Feeds

back to article ISP-operated servers alter search results, researchers claim

Search engine requests are being altered to redirect users to specific websites in a "stealthy" system that benefits advertisers, US researchers have claimed. "Malicious servers" operated by internet service providers (ISPs) redirect users to websites relating to the information they have searched for using search engines …

COMMENTS

This topic is closed for new posts.

Bloody hell

"MALICIOUS SERVERS" OPERATED BY INTERNET SERVICE PROVIDERS ??

THAT WE ARE PAYING FOR INTERNET ACCESS ???

I need someone to swear very very loudly and at length on my behalf about this, I'm not very good at it myself.

6
1
Bronze badge
Boffin

Not always intentional

The research paper discusses "compromised" DNS servers and compromised client machines as the causes. When caused by the ISP's DNS server the activity is also not necessarily intentional.

"... If the LDNSes are compromised because they run the same vulnerable version of DNS software, then the cloud provider can notify the ISP about the problem. Or if the ISP is voluntarily involved in inflight modifications, then appropriate actions, including legal".

What's missing is an analysis of the servers that the traffic is being redirected to, or what's being inserted into the pages.

2
0
Trollface

Umm

Do you mean when you type in an invalid domain, it returns search results instead of a 'address not found' error?

Hmm, k, malicious servers indeed.

1
5
Silver badge
Paris Hilton

The legalese dump is fine

But I still need more information on this redirect thing. How does it work exactly? What's the relationship between the addy pushers and the ISPs? What's that browser bar search thing?

1
0
Anonymous Coward

Umm.... No

No, for instance, looking for an ipad review?

Type ipad into to Bing or Yahoo and you end up at Apples official store no search returned. The big G apparently applied pressure and is now unaffected by the "free enhanced service" for which there are, of course, kickbacks for the ISP

1
0
Anonymous Coward

More Info

http://www.newscientist.com/article/dn20768-us-internet-providers-hijacking-users-search-queries.html

1
0
Gold badge
Flame

How polite of them *not* to name names

I guess it'd be likely some people might feel their "User experience" had been fiddled with.

2
0
Bronze badge

They name names

Click on the link.

0
0
Megaphone

just use openDNS...

..and Scroogle as a search engine. ISP meddling in your affairs terminated.

0
0

Oh of course he said sarcastically.

No possibility of a man in the middle attack then. That's the man in the middle WHOM I AM PAYING to bring me Internet, who decides to supplement his income by mugging me. Or, alternatively, by mugging Google - or Scroogle - who earn a little money whenever we see their web pages, and who pass some of that money on to people who bring us to them or vice versa. Which makes the point obscure, but if I follow, the main thing is that I'd appear to be coming in not from a Glasgow slum but from The Sex Casino(TM) and therefore presumably being rich (and sexy). I assume that delivering rich customers (and sexy) to Google pays you better than delivering ordinary slobs.

The other thing is, indeed, that my search results would probably be altered to include more items higher ranked that will interest a patron of The Sex Casino(TM), which is not necessarily what I want, although I'm not saying that it absolutely isn't either.

(In fact, according to Google, "sex casino" isn't, can't be a trademark, it is a common everyday phrase.)

0
1
WTF?

Netalyzr is your friend

They never learn, do they?

Go here: http://netalyzr.icsi.berkeley.edu

Netalyzr will tell you if your ISP is interfering with your traffic. If so, complain LOUD and HARD.

2
0

I encountered this last year

In a hotel in Las Vegas, with the hotel provided wireless. It was a pain in the arse, until I figured out not to use the search bar.

0
0
Devil

I know a company that provides this tech to ISPs

It's called Front Porch Inc.

0
0
Anonymous Coward

It's not stopping talk-talk

"Intercepting communications is prohibited under the US Wiretap Act. In the UK a similar law, the Regulation of Investigatory Powers Act (RIPA), also prohibits the interception of communications without a user's knowledge or permission in most cases."

It's not stopping talk-talk (and I can confirm this is still occuring)

https://nodpi.org/forum/index.php?topic=2991.0

http://talktalkmembers.co.uk/forums/showthread.php?t=46287

0
1
Silver badge
Thumb Up

Kudos

For digging out the Spy vs Spy pic.

0
0
Alert

Ah, Good to see..

That www.paxfire.com have a UK site. Don't feel so left out now.

Its a carefully worded refutal on their website http://www.paxfire.com/PR_Final_8-8-2011.pdf They do NOT deny that they are Intercepting, Processing and Redirecting.

Next Phorm wannabe?

0
0
Devil

funny thing...

..is that no one has mentioned Phorm yet..

did they burn in hell or jump the pond?

0
0
Unhappy

Been doing it for years

I was asked by my ex-employer to add a system that added their affiliate ID to certain URLs running through their proxies. I refused, but the developer next to me ended up doing it.

They made about £100K a month from Google by the scam.

My employer and I parted ways soon after that.

0
0
Facepalm

I do need a Stinking Title.. don't get to close it smells..

And the police said it was not in the public interest? or did you just turn a blind eye to the url looting?

0
0
Black Helicopters

So they created a 15M node botnet to probe DNS servers worldwide?!

I think everyone is missing the real story here... how many of you were aware that Microsoft were remotely and covertly installing and executing code on machines opted into the "Microsoft Customer Experience Improvement Program"?!

I am not impressed if this turns out to be the case, though, considering the wording of their paper there is little doubt in my mind that this is exactly what is going on...

from the paper linked in this article:-

"data is collected only from the users that have opted in to share with Microsoft data

that will help improve their experience"

I have always had my non-production and non-corporate / home machines into the CEIP thinking that its purpose was to report their products reliability and how it is being used by the end customer so as they can release patches and UI enhancements.

Their privacy policy states that they collect information relating to "configuration, performance and reliability and program use", there is nothing that I can see which states that Microsoft may remotely and covertly install and execute code as part of that process:- http://www.microsoft.com/products/ceip/en-us/privacypolicy.mspx

Anyway, I'll leave it up to the rest of you to make up your own minds else I might find myself in room 101.

Microsoft, "The Ministry of Love" of the 21st century!

0
0
This topic is closed for new posts.