The 10 ISPs that Hijack Your Search Traffic for Their Own Gain

13 years ago

LOL wow, that's pretty much what spyware does, giving you fake results in order for you to click on ads. At least in the case of spyware it can be removed but if the ISP is doing it then how in the world do you block it?

Thanks

{{ DiscussionBoard.errors[4414027].message }}

sbucciarel

Banned 13 years ago

If you use Firefox, there's an extension you can use to block the hijack

HTTPS Everywhere | Electronic Frontier Foundation

Thanks

{{ DiscussionBoard.errors[4414052].message }}

azmanar

13 years ago

Hi,

Using HTTPS PROXY would avoid this.

But then, you're subjected to the proxy's ad channels as well.

Thanks
1 reply

Signature

=== >>> Tomorrow Should Be Better Than Today

{{ DiscussionBoard.errors[4414058].message }}

rts2271

13 years ago

The hijacking is done via DNS in most cases. Adding 4.2.2.2 to your DNS servers as your primary can reduce this effect. Thats a ATT public DNS server. It doesn't really bother me anyhow. I think it's smart. They own the pipe, they own the infrastructure and they can do with it what they want.

By the way this is in no way illegal and the jacka$$ in NY is going to lose his frivolous lawsuit. Its not hijacking. They are controlling the lookup method. Just the idea that they had to "buy special equipment" shows they neither understand what is happening or why the company can do it. Thats like saying that GM can't promote GM OEM parts and can't suggest specific dealers in the service manual. Hotel wifi networks have been doing this for years. The government has been doing this for years. It's the same tech that bans certain websites from office networks, which is certainly not illegal. I'm sure theres a banner that says Search results provided by INSERT ISP HERE. And now the government is requiring ISP's to track and log that data.

Thanks
3 replies

Signature

Ralph Smith
Mercenary development and deployment.

{{ DiscussionBoard.errors[4414146].message }}

sbucciarel

Banned 13 years ago

Originally Posted by rts2271

The hijacking is done via DNS in most cases. Adding 4.2.2.2 to your DNS servers as your primary can reduce this effect. Thats a ATT public DNS server. It doesn't really bother me anyhow. I think it's smart. They own the pipe, they own the infrastructure and they can do with it what they want.

duh ... no. They can't do whatever they want. They are charging you for the service and they don't have the right to sniff out your searches and hijack them, and that is why a class action suit is being brought against one of them.

Reese Richman, a New York law firm that specializes in consumer protection lawsuits, today filed a class action against one of the ISPs and Paxfire, which researchers believe provided the equipment used to hijack and redirect the searches. The suit, filed together with Milberg, another New York firm, alleges that the process violated numerous statutes, including wiretapping laws.

[ 2 ] Thanks

{{ DiscussionBoard.errors[4414173].message }}

garyv

13 years ago

Originally Posted by rts2271

By the way this is in no way illegal and the jacka$$ in NY is going to lose his frivolous lawsuit. Its not hijacking. They are controlling the lookup method. Just the idea that they had to "buy special equipment" shows they neither understand what is happening or why the company can do it. Thats like saying that GM can't promote GM OEM parts and can't suggest specific dealers in the service manual. Hotel wifi networks have been doing this for years.

I have seen this in action, and what they are doing is NOT legal. Because in many cases they are bypassing the entire DNS system, which is a highly regulated system, and is regulated for a purpose.

And your examples are bogus. This would be more like opening up a Walmart without Walmart's permission, just because you owned the street it was on. Ownership of a medium does not negate your legal responsibilities.

[ 1 ] Thanks
1 reply

{{ DiscussionBoard.errors[4414989].message }}

rts2271

13 years ago

You guys do realize this was the whole issue with the net neutrality law the politicians shot down right? It comes down to, you own the pipe it's yours to do with as they please. And a class action suit itself does not make it a winning case. It just means a group of similar suits is lumped into a class to be heard before the court as one case. Next your going to tell me ATT is wrong for making yahoo everyones default homepage cause it's your computer.

Thanks
2 replies

Signature

Ralph Smith
Mercenary development and deployment.

{{ DiscussionBoard.errors[4415072].message }}

garyv

13 years ago

Originally Posted by rts2271

You guys do realize this was the whole issue with the net neutrality law the politicians shot down right? It comes down to, you own the pipe it's yours to do with as they please. And a class action suit itself does not make it a winning case. It just means a group of similar suits is lumped into a class to be heard before the court as one case. Next your going to tell me ATT is wrong for making yahoo everyones default homepage cause it's your computer.

This has to do with DNS - Not the pipeline itself. If you choose to hook your pipeline into the Internet, then you're subject to it's laws.

And this is not like "ATT making yahoo everyone's default homepage" this is more like ATT taking any 800 number belonging to verizon, and having it redirected to their company.

There are some activities which are not legally protected by net neutrality - and hacking the DNS happens to be one of them.

Thanks

{{ DiscussionBoard.errors[4415168].message }}

sbucciarel Banned 13 years ago

Originally Posted by rts2271

Next your going to tell me ATT is wrong for making yahoo everyones default homepage cause it's your computer.

How is making yahoo a default homepage, which you can most likely change through your browser settings, even remotely close to hijacking your searches on an ISP that you are paying for service, to searches that benefit them, rather than their customers.

Whether or not the case is won or lost, this story is spreading all over like wildfire and the "court" of public opinion will rule in the end.

They lose customers due to this and we'll see how beneficial it is to their bottom line to do this.
- Thanks
{{ DiscussionBoard.errors[4415175].message }}

sbucciarel

Banned 13 years ago

Originally Posted by rts2271

By the way this is in no way illegal and the jacka$$ in NY is going to lose his frivolous lawsuit. Its not hijacking.

If it's so on the up and up (which it is not), why did two isp's cut and run as soon as people started finding out about it?

It is not quite as simple as DNS redirects. It is done by Paxfire, a company that does do DNS error traffic, but has an unadvertised little goodie in it's bag of tricks.

“In addition, some ISPs employ an optional, unadvertised Paxfire feature that redirects the entire stream of affected customers’ web search requests to Bing, Google and Yahoo via HTTP proxies operated by Paxfire.”

So what you're saying is that it is perfectly normal and just peachy keen for an ISP to interfere with you searching the web using your search engine of choice to redirect that search to show commercial results that they benefit from, rather than the results that you would get from a natural search.

So, by that reasoning, I should be able to pay an ISP to redirect all search engine traffic to my offer(s) or offer them affiliate commissions for sales resulting from redirected search traffic.

Google is not amused that traffic intended for their search engine is being redirected to Paxfire servers and they have largely put a stop to it for their search engine. It still continues for Yahoo and Bing and other searches.

Google’s security teams had been aware of DNS-based traffic interference from ISPs for months, at the very least. Google security engineer Damian Menscher wrote in response to user issues with Frontier back in March, “At Google, we are following this very closely, and trying to get Frontier to fix the issue. The root of the problem is that Frontier is intercepting some traffic, so when you try to use Google your search actually goes through a Frontier server first.”

At that time, entrepreneur and investor Andrew Payne noticed the redirection happening in his own searches. He wrote, “ISPs have redirected DNS queries for a while, but have mostly focused on typos and misspellings. I’ve never seen an example of an ISP actually hijacking a user’s Google search and inserting their own results, and that seems pretty egregious to me.” Menscher recommends users contact Frontier directly about the practice.

[ 1 ] Thanks

{{ DiscussionBoard.errors[4415109].message }}

garyv

13 years ago

By the way, My ISP has been hijacking DNS for a while now. And they actually delay updating their DNS, just so that any new websites coming online get redirected to their little scheme they have running.

So I've been using Google's public DNS for a while now. It's faster and has no redirects...
Google Public DNS

Thanks
2 replies

{{ DiscussionBoard.errors[4415194].message }}

rts2271

13 years ago

I'm not saying it's ethical, I am saying it is not illegal. Just like your homepage you can change your DNS. Your argument next will be DNS is hard tech skills yadda yadda and the same can be said about Yahoos homepage. You think they will lose customers? LOL Any advertising good or bad brings customers. Many of the people you think will just pull up stakes can't cause there is no other game in town. And the court of public opinion counts for about nothing. 99% of their customers will never have a issue or hear of this problem. They will just think it's normal behavior.
And their are no laws saying how a company on the internet can use it's pipe. Thats the whole net neutrality issue like I said earlier. Thats like saying a ISP can't block porn from its pipe. Tell that to familynet or other ISPs who do selective deep packet filtering. Speaking of deep packet filtering how much trouble did Comcast get into it for that? Oh ya none and yet anyone who visits pirate sites has their IP and information recorded.
Your bringing a emotional argument into a business decision. You lose.
Gary you also proved my point. Don't like the redirect, change your DNS. I think I said that somewhere else.

Thanks
1 reply

Signature

Ralph Smith
Mercenary development and deployment.

{{ DiscussionBoard.errors[4415240].message }}

sbucciarel

Banned 13 years ago

Originally Posted by rts2271

I'm not saying it's ethical, I am saying it is not illegal.

You're overlooking completely the invasion of privacy that is occurring in order for them to hijack all that search traffic. In order to hijack your searches, they are monitoring everything that you search for. This info is passed on through the marketing firm to accumulate this data and create profiles. This is where the wiretapping laws will come in to play.

Wiretap Act/ECPA

Depending on how an ISP behavioral advertising model is implemented, it may run afoul of existing communications privacy laws. The federal Wiretap Act, as amended by the Electronic Communications Privacy Act (ECPA), prohibits the interception and disclosure of electronic communications - including Internet traffic content - without consent. Although exceptions to this rule permit some interception and disclosure without consent, it is unlikely that any of these apply to the interception or disclosure of Internet traffic content for behavioral advertising purposes.

We believe that the Wiretap Act requires unavoidable notice and affirmative opt-in consent before Internet traffic content may be used from ISPs for behavioral advertising purposes. Certain state laws may take this one step further, requiring consent from both the consumer and the Web site he or she is visiting.

Cable Communications Policy Act

Some experts have also suggested that the Cable Communications Policy Act also may apply to this business model. The law prohibits cable operators from collecting or disclosing personally identifiable information without prior consent. While the term "personally identifiable information" (PII) in the law is defined by what it does not include - "any record of aggregate data which does not identify particular persons"- it is unlikely that a user's entire Web traffic stream, unique to that individual, often containing both PII and non-PII, would be considered aggregate data as that term is commonly understood. Shoehorning the collection and disclosure of a subscriber's entire browsing history for advertising purposes into the statute's exception for collection or disclosure of information that is necessary to render service does not seem workable. Thus, cable-based ISPs that wish to disclose customer information to advertising networks would also have to meet the consent requirements of the Cable Communications Policy Act.

https://www.dpacket.org/articles/onl...-network-model

Thanks
1 reply

{{ DiscussionBoard.errors[4415639].message }}

rts2271

13 years ago

Originally Posted by sbucciarel

You're overlooking completely the invasion of privacy that is occurring in order for them to hijack all that search traffic. In order to hijack your searches, they are monitoring everything that you search for. This info is passed on through the marketing firm to accumulate this data and create profiles. This is where the wiretapping laws will come in to play.

https://www.dpacket.org/articles/onl...-network-model

Apparently you have never read your eula when you signed up for your ISP. Also your using wiretapping laws which have nothing to do with this. It's not encrypted traffic. It's not private data either. It's not a hijacking because they own the DNS servers you are using and can do whatever they want with them.
Seriously your argument is flawed at so many levels. Again unethical, ya I think it is. But poor ethics are not a crime.

You need to read your ISPs eula and privacy policy. I just re-read mine to confirm, I am using Windstream and they can collect all sorts of demographic data on a user including private data linking you to your online behavior.
Clear is the worst one for passing on private data to marketing firms, ad networks etc etc and they are nowhere on that list. The only thing this hoopla is about is making some lawyer rich.

[ 1 ] Thanks
2 replies

Signature

Ralph Smith
Mercenary development and deployment.

{{ DiscussionBoard.errors[4415681].message }}

rts2271

13 years ago

BTW read the article you posted. Not only is it not a crime but ATT shifted the blame to Yahoo, whom is partners with ATT and is installed as the portal page for all ATT and baby bell customers. This was the whole argument that started the net neutrality conversation and then blossomed to the bandwidth issue that ATT cited from Netflix and Hulus high consumption.

Thanks
1 reply

Signature

Ralph Smith
Mercenary development and deployment.

{{ DiscussionBoard.errors[4415700].message }}

kindsvater

13 years ago

From what I read in that article - clearly illegal.

For example - Apple won't pay affiliates for hijacking traffic intended for apple.com and redirecting to the Apple site through an affiliate link. The fact an ISP is doing the redirecting doesn't change the breach of contract and fraud issues involved.

Another example, if I'm searching for apples, generically, I expect to find something about fruit. Not be redirected to the Apple store so some ISP can collect a commission if I later happen to buy a new iPad case.

By analogy, if I am calling Bob and misdial his phone number, I don't want the phone company redirecting my call to a porn site so it can make a buck.

But these are apparently not "misdials". Rather, the ISP is taking a valid search term and misusing it for it's own benefit.

The ISP has no business redirecting anything I do with my web browser for it's selfish financial purposes.

To suggest there are "no laws" regulating ISPs is completely wrong. Might as well say an ISP can start redirecting traffic to child porn sites to make a buck.

.

Thanks
1 reply

Signature

Use Elf Links to Stop Google's Affiliate Bans - Brian Kindsvater IM Help

{{ DiscussionBoard.errors[4415767].message }}

rts2271

13 years ago

Originally Posted by kindsvater

From what I read in that article - clearly illegal.

For example - Apple won't pay affiliates for hijacking traffic intended for apple.com and redirecting to the Apple site through an affiliate link. The fact an ISP is doing the redirecting doesn't change the breach of contract and fraud issues involved.

Another example, if I'm searching for apples, generically, I expect to find something about fruit. Not be redirected to the Apple store so some ISP can collect a commission if I later happen to buy a new iPad case.

By analogy, if I am calling Bob and misdial his phone number, I don't want the phone company redirecting my call to a porn site so it can make a buck.

But these are apparently not "misdials". Rather, the ISP is taking a valid search term and misusing it for it's own benefit.

The ISP has no business redirecting anything I do with my web browser for it's selfish financial purposes.

To suggest there are "no laws" regulating ISPs is completely wrong. Might as well say an ISP can start redirecting traffic to child porn sites to make a buck.

.

I didn't say there were no laws regulating ISPs. I am saying that the only one that attacked this issue, net neutrality was shot down. Wiretapping laws certainly apply if they were eavesdropping on private traffic. Again check your EULA cause it will state unencrypted traffic is not private. Until a appellate court overturns or ammends the FCC ruling or current CALEA laws then the point is moot.

Thanks
1 reply

Signature

Ralph Smith
Mercenary development and deployment.

{{ DiscussionBoard.errors[4415790].message }}

rts2271 13 years ago

I did find something that supports sbucciarel

IF and this is a IF they can prove this was a 3rd party disclosure they can be hit on title 18 /1/119/2511 which states

Except as otherwise specifically provided in this chapter any person who--
(a) intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;
(b) intentionally uses, endeavors to use, or procures any other person to use or endeavor to use any electronic, mechanical, or other device to intercept any oral communication when--
(i) such device is affixed to, or otherwise transmits a signal through, a wire, cable, or other like connection used in wire communication; or
(ii) such device transmits communications by radio, or interferes with the transmission of such communication; or
(iii) such person knows, or has reason to know, that such device or any component thereof has been sent through the mail or transported in interstate or foreign commerce; or
(iv) such use or endeavor to use (A) takes place on the premises of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or (B) obtains or is for the purpose of obtaining information relating to the operations of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or
(v) such person acts in the District of Columbia, the Commonwealth of Puerto Rico, or any territory or possession of the United States;
(c) intentionally discloses, or endeavors to disclose, to any other person the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection;
(d) intentionally uses, or endeavors to use, the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection; or
(e)
(i) intentionally discloses, or endeavors to disclose, to any other person the contents of any wire, oral, or electronic communication, intercepted by means authorized by sections 2511 (2)(a)(ii), 2511 (2)(b)-(c), 2511(2)(e), 2516, and 2518 of this chapter,
(ii) knowing or having reason to know that the information was obtained through the interception of such a communication in connection with a criminal investigation,
(iii) having obtained or received the information in connection with a criminal investigation, and
(iv) with intent to improperly obstruct, impede, or interfere with a duly authorized criminal investigation,
shall be punished as provided in subsection (4) or shall be subject to suit as provided in subsection (5).

So they might have a legal standing. I stand corrected. :O
- Thanks
Signature

Ralph Smith
Mercenary development and deployment.
{{ DiscussionBoard.errors[4415811].message }}

sbucciarel Banned 13 years ago

Originally Posted by rts2271

Seriously your argument is flawed at so many levels. Again unethical, ya I think it is. But poor ethics are not a crime.

Laws are not irrevocable. Laws are frequently amended and changed and new laws are enacted. I'm in good company with my flawed arguments. There are numerous attorneys who believe that state statutes and wiretapping laws have been broken.

I assume that you don't have a law degree? The words "collect data" does not give ISPs carte blanche permission to monitor everything you do on the Internet service that you are paying for, encrypted or not.

Time will tell and we'll know how it plays out when the legal experts get to court with it.
- Thanks
{{ DiscussionBoard.errors[4415722].message }}

mojojuju 13 years ago

Originally Posted by garyv

So I've been using Google's public DNS for a while now. It's faster and has no redirects...
Google Public DNS

OpenDNS is another option that works well.

There's also DNS Advantage and Norton DNS which are both free as well.
- Thanks
Signature

:)
{{ DiscussionBoard.errors[4415333].message }}

Dennis Gaskill

13 years ago

If the allegations are true, there's a big hammer getting ready to fall.

I must say, there's one company on that list that doesn't surprise me at all. I've never heard one good thing about them, but I've heard plenty of bad.

Thanks

Signature

Just when you think you've got it all figured out, someone changes the rules.

{{ DiscussionBoard.errors[4415362].message }}

JToneyUK

13 years ago

This all sounds fishy and, being from the UK this doesn't affect me. But it does sound not too far away from the recent (and ongoing) phone hacking scandal we've just faced.

Thanks
1 reply

{{ DiscussionBoard.errors[4415746].message }}

rts2271 13 years ago

You do know wiretapping laws only apply to POTS systems. The internet is not a POTS system.
- Thanks
- 1 reply
Signature

Ralph Smith
Mercenary development and deployment.
{{ DiscussionBoard.errors[4415752].message }}
- rts2271 13 years ago
  
  Heres a excerpt of the current CALEA or wiretapping laws. As far as if I am a lawyer, no but I worked in telecom for a number of years and we had to deal with this often.
  
  Does the FCC propose to apply CALEA to all types of online communication, including instant messaging and visits to websites?
  
  Not yet. The NPRM proposes CALEA coverage of "only" broadband Internet access services and managed VoIP services, and excludes instant messaging and email. However, the FCC's broad understanding of the substantial replacement clause will create a stifling regulatory environment in which law enforcement will undoubtedly contend that other emerging communications technologies fall under CALEA. And industry could add surveillance-ready equipment, services, and network capability as an attempt to appease law enforcement given the current national focus on homeland security (and indeed some already have -- see Cisco's CALEA architecture, which is expected to become a more formal RFC at some point). Given product-development cycles that can take two years or more, industry may hedge its bets by building in surveillance-friendly features now rather than waiting for government mandates. Inevitably, law enforcement will seek over time to bring more and more communications services under the CALEA umbrella.
  
  Thanks
  
  1 reply
  
  Signature
  
  Ralph Smith
  Mercenary development and deployment.
  
  {{ DiscussionBoard.errors[4415776].message }}
  
  kindsvater 13 years ago
  
  Ralph, while wiretapping law is not my expertise, I believe CALEA is a special wiretapping statute for law enforcement. It is not "the" federal wiretapping law.
  
  Here is a US Court of Appeals decision affirming the FCC's decision that broadband Internet providers are subject to CALEA:
  
  http://fjallfoss.fcc.gov/edocs_publi...C-266204A1.pdf
  
  I didn't research whether the Supreme Court or other Court of Appeals have agreed with that decision or not.
  
  .
  
  Thanks
  
  1 reply
  
  Signature
  Use Elf Links to Stop Google's Affiliate Bans - Brian Kindsvater IM Help
  
  {{ DiscussionBoard.errors[4415821].message }}
  
  rts2271 13 years ago
  
  kindsvater,
  Ya I'm going to have to agree with you and my buddy pointed me to the statute I pulled up. I knew CALEA amended the POTS ruling but didn't realize they updated title 18 to reflect it. Title 18 used to be pure POTS
  
  Thanks
  
  1 reply
  
  Signature
  
  Ralph Smith
  Mercenary development and deployment.
  
  {{ DiscussionBoard.errors[4415841].message }}
  
  rts2271 13 years ago
  
  I bow to you sbucciarel You have won fair samurai. Leave the topknot.
  
  Thanks
  
  1 reply
  
  Signature
  
  Ralph Smith
  Mercenary development and deployment.
  
  {{ DiscussionBoard.errors[4415844].message }}
  
  sbucciarel Banned 13 years ago
  
  Originally Posted by rts2271
  
  You do know wiretapping laws only apply to POTS systems. The internet is not a POTS system.
  
  Originally Posted by rts2271
  
  I bow to you sbucciarel You have won fair samurai. Leave the topknot.
  
  lol ... Just when I was going to give you my Teddy Bear defense.
  
  Privacy and wiretap law | Internet Cases | technology law attorney | copyright | trademark | Chicago | Evan Brown
  
  Glad to see kindsvater dropped by the conversation to add his legal expertise.
  
  Thanks
  
  {{ DiscussionBoard.errors[4415904].message }}

heavyjay

13 years ago

Let's forget legal and illegal, and lawful and unlawful for a minute. If you are a customer of one of these ISP, how does it make you feel when you do a google search and, instead of getting search results, you're taken to some company's website?

It might technically be lawful, but it sure isn't right.

Thanks

Signature

My New Blog - isn't much on it and your critique is more than welcome!

{{ DiscussionBoard.errors[4415818].message }}

GarrieWilson

13 years ago

My ISP, Charter, redirects DNS errors to a search engine and provides "possible soutions" for what I may have wanted.

They allow you to opt-out via a cookie and gives the regular/error. They don't hijack searches from the browser if a plugin searches for you. E.G. Google Toolbar "guesses" if you don't put a .com and/or searches for you. This isn't effected.

I think it's pretty smart, now. Use to not. Even posted about it once.

I'd bet they updated the UA to include it.

As far as tracking... it's not illegal. In fact, a federal law was passed a week or two ago REQUIRING all ISPs to track and store your data for at least a year.

-g

Thanks

Signature

Screw You, NameCheap!
$1 Off NameSilo Domain Coupons:
SAVEABUCKDOMAINS & DOLLARDOMAINSAVINGS

{{ DiscussionBoard.errors[4416106].message }}

The 10 ISPs that Hijack Your Search Traffic for Their Own Gain

Trending Topics

A healthy fascination for Hollywood...

How did you turn it all around?

Any thoughts on golf's latest phenom...Scottie Scheffler??

What's the Best IM-Related Skill to Learn Today That Can Help in the Future?

best high quality crypto traffic.