Search engine requests are being altered to redirect users to specific websites in a "stealthy" system that benefits advertisers, US researchers have claimed. "Malicious servers" operated by internet service providers (ISPs) redirect users to websites relating to the information they have searched for using search engines …
"MALICIOUS SERVERS" OPERATED BY INTERNET SERVICE PROVIDERS ??
THAT WE ARE PAYING FOR INTERNET ACCESS ???
I need someone to swear very very loudly and at length on my behalf about this, I'm not very good at it myself.
Not always intentional
The research paper discusses "compromised" DNS servers and compromised client machines as the causes. When caused by the ISP's DNS server the activity is also not necessarily intentional.
"... If the LDNSes are compromised because they run the same vulnerable version of DNS software, then the cloud provider can notify the ISP about the problem. Or if the ISP is voluntarily involved in inflight modifications, then appropriate actions, including legal".
What's missing is an analysis of the servers that the traffic is being redirected to, or what's being inserted into the pages.
Do you mean when you type in an invalid domain, it returns search results instead of a 'address not found' error?
Hmm, k, malicious servers indeed.
The legalese dump is fine
But I still need more information on this redirect thing. How does it work exactly? What's the relationship between the addy pushers and the ISPs? What's that browser bar search thing?
No, for instance, looking for an ipad review?
Type ipad into to Bing or Yahoo and you end up at Apples official store no search returned. The big G apparently applied pressure and is now unaffected by the "free enhanced service" for which there are, of course, kickbacks for the ISP
How polite of them *not* to name names
I guess it'd be likely some people might feel their "User experience" had been fiddled with.
They name names
Click on the link.
just use openDNS...
..and Scroogle as a search engine. ISP meddling in your affairs terminated.
Oh of course he said sarcastically.
No possibility of a man in the middle attack then. That's the man in the middle WHOM I AM PAYING to bring me Internet, who decides to supplement his income by mugging me. Or, alternatively, by mugging Google - or Scroogle - who earn a little money whenever we see their web pages, and who pass some of that money on to people who bring us to them or vice versa. Which makes the point obscure, but if I follow, the main thing is that I'd appear to be coming in not from a Glasgow slum but from The Sex Casino(TM) and therefore presumably being rich (and sexy). I assume that delivering rich customers (and sexy) to Google pays you better than delivering ordinary slobs.
The other thing is, indeed, that my search results would probably be altered to include more items higher ranked that will interest a patron of The Sex Casino(TM), which is not necessarily what I want, although I'm not saying that it absolutely isn't either.
(In fact, according to Google, "sex casino" isn't, can't be a trademark, it is a common everyday phrase.)
Netalyzr is your friend
They never learn, do they?
Go here: http://netalyzr.icsi.berkeley.edu
Netalyzr will tell you if your ISP is interfering with your traffic. If so, complain LOUD and HARD.
I encountered this last year
In a hotel in Las Vegas, with the hotel provided wireless. It was a pain in the arse, until I figured out not to use the search bar.
I know a company that provides this tech to ISPs
It's called Front Porch Inc.
It's not stopping talk-talk
"Intercepting communications is prohibited under the US Wiretap Act. In the UK a similar law, the Regulation of Investigatory Powers Act (RIPA), also prohibits the interception of communications without a user's knowledge or permission in most cases."
It's not stopping talk-talk (and I can confirm this is still occuring)
For digging out the Spy vs Spy pic.
Ah, Good to see..
That www.paxfire.com have a UK site. Don't feel so left out now.
Its a carefully worded refutal on their website http://www.paxfire.com/PR_Final_8-8-2011.pdf They do NOT deny that they are Intercepting, Processing and Redirecting.
Next Phorm wannabe?
..is that no one has mentioned Phorm yet..
did they burn in hell or jump the pond?
Been doing it for years
I was asked by my ex-employer to add a system that added their affiliate ID to certain URLs running through their proxies. I refused, but the developer next to me ended up doing it.
They made about £100K a month from Google by the scam.
My employer and I parted ways soon after that.
I do need a Stinking Title.. don't get to close it smells..
And the police said it was not in the public interest? or did you just turn a blind eye to the url looting?
So they created a 15M node botnet to probe DNS servers worldwide?!
I think everyone is missing the real story here... how many of you were aware that Microsoft were remotely and covertly installing and executing code on machines opted into the "Microsoft Customer Experience Improvement Program"?!
I am not impressed if this turns out to be the case, though, considering the wording of their paper there is little doubt in my mind that this is exactly what is going on...
from the paper linked in this article:-
"data is collected only from the users that have opted in to share with Microsoft data
that will help improve their experience"
I have always had my non-production and non-corporate / home machines into the CEIP thinking that its purpose was to report their products reliability and how it is being used by the end customer so as they can release patches and UI enhancements.
Anyway, I'll leave it up to the rest of you to make up your own minds else I might find myself in room 101.
Microsoft, "The Ministry of Love" of the 21st century!