dslreports logo
    All Forums Hot Topics Gallery
spc
uniqs
3172

Windstream
Premium Member
join:2009-03-31
Twinsburg, OH

Windstream

Premium Member

Our Response to Redirect Service Concerns

Windstream implemented a network change on Friday, April 2, that mistakenly re-directed Firefox browser users utilizing their default search boxes to a Windstream landing page. This was not Windstream's intention, and after customers made us aware, we fixed the matter on Monday.

Windstream does not:
* track or monitor any individual customer internet searches;
* impede a customer's ability to access or use any websites, search engines, or any other services or applications on the Internet.

We appreciate all the feedback and support from this forum, and we will continue to address and help resolve any issues with your Internet service.

JE

SirMeowmix_I
@eliablehosting.com

SirMeowmix_I

Anon

It is technically impossible for this behavior to occur without the involvement of some level of DPI or Layer 7 inspection technology. This cannot be NXDOMAIN redirection as this is DNS agnostic; the Firefox browser submits data via HTTP/1.1 GET to 'www.google.com'.

For this to have been NXDOMAIN it would have targeted Google universally.

Now, to dissect your statement, as it seems to be intentionally worded vaguely:

"* track or monitor any individual customer internet searches;"

How about on an aggregate level, which would be consistent to the redirection behavior reported here. On an aggregate level, are you tracking search terms used?

The Windstream landing page, 'searchdirect.windstream.net' has an awfully suspicious naming convention and behavior for us NOT to think it's an issue.
SirMeowmix_I

SirMeowmix_I to Windstream

Anon

to Windstream
I also wanted to add that the sheer fact the URL was transformed, being carefully re-written, from the URI passed to 'www.google.com' once again discredits what you've said entirely.

It's not surprising, you've refused to answer the questions from multiple Windstream subscribers concerning this.

Allow me to get technical.

When a user performs a search using the Firefox search bar against Google HTTP/1.1 is used with an HTTP method of GET against Google. The following URI is constructed:

q=[search critera]
ie=[encoding]
oe=[encoding]
aq=
rls=[browser]

So, when I search against Google I pass ?q= for my search term.

When this is redirected to searchredirect.windstream.net the URI is transformed, with the ?q= parameter being extracted. Your site uses this URI structure:

search=[search criteria]
src=[interger value, likely points to an RDBMS based on HTTP_REFERER]

So you see, you're absolutely, with confidence, not disclosing the truth. For this behavior to occur you would have to be using an MITM proxy or DPI; either way you are inspecting Layer 7 traffic, extracting the ?q= URI string passed to Google, and either transparently or via HTTP 302 redirecting customers to your searchredirect.windstream.net

You got caught, red handed, and have been fabricated mis-truths from the start.

How HTTP/1.1 GET against /search?q=my_search_term becomes /search.php?search=my_search_term without some form of Layer 7 is impossible. This CANNOT be NXDOMAIN.

Clearly you're not disclosing the full details or hiding behind careful sentence structure and semantics.
Expand your moderator at work

disgruntled21
join:2007-11-22

1 edit

disgruntled21 to Windstream

Member

to Windstream

Re: Our Response to Redirect Service Concerns

you got caught. NICE
disgruntled21

disgruntled21 to Windstream

Member

to Windstream
Is there anyway Windstream has a rebuttal?

SirMeowmix_I
@eliablehosting.com

SirMeowmix_I

Anon

said by disgruntled21:

Is there anyway Windstream has a rebuttal?
Seeing as how it took them about ~3 days to craft this carefully worded reply which never really addressed any of the key critical questions I asked in »DPI/Layer7/NXDOMAIN Privacy questions re. Windstream DSL I doubt it.
Expand your moderator at work

elvey
Spamassassin
join:2001-02-17
San Francisco, CA

elvey to SirMeowmix_I

Member

to SirMeowmix_I

Re: Our Response to Redirect Service Concerns

said by SirMeowmix_I :
said by disgruntled21:

Is there anyway Windstream has a rebuttal?
Seeing as how it took them about ~3 days to craft this carefully worded reply which never really addressed any of the key critical questions I asked in »DPI/Layer7/NXDOMAIN Privacy questions re. Windstream DSL I doubt it.
When caught in a lie, every moral code demands an apology be made. Windstream has been caught in a lie, and is offering no apology.
jdover
join:2010-04-03

jdover to Windstream

Member

to Windstream
This is not a real reply. Why are you so tight lipped about it? It must be worse than we thought!

SirMeowmix_I
@eliablehosting.com

SirMeowmix_I to Windstream

Anon

to Windstream
I think the following conclusions can be drawn:

1) Windstream is using DPI/layer 7 traffic inspection.
2) Windstream refuses to be forthcoming about how this data is used.
3) Windstream's reply is very precise and in legal terms, meaning specifically that on an individual level they are not tracking searches, but on an aggregate level they most certainly are.
4) As a result of a configuration error they prematurely began redirecting searches to their worthless searchredirect.windstream.net engine, exposing their heinous data harvest practices.
5) DNS NXDOMAIN and now layer 7 data is being used to generate revenue and this harvest of data has likely been going on for some time.
6) 'Windstream', the employees here on DSLR, are having to escalate this issue to superiors and funnel responses through legal and PR departments. They're likely caught in the middle between doing what is ethical and keeping their jobs.
7) Residential subscribers were/are explicitly targeted with this inspection of data, Business subscribers may be as well but it is unknown at this time.
8) The Privacy Policy has not been updated to reflect this harvest of subscriber data.

The FCC and local media should get involved in this as well as the EFF. This bullshit is beyond acceptable and while I feel sorry for the customer-facing Windstream employees who have the bear the brunt of their subscribers frustration but this is absolute bullshit.
nweaver
join:2010-01-13
Napa, CA

nweaver

Member

Could someone on Windstream run netalyzr ( »netalyzr.icsi.berkeley.edu ) and send me the results link (netalyzr-help@icsi.berkeley.edu)?

I'm interested in investigating these allegations.

Thanks

-Nick Weaver

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA

1 edit

Napsterbater

MVM

It stopped within 2 or 3 days of starting, you wont find anything now.

sashwa
Mod
join:2001-01-29
Alcatraz

sashwa to Windstream

Mod

to Windstream

(topic move) Redirected to yahoo

Moderator Action
The post that was here, has been moved to a new topic .. »Redirected to yahoo
jdover
join:2010-04-03

jdover to Windstream

Member

to Windstream

Re: Our Response to Redirect Service Concerns

There is good news, Google will shortly support https queries to the search engine. This will, if Firefox is set to use it instead of http, prevent and detect Windstream's efforts to steal our search queries.

»www.wired.com/threatleve ··· -search/