back to article ISP-operated servers alter search results, researchers claim

Search engine requests are being altered to redirect users to specific websites in a "stealthy" system that benefits advertisers, US researchers have claimed. "Malicious servers" operated by internet service providers (ISPs) redirect users to websites relating to the information they have searched for using search engines …

COMMENTS

This topic is closed for new posts.
  1. Robert Carnegie Silver badge

    Bloody hell

    "MALICIOUS SERVERS" OPERATED BY INTERNET SERVICE PROVIDERS ??

    THAT WE ARE PAYING FOR INTERNET ACCESS ???

    I need someone to swear very very loudly and at length on my behalf about this, I'm not very good at it myself.

    1. foo_bar_baz
      Boffin

      Not always intentional

      The research paper discusses "compromised" DNS servers and compromised client machines as the causes. When caused by the ISP's DNS server the activity is also not necessarily intentional.

      "... If the LDNSes are compromised because they run the same vulnerable version of DNS software, then the cloud provider can notify the ISP about the problem. Or if the ISP is voluntarily involved in inflight modifications, then appropriate actions, including legal".

      What's missing is an analysis of the servers that the traffic is being redirected to, or what's being inserted into the pages.

  2. dave 46
    Trollface

    Umm

    Do you mean when you type in an invalid domain, it returns search results instead of a 'address not found' error?

    Hmm, k, malicious servers indeed.

  3. Destroy All Monsters Silver badge
    Paris Hilton

    The legalese dump is fine

    But I still need more information on this redirect thing. How does it work exactly? What's the relationship between the addy pushers and the ISPs? What's that browser bar search thing?

  4. Anonymous Coward
    Anonymous Coward

    Umm.... No

    No, for instance, looking for an ipad review?

    Type ipad into to Bing or Yahoo and you end up at Apples official store no search returned. The big G apparently applied pressure and is now unaffected by the "free enhanced service" for which there are, of course, kickbacks for the ISP

    1. Anonymous Coward
      Anonymous Coward

      More Info

      http://www.newscientist.com/article/dn20768-us-internet-providers-hijacking-users-search-queries.html

  5. John Smith 19 Gold badge
    Flame

    How polite of them *not* to name names

    I guess it'd be likely some people might feel their "User experience" had been fiddled with.

    1. foo_bar_baz

      They name names

      Click on the link.

  6. YetAnotherITGuy
    Megaphone

    just use openDNS...

    ..and Scroogle as a search engine. ISP meddling in your affairs terminated.

    1. Robert Carnegie Silver badge

      Oh of course he said sarcastically.

      No possibility of a man in the middle attack then. That's the man in the middle WHOM I AM PAYING to bring me Internet, who decides to supplement his income by mugging me. Or, alternatively, by mugging Google - or Scroogle - who earn a little money whenever we see their web pages, and who pass some of that money on to people who bring us to them or vice versa. Which makes the point obscure, but if I follow, the main thing is that I'd appear to be coming in not from a Glasgow slum but from The Sex Casino(TM) and therefore presumably being rich (and sexy). I assume that delivering rich customers (and sexy) to Google pays you better than delivering ordinary slobs.

      The other thing is, indeed, that my search results would probably be altered to include more items higher ranked that will interest a patron of The Sex Casino(TM), which is not necessarily what I want, although I'm not saying that it absolutely isn't either.

      (In fact, according to Google, "sex casino" isn't, can't be a trademark, it is a common everyday phrase.)

  7. clanger9
    WTF?

    Netalyzr is your friend

    They never learn, do they?

    Go here: http://netalyzr.icsi.berkeley.edu

    Netalyzr will tell you if your ISP is interfering with your traffic. If so, complain LOUD and HARD.

  8. Rob 5

    I encountered this last year

    In a hotel in Las Vegas, with the hotel provided wireless. It was a pain in the arse, until I figured out not to use the search bar.

  9. Anonymous Coward
    Devil

    I know a company that provides this tech to ISPs

    It's called Front Porch Inc.

  10. Anonymous Coward
    Anonymous Coward

    It's not stopping talk-talk

    "Intercepting communications is prohibited under the US Wiretap Act. In the UK a similar law, the Regulation of Investigatory Powers Act (RIPA), also prohibits the interception of communications without a user's knowledge or permission in most cases."

    It's not stopping talk-talk (and I can confirm this is still occuring)

    https://nodpi.org/forum/index.php?topic=2991.0

    http://talktalkmembers.co.uk/forums/showthread.php?t=46287

  11. Gordon 10
    Thumb Up

    Kudos

    For digging out the Spy vs Spy pic.

  12. Anonymous Coward
    Alert

    Ah, Good to see..

    That www.paxfire.com have a UK site. Don't feel so left out now.

    Its a carefully worded refutal on their website http://www.paxfire.com/PR_Final_8-8-2011.pdf They do NOT deny that they are Intercepting, Processing and Redirecting.

    Next Phorm wannabe?

  13. Anonymous Coward
    Devil

    funny thing...

    ..is that no one has mentioned Phorm yet..

    did they burn in hell or jump the pond?

  14. Anonymous Coward
    Unhappy

    Been doing it for years

    I was asked by my ex-employer to add a system that added their affiliate ID to certain URLs running through their proxies. I refused, but the developer next to me ended up doing it.

    They made about £100K a month from Google by the scam.

    My employer and I parted ways soon after that.

    1. Anonymous Coward
      Facepalm

      I do need a Stinking Title.. don't get to close it smells..

      And the police said it was not in the public interest? or did you just turn a blind eye to the url looting?

  15. Anonymous Coward
    Black Helicopters

    So they created a 15M node botnet to probe DNS servers worldwide?!

    I think everyone is missing the real story here... how many of you were aware that Microsoft were remotely and covertly installing and executing code on machines opted into the "Microsoft Customer Experience Improvement Program"?!

    I am not impressed if this turns out to be the case, though, considering the wording of their paper there is little doubt in my mind that this is exactly what is going on...

    from the paper linked in this article:-

    "data is collected only from the users that have opted in to share with Microsoft data

    that will help improve their experience"

    I have always had my non-production and non-corporate / home machines into the CEIP thinking that its purpose was to report their products reliability and how it is being used by the end customer so as they can release patches and UI enhancements.

    Their privacy policy states that they collect information relating to "configuration, performance and reliability and program use", there is nothing that I can see which states that Microsoft may remotely and covertly install and execute code as part of that process:- http://www.microsoft.com/products/ceip/en-us/privacypolicy.mspx

    Anyway, I'll leave it up to the rest of you to make up your own minds else I might find myself in room 101.

    Microsoft, "The Ministry of Love" of the 21st century!

This topic is closed for new posts.