Slashdot Mirror

← Back to Stories (view on slashdot.org)

ISP Is Bypassing Firefox's Location Bar Search

Posted by CmdrTaco on from the that's-not-kosher dept.

It was only a matter of time before ISPs began doing more than just redirecting failed DNS requests to their own pages. An anonymous reader writes "It looks like the largest ISP in Hong Kong has started bypassing search results from Firefox's location bar (which typically uses Google), forcing their own search provider (yp.com.hk) onto their users. ... Can an ISP just start re-directing search traffic at will?"

26 of 385 comments (clear)

  1. Sure they can by yakatz · · Score: 1, Insightful

    As shown by the recent Comcast - FCC ruling, ISPs can barely be regulated at all (and therefore can do anything they want).

    1. Re:Sure they can by NervousNerd · · Score: 4, Insightful

      It looks like the largest ISP in Hong Kong

      I never knew that Hong Kong was in the United States.

    2. Re:Sure they can by eldavojohn · · Score: 4, Insightful

      As shown by the recent Comcast - FCC ruling, ISPs can barely be regulated at all (and therefore can do anything they want).

      Well, as someone else pointed out, this is an ISP in Honk Kong, not the US. While most of the "harmonizing" efforts of the Chinese government have been passive toward the consumer of the "non-harmonious" content, I would fear that this is a sort of precursor towards ISPs in China being required to pass search terms linked to individuals/accounts/addresses to the government for non-harmonious search terms indicating a level of dissent associated with that individual. Call me a tin foil hat but I haven't been too impressed with what's going on out in China. While you might claim it's overhead and too expensive, I guess we might start talking about https (port 443 secure) traffic even for search terms to avoid this inspection? Even that's naive though as the government could just ask the inside search provider for the data ... or failing that block the that port on that provider.

      --
      My work here is dung.
    3. Re:Sure they can by vegiVamp · · Score: 2, Insightful

      opt-out bad, mmmkay ?

      --
      What a depressingly stupid machine.
    4. Re:Sure they can by Bakkster · · Score: 2, Insightful

      Sure they can, and by the federal government, too. Congress just hasn't yet given the FCC that power.

      So in general they could be regulated, but in practice not yet.

      --
      Write your representatives! Repeal the 2nd Law of Thermodynamics!
    5. Re:Sure they can by digitalunity · · Score: 3, Insightful

      You're largely correct.

      They shift their stance based on what they're asking for. Just 2 weeks ago, AT&T defended the FCC(in a case against Comcast) because it feared losing universal service fee money because of the "telecommunications carriers" classification. I don't pretend to be an expert...

      but it seems fairly obvious that when there is tax dollars to be handed out to build infrastructure, the telecoms are all out there with their hands open ready and willing. But when it comes time for the FCC to enforce consumer fairness and openness on the internet(that we taxpayers paid AT&T and others to build a backbone for), they cry foul.

      Politicians seem spineless when it comes time to intervene.

      --
      You can't legislate goodness. Let each to his own destiny, by will of his freely made choices.
    6. Re:Sure they can by Jesus_666 · · Score: 2, Insightful

      At least we nomads only have to worry about that storm - unlike Americans who are hit by a constant barrage of tornados, hurricanes, earthquakes and volcanos and who have to deal with the sparse vegetation going up in lethal firestorms every other year or so.

      Seriously, it's a wonder there's any life at all on North America. No wonder you invented nuclear weapons; anything less doesn't even register against the hellish conditions of that purgatory-like continent you live on.

      --
      USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
  2. VPN by drolli · · Score: 2, Insightful

    Use a VPN provider of your choice.

    1. Re:VPN by cc1984_ · · Score: 2, Insightful

      Use a VPN provider of your choice.

      And immediately get throttled by the ISP for using encryption

  3. time for end to end encryption by Anonymous Coward · · Score: 3, Insightful

    If these idiots are too dumb to handle being a dumb pipe, we have no choice but to encrypt everything.

  4. Encryption by dmbasso · · Score: 5, Insightful

    And that's why we should start using encryption for everything...

    --
    `echo $[0x853204FA81]|tr 0-9 ionbsdeaml`@gmail.com
    1. Re:Encryption by JesseMcDonald · · Score: 4, Insightful

      Remember that encryption won't help without authentication; your ISP will just MITM all your encrypted traffic. You need to know who you're really talking to.

      --
      "The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
  5. Not much evidence yet... by Interoperable · · Score: 5, Insightful

    The article is a single post on a forum from one user with no follow-up. Can anyone else confirm the allegation?

    --
    So if this is the future...where's my jet pack?
  6. Making their own argument for net neutrality... by MikeRT · · Score: 4, Insightful

    Most people still believe that just because you can legally do something, doesn't mean you should. When businesses do every sneaky, duplitious thing they can to make a buck, they push that natural tendency toward expecting civility and something resembling high-mindedness in civilized people straight into the Socialist camp.

    As a Capitalist, that really offends me. If businesses want to be treated laissez faire then they damn well better learn to make society not feel like they're a bunch of crooks who care so little about the common good that if regulators aren't going Big Brother on them every nanosecond they'll steal everything that isn't nailed down and cheat everyone who isn't paying 110% attention to every detail of their lives.

    1. Re:Making their own argument for net neutrality... by Anonymous Coward · · Score: 3, Insightful

      Indeed! Adam Smith's laissez faire was based on thousands of small, independent businesses --not a few monopolies. Perhaps that is why in Europe people are not bothered by the idea of government intrusion in controlling their lives, but rather big business intrusion and controlling their lives.

  7. They can if they're in China by elrous0 · · Score: 3, Insightful

    This is, after all a Chinese city redirecting search traffic away from Google. Hardly surprising, considering the recent lack of love between the Chinese government and Google (even though Hong Kong is *supposedly* exempt from much of China's more repressive policies)

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  8. Re:Nope by ffreeloader · · Score: 4, Insightful

    Who knows? They have been quite responsive to complaints about services in the past. Even if I don't get an immediate response my voice was heard. They do know at least one of their customers was angry about their conduct. Should I just silently accept them screwing with me and not voice my concerns? That seems to me a guarantee that they won't change their ways.

    From your post it seems that you think not standing up for yourself is the way to change things. Don't vote. Don't express your opinion. Be a martyr. How's that working for you? Effecting a lot of change in society are you?

    --
    "while democracy seeks equality in liberty, socialism seeks equality in restraint and servitude." de Tocqueville
  9. Re:MitM of Google by Anonymous Coward · · Score: 1, Insightful

    It's www.google.com. That's why OpenDNS forges DNS responses for that domain name to redirect to an OpenDNS server. I am really looking forward to DNSSec and SSL keys in the DNS. If the ISPs can't keep themselves from meddling with the traffic, the traffic needs to be authenticated and encrypted to foil their attempts.

  10. This is why we need net neutrality by Fallen+Kell · · Score: 4, Insightful

    A perfect example of why we need net neutrality rules in place. An ISP should not be allowed to modify packets or redirect packets to/from known destinations.

    --
    We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
  11. Re:Why? by koreaman · · Score: 4, Insightful

    Do you really believe the average firefox user has the technical know-how to even understand what a DNS server is, let alone how to setup and configure one, even if it is "trivially easy" for you? Please...

    --
    Le français vous intéresse?
  12. Re:Why? by _Shad0w_ · · Score: 2, Insightful

    It's also very easy for your ISP to intercept all DNS queries, regardless of where they're being sent, and handle them themselves. I know of an ISP that does this.

    It would, of course, be possible to run an encrypted tunnel to a remote machine with a caching DNS server on it, then direct all your queries to that. I suspect this is far beyond the ken of most normal users. Just setting up a caching name server is beyond the ken of normal users. Most of them can handle turning computers on and click icons. Some of them have problems with that.

    --

    Yeah, I had a sig once; I got bored of it.

  13. Re:Nope by corbettw · · Score: 3, Insightful

    If you're paying for a service that requires using someone's else property, they have voluntarily transferred some of their interest and rights in that property to you. Your landlord can't come into the house you're renting from him just because he feels like it, even if a clause permitting it is in the lease agreement. In the same way, if an ISP sells you access to the Internet, they can't start blocking you from certain parts of it without changing the agreement, which requires your consent (after all, it's a contract, and contracts require all parties to agree to it).

    Whether the courts would agree with this interpretation is another matter, but this is the way I see it.

    --
    God invented whiskey so the Irish would not rule the world.
  14. Re:My ISP has been doing this for some time now by Anonymous Coward · · Score: 2, Insightful

    use a different DNS server

  15. Re:In China? by greenreaper · · Score: 2, Insightful

    Apple isn't gay, they're just metrosexual. That way they get to look fashionable without actually taking it in the butt.

  16. This can be solved simply by Billy+the+Mountain · · Score: 2, Insightful

    All Google needs to do is modify their search bar to encrypt the outbound search string using Google's public key. By doing that, it makes it difficult to intercept whatever search is being done.

    --
    That was the turning point of my life--I went from negative zero to positive zero.
  17. Re:China? by ErkDemon · · Score: 3, Insightful
    An ISP who tampers with the information stream risks losing the legal protection that they normally get for being a simple telecoms carrier who just "supplies the wires".

    The usual argument is that an ISP isn't legally liable for the information that they carry (as long as they comply with some basic rules), because their whole business model is based on them being a dumb carrier. They don't edit, they can't edit, it's not their job to edit, and if they tried, they'd be failing their customers and be wrecked as a business. If someone emails a piece of child porn across their network, they aren't guilty of aiding and abetting, because it's not their job to read or alter content.

    So if an ISP has decided that it might be able to make a bit of extra money by deciding to divert search requests and exercise editorial control over what their customers are able to access, then ... bad news ... they've just broken that principle, stopped being a simple carrier and started to be an edited service. And with editorial power comes editorial responsibility. And that means that if someone goes on a killing spree and their family decides that they were influenced by content they found on the net, then if the person's ISP felt entitled to edit out Google, but not to edit out gun retailer sites or extremist political sites, the family's lawyer can now try to sue that ISP, on the grounds that the ISP has already discarded the principle that it doesn't filter content.

    Any time an ISP pulls a redirection stunt like this, don't complain to their technicians: write a polite little note to their board of directors, or to their technical director, asking whether the shareholders understand that they're risking operating a corporation without legal "pure carrier status" protection. This is potentially a "shareholder alert" situation. Does the company's prospectus inform shareholders that the company is operating outside the usual "dumb carrier" rules?

    If they're making extra money on the side by stealing Google business, by "diverting the flow", ask them if their legal department has estimated how much they stand to lose if they get sued. Not by Google, but by the mother of some kid that got murdered after meeting someone they shouldn't from an internet chatroom.

    Simple "carrier" ISP's don't edit for a reason. By deliberately firewalling themselves off from editorial powers, they give themselves a degree of immunity from being liable for what they carry. That's not something you throw away lightly. And if I was the CEO of another ISP, I'd be wanting to ring the CEO of this ISP, and ask them what they hell they thought they were doing, and whether they were trying to bring down the entire industry.

    --
    Eric Baird