Slashdot Mirror

← Back to Stories (view on slashdot.org)

Widespread Hijacking of Search Traffic In the US

Posted by Soulskill on from the par-for-the-course dept.

Peter Eckersley writes "The Netalyzr research project from the ICSI networking group has discovered that on a number of U.S. ISPs' networks, search traffic for Bing, Yahoo! and sometimes Google is being redirected to proxy servers operated by a company called Paxfire. In addition to posing a grave privacy problem, this server impersonation is being used to redirect certain searches away from the user's chosen search engine and to affiliate marketing programs instead. Further analysis is available in a post at the EFF."

7 of 194 comments (clear)

  1. Use HTTPS by mrogers · · Score: 5, Informative
    Another good reason to install HTTPS Everywhere, a browser extension that will redirect your Google searches to the HTTPS version of the site. By checking the certificate presented by the server, your browser can then be sure that it's talking directly to Google. (HTTPS Everywhere also works for a lot of other popular sites.)

    Or, if you don't like Google, use DuckDuckGo, which uses HTTPS by default with no need for a browser extension.

    1. Re:Use HTTPS by Gaygirlie · · Score: 4, Interesting

      I too have to recommend HTTPS everywhere, it's a great addon and makes it a lot safer to e.g. Surf the web over an unencrypted WIFI hotspot. And so far I haven't actually had a single glitch because of it.

    2. Re:Use HTTPS by PNutts · · Score: 5, Funny

      I do not know a single person who runs a proxy at home.

      You should get out more, or stay in more. I'm not sure which one applies here.

  2. ISPs by Jaysyn · · Score: 4, Informative

    Here is a list of the ISPs mentioned in the article:

    Cavalier
    Cincinnati Bell
    Cogent
    Frontier
    Hughes
    IBBS
    Insight Broadband
    Megapath
    Paetec
    RCN
    Wide Open West
    XO Communication

    --
    There is a war going on for your mind.
  3. That's not a privacy concern... by Anonymous Coward · · Score: 4, Insightful

    ... that's a fucking computer crime.

  4. Questions answered in this thread... by nweaver · · Score: 5, Interesting

    I am one of the Netalyzr developers involved in this work. I or my colleagues will answer questions in this thread, but I may be offline for a little while so responses may be somewhat delayed at times.

    --
    Test your net with Netalyzr
  5. Re:I wonder by number11 · · Score: 4, Informative

    Now if only I could vote with my dollars and switch to a different ISP that hasn't done this (Charter is my other option and they "claim" to have stopped).

    Why not simply plug in a different DNS instead of using their crappy one?
    Google 8.8.8.8, 8.8.4.4
    OpenDNS 208.67.222.222, 208.67.220.220
    Verizon 4.2.2.1, 4.2.2.2, 4.2.2.3, 4.2.2.4, 4.2.2.5, 4.2.2.6 (since these are all same subnet, don't use for both primary and secondary)

    You can use Google Namebench to compare DNS speeds.