/can/news/2012/2012_06_19_kennedy.sentenced.press.html

Re:Illegal behavior (0)

Anonymous Coward | about 10 months ago | (#45835411)

I think you are confused.

It was a CORPORATION that was scamming money out of affiliate links, so everything is A-OK!

Of course, we punish the little people for exactly the same thing:

http://www.justice.gov/usao/can/news/2012/2012_06_19_kennedy.sentenced.press.html

As opposed to getting caught for shoplifting at Big Box or breaking into a parking meter; at least a couple of years in prison.

DNSJumper (2)

Guy From V (1453391) | about 10 months ago | (#45835087)

Do a search for "DNSjumper". It's a great little tool that lets one well...uh...jump around various DNS servers and arrange them in any order you want, ping them much easier and more often and makes it comfortable to change one or all if you feel your current list isn't to your liking. (I'm not sure of the author's or company's official website, so I don't want to push one source over another).

Blow by DNS issues, thus (easily) (0, Troll)

Anonymous Coward | about 10 months ago | (#45835155)

Completely in YOUR control (see "B" below): Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775 [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see) Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts ( A tightly integrated PART of the IP stack itself )

APK

P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

** "Less is more" = GOOD engineering!

*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apk

Re:Blow by DNS issues, thus (easily) (0)

Anonymous Coward | about 10 months ago | (#45835647)

Please hang yourself.

Tell you what, effete troll (0)

Anonymous Coward | about 10 months ago | (#45835747)

WHEN you can prove my points wrong validly? I *might* think about it (however, I know damn WELL you can't... & of course, so do you).

* :)

YOU? Fail... lol!

APK

P.S.=> Seriously - how PITIFUL of a troll are you? Reduced to downmodding my post by logging out of your registered luser account after doing so, & trolling me by AC posts afterwards?? Please - YOU ought to take your own advice...

... apk

Re:Tell you what, effete troll (0)

Anonymous Coward | about 10 months ago | (#45835931)

Different AC here. You got down-modded for several reasons. First, your improper capitalization, poor spelling and poor grammar makes your post look like a troll right off the bat. It also looks like it was posted to multiple stories, which from a quick Google search, turns out to be true. Next, the hosts file lacks the finesse of ad-blocking in the browser. It only blocks an entire domain and can't block a directory or file within a domain. When a domain is blocked, it has to go somewhere. Sending it to 127.0.01 may result in a timeout, which is SLOW! Some pages can't render until the whole page is loaded. Finally, DNS was invented for a reason. Before DNS, the Internet did use one massive hosts file that was copied around from machine to machine. DNS solves a lot of problems, such as load balancing and it changing a server's IP (such as by moving it to a new hosting platform), and quite a few more.

To pick out a few points:
"more than AdBlock": AdBlock can block http://www.example.com/banners/.* [example.com] without blocking http://www.example.com/login.php [example.com] Hosts files cannot.
"more than Ghostery": This is a close one. The best I can come up with is that Ghostery is easier to update and maintain.
"Request Policy": Request Policy detects "unwanted behaviour" rather than being a strict whitelist/blacklist. A hosts file cannot even come close to doing this.
"reliability vs. downed or redirected DNS": True, although you lose reliability if a server you are trying to contact changes IPs and your hosts file is out of date.
"secure vs. known malicious domains": True, although maintenance and slow updates will kill you.
"more speed" "blocks ads": Not if you get a timeout that prevents the page from rendering.
"more speed" "hardcodes fav": Hardcoded IPs lose out on DNS based load balancing.

(I'm not replying to the rest of the points because I got bored with it. Don't expect a reply from me, just passing through.)

P2P DNS (1)

staalmannen (1705340) | about 10 months ago | (#45835167)

Is any of the P2P DNS solutions (and which one?) a viable alternative to the Google DNS or OpenDNS? Does anyone have experiences that they would like to share?

Opt in. (0)

Anonymous Coward | about 10 months ago | (#45835225)

I agree this is pretty scummy to do by default but I personally wouldn't have a problem opting in to something like this. Imagine if by signing up you could get dirt cheap (or free) internet in exchange. Sounds like a good deal.

Re:Opt in. (2)

jpatters (883) | about 10 months ago | (#45835283)

I don't think the online retailers would agree. The ISP is doing nothing to promote specific items or online stores, so why should the online stores subsidize your internet connection?

At least they can fucking run one (1)

gman003 (1693318) | about 10 months ago | (#45835331)

I'm in a worse situation - my apartment complex signed a deal with a certain niche ISP by the extremely vague name of "Telcom", to provide internet at a fixed rate (the base package is part of my rent, so I don't even know what they're charging). While we're officially allowed to buy our own if we so choose, a) I'd still be paying Telcom for their TV/Phone/Internet deal, and b) not a single other ISP is actually offering anything to this apartment. Every building bordering it, sure, but even in the months-long hiatus where Telcom couldn't get the building hooked up but the deal had been made, nobody would give me service.

A few months ago, there was a peculiar outage. They have glitches every so often where the connection dies for an hour or so, so I didn't think much of it until I realized Bittorrent was still downloading. A few more investigations showed that pings by IP worked, but not by hostname - but never with an actual DNS error. I didn't bother investigating further, and just set my DNS server to 8.8.8.8 because that was all I could remember off the top of my head. I now suspect they may have been trying to implement something like this, because that's just the kind of scummy move they'd do.

I started keeping track of their uptime last month. By my numbers, they got one nine of reliability - 90% uptime.

I'd switch in a heartbeat as soon as anyone dared to sell me anything else.

Re:At least they can fucking run one (0)

Anonymous Coward | about 10 months ago | (#45835455)

Hate to break it to ya, but there are tons of explanations for fucked up DNS besides malice, and it sounds like you have some fly by night service provider, so... it's not terribly surprising.

ISP can still hijack you (1)

real gumby (11516) | about 10 months ago | (#45835631)

Your ISP can still spoof the DNS responses. That's what hotels do.

But assuming they don't, no reason not to just run your own cacheing DNS resolver on your local network. It's very easy to do and might even be faster than third parties like GOOG, OpenDNS or Nominum. Certainly faster for people who determine your location via DNS resolver address.

(That Hiroku article is bizarre. Tip: "root domain" means something different. You can put a CNAME on any name. And why would one sort require hard coding your IP address???)

What's the problem here? (0)

Bazman (4849) | about 10 months ago | (#45835633)

From the article: he goes to amazon.com, it returns the IP for the proxy, and eventually a redirect to www.amazon.com/?affiliate=id

How does that affect the user? Do they see a different page than if they'd gone straight to www.amazon.com? Or is it just that the affiliate gets a cut if the user buys anything from amazon at that point? Who loses out here? Other affiliates who aren't in the program?

Re:What's the problem here? (0)

Anonymous Coward | about 10 months ago | (#45835699)

It's against the Amazon terms of service. Proper affiliate usage involves an approved-by-Amazon *web page* run by 1 affiliate member, with properly formatted links on it.

You can't just secretly add affiliate links to everything, like the ISP in the article was doing!

Who loses? Amazon loses. It's theft of money from them by shysters.

Both Amazon and other affiliates (4, Informative)

dutchwhizzman (817898) | about 10 months ago | (#45835735)

First of all, Amazon doesn't get a very high percentage of affiliate tagged traffic/purchases. If every ISP would do this, it would get 100% and the whole business model wouldn't work any more. Amazon would have to pay out way too many affiliate bonuses. Second, any affiliate that the user might choose, would lose out because their tag would get replaced by that of the ISP.

Net Neutrality Legislation (1)

dutchwhizzman (817898) | about 10 months ago | (#45835743)

I don't know what the exact laws on net neutrality is where this happened. However, if an ISP were to do this in the Netherlands, they would get hit with fraud, net neutrality and "criminal organization" charges. You'd have to have some pretty good lawyers to be able to stay in business at all

All missing the point The real question is (0)

Anonymous Coward | about 10 months ago | (#45835897)

Did will the isp renew his contract now knowing he is 'trouble'?

All bow and worship before the magical hand for the free market.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?