Slashdot Mirror
Reports of IE Hijacking NXDOMAINs, Routing To Bing
Jaeden Stormes writes "We just started getting word of a new browser hijack from our sales force. 'Some site called Bing?' they said. Sure enough, since the patches last night, their IE6 and IE7 installations are now routing all NXDOMAINs to Bing. Try it out — put in something like www.DoNotHijackMe.com." We've had mixed results here confirming this: one report that up-to-date IE8 behaves as described. Others tried installing all offered updates to systems running IE6 and IE7 and got no hijacking.
Update: 08/11 23:24 GMT by KD : Readers are reporting that it's not Bing that comes up for a nonexistent domain, it's the user's default search engine (noting that at least one Microsoft update in the past changed the default to Bing). There may be nothing new here.
Update: 08/11 23:24 GMT by KD : Readers are reporting that it's not Bing that comes up for a nonexistent domain, it's the user's default search engine (noting that at least one Microsoft update in the past changed the default to Bing). There may be nothing new here.
So it looks like its not Microsoft's fault in -my case-.
This is my sig.
IE cannot "hijack" NXDOMAIN, because it's not an ISP.
I mean really. We can get a page telling us the site doesn't exist, or we can be re-directed to a search engine which can help us find what we were looking for. Yeah it helps pimp Microsoft, but I figure if you are using their browser, it is fair game.
I'm pretty sure that if you had the Google Search Provider add on for IE, and made it your default search provider, it would do the same? Hasn't that always been the case for Non-existant domains?
I mean, its IE, and its microsoft - all they're basically doing is providing the "Microsoft Add On" in their versions of IE.
It isn't actually Bing that it goes to, it is whatever your default search provider is. Now that is Bing by default, but you can change it to anything you want. IE8 asks you during setup, and you can change it later. So if you change it to Google and enter a non-existent domain, it'll send you to Google with a search for that.
Similar to how Firefox works, just in more cases. In FF, if you enter a name with no domain, it tries some popular ones like .com. If it can't find any, it then does a search in your default provider. IE is doing a similar thing, but doing the search even if you do enter a domain.
IE 6 and 8 (don't use 7 anywhere). Both redirected to BING ....
The funniest thing we have ... our filter (k-12 schools) blocks BING LOL. ... here is the report ...
Category: Image Servers & Image Search Engines
Blocked URL: http://www.bing.com/search?FORM=DNSAS&q=www.DoNotHijackMe.com&adlt=strict
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
I get a search page on bing.com using IE7 but didn't update today :( I think i have previous updates except IE8.
Yet another stupid, linkless, flamebait article.
Come the fuck on guys.
I'm saying what it is doing, and why. It isn't "hijacking" it is trying to be helpful to users that mistype a domain.
I don't know if it is just my perception, but it feels like MS is back to their old ways with a lot of their activities these days - particularly with regard to anything web facing.
After what felt like a few years of roughly being fair with things, we seem to have had a spate of underhand moves recently. Off the top of my head I can list installing firefox extensions through windows updates without asking (spooking a lot of people including myself - "1 new extension installed what? I didn't install anything"), upgrades to IE8 presenting the user with a complex series of choices - one that implies you should opt in to their accelerator program or IE8 won't install, and the other offering you an express set of installation options or else click through a large number of preference screens - while failing to mention that express settings set IE8 as the default browser.
And now (if true), engaging in DNS hijacking to drive visitors to their search site. Can they just not accept user preference at all?
IE is - as stated above - being helpfull, as a program should be. It is not a "hijacking" since the program requesting the DNS-lookup is IE. This is nothing like having NXDOMAIN, transparently, changed into something it isn't on the network-level.
In one case the program gets to decide what to do and in the other someone else is telling your program that the expected result is something else.
//Patrik Graeser
IE 6 has always been doing stuff on auto.search.msn.com if you entered URLs whose domain name didn't exist.
This is not news.
Nothing to see here, move along.
The problem with REAL null domain hijacking is that it breaks software. It breaks VPN clients in a BIG way as well as anything else that searches the Intranet for services. Since this is only active within the web browser and entirely possible to disable, it is far from the big hassle that ISP based hijacks are.
Firefox also does exactly the same thing. Also easy to disable.
Using IE 6.0.2900.2180.xpsp_sp2_qfe.090206-1239:
I just tried it and I got hijacked to a Google page sponsored by Dell.
My computer is a Dell.
IE is not DNS server. What is most likely happening is that with some registry entry a certain way and a certain set of patches, when IE gets a NXDOMAIN when doing a domain name lookup it then does a bing/google/yahoo search (depending on another registry entry for your preferred search engine). It used to show a page with a red X.
This is not DNS hijacking. If somehow Windows now had a caching DNS server that substituted a IP address that then redirected to a bing search or something of that sort, that would be DNS hijacking. This is IE the client trying to handle NXDOMAIN errors in a helpful way. Hopefully this is customizable like I expect. The only thing about this is that if the default is bing that increases exposure and ad revenue for Microsoft. It does not break the internet like DNS hijacking does.
In the options menu there's a setting "Search form the address bar." You can change that to not submit unknown addresses. It is just the default behavior, not the mandatory behavior.
Comment removed based on user account deletion
This is a non-issue.
Why the hell this articles keep coming when there are plenty of real issues about Microsoft, IE.
Comment removed based on user account deletion
I just tried it = www.DoNotHijackMe.com in IE8 and Google loaded.
It's caused by a setting Tools -> Internet Options -> Advanced -> Search Options and "Just Display the results in the main window" is selected. If "Do not submit unknown addresses to your auto-search provider" is selected, if it can't find an address it submits it to your default search provider.
No mystery.
For worst article ever not written by Jon Katz to be published on slashdot.
Comment removed based on user account deletion
http://wwww.asdfasfasfs.asdfasfasdfsaf.com/
gives you "Internet explorer cannot display the webpage"
wwww.asdfasfasfs.asdfasfasdfsaf.com
gives you search-engine results for your default search engine.
Nothing for you to see here.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I thought that was the ignorance siren that I heard. Where do I start?
150 million wasted on the latest rebranding of their failed search product. No effect on marketshare
Actually, it stole a percentage point of Google's market share last month. I don't think anybody expected it to gain 70% market share overnight. Except maybe you?
Mass numbers of suspicious posts on Net messageboards all parroting the same talking points: "I'm a long time Google users and I decided to give Bing a try and By Golly! I'm switching!"
Suspicious? Really? I saw somebody the other day on a Macbook Pro using Bing willingly. It's anecdotal evidence. There's nothing suspicious about it. It happens to some people, not everyone. I'm sure there are people who used Live Search before and switched to Google or Yahoo.
Paying floundering Yahoo to use their search engine
I won't argue with the state of Yahoo, but this has the potential to double the usage of Bing, and make it a much more formidable opponent to Google. It was a good deal.
* Putting up fake news story items on Microsoft web pages that are really nothing more than hidden Microsoft search links attempting to inflate the search marketshare
Haven't seen an example of this yet. Provide one and I'll yield this point.
* And now this crap The rate Ballmer is throwing billions at their failed search efforts looks like it may actually outdo Microsoft 8 year long Xbox fiasco for.
Read the first few comments - it goes to your default search provider, which is Google if you set it to. And I hate to be the bearer of bad news for your anti-Microsoft sentiments, but the XBox division is doing pretty well for itself right now. They've made Sony a laughing stock this generation.
"It's a reverse vampire...they....they crave the sun!"
Comment removed based on user account deletion
Every time an ISP starts hijacking NXDOMAIN responses, dozens of comments suggesting that this should not be done by the ISP but in the browser get modded +5 and are generally agreed with.
So MS made their browser do it. What is the problem?
(Other than using a monopoly in one market to get one in another.)
Go green: turn off your refrigerator.
Comment removed based on user account deletion
The roadrunner search does have an opt out though.
Most if not all versions of IE (6+, and probably older ones too) have a feature called search from address bar. With this setting enabled, anything typed in the address bar which does not resolve to a website, is passed on to the default search engine, whichever that may be.
Perhaps a recent update turned this feature ON for people who had it turned OFF? But the feature itself is most definitely not new or news.
I liked my next sig a lot better
Comment removed based on user account deletion
I tried www.donothijackme1234.com and I got a pop up asking if I wanted to turn the phishing filter on (you can tell how much I use IE on this computer).
I wonder if turning that on/off makes a difference?
(I clicked "turn it off" of course)
End of discussion. Everybody go rant on a different article.
Go green: turn off your refrigerator.
I'm getting kind of self-conscious.
Some fatass peddling t-shirts is apparently hijacking that site for me.
All IE is doing is performing a search for whatever you typed in, if it can't find the domain. If your search engine is set to Bing, it will search there. My search engine is set to Google, so it searches there.
Nothing to see here, other than FUD perpetrated by the ./ community.
Seriously, how many bad articles does this guy have to post before he gets thrown off the slashdot team?
BeauHD. Worst editor since kdawson.
Right about the time Bing went public, I noticed IE7 on a virtual machine I hadn't patched in a while magically started sending me there instead for bad URL's. Whether this was a redirect of MS Live Search, or something where IE had a Bing "timebomb" enabled at some point once MS knew when the service would light up, it's something I surely didn't enable -- and am having a very hard time disabling. Fortunately I use FF for everything except a couple work apps that still cling to IE, so my forced Bing episodes are few and far between.
Guess if you can't win 'em over with marketing, you can force them through redirection. I'm just waiting for MS Antitrust 2.0 to come out.
Where are they sending visitors to slashdotted sites?
XKCD:Xeric Knowledge Comically Dispen
Of course, the "Slashdot effect" (of everyone trying "donothijackme" in their browser) has now caused an increase in the requests for that domain, and now someone (wisely) has purchased the domain www(dot)donothijackme(dot)com and re-directed THAT to their primary web page...interesting use of an unrelated article to promote one's own business.
I chose not to link to that site again in this post. Just doin' my own little part to not artificially inflate his traffic numbers.
Microsoft today heeded the lessons of technological history, taking the popular "preview porn videos in the search engine" feature and turning its Bob Hope "decision engine" into a porn finder at the address explicit.bobhope.microsoft.com, that loads automatically in Internet Explorer whenever you go to a site that doesn't exist.
"It worked for VHS over Beta, porn sites were leading innovators in online payments. It's a natural synergy," said Steve Ballmer, looking somewhat sweaty and flushed.
Porn sites are some of the keenest users of Microsoft technologies, using the undocumented interfaces in Internet Explorer to install helpful toolbars and bulk email tools on users' systems. "It's all about tools," said Mr Ballmer, looking rather too excited. "Our tools have amazed people for decades. Microsoft are famous for the biggest and best tools ever. Developers! Developers! Developers! DEVELOPEEERS!"
Internet Explorer 8 is a vital part of the promotion. After a competition that advertises IE8's superior standards compliance with a site that deliberately breaks all other browsers, a programme to donate eight free meals for the poor for every IE8 download (with the cost of the meals being 10% of the spend on promoting them) and a string of free porn sites requiring a Silverlight download to watch the smut, IE8 Service Pack 1 will include a "boot straight into porn" mode. "We found that was what users really wanted in an operating system. I mean, browser. They're inseparable, you know." It will include the Storm, Conficker and FBI botnets as standard. "If you can't beat âem, join 'em." The system will also set up automatic deductions from your bank account and credit card.
Mr Ballmer promised that Microsoft will, as always, deliver. "Unlike porn sites, we don't just tease -- we really will fuck you. Now bend over."
Picture: Steve Ballmer ecstatic at the fifth great quarterly results in a row.
http://rocknerd.co.uk
And it didn't take long before a /. registered the domain and redirected it to the silly T-shirt store.
"The past was erased, the erasure was forgotten, the lie became truth." ~1984 George Orwell
It's configurable since IE vForever.0
from 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
to 45 2F 6E 40 3C DF 10 71 4E 41 DF AA 25 7D 31 3F
I know you all wanted to see me post that. Such a primmadonna (kdawson, not me)
Edith Keeler Must Die
You're giving free advertisement to some jerk who registered the domain to grab attention to his site. http://who.godaddy.com/WhoIsVerify.aspx?domain=donothijackme.com&prog_id=godaddy
.... ... }
int main (void) {
I think you've grabbed every DNS-related RFC you can find, hoping that I had not read them. I have, and so I will ask you to be more specific. Which part of RFC 2065 (DNSSEC) is violated? Are you suggesting that IE is a poorly-implemented DNS caching server which does not cache negative results (RFC 2038)? I'm particularly curious why you cited RFC 1536. Did the subject of the conversation turn to whether IE is appending your local domain to DNS queries for non-explicit FQDNs?
The only specific citation you've made from the DNS-related RFCs is about structuring the DNS header. I have yet to see anyone point to any claim that IE sends improperly formatted DNS headers. What they ARE doing is presenting your NXDOMAIN result accompanied by results for a search on the missing domain.
I still do not see a standard which requires a browser or other application's response to an NXDOMAIN to not accompany it with search results, and I do not believe one exists. If your script relies on IE presenting NXDOMAINs in a specific way, then you have a badly-written script, and you shouldn't have expected it to keep working.
It's the correct solution for that "problem" with no "splash damage".
Domain hijacking is a huge deal for me.
Your description is confusing the browser trying to resolve your broken DNS request with an ISP hijacking your DNS request.
Primarily, when I'm on an internet connection that's hijacking the domain, if I type 'amazon', firefox first checks if I have an amazon in my searchdomain (ie: amazon.example.com)
No. When you're on an internet connection that's hijacking the domain, amazon resolves to a 'service' provided by your ISP even though it's not a registered domain.
, and if not, it tries adding a .com, then a www. and a .com...
What you mean is that if your ISP's DNS service works correctly and tells you that amazon.com doesn't exist, your web browser (Firefox in this case) has some heuristic for trying other DNS queries in an attempt to help you, and when those queries are exhausted it takes you to a search engine.
if the ISP is hijacking it, I get an answer to 'amazon' with the hijacked page. This means that I have to type the .com every time.
Which is what you should have written first.
So you have to type .com when you mean amazon.com. Yeah, that's like saying that I have to write Plymouth, MA next to 02364 on my address. The postal service is run by people, and usually, they can figure it out, but if the address is wrong, it's your fault, even if they helpfully fix it for you.
with a browser doing the same thing, I could be trying to connect to my primary server (wolverine) and if I mistype the webaddress, it redirects me to bing, changing my URL bar to the bing URL which means that when I've typed 'wolverine/some/really/long/path?with=variables' I have to go type that whole thing over again to correct it rather than just fixing it in the addressbar.
So turn off the feature which searches with the default search engine when your DNS query fails.
If you want to bypass DNS for your machines, put your own entries in your "/etc/hosts file" (%WINDIR%\System32\drivers\etc\hosts on Windows). Also, you can run your own DNS service locally.
so, hijacking the DNS is a BITCH and is totally annoying all the time.
Only if you aren't technically savvy enough to use a web browser. After you type amazon.com in once into IE or Firefox or Chrome these days, the autocompletion helpers from your recent history usually have enough context that shift+enter (in IE anyway, not sure about the others) takes you where you want to go.
The real problem with DNS servers hijacking broken requests is that they lie to network tools, not just web browsers. This can cause serious problems. DNS is used for more than just HTTP.
I tried to find something, and the closest I could come up with was 2308, but I don't think that really addresses this problem.
But, I do agree that it's a problem. I do not want any program that I use to access the internet, to connect to a host:port that is not the one that I specified.
Having said that, I do understand that it is the MS way to try to hide technical complexity from their users, and that it will provide additional income to MS, Yahoo, ISPs, and others.
So, being technical, I will continue to not use MS or my ISPs DNS servers, and will help others as best I can.
"The sky is falling, the sky is falling!"
Apparently next time this happens, please try changing your default search engine to something else besides Bing. Better yet turn off the search option for invalid URLs and "Dummy Proof" IE so you won't get fooled again.
Of course I use Firefox as my main web browser so I don't suffer from stuff like that. I refuse to get fooled again by IE.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
(original poster here) You're right, I'm not as up on the networking side as I am the code side, and I didn't use the correct terminology when I said "hijacking". However, the NXDOMAIN stuff was added by someone else who edited my post before putting it up on the site; I haven't the slightest idea what NXDOMAIN even is. So yes, I'm ignorant in that regard, but not so much so as to throw out terms I don't understand and give a wildly false report.
I wouldn't be so quick to jump on the editor for this. I saw your original post on the Firehose, in which you claimed Microsoft is redirecting 404s -- this would be monstrous and bad, and while "hijack" is a term you can quibble over, your original report was significantly more dire, and objectively false. A 404 is the HTTP response when you ask for a file that's not on the server. In this case, we don't even get as far as asking the server for the non-existent file, because we can't find its IP -- so we get the 404's cousin in DNS, the NXDOMAIN. The editor caught your mistake and corrected it.
Basically, what it's done is force-feed all of our machines Bing as a default search engine (it had been Google). It's one thing if it shipped that way, but this just happened all of a sudden and our sales force (who are not exactly IT-savvy) freaked out and started calling in virus reports when the behavior changed without warning.
Sorry for the confusion. Still, sucks what they did.
If I understand you right, you're saying that your salespeople were used to being directed to Google. So, you guys were already comfortable with this behavior from a technical standpoint, and you're annoyed that it changed from Google to Bing. I'm not an IE user, so I don't know exactly how this behavior worked, but I wouldn't be at all surprised if I were in your position and learned that Microsoft has decided to stop using their browser to promote their competitor in favor of their new product.
From reading the comments here, if you don't want it to use Bing, you can tell your sales guys to set Google as their default browser, because it sounds like that's what it's redirecting to. And as a guy who really dislikes Windows, IE and Microsoft in general, let me say that sounds like a reasonable enough deal.
And I'm heading into my preferences to make it so kdawson's articles no longer appear for me. :/
After years of not using a signature, I am going to make one to say the following: Fuck Beta
My cable internet service does that here too. They default to Yahoo, (WHY?) but you can op-out and/or choose your own search engine. In 2 years of rare use (ie accidental, miss-typing) I have only had to reset once.
6.8SPC TR of 550, l xwind at 6, drift rt at 26" drops 77". AT has 503 ft-lbs at 1403 fps. FT 0.86
I just tried it and it routed me through Google search.
So we have to violate RFCs for something to be abhorrent, disgusting and reprehensible now?
The ancestor post claimed that standards were violated. I asked which standard, because I do not believe any recognized standard has been violated. In any case, since you've claimed that this is "abhorrent, disgusting and reprehensible," I challenge you to back that up. At best, I think you could say "it decreases usability." While inconvenient, that's hardly "reprehensible."
Whoops, somehow posted that anon. Must have hit the box by mistake.
Open %WINDIR%\system32\drivers\etc\hosts in notepad.
At the bottom of the file add this:
66.102.1.147 www.bing.com bing.com
Save it. This will point you to google and break the hijack. Feel free to use any IP you want.
Don't kid yourself. It's the size of the regexp AND how you use it that counts.
Some guy here saw a loose domain and hijacked it away from Bing. Check out this whois and the start date: whois donothijackme.com Registrant: John Johnson 43545 Tell You Las Vegas, Nevada 85698 United States Registered through: GoDaddy.com, Inc. (http://www.godaddy.com) Domain Name: DONOTHIJACKME.COM Created on: 11-Aug-09 Expires on: 11-Aug-10 Last Updated on: 11-Aug-09 Administrative Contact: Johnson, John jjohnson@hjgtrd.com 43545 Tell You Las Vegas, Nevada 85698 United States +1.7674548596 Fax -- Technical Contact: Johnson, John jjohnson@hjgtrd.com 43545 Tell You Las Vegas, Nevada 85698 United States +1.7674548596 Fax -- Domain servers in listed order: NS31.DOMAINCONTROL.COM NS32.DOMAINCONTROL.COM
They've made Sony a laughing stock this generation.
I don't think Sony needed much help on that point.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
That is since this afternoon when someone clever realized an unregistered domain was about to receive a s;ashdotting. Wonder how much those ads earned him today.
Probably not a lot. While I've never had the full benefit of a good slashdotting, I've posted links to my own content sometimes when I felt it to be relevant. Its not a profitable adventure, so, guys looking to make a quick buck will probably be disappointed. Most slashdotters either don't click on ads when they go from slashdot to other sites, so you can get a lot of traffic but with no clicks.
Incidentally, this is probably why newspapers are so pissed off at content linkers in general. The content linker gets the ad revenue but when people jump to the original article, they read the article, then jump back to their original integration point, whether it is slashdot, drudge, or somebody else.
I would think if you were going to try and get yourself slashdotted, I would do it with the expectation that you are going to take a good server beating, not make any immediate money off of it, and go forth from there. It's more of a name recognition thing, then anything else, and the real hope is that the content you provided has some innate legs to it such that some fraction of the people that slashdotted you will spread it themselves via "internet of mouth" and then from there that will, over the long term, grow your site more organically.
This is my sig.
Astroturfer, this nonsense is yet another M$ bad idea that fools no one!
You're welcome to think whatever you want.
What am I, a twig to be bent? Well, OK, I will feed the troll.
I specifically said that you can make an argument the standards are not being violated. These standards are not necessarily defined to exist at the presentation layer. You've chosen to ignore that part of my statement. With that caveat, RFC2065 section 5 specifically defines NXT returns for non-existent hosts - you ask for something not present, you get a description of the range of non-existent hosts that contains the requested name. You follow? There is DATA returned, Microsoft is removing it from the response when it directs you to a search page; if you think it's OK for presentation layer tools to re-interpret returns from DNS in a way that removes content by default without the consent or knowledge of the user, then that's OK - otherwise it's a violation of RFC2065 because the record returned has been munged in transit to the user.
No. I haven't checked, so I would not suggest that.
The subject of the conversation, as I see it, is whether it's OK for IE (presentation layer) to behave in a way that ISPs (transport layer) should not. Tangentially, I guess you are not aware that currently shipping Microsoft operating systems cache DNS, and that current versions of IE only work on Microsoft operating systems.
This is getting tedious. Are you simply missing the point, or are you purposely misdirecting the conversation to exercise your typing skills? IE is shortstopping the bad status return and substituting a valid page lookup. Some people don't like that, and if you believe that the standards control the presentation layer as well as the communication on the wire, then you'll see this as a standards violation.
Didn't I just say that? Some people find it offensive. I would consider it stupid and a waste of my time, if I used IE. But I rarely use IE, because it is a crappy browser that doesn't run on half my systems anyway, and personally I can look up how to change the behaviour anyway.
Perhaps you should write one, then. I don't see any standard which requires applications to not explode and not spit acid in my face. It's somewhat unusual (though not unknown) for RFCs to have negative specifications.
As far as I'm concerned, if your script relies on IE, you have a badly written script. Yet I am aware of several dozen in constant use at several large hospitals, and I am sure there are tens of thousands out there (at least).
Y'know, I was just tr
I can see that we've mutually misinterpreted one another's tones and meanings. My apologies if I came off more rudely than I intended. If we're going to continue this discussion, then let me clarify my tone in the opening sentence that I think you found provocative: I had intended it to be challenging in the style of two guys having a sporting conversation about a subject they both know quite a bit about, as opposed to downright insulting. I can see why that may not have come off as intended, however, particularly since a fair number of posts here really are simply insulting. I agree that the "flamebait" tag was inappropriate. All that aside, I am glad to read your reply. If you're interested in continuing this conversation with a bit more mutual understanding, then so am I. On to more interesting matters.
You mention that this is a standards violation if you believe that the RFCs governing DNS also govern presentation-layer applications which utilize DNS. I don't see this to be the case, and I don't really see how that could be justified based on the content of the DNS RFCs. They define, in rigid detail, how DNS is structured, and how clients and servers may request and transmit information. The actual use of that is left to the application.
But let's say that's not true. Let's say, hey, the application using DNS has a requirement to faithfully present all information that would be meaningful in every response to the user. Obviously, this can't be done in a literal sense. I can't take the exact section you quoted, which defines how DNS clients and servers express an NXDOMAIN, and hand that off to the user, unless I expect them to read and decode the packet by hand. If I'm an application, I HAVE to render that in a way that's actually helpful to the human being who's operating me, and the exact way I do that is certainly not defined in any DNS-related RFC.
Still, I think a reasonable presentation is being made here. The goal here is not to trick the user into thinking that "www.amazon.ocm" is a valid domain which happens to be Bing (or whatever their default engine is), but to make them aware of their mistake, and take a shot at presenting a nice graphical way for the typical user, to get where she meant to go. After all, when Joe Blow types in a bad URL, here's about as much as I bet he'll actually read from Firefox's default response:
"Server not found"
and here's how much information he'll glean from that:
""
Offering a list of possible things that you might have meant is really not such a bad take on how to approach this. I agree that this is a pretty noisy way to accomplish that, and I'm not going to be anxiously watching the Firefox release notes to see when they add it, but the concerns you and I have are pretty different from the concerns of the overwhelming majority of users.
On a more technical point, I don't doubt that there are scripts that rely on IE in certain respects. But, if you're expecting IE to present an error in a specific way when you ask for something that's not there, and you use that in a mission-critical (or heaven forbid, as in your hospital example, life-critical) application, Microsoft is about the last door you should knock on to lay blame.
If anything, it might be nice if they shook things up a bit more often to remind such people that their browser isn't exactly a sturdy foundation on which to rest your scripts.
I've always thought it insane to script an application you don't control, especially a constantly-updating security-sensitive end-user application, but people keep doing it. It's usually a stereotypical Dilbert situation; pointy-haired IT boss purchases software to help doctors, if he admits software sucks he will lose face with doctors and possibly lose income, so Asok or Wally has to make it work. If Asok gets the job, it gets done competently but the user interface is too technical and the doctors hate it, if Wally gets the job he scripts IE to do something magical and PHB gets a raise. Nobody knows why it breaks a year later, but it won't be blamed on PHB buying garbage (the salesman took him on a golfing junket and got him to sign a contract drunk). More likely it will be blamed on the vendor, or even more likely, on Dilbert who was completely uninvolved.
The people who work in such places will always find some way to screw things up, of course. It's almost Darwinian.
I personally would like to see all the browsers present options in a more transparent way; I don't think end users are as stupid as the IE designers think they are. For example, on getting an NXDOMAIN the browser could say this:
"No web server found at URL sexy.foxterriers.com
perhaps sexy.foxterriers.com is not the correct name?
Click here to search Bing for information about sexy.foxterriers.com"
That way you'd get the clueless user assistance function without unrequested search lookups. Instead, the browser just does whatever the default says the user probably wants, and the way to change that behaviour is buried among many other confusing options several layers deep in the configuration interface. Instead of attempting to subtly educate the user (notice how I snuck in an explanation of what URL means by context?) they assume ignorance and thus propagate it.
I tried to make that a https:/// link, incidentally, but unfortunately bing.com seems to have a bogus akamai cert.