Windstream Premium Member join:2009-03-31 Twinsburg, OH |
Our Response to Redirect Service ConcernsWindstream implemented a network change on Friday, April 2, that mistakenly re-directed Firefox browser users utilizing their default search boxes to a Windstream landing page. This was not Windstream's intention, and after customers made us aware, we fixed the matter on Monday.
Windstream does not: * track or monitor any individual customer internet searches; * impede a customer's ability to access or use any websites, search engines, or any other services or applications on the Internet.
We appreciate all the feedback and support from this forum, and we will continue to address and help resolve any issues with your Internet service.
JE |
|
|
SirMeowmix_I
Anon
2010-Apr-8 6:58 pm
It is technically impossible for this behavior to occur without the involvement of some level of DPI or Layer 7 inspection technology. This cannot be NXDOMAIN redirection as this is DNS agnostic; the Firefox browser submits data via HTTP/1.1 GET to 'www.google.com'.
For this to have been NXDOMAIN it would have targeted Google universally.
Now, to dissect your statement, as it seems to be intentionally worded vaguely:
"* track or monitor any individual customer internet searches;"
How about on an aggregate level, which would be consistent to the redirection behavior reported here. On an aggregate level, are you tracking search terms used?
The Windstream landing page, 'searchdirect.windstream.net' has an awfully suspicious naming convention and behavior for us NOT to think it's an issue. |
|
SirMeowmix_I |
SirMeowmix_I to Windstream
Anon
2010-Apr-8 7:19 pm
to Windstream
I also wanted to add that the sheer fact the URL was transformed, being carefully re-written, from the URI passed to 'www.google.com' once again discredits what you've said entirely.
It's not surprising, you've refused to answer the questions from multiple Windstream subscribers concerning this.
Allow me to get technical.
When a user performs a search using the Firefox search bar against Google HTTP/1.1 is used with an HTTP method of GET against Google. The following URI is constructed:
q=[search critera] ie=[encoding] oe=[encoding] aq= rls=[browser]
So, when I search against Google I pass ?q= for my search term.
When this is redirected to searchredirect.windstream.net the URI is transformed, with the ?q= parameter being extracted. Your site uses this URI structure:
search=[search criteria] src=[interger value, likely points to an RDBMS based on HTTP_REFERER]
So you see, you're absolutely, with confidence, not disclosing the truth. For this behavior to occur you would have to be using an MITM proxy or DPI; either way you are inspecting Layer 7 traffic, extracting the ?q= URI string passed to Google, and either transparently or via HTTP 302 redirecting customers to your searchredirect.windstream.net
You got caught, red handed, and have been fabricated mis-truths from the start.
How HTTP/1.1 GET against /search?q=my_search_term becomes /search.php?search=my_search_term without some form of Layer 7 is impossible. This CANNOT be NXDOMAIN.
Clearly you're not disclosing the full details or hiding behind careful sentence structure and semantics. |
|
your moderator at work
hidden :
|
1 edit |
to Windstream
Re: Our Response to Redirect Service Concerns you got caught. NICE |
|
disgruntled21 |
to Windstream
Is there anyway Windstream has a rebuttal? |
|
|
SirMeowmix_I
Anon
2010-Apr-9 8:18 am
Seeing as how it took them about ~3 days to craft this carefully worded reply which never really addressed any of the key critical questions I asked in » DPI/Layer7/NXDOMAIN Privacy questions re. Windstream DSL I doubt it. |
|
your moderator at work
hidden :
|
elveySpamassassin join:2001-02-17 San Francisco, CA |
to SirMeowmix_I
Re: Our Response to Redirect Service ConcernsWhen caught in a lie, every moral code demands an apology be made. Windstream has been caught in a lie, and is offering no apology. |
|
|
to Windstream
This is not a real reply. Why are you so tight lipped about it? It must be worse than we thought! |
|
|
SirMeowmix_I to Windstream
Anon
2010-Apr-13 9:48 pm
to Windstream
I think the following conclusions can be drawn:
1) Windstream is using DPI/layer 7 traffic inspection. 2) Windstream refuses to be forthcoming about how this data is used. 3) Windstream's reply is very precise and in legal terms, meaning specifically that on an individual level they are not tracking searches, but on an aggregate level they most certainly are. 4) As a result of a configuration error they prematurely began redirecting searches to their worthless searchredirect.windstream.net engine, exposing their heinous data harvest practices. 5) DNS NXDOMAIN and now layer 7 data is being used to generate revenue and this harvest of data has likely been going on for some time. 6) 'Windstream', the employees here on DSLR, are having to escalate this issue to superiors and funnel responses through legal and PR departments. They're likely caught in the middle between doing what is ethical and keeping their jobs. 7) Residential subscribers were/are explicitly targeted with this inspection of data, Business subscribers may be as well but it is unknown at this time. 8) The Privacy Policy has not been updated to reflect this harvest of subscriber data.
The FCC and local media should get involved in this as well as the EFF. This bullshit is beyond acceptable and while I feel sorry for the customer-facing Windstream employees who have the bear the brunt of their subscribers frustration but this is absolute bullshit. |
|
|
Could someone on Windstream run netalyzr ( » netalyzr.icsi.berkeley.edu ) and send me the results link (netalyzr-help@icsi.berkeley.edu)? I'm interested in investigating these allegations. Thanks -Nick Weaver |
|
1 edit |
It stopped within 2 or 3 days of starting, you wont find anything now. |
|
sashwa Mod join:2001-01-29 Alcatraz |
to Windstream
(topic move) Redirected to yahooModerator ActionThe post that was here, has been moved to a new topic .. » Redirected to yahoo |
actions · 2010-Apr-30 10:13 am · (locked) |
|
to Windstream
Re: Our Response to Redirect Service ConcernsThere is good news, Google will shortly support https queries to the search engine. This will, if Firefox is set to use it instead of http, prevent and detect Windstream's efforts to steal our search queries. » www.wired.com/threatleve ··· -search/ |
|