Slashdot Mirror
New Jersey's Cablevision Hijacks DNS Error Pages
Selikoff writes "I just noticed Cablevision's Optimum Online service has begun hijacking DNS Error pages with, you guessed it, ad-supported results. Aside from hurting the underlying stability of the Internet, there have been instances where hackers have used such tools against customers. I know Road Runner customers have had to deal with this for a couple months now, although at least they have an outlet to turn it off." Update: 09/30 13:18 GMT by T : Note, as several readers have pointed out, this hijacking is of DNS errors rather than 404 errors as originally presented.
Even on slashdot, we have people who don't know a DNS error (and yes, TFA gets it right) from a 404 (which can't be hijacked without modifying the stream itself)
The Cablevision and Road Runner services both only hijack DNS no-such-domain errors, not HTTP 404s. Neither is a good thing, but hijacking DNS is much less insidious than the deep-packet inspection or mandatory proxying required to hijack 404 errors.
This sig is certified free of self-referential humour!
New Jersey's Cablevision Hijacks 404 Error Pages
No, they didn't.
If the submitter had read the summary, they would know that it's DNS errors that are being hijacked, not 404s.
It's an important difference - 404 means that they are transparently proxying your connections, which can cause problems with various sites (and that they are recording every URL you visit.)
For example: http://slashdot.org/akasjdflkasdjfl;kajsdl;aksdjfkdjkfdjlkjsdf would not be affected by this, whereas http://sslashhdot.org/ would.
Is it *too* much to ask that a technical news site present technical articles correctly?
How about the editors actually read the article and correct glaring mistakes for a change? Even before this made it out of the Firehose, there were responses that it was DNS failures and not 404 messages.
http://www.optimum.net/DNSRedirect/DoOptOut
404 == HTTP error code for "page not found". And the summary's wrong, they're actually hijacking 502 (bad gateway/no such domain) pages, which is a major difference. Hijacking 502s only requires their DNS servers to redirect nonexistent domains to the ad page, while hijacking 404s would require them to sniff every page you visit.
"I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
That's a good thought and a viable one. I do the same thing myself. The problem is that my dollars are still going to support the ISP's DNS servers, which still warrants complaint.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
http://www.opendns.com/
However this does not solve it for less technical people as they would have no idea what is going on, would have no idea how to solve it and perhaps have not even a clue that there is a problem and that they typed in something wrong.
If I were looking for nekid ladies, this might be help full. If I try to contact my bank it isn't. It could even be dangerous if things I were looking for is something similar to what I get presented as advertisement.
Don't fight for your country, if your country does not fight for you.
Quite simple: run a mailserver, then use these type of DNS servers. In a few days, you'll have so much mail that doesn't get accepted by xxx.xxx.xxx.xxx (your provider's DNS) that it might fill your storage. Then 7 days later (instead of a few hours later) the e-mail gets sent back with the message that the other server doesn't accept the mail (instead of saying that the domain doesn't exist) after being retried hundreds of times eating up valuable bandwidth and processing time. Then if your end-user isn't smart enough, he'll retry sending it, not noticing he has a typo in his address book, because after all, the other e-mail server DOES exist.
Custom electronics and digital signage for your business: www.evcircuits.com
Rogers Cable high-speed internet has been doing that for the past couple months now too. URL typos get redirected to their own search.rogers.yahoo.com or something like that, disabling toolbar search functions in browsers.
The kicker is that I also think they're actively blocking access to other search engines periodically in order to increase usage of their own. www.Google.com will sometimes time-out while trying to load, but works fine when accessed through Dogpile meta-search.
Since I've moved off of Rogers already, I can't do more experiments to test, but if anyone else is on it, I suggest you keep an eye out.
A laughable example of how poorly implemented the Charter DNS error is:
http://flickr.com/photos/listrophy/2194252038/
Things to note:
For this and many other things, I have since stopped using Charter. My soul feels so much cleaner now that I'm not giving them money.
IWARS.
People, in general, disappoint me. Politicians even more so.
And, the reverse that others have mentioned.
If you use a DNS blocking list (DNSBL) for e-mail, you will stop receiving any e-mail, because every lookup will always return a "found", and DNSBLs work by returning NXDOMAIN if the site isn't listed, and returning an IP address if it is.
Some of the small resellers buy raw bandwidth, so you can avoid the brain-damage.
--dave
davecb@spamcop.net
http://search.suddenlink.net/prefs.php
That's the "Opt-out" page... a 200 OK response. The "Opt-in" page has all of the ads.
IWARS.
People, in general, disappoint me. Politicians even more so.