Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reports of IE Hijacking NXDOMAINs, Routing To Bing

Posted by kdawson on from the if-I-want-bing-I-will-type-bing dept.

Jaeden Stormes writes "We just started getting word of a new browser hijack from our sales force. 'Some site called Bing?' they said. Sure enough, since the patches last night, their IE6 and IE7 installations are now routing all NXDOMAINs to Bing. Try it out — put in something like www.DoNotHijackMe.com." We've had mixed results here confirming this: one report that up-to-date IE8 behaves as described. Others tried installing all offered updates to systems running IE6 and IE7 and got no hijacking.
Update: 08/11 23:24 GMT by KD : Readers are reporting that it's not Bing that comes up for a nonexistent domain, it's the user's default search engine (noting that at least one Microsoft update in the past changed the default to Bing). There may be nothing new here.

26 of 230 comments (clear)

  1. Ridiculous by Josh04 · · Score: 1, Insightful

    IE cannot "hijack" NXDOMAIN, because it's not an ISP.

    1. Re:Ridiculous by Anonymous Coward · · Score: 0, Insightful

      More kdawson FUD?

    2. Re:Ridiculous by nine-times · · Score: 5, Insightful

      Well even more to the point IMO: IE isn't "hijacking" NXDOMAIN because IE is the program you're requesting the domain from. Saying IE is hijacking your domain query is a little like claiming the normal pilot of a plane is hijacking it whenever he flies. No, he's not, he's the pilot. It's kind of his job.

      What I mean is, if I dropped to the command prompt and typed "nslookup [whatever]", is IE changing the results that I get? If not, then it isn't really fair to say they're "hijacking" anything. If you're typing a domain into your address bar of your browser, and you want something to figure out what you're trying to type and possibly redirecting to a search engine, then the browser is the appropriate place for that to happen. The complaints about DNS "hijacking" is because it's being done by the DNS server and not the browser, but the browser is actually the right place for this to happen.

      Now maybe they should offer the option to turn this on or off, but really as long as they're respecting your choice in search engines, I don't think there's a problem. It's a little like complaining that Firefox's Awesome Bar tries to guess what sites you're trying to find.

    3. Re:Ridiculous by mrsteveman1 · · Score: 3, Insightful

      Because somehow on Windows 7, Firefox is doing the same thing now, and Google is the default search engine.....

    4. Re:Ridiculous by causality · · Score: 1, Insightful

      It's their product, and if you input an invalid URL...their product directs you to their search engine to allow you to search for whatever it is you are looking for. How in the fuck is this wrong?

      I already answered your question and described what I think is wrong with such practices. If you disagree with my answer, please tell me why you disagree and what part of my reasoning seems invalid to you. An emotive restatement of the question doesn't contribute much.

      To me, this would be a legitimate practice PROVIDED that they first ask the user. Ideally, this feature would be off by default, the user would first enable the feature and would then get to choose the search engine that it uses. I'd have no problem with that.

      What I think is unethical is if no such question is asked and Microsoft just decides for you that every little typo means you really wanted to do a Bing search. Do you really think that sort of "creative interpretation" of your actions sets a favorable precedent? Microsoft clearly gains from this because they are trying very hard to promote their search engine, while the user either has a dubious benefit or has to suffer a needless annoyance. I don't use use Microsoft software, but if I did, I most certainly would not be paying them for the "privilege" of being a bargaining chip in their struggle to compete with Google. Perhaps other people don't mind being used in such a demeaning fashion, but I certainly don't and have never consented to it.

      If Bing is successful and gives Google a run for their money, it needs to be because of its merits. It should never be because Microsoft was able to leverage its marketshare in one market to dupe its users into going along with giving them undue success in another market. No one except for Microsoft benefits from that scenario. That is not the sort of competition that lets all of us enjoy better browsers and better search engines. I don't know how to make that more clear.

      I'll emphasize that these reports are not terribly consistent. I don't know if this is what is going on and I'm not the sort of fool who automatically believes everything he reads. Having said that, I do know that this is the accusation being made in the summary. If it is a correct accusation, then everything I have said applies.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    5. Re:Ridiculous by Capsaicin · · Score: 4, Insightful

      Even if you were more right, I'd rather side with him since he can spell.

      What was being corrected was ISP for DNS. I don't believe the presence of an apostrophe was the issue the poster was addressing. If you choose to believe a message based on the correctness of punctuation, or even spelling, rather than examining the truth of its (how tempted I was to write it's just to annoy you!) semantic content, you are systematically deluding yourself.

      Otherwise well informed people make spelling mistakes. Highly intelligent people make spelling mistakes. People who know how to spell make typos. People who are on the losing side of an argument clutching at straws invest such mistakes with an importance they do not possess.

      --
      Better to be despised for too anxious apprehensions, than ruined by too confident a security. --Edmund Burke
  2. Who cares!?! by o+TINY+o · · Score: 2, Insightful

    I mean really. We can get a page telling us the site doesn't exist, or we can be re-directed to a search engine which can help us find what we were looking for. Yeah it helps pimp Microsoft, but I figure if you are using their browser, it is fair game.

    1. Re:Who cares!?! by supernova_hq · · Score: 2, Insightful

      There is a difference between redirecting on a keyword (not in URL format) and with a properly formatted (yet incorrect) URL.

      "slashdot" should do a search, "slashdot.gobcom" should show an nxdomain error.

  3. Bad Posts by Microlith · · Score: 5, Insightful

    Yet another stupid, linkless, flamebait article.

    Come the fuck on guys.

    1. Re:Bad Posts by jpmorgan · · Score: 5, Insightful

      Seriously, this is the stupidest article I've seen on slashdot in a while. I tried on IE8 on this computer and it sends me to a google search. Oh noes!!! Google and Microsoft have teamed up to hijack NXDOMAIN!

      No, IE is just sending you to your default search engine. If you never use IE you probably never changed its default selection of bing/live search. And this isn't NXDOMAIN hijacking! This is an application interpreting an NXDOMAIN response and acting on it in a sensible way.... the kind of behavior that NXDOMAIN hijacking breaks. Seriously, this is a fucking stupid post.

    2. Re:Bad Posts by GeckoAddict · · Score: 5, Insightful

      One word: kdawson

  4. Re:It is just trying to be helpful. by Darkness404 · · Score: 4, Insightful

    But it becomes a bad thing when you do it for non-existent domains. When you type something without the domain name, its assumed you are searching for something, when you enter a non-existent domain, its sorta like dialing a wrong number. I'd rather the phone system tell me I have a wrong number rather than trying to get me where it thinks I want to go. If I call 555-555-5555 chances are I want 555-555-5555, it should not assume that I want 555-555-XXXX. When I want to go to something .com, .net, .org, or another domain, I want it it to show me the domain, if there is no domain, tell me there is no domain.

    --
    Taxation is legalized theft, no more, no less.
  5. *mods article Overrated* by Looce · · Score: 4, Insightful

    IE 6 has always been doing stuff on auto.search.msn.com if you entered URLs whose domain name didn't exist.

    This is not news.

    Nothing to see here, move along.

  6. Re:OP completely misses the point... by Achromatic1978 · · Score: 4, Insightful

    It breaks VPN clients in a BIG way

    It breaks really shittily configured VPN clients/networks in a BIG way.

    WTF is your VPN doing attempting to resolve VPNed hostnames through your default ISP connection, rather than using a nameserver on the VPN? I'd fire your network security guy, before you get bitten in a big way by a DNS "MITM" - I use quotes because it's really Man In The Wrong Place At The Right Time Who Gets Lucky Because Of An Insecure VPN, but that's not quite as catchy.

  7. Re:It is just trying to be helpful. by ojintoad · · Score: 5, Insightful

    Take them to kdawson and force him to explain why I can't tag this !story since it is clearly NOT a STORY.

  8. Re:Disgusting, But Totally Ineffective Microsoft by Admodieus · · Score: 4, Insightful

    I thought that was the ignorance siren that I heard. Where do I start?

    150 million wasted on the latest rebranding of their failed search product. No effect on marketshare

    Actually, it stole a percentage point of Google's market share last month. I don't think anybody expected it to gain 70% market share overnight. Except maybe you?

    Mass numbers of suspicious posts on Net messageboards all parroting the same talking points: "I'm a long time Google users and I decided to give Bing a try and By Golly! I'm switching!"

    Suspicious? Really? I saw somebody the other day on a Macbook Pro using Bing willingly. It's anecdotal evidence. There's nothing suspicious about it. It happens to some people, not everyone. I'm sure there are people who used Live Search before and switched to Google or Yahoo.

    Paying floundering Yahoo to use their search engine

    I won't argue with the state of Yahoo, but this has the potential to double the usage of Bing, and make it a much more formidable opponent to Google. It was a good deal.

    * Putting up fake news story items on Microsoft web pages that are really nothing more than hidden Microsoft search links attempting to inflate the search marketshare

    Haven't seen an example of this yet. Provide one and I'll yield this point.

    * And now this crap The rate Ballmer is throwing billions at their failed search efforts looks like it may actually outdo Microsoft 8 year long Xbox fiasco for.

    Read the first few comments - it goes to your default search provider, which is Google if you set it to. And I hate to be the bearer of bad news for your anti-Microsoft sentiments, but the XBox division is doing pretty well for itself right now. They've made Sony a laughing stock this generation.

    --
    "It's a reverse vampire...they....they crave the sun!"
  9. Is this not what you wanted? by characterZer0 · · Score: 4, Insightful

    Every time an ISP starts hijacking NXDOMAIN responses, dozens of comments suggesting that this should not be done by the ISP but in the browser get modded +5 and are generally agreed with.

    So MS made their browser do it. What is the problem?

    (Other than using a monopoly in one market to get one in another.)

    --
    Go green: turn off your refrigerator.
  10. Re:It is just trying to be helpful. by Fastolfe · · Score: 2, Insightful

    But it becomes a bad thing when you do it for non-existent domains.

    Why? If I mistype a domain name, and get a search results page, I know instantly what happened (I mistyped the domain name), and, odds are, the correct page that I'm looking for is in the search results (usually at the top), one click away, instead of a retype away. This is a net positive for me. Fortunately we can both have it our own way, since you can turn this feature off, right?

  11. kdawson needs to go by kuzb · · Score: 5, Insightful

    Seriously, how many bad articles does this guy have to post before he gets thrown off the slashdot team?

    --
    BeauHD. Worst editor since kdawson.
  12. Re:Standard IE functionality...? by Anonymous Coward · · Score: 4, Insightful

    Indeed. It's also possible that these are people that used to get "Windows Live Search" when they made a mistake and now get "Bing!" instead.

    (Windows Live Search no longer exists - "www.live.com" redirects you to "www.bing.com"; so any web-browser installs configured to go for Windows Live will now automatically go to Bing instead.)

  13. Re:Is that considered Hijacking? by Anonymous Coward · · Score: 4, Insightful

    That is entirely up to the browser. If the user does not like it, there is an option to turn that off, and there are other browsers which behave differently. NXDOMAIN highjacking is a problem because it is a violation of a standard internet protocol and interferes with other protocols. This is not highjacking. It's a user agent reacting to NXDOMAIN. There is no technical reason why it shouldn't do what it does.

  14. Re:MS Back to their old ways? by Blakey+Rat · · Score: 2, Insightful

    What is WRONG with you people? Why do you real Slashdot stories like this one and instantly come to the conclusion that the story is accurate? Or even remotely true?

    Look, maybe this is your first day, so let me clarify it: Every story on Slashdot about Microsoft is at least misleading; most are outright false . Repeat that mantra a few times until it sinks in.

    No, this isn't Microsoft "going back to their old ways." This is some moron finally discovering a feature that IE has had since version 6, and possibly before, and going off on some crazy rant with no basis in truth. IE is only redirecting people to Bing because Bing is set to the default search provider!

    Please, please, I beg you, DO NOT BELIEVE EVERYTHING YOU READ. In fact, on Slashdot, don't believe *anything* you read unless it's been confirmed elsewhere.

    --
    Comment of the year
  15. Re:Standard IE functionality...? by Anonymous Coward · · Score: 1, Insightful

    You are correct. After upgrading to IE8 on one of my virtual test machines, I found that all URLs that do not resolve to a site resulted in a Bing search. I little research into the settings revealed that the this feature was enabled and the default search engine was set to Bing. I added a the Google search engine and set that to my default and issue resolved.

  16. Re:Sorry for confusion... someone edited the post by Wuhao · · Score: 2, Insightful

    (original poster here) You're right, I'm not as up on the networking side as I am the code side, and I didn't use the correct terminology when I said "hijacking". However, the NXDOMAIN stuff was added by someone else who edited my post before putting it up on the site; I haven't the slightest idea what NXDOMAIN even is. So yes, I'm ignorant in that regard, but not so much so as to throw out terms I don't understand and give a wildly false report.

    I wouldn't be so quick to jump on the editor for this. I saw your original post on the Firehose, in which you claimed Microsoft is redirecting 404s -- this would be monstrous and bad, and while "hijack" is a term you can quibble over, your original report was significantly more dire, and objectively false. A 404 is the HTTP response when you ask for a file that's not on the server. In this case, we don't even get as far as asking the server for the non-existent file, because we can't find its IP -- so we get the 404's cousin in DNS, the NXDOMAIN. The editor caught your mistake and corrected it.

    Basically, what it's done is force-feed all of our machines Bing as a default search engine (it had been Google). It's one thing if it shipped that way, but this just happened all of a sudden and our sales force (who are not exactly IT-savvy) freaked out and started calling in virus reports when the behavior changed without warning.

    Sorry for the confusion. Still, sucks what they did.

    If I understand you right, you're saying that your salespeople were used to being directed to Google. So, you guys were already comfortable with this behavior from a technical standpoint, and you're annoyed that it changed from Google to Bing. I'm not an IE user, so I don't know exactly how this behavior worked, but I wouldn't be at all surprised if I were in your position and learned that Microsoft has decided to stop using their browser to promote their competitor in favor of their new product.

    From reading the comments here, if you don't want it to use Bing, you can tell your sales guys to set Google as their default browser, because it sounds like that's what it's redirecting to. And as a guy who really dislikes Windows, IE and Microsoft in general, let me say that sounds like a reasonable enough deal.

  17. Re:Confusing the service with the client... by Bigjeff5 · · Score: 5, Insightful

    Here here!

    My god, this service has existed since they launched IE6, it is simply turned off by default.

    Hit the big "Search" button in the toolbar, and hit customize, and you can change what search provider the address bar search uses. You can disable/enable/change the address bar search option in Internet Options/Advanced.

    They obviously recently updated the list of service providers to replace Live search with Bing. My guess is they changed the default address bar search behavior also, and anybody who was using the defaults got changed over.

    Nobody seems upset that Chrome does this by default, or that FireFox can do this too. Frickin hypocrites.

    Seriously, get ahold of yourselves people, you're really getting upset that IE tries to find the website you were looking for instead of saying "Website not found"? And it's somehow DNS hijacking? Get a grip people!

    --
    Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
  18. Re:Verizon does it for me... by SBrach · · Score: 2, Insightful

    That is since this afternoon when someone clever realized an unregistered domain was about to receive a s;ashdotting. Wonder how much those ads earned him today.