US internet providers hijacking users' search queries

Sat Aug 6 16:55:34 UTC 2011

I prefer running my own resolver. It's pretty trivial to do on a Mac and I would tend to
think wouldn't be all that hard on Windows, though I have no idea.

A resolver doesn't get much more local than ::1/128.

Owen

On Aug 6, 2011, at 7:41 AM, Scott Helms wrote:

> Correct, I don't believe that any of the providers noted are actually hijacking HTTP sessions instead all of these are DNS based tricks.  Since the service providers are also providing DNS (via Paxfire and others) users don't have a lot of choice.  You can switch to using a known public name server (Google's 8.8.8.8 for example) but I hesitate to recommend that to most end users because in non-evil networks its better to have local name resolution (because of GSLB & other reasons).
> 
> On 8/5/2011 9:14 PM, Joe Provo wrote:
>> On Fri, Aug 05, 2011 at 05:04:51PM -0700, Bino Gopal wrote:
>>> http://www.newscientist.com/article/dn20768-us-internet-providers-hijacking-users-search-queries.html
>> It is more than slightly misleading to say "hijacking search
>> queries"; paxfire is evil as it hijacks dns and breaks NXDOMAIN
>> and they've been doing that for ages. The user behavior of
>> searching in the address bar has become more common place, and
>> browser behavior to try and resolve first, fallback to search
>> for the same input field has both trained the humans to keep
>> doing this and made it possible for DNS query interlopers to
>> appear to be generic-search interlopers.
>> 
>> 
> 
> 
> -- 
> Scott Helms
> Vice President of Technology
> ISP Alliance, Inc. DBA ZCorum
> (678) 507-5000
> --------------------------------
> http://twitter.com/kscotthelms
> --------------------------------
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2105 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110806/857b6f67/attachment.bin>