TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
4 edits | DNS redirection is NOT deep packet inspection
DNS redirection and deep packet inspection are 2 entirely different animals. DNS redirection is NOT achieved using deep packet inspection. It is done by Rogers having control over their own DNS servers and when you type an invalid or partial domain name it redirects to a Rogers search page instead of the std error message. Changing from Roger's DNS servers to something else like OPENDNS servers fixes that, which wouldn't be possible if they were doing it thru deep packet inspection.
Of course, OpenDNS also provides a redirection page with advertising when you type in a bogus domain name unless you become a free customer and then TURN OFF typo correction as an option. Then it returns an error page like some want. It just doesn't come from Rogers. If you really really need a DNS server that doesn't redirect on errors and just returns the error message, there are some out there. But you will have to look hard for them, as most ISPs now redirect on domain name errors.
And calling it a "Net Neutrality" violation is a stretch, as Techdirt points out in this BBR link:
»Is DNS Redirection a Network Neutrality Violation?
Techdirt doesn't think it's a neutrality violation, as users have the right to use alternative DNS servers: it's worth keeping in mind that you're not required to use your ISP's DNS server at all. ISPs provide DNS servers as a courtesy, the same way they might provide you with a free email account. But you don't have to use it. You're free to point your computer to another DNS server, such as OpenDNS, just as you can use a third-party email service such as GMail. The subject is also being discussed in the Rogers forum here at BBR where they also discuss workarounds and some DNS servers(not Rogers) that don't redirect:
»rogers inserting advertisements into my browser - WTF?
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
Tristan
join:2006-09-10
Nepean, ON
·Rogers Hi-Speed
|  Rogers Service
Rogers continues their goal of being one of the worst-liked broadband ISP's in Canada.
As if the rate increases, DNS resolving issues, encryption throttling, P2P throttling, love-in with Yahoo and poor tech support weren't bad enough...
Messing around with my internet experience in any shape or form constitutes violations of internet integrity, and my trust.
Read this Rogers: I can no longer trust my internet connection! Thanks a lot!
I'd switch to another provider at the drop of a hat, if it weren't for the fact that there are only 2 pipelines I can afford; Cable and DSL, both are operated/managed by Idiots-In-Suits (TM), both are engaged in interfering with our experience, both have been caught in lies and deceit, and both pretty much rule the landscape.
I know there are independant's (Teksavvy), but I'm not prepared to trade my noose for a tighter noose. Until the problem of wholesale customer throttling is solved so that they can be true competitors (which help drive prices down and/or service quality up), I'm stuck with Rogers.
For me, Rogers is the fastest bully on the block. Quite sad really... |
|
Dogfather
Premium
join:2007-12-26
Laguna Hills, CA
·Cox HSI
 ·Verizon FIOS
 ·Cox VOIP
·ViaTalk
·RoadRunner Cable
 ·MegaPath
·Verizon west (ex G..
·Time Warner VOIP
1 edit | Injection is illegal
It's illegal (at least in the US) to modify copyrighted works.
In order to insert these messages the ISP intercepts and modifies the HTML of the content (eg Google's HTML being rendered in your browser) to inject a line of code that executes their javascript (that creates the frame etc). Without this javascript line, there can be no ad injection.
The HTML is copyrighted and can not be modified without the permission of the author.
As for DNS redirection...unless the ads on the DNS redirection page use some sort of NebuAd technology, this DNS redirection is just redirection and has nothing to do with DPI.
While redirection drives me nuts and breaks a lot of apps, I know people who actually like it as the results near the top of the page are typically what they were trying to get to.
But these services should be opt-in not opt-out. If DNS redirection is so great and so wanted, the ISPs would have no problem signing people up. |
|
Tristan
join:2006-09-10
Nepean, ON
·Rogers Hi-Speed
| reply to TKJunkMail
Re: DNS redirection is NOT deep packet inspection
I tried OpenDNS, and sure, it works, but I didn't like the fact that they were actually slower for me than Rogers own DNS servers. I am looking for a faster DNS server, that doesn't fool around with my experience (eg: offer searches with ads, mess around with std. error messages, etc.)
It is a Net Neutrality violation to a great many, regardless of what "experts" lead us to believe. Geeks like you and I may know how to switch DNS servers, but the average Joe doesn't even know what a DNS server is, let alone know how to choose one of their own volition. They trust that the service just works, and when it stops working the way they know and love, they loose trust.
Trust is key in the Net Neutrality debate. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by Tristan  :I tried OpenDNS, and sure, it works, but I didn't like the fact that they were actually slower for me than Rogers own DNS servers. I am looking for a faster DNS server, that doesn't fool around with my experience Try the DNS servers mentioned in this post:
»Re: rogers inserting advertisements into my browser - WTF?
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
mrchris
We don't miss you Bush
Premium
join:2002-10-01
North Babylon, NY | reply to Dogfather
Re: Injection is illegal
I wonder how Rogers would respond doing that to small and bigger companies/sites..besides the usual bribery BS. |
|
n2jtx
join:2001-01-13
Glen Head, NY
·Optimum Online
| Stopping Injection
Injection could be stopped if more sites starting using SSL (https) instead of plain old http. Unfortunately there is more overhead to process https data but it looks like this may be the only way to thwart code injection.
--
I support the right to keep and arm bears. |
|
drjp81
join:2006-01-09
canada
·TELUS
·TekSavvy Solutions..
| reply to TKJunkMail
Re: DNS redirection is NOT deep packet inspection
said by TKJunkMail :DNS redirection and deep packet inspection are 2 entirely different animals. DNS redirection is NOT achieved using deep packet inspection... You totally missed it. Rogers is rederecting failed DNS requests and possibly others based on the DNS names that are passed through it's customer's HTTP requests.
Which means there is a discrimination of what service or protocol you are using for the DNS redirection. So while a ping at www.blababla.com might answer nobody's home, Rogers can hijack a HTTP request without even attempting to resolve the name.
How then can you trust the content of a website?
You go to wikipedia.org, Rogers detect via DPI the URL and domain name you are going to, and the redirect parts of the site with whatever content is commercially viable for them.
That's the plan.
--
Cheers! |
|
tp0d
yabbazooie
Premium
join:2001-02-13
Carnegie, PA
clubs:
·Verizon FIOS
| reply to n2jtx
Re: Stopping Injection
I use OpenDNS, it works well. Much faster than the verizon servers...
But I also use a Firefox addon called NoScript. It does exactly what it says, stops the processing of scripts. It operates on a whitelist, with all sites starting out blocked. You have to add the sites you want. A little inconvenient, but stops -all- script viri injections, weird scripts on pages (strange cursors/etc), and kills a lot of ads, namely flash ads (puke)
It would also stop any JS that is added to the page.
-j |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| reply to drjp81
Re: DNS redirection is NOT deep packet inspection
said by drjp81 :You totally missed it. Rogers is rederecting failed DNS requests and possibly others based on the DNS names that are passed through it's customer's HTTP requests. Which means there is a discrimination of what service or protocol you are using for the DNS redirection. {they all do that. No service is redirecting non-http(s) requests} So while a ping at www.blababla.com might answer nobody's home, Rogers can hijack a HTTP request without even attempting to resolve the name. How then can you trust the content of a website? You go to wikipedia.org, Rogers detect via DPI the URL and domain name you are going to, and the redirect parts of the site with whatever content is commercially viable for them. That's the plan. But that isn't what they are doing or even what they are being accused of. They are redirecting bad domain names to their search engine and nothing else. Saying they COULD do this or COULD do that doesn't prove anything. Any business supplying DNS services COULD do many things.
Some people don't like redirecting mistaken domain names, but that is done by almost all ISPs now and also many Toolbars - Google included. Most people like the service. For those that don't - there are DNS servers out their that will just return an error when something is mistyped or when a page has an invalid link.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
GeekGirl1
The Medium IS the Message
Premium
join:2007-01-28
Morrisville, PA | reply to TKJunkMail
And for those on Verizon FiOS which has been doing DNS redirects since late last year: »how to opt out of Verizon's DNS not found page |
|
TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Brooklyn NYC
·Verizon Online DSL
| reply to Dogfather
Re: Injection is illegal
said by Dogfather : ... If DNS redirection is so great and so wanted, the ISPs would have no problem signing people up. For a fee!
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here. |
|
Unit649
I B U, Who U B?
Premium
join:2000-01-22
Stockton, CA
·Comcast
1 edit | I would think....
The main issue isn't the fact they are doing it, but the fact that where they disclose it and tell you how to avoid it....is in such small type you'd need to be an ant to be able to read it.
If it was something that, when you got the service, was disclosed plainly and options were given to avoid it, it wouldn't be as big of a deal.
Of course, requiring that you use their DNS in order to get information on how much cap space you have remaining then implies that you have to tolerate it or risk going over the cap.
Tricky, tricky.....
Just keeping up the fine tradition started by cable companies. Pay us $50 a month, and we'll provide you service...injected with advertisements from our sponsors. Its just being extended to the internet now as more people spend more time on it than watching actual TV. If tomorrow reading books suddenly became the next national pastime, advertising agencies would be pushing to put advertisements in them too. I know I was pretty ticked when MAD magazine started allowing ads. Now its 75% ads 25% humor. And you have to pay a fee to buy it too, unless you just stand there and read it in the bookstore, which is entirely possible now since there is less content.
The day is coming when you turn the key to your car and the car will say "We have received the request to start the car. But first, a word from our sponsor."
Google will probably pioneer that too in cooperation with some vehicle provider.
The sick thing is with all this stuff they are doing is that tomorrow they will raise your rates again because they aren't making enough either 
Oh, and has anyone noticed lately with any site that, when you click to read an article and a "sponsor ad" appears, that the "skip ad" link is now gone, or doesn't appear till maybe 2 seconds are remaining out of the 10 it makes you wait? And it doesn't redirect after the time either, you have to then click AGAIN to get to it, so you can't even go to another tab for a few seconds while the timer clicks?
Makes me just close the window and say "the heck with it" more and more. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to TKJunkMail
Re: DNS redirection is NOT deep packet inspection
Deep Packet Inspection is a big game changer. It CAN be used to perform DNS redirection -- it can be used to change any Internet service provided it doesn't require a 3rd-party brokered key to operate.
I agree with you that it probably isn't in use in this case, especially since 3rd party DNS servers aren't also being intercepted.
Still, this stresses the need for rules around the use of DPI. Users shouldn't have to wonder whether or not it is in use. Similarly, if ISPs are going to change the way the Internet works, that ought to be disclosed and optional.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
Comcast: We never did anything wrong, and we'll never do it again...
|
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to TKJunkMail
said by TKJunkMail :Some people don't like redirecting mistaken domain names, but that is done by almost all ISPs now Almost "all" -- do you have a source for that truthiness?
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
Comcast: We never did anything wrong, and we'll never do it again...
|
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
1 edit | said by funchords :said by TKJunkMail :Some people don't like redirecting mistaken domain names, but that is done by almost all ISPs now Almost "all" -- do you have a source for that truthiness? BBR. Verizon, TW/RR, Cox, Embarq, Qwest, Rogers, Earthlink, Charter, Bresnan, etc. are all doing it.
»/nsearch?q=dns···vanced=1
So far, as best I could determine with search tools, AT&T & Comcast haven't started doing this yet.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
SALAMANCA
join:2008-06-07
Toronto, ON
| reply to Unit649
Right the Wrong
Why isn't anyone holding Rogers accountable for their actions. Bell is being taken to task for throttling their customers and wholesale customers.
We're all seeing the things Rogers is doing to their subscriber's, and it's as though people are saying it's okay. Quietly sitting on the fence turning a blind eye and allowing Rogers to continue doing what they're doing. But God forbid that Bell Canada be allowed to get off with anything. Not that I'm taking sides with Bell Canada, but 'what is good for the goose is good for the gander.'
Why is no one taking Rogers to task and holding them accountable for the actions they've taken towards their subscribers? |
|
SLD
Premium
join:2002-04-17 | reply to Unit649
Re: I would think....
I'm absolutely surprised that homes are not being contacted to sell ad space on their garage doors! |
|
Tristan
join:2006-09-10
Nepean, ON
·Rogers Hi-Speed
| reply to SALAMANCA
Re: Right the Wrong
said by SALAMANCA :Why isn't anyone holding Rogers accountable for their actions. Bell is being taken to task for throttling their customers and wholesale customers.
...
Why is no one taking Rogers to task and holding them accountable for the actions they've taken towards their subscribers? Aside from my usual telling Rogers that the service is overpriced, or switch ISP's (read: little choice), there's not much I can do.
I just received an email from a friend who asked me how I get anything done working 6 days a week, 8 hrs a day, take care of my 13 month old son, and get the shopping and house work done.
I complain to the CRTC when I can, but I don't even know if it helps - my chocolate teapot is boiling.... BRB |
|
Tristan
join:2006-09-10
Nepean, ON
·Rogers Hi-Speed
| reply to SLD
Re: I would think....
said by SLD :I'm absolutely surprised that homes are not being contacted to sell ad space on their garage doors! I think there are by-laws that prevent that sort of thing. At least... there used to be here in Nepean - the former city of Nepean used to charge $50.00/mo just for a sandwich board style sign (if memory serves me) |
|
