Slashdot Mirror
The Five Levels of ISP Evil
schwit1 writes "Recently a number of ISPs have been caught improperly redirecting end-user traffic in order to generate affiliate payments, using a system from Paxfire. A class action lawsuit has been filed against Paxfire and one of the ISPs. This is a serious allegation, but it's the tip of the iceberg. I'm not sure if everyone understands the levels of sneakiness that service providers can engage in."
If so, where do I sign on to the lawsuit for fraud?
But decided that I had nothing really pertinent to say--ISPs doing evil? That ranks up there with Banks collecting money and M$ collecting technology--happens every day but no one really cares unless it hurts them directly... ...huh, guess I did have something to say...
Your ISP is, should it be in their financial interest, the 'man in the middle'. Every attack that involves one of those could involve them. Game over.
Ya - fuck you too! how easy is it to find an alternate ISP you moron
I'm on Charter and I've most definitely been randomly redirected to Charter's internal search page for no good reason. The last example of this I definitely remember is when I tried to visit www.gimp.org and instead I was sent to Charter's search page. Charter's search then displayed www.gimp.org as one of the search results. When I clicked on the search result I was sent to www.gimp.org without any further issues. This tells me there is no technical difficulty at all, it's just a corrupt tactic being used by Charter to try to milk their customers (as if they need even more profits, as being being a one of the companies in a duopoly is just not good enough for them).
Fuck everything about this practice.
Most markets in USA have either an effective monopoly or a duopoly when it comes to ISPs. Or otherwise we have options that cost 3-5 times over the fair market rates which do not even try to compete for the residential dollar.
http://www.dslreports.com/shownews/Two-ISPs-In-A-Market-Does-Not-Mean-Theres-Competition-107517
Ah, the familiar stench of somebody who doesn't even know what conditions 'free market' implies; but attempts to passionately defend them...
You do realize the article is external and not "written by Slashdot", right?
You do understand the "evils" listed go beyond just "involving money" to serious issues concerning privacy, the integrity of web systems, etc., right?
You do realize you don't ever have to read Slashdot if it angers you so, right?
Yeah, that's what I thought.
Thought thinks itself.
How about, instead of something nebulous like points, we describe an ISP's level of evil by the number of years in prison an individual hacker would get if they got caught doing the things these corporations do to traffic passing through systems they control.
I have it, and they have solemnly informed me that there is no way their business customers can opt out of the evil Domain "Helper" Service. That came all the way from some vice president's office in Philadelphia after I spent two weeks on the phone with them about a year ago. Since they were kind enough to send their apologies via SnailMail, I wrote back and solemnly informed them that I would never, ever click on one of their sponsored links, and that if I ever saw that page, I would shut the browser window immediately. It wasn't much--the equivalent of throwing a spit wad, but they know how pissed off I am. I know I can make other DNS arrangements. It's about 87th on my list of crap to worry about.
"Here's what's happening. You're starting to drive like your Dad..." - Red Green
Where does the money the ISP makes come from? In the example, Amazon. Affiliate pumping is essentially a way to steal from online retailers, and I wouldn't be surprised if it was in some way a form of actual fraud. It does hurt you indirectly, when those retailers have to raise prices to compensate.
The stupidest thing you can possibly say to this story is "everyone is doing it." Do not lend legitimacy to evil.
If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
The motivation for all 5 is money. That's not what makes it evil. What makes them evil is that they are interfering with the way the internet works. If it were a phone call, they would have been jailed. But for some reason, traffic on the internet is not yet considered private use of a communications network the way the phone network is.
For us geeks, there is HTTPS Everywhere. Now how do we get my grandmother using it, or some similar form of technology to prevent tampering? Remember that it doesn't have to be some really secure encryption - even something like unsigned HTTPS is better than nothing, as the cost of performing a stateful MITM attack renders being evil far more expensive than manipulating cleartext packets.
I have more than once ended up on some stupid survey page after entering common urls...like www.slashdot.org.
AT&T
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
I would like to make it clear that NO ORGANIZATION need respond to a subpoena without a fight. There are a thousand ways that a public or private entity can get a subpoena issued for your private information. Basically, a party simply asks the court to issue one, and the court does. The receiver or other "affected parties" have every right to object to the subpoena and demand a hearing. For example, an ISP could insist on a suitable delay in order to inform the user of the subpoena and give the user the time and information necessary to fight the subpoena. If, after a hearing, the court finds the subpoena valid, it will issue a "court order," that had better be followed, or the recipient can be charged with contempt of court.
ISPs, banks, and other organization regularly roll over when issued subpoenas, coughing up all the customer's information without giving the customer the opportunity to respond and object. The underlying issue might be a nasty divorce, an evil contractor, a whiny neighbor, or a gov't employee fishing for glory. Most large organizations have some small print in their terms of use or account contract that says that the customer gives up the right to question subpoenas and that the organization will obey subpoenas no matter who they are from without first warning the customer.
I know personally of one organization that holds private customer data and simply ignores all subpoenas. They have received hundreds over the years, but not a single court order. So those lawyer types and account PR people who say they "have to" obey subpoenas are not telling the (whole) truth.
Note that attorneys and medical provides have "special rules" protecting client information. Funny how that works, huh?
For people who care about privacy, many of us would pay a bit extra for service from an organization that promises to put our interests first.
Disclaimers: (1) IANAL, so by definition, "this is not legal advice." Consult your attorney. (2) Some subpoenas require secrecy, and there are homeland defense subpoenas that are different, but these types are actually rare.
I will create a sig when innovation restarts in the U.S.
It's not just that it shows ads, it breaks lots of internet services.
People seem to forget that the web isn't just HTTP, and there are quite a few other things that do DNS lookups. And weird stuff happens when a name that doesn't exist resolves, and the connection is directed to an ad server.
"What you do online is private!" If only. If only.
It's hardly surprising, most people don't know that the web isn't just Facebook and that "Goggle" page you type Facebook into to login.
Ad swapping likewise doesn't hurt me and benefits my ISP, so the traffic manipulation is why it's bad and that's it. I filter ads anyway. It's #4 to me.
This does hurt the user, eventually. If the sites you use rely on ad revenue to stay in business, and your ISP replaces their ads with their own to steal their revenue stream, those sites lose money even though they served you their content, and eventually may go out of business because of it. Unless you prefer ads for male enhancement pills to the content you were originally trying to view. You could even argue it's illegal and/or violating the TOS of the original website for modifying and hosting their copyrighted content...
Also, Improper DNS NXDOMAIN handling is the basis for Affiliate Program Pumping, just a more insidious version that basically steals a cut of revenue from a retailer without your or their permission or knowledge. It's a superset, so how can it be less of an issue?
I remember when news broke of a user tracking software (Phorm) built right into the ISP's servers (BT). No BT broadband customers were informed of such online tracking and there was no opt out (later on, a cookie opt out and then trials ended). UK law officials/regulators did nothing to punish BT: CPS: We won't prosecute over BT/Phorm secret trials!
People keep using the word "evil" in reference to corporations and it sickens me. It weakens the meaning of the word because, in a vast majority of cases, the corporation in question isn't "evil". They may be dicks or nasty or mean or "not right"but "evil" is a powerful word that applies to very specific situations. In almost every case where I see someone describing a corporation as "evil", I immediately ignore everything else the person has to say - if they can't understand how to properly use the word "evil" then they clearly can't form an opinion worth listening to.
You may not like ISPs dicking with your service in the quest of profits but that is far, far, far from evil.
Please, if you're going to use the word "evil", make sure that you're actually describing something that is evil.
If the Internet Death Penalty were still dealt these days, I'd agree with you. In practice there is no way to punish ISPs for misbehavior of that sort, because in many places there's hardly any competition and other networks can't really decide to cut off a big ISP in case "rough consensus" is no longer adhered to. This is the prototypical situation where regulation is required to keep things working.
Comment removed based on user account deletion
/Minor moderation fix/ Sorry, miss-clicked an option in my mod drop-down - just cleaning it.
"screen" has "src" in it ?
The Cloud - because you don't care if your apps and data are up in the air.
I probably wouldn't care too much as an end user. And not being hurt directly, it might be difficult to make a lawsuit out of it even if I cared. What damages to claim?
Amazon, however, might have reason to take this to court. They also have much more resources to fight out a lawsuit. Which does, unfortunately, make a difference.
Maybe some state attorney who has a clue about the internet might also be interested, but don't hold your breath for that.
C - the footgun of programming languages
... And yet another reason why I am so glad I use sonic.net as my ISP. I've been with them since the 90's when they were a small county wide internet service provider and they've always been great. Sure I could spend 5 dollars less a month (or maybe even more) with comcast or AT and T but it's worth it to me that my money goes to a company that treats its customers so well and actually gives a rats ass about my privacy rights. About once a quarter I get an email from these guys discussing proposed legislation that threatens my data privacy rights along with suggestions as to what I can do about it. Absolute love it.
If you live in Northern California you'd do well to look into them for your service.
I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
NXDOMAIN problems are less evil than swapping ads? a intelligent person will block ads anyway.
scr. Like the screensaver extension on some operation systems.
The problem with that approach is that the network (at least the "last mile" leading to customers' residences) is a natural monopoly. See http://en.wikipedia.org/wiki/Natural_monopoly for a definition. For a competitor, it is usually not worthwhile to build a parallel network if he can reach only a few customers. Result: The incumbent ISP can like a fuckhead and get away with it.
A way to solve that would be a public network where the customer can choose his provider and the provider can then rent the wire from the customer's house to the next telephone exchange. Germany got that one halfway right:
When the telecommunications branch of the former Deutsche Post (public mail and telecom authority) was privatized, the new company "Deutsche Telekom" also got the network - under the condition that they rent out the "last mile" to competitors if the customer wants to go with one of those. A new regulation authority controls the price for that rent.
As a result, Germany actually has DSL competition in most places. Of course, there is still a lot of bickering between Deutsche Telekom and the competition about how much rent is fair, and the regulation authority is needed to keep the Deutsche Telekom from charging excessive rates. But by and large it works.
C - the footgun of programming languages
"no way to opt out"? It's easy to change your DNS servers. How do you expect to "opt out" of their DNS besides changing the setting yourself? It's not like there's a default DNS server that's not at your ISP that they started overriding.
Mediacom do *404 hijacking*. They redirect some 404s (aka page not found) to the same junk page they redirect NXDOMAINs. I thought several sites had dropped off the face of the earth (at least the DNS failed), when it turned out they had just reorgranized the sites and Mediacom had hijacked the 404 responses. As a bonus, the opt-out page (which is at least the kind that affects the whole connection and not the broken "oh we'll set a cookie" type) does not work for 404 hijacking. Within the last week, I did see 404 hijacks stop, so I don't know if the "opt out" started working or if the threats of lawsuits from site owners persuaded Mediacom they cannot pull people away from valid sites, or if the hijacks are simply intermittent.
They also generate the 404 errors themselves by having frequent DNS "problems". I've been logging DNS downtime on a half-hour basis since January, and it seems to be around 20-25%.
I am not a crackpot.
=> route through Tor using a local DNS proxy (TorDNS, Privoxy) possible on all major OS even without routing all traffic through Tor which e.g. makes it hard to use Google)
However, I know nothing about the DNS hijacking popular Tor exit nodes might be subject to.
Any better suggestions?
"I love my job, but I hate talking to people like you" (Freddie Mercury)
This is Slashdot and you didn't bother to Google how to change your DNS?
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
Would you go so far as to say that the "leftards" are EVIL?
Some ISP's might not pass through DNS queries that aren't directed at the server that they specify.
File under 'M' for 'Manic ranting'
The [free] market always sorts these things out..
Great. Another religious idiot ignoring history, reality, and common sense by insisting that free markets never fail, and always lead to optimal outcomes. Do you also believe in the tooth fairy?
Evil is whatever I say it is. Anyone who claims that it is something other than what I claim it is is factually incorrect (some magical being whose opinions override everyone else's for some reason told me that my morals are correct)!
Filthy, filthy copyrapists!
I'd say it's more of a potential loss of potential profit than anything else.
Filthy, filthy copyrapists!
OpenDNS does nothing with 404 responses. It will give bogus addresses in what should be NXDOMAIN responses, but any edited 404's if you are in fact seeing that will be your ISPs doing directly.
Until opt- in is a law, nothing will change. It just that simple. There is nothing to force them do even ask our permission so they will continue until forced otherwise. How many more lessons do we need? The telemarketers are still in business and they went down screaming and kicking they would all die off. Now say after me laws can be a good thing too.
Jack of all trades,master of none
Anyone care to pay for a GOOD Open VPN? There are sneaky SOBs that offer free trials on pptp account (requires you run their binaries) (HA- HA-HA) and THEN there are openvpn accounts. They cost a little, and the good ones change your DNS - so your ISP has no IDEA what you are up to. You connect via IP number, and the rest is hidden - all of it. ...cm
That's what concerns me. If my ISP ever blocks (or redirects) access to the root servers, there goes djbdns and unbound.
I even apologized to the site I posted it to. This was about
a week ago.
----
Start of groveling
"The link I provided had a prefix that changed each time it was
used, I apologize for that. It wasn't intentional and it wasn't the
fault of http://www.tinyurl.com/ apparently I picked the link from ??
(no clue) I used Tinyurl as the link split in my editor.
http://hijackthis.de/en says everything's fine on my end.
Peerblock stopped these prefix's and how I found it out
http://send.onenetworkdirect.net/z/30811/CD133407/wpfvns76cw7p&lnkurl=
http://affiliates.digitalriver.com/z/30811/CD133407/wpfvns76cw7p&lnkurl=
http://affiliates.digitalriver.com/z/30811/CD133407/1anre0fx5ksq&lnkurl=
End of groveling
After reading the article, it would appear I must of missed a letter or
two in the original link.
Client of mine was having bad internet problems on Comcast. Investigated and solved by putting openDNS into the router config and making sure all machines were on DHCP. It wasn't redirecting search results, at least not that I saw, the comcast DNS were just unresponsive.
Step #1 to have good internet is not to use the ISP's dns servers. EVER. Just sayin.
Flappinbooger isn't my real name
Expect US ISPs to start blocking access to alternative DNS options more and more and using the new "we have to block pirate sites specified by the DHS" rules as the reason they are doing it.
What I want to know is why owners of web sites who's ads are being replaced by ISPs dont sue those ISPs for copyright violation (IANAL but it seems like its a clear case of copyright violation to me)
For example, Google should sue any ISP where there is proof that said ISP is replacing Google ads with ISP ads. If enough companies sue enough ISPs over ad-replacement practices, ISPs will have no choice but to stop if they dont want to be sued.
Screw your ISP's DNS servers. Just do not use them . Join OpenDNS. It's free. Then, use their DNS servers (208.67.222.222 and 208.67.220.220) instead.
Granted, this won't stop weird stuff happening if you mistype a domain name in a URL. But, AFAIK, OpenDNS doesn't serve up a page of affiliate links (they do serve up a list of links, but the spellings are obviously close to what you misspelled/mistyped -- once you switch to OpenDNS, try going to this site to see what I mean). And they definitely do not change links or banners in Web pages.
To somewhat get around the misspelling issue, use your hosts file. If you consistently misspell/mistype a domain name, enter that misspelling into your hosts file mapped to the correct IP address. Indeed, you could enter a whole group of likely misspellings for a domain name and map them all to the correct IP address. You're address bar will start to act like Google's search bar. Better yet, proofread what you've typed into the address bar before hitting or clicking Enter. Wait, this is /. Never mind... ;-)
If you use a hosts file like the one provided by winhelp2002, you will also be protected from a large number of malware/tracker sites. The hosts file you can download from winhelp2002 maps the domain names of known malware/tracker sites to 127.0.0.1. And, they update the downloadable hosts file regularly. Again, a free service.
One "Aw, Shit!" is worth 100 "Ata boys!"
Almost every time there's a rival good- a finite resource which has to be allocated- setting a price on it is the fairest feasible solution. People who really need the resource will be willing to pay for it; those who don't need it as much will consume less of it than they would if it were free.
Bandwidth is such a resource. Just because you paid some third party like Netflix for the privilege of requesting their data over the 'net doesn't make it any easier on all the other people who want to use the same infrastructure for their communications. If the same network infrastructure can service either 100,000 business users or 1,000 Netflix users, you'd better believe the Netflix users should be paying the ISP 100x as much as the business users for access. Nothing else is remotely close to fair.
When you're broadcasting a TV signal on some part of the EM spectrum, as soon as you're actually transmitting using that frequency it makes no difference whether one person tunes in or everybody within reception range tunes in. It is a nonrival good. So paying by the minute for that doesn't make much sense.
The article doesn't say which ISP's are being accused of this?
Anyone have a list?
Evil #5 includes domain name servers (DNSs) that redirect you to a commercial site when you have requested a non-existent domain. My ISP is Road Runner, whose DNSs do this.
I use GRC's DNS Benchmark to find publicly-accessible DNSs that do not do this, that have quick responses, and that have low error rates. I then change my Internet settings to use those DNSs. I rerun DNS Benchmark about once or twice each month, updating which DNSs I use. These reruns are necessary because the quality of DNSs -- timing and error rates -- is not constant; it varies with time.
See DNS Benchmark at http://www.grc.com/dns/benchmark.htm.
How about ISPs that start lawsuits against cities wanting to build their own municipal fiber network, then keeping them tied up in court while they build their own network?
Customers aren't the only ones filing "stupid" lawsuits.
Indeed.
404 errors come from web servers, not DNS servers.
If a DNS lookup fails you don't even get as far as a 404.
A 404 is knocking on the door and nobody being home.
NXDOMAIN is not even finding the house.
it's such a good idea that ISPs will sue to stop it. (TDS v. Monticello I think)
When a greedy corporation starts putting legal shells in its shotguns, you know you're onto something.
One should also remember that a free market isn't free anymore if government power is subverted.
We have a word for government dictation of markets. Communism.
And I would say that a market that is state dominated on paper is every bit as communist as one where the government has been taken over by corporate interests.
The second amendment only had relevance when The People had access to the same weaponry the government had. Sure The People could rise up with their hand weapons and rifles... Only to be put down by hellfire missiles and State of the Art armored vehicles. Yeah...you can count me out too.
Windows assumes you are an idiot...Linux demands proof.
Everything will be good...
Oh, the beautiful gloss of greality!
I've heard about it breaking printers too. Automatic firmware updates - they try to contract their long-abandoned firmware server, get a fake server instead, download the page filled with ads... fortunatly arn't so stupid as to write it into firmware, but stupid enough to lock up and can only be fixed by rebooting them without an internet connection.
Ah another believer in the "there are only this many bits in the network" lie.
Someone needs to start a new ISP, one that will hopefully have global appeal at some point. Its selling point would be that it:
I have no illusions that such an ISP wouldn't be for everyone. Some folks don't have a problem with be used by governments or corporations like cattle. This is for folks who actually give a damn about their human rights, and demand to be treated with some modicum of dignity and respect. People for whom the word responsibility occur as less a curse, but more an opportunity.
Its fair to say that the network has become our most vulnerable aspect to modern life, because greedy and stupid people have traded our sanctity for their benefit. We need to take back what is rightfully ours and nobody elses.
Sonic.net was my first ISP back in '97, they offered a free shell server and happened to host the MUD I was currently addicted to. They have always been an incredible ISP and a great place to work (if I could just get in there! grr) in Sonoma county and all over California. I'm always glad to see Dane Jasper on the front page of /.
640k ought to be enough for anyone.
Tooth fairy is a government (parents) subsidised market inefficiency aimed to elict an expected behaviour out of you :)
What if a common carrier redirected your parcel or
first class letter to you via an alternate carrier for profit.
Then the alternate carrier did a deep package inspection
of your commerce and sent you product you did
not order and also sold that deep package inspection
the To: and From: address info and sold that in conjunction
with the results of their "deep package" inspection.
Remember most "Mail" transport is contracted to airlines and trucking
services....
Truth is stranger than fiction, but it is because Fiction is obliged to stick to possibilities; Truth isn't. Mark Twain.
the way ISPs tap up the usage on your accounts, this is not surprising, even between themselves....in the end, all the bandwidth we use we pay for...one way or another....if everyone were to treat the usage of web like electricity rather then water, they would be more conscientious. Don't leave all the lights on in the house when you leave, only turn them on if you are using them....same with the internet. Most would consider twice before buying a hot tub due to the extensive electricity use. Same thing with big downloads....less we use, less we apy