dslreports logo
site
spacer

spacer
 
   
spc
story category
Earthlink Stops Tinkering With Google Search Traffic
Reverts Back to Simple DNS Redirection
by Karl Bode 02:30PM Wednesday Sep 28 2011
The other day we reported that Earthlink appeared to have joined a long list of ISPs using new technology that allows them to net search referral fees for both the hardware vendor and ISPs -- by sniffing and modifying user search traffic. Paxfire and RCN are currently being sued for the practice, and it remains unclear if the practice is legal.

Click for full size
Coincidentally or not, a day after our story popped up Earthlink (who has not responded to a request for comment) stopped tinkering with user search traffic according to forum users and ICSI researchers at Berkeley contacted by Broadband Reports. You'll recall that when the story originally broke, many of the ISPs involved scaled back their practice and stopped modifying search results.

"The ISPs involved stopped modifying results, but the ISPs largely still maintained the interception process: redirecting user traffic for the targeted search engines," ICSI's Nicholas Weaver tells Broadband Reports.

"As of the 16th of August most of the ISPs involved were still redirecting user search requests through Paxfire's proxies, but the systems weren't modifying results," he notes. "We haven't rechecked whether Netalyzr customers are still being redirected through these proxies after the 16th on an ISP-by-ISP basis, but there is some suggestion that this redirection is still ongoing."

The fact ISPs quickly modify these efforts when they are publicly disclosed -- and the fact no ISP wants to talk about using this new technology on the record -- speaks volumes about how comfortable many ISPs are with the legality of this effort. Most larger ISPs with larger legal departments and better lawyers (AT&T, Verizon, Comcast) seem to be steering clear of this technology for now.

view:
topics flat nest 
pandora
Premium
join:2001-06-01
Outland
kudos:2
Reviews:
·ooma
·Google Voice
·Comcast
·Future Nine Corp..

I enabled a web feature on my browser ...

Recently I enabled a web feature on my browser, it shows where people in my home (or things as many devices don't necessarily need people to go places).

One feature was to record the search history. It lets me see the last 500 or so searches that were done.

If my home router can do this, I can only imagine what the routers at large ISP's can do.
--
"People demand freedom of speech as a compensation for the freedom of thought which they seldom use."

hullboy
Premium
join:2000-12-21
Oakland, CA

Keep it up Karl!

Bringing these hidden issues to the forefront makes these ISPs put their shady tactics back in closet and then they try to claim they never did anything like this in the first place.

Yeah baby!

Exposure is the only way to TRY and keep 'em honest.

djrobx
Premium
join:2000-05-31
Valencia, CA
kudos:2
Reviews:
·Time Warner Cable
·VOIPO

Redirecting searches? Yuck.

I can't figure out why people still use Earthlink. Seems like you get none of the good, customer oriented service that you should get by choosing a third party ISP. I remember when they were a local ISP in Glendale, CA. Now they're like a zombie that won't die!
--
AT&T U-Hearse - RIP Unlimited Internet 1995-2011
Rethink Billable.
Wilsdom

join:2009-08-06

Re: Redirecting searches? Yuck.

Where I am Earthlink is $13 cheaper than Roadrunner and the CSRs are usually better than TWC's (though you need to talk to TWC to get anything done).

FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5

Using https whenever possible kills these search hijackings

Almost every site I go to on a daily basis has support for encrypted links, except for my.yahoo.com. And when you use that type of connection they can't redirect you based on search terms because those terms are encrypted. So when I do google searches they can't see my search terms so they can't hijack me.
--
»www.rickperry.org/
Crookshanks

join:2008-02-04
Binghamton, NY

Re: Using https whenever possible kills these search hijackings

You beat me to it. There's a reason why Google rolled out Google SSL. I can't think of any compelling reason NOT to use it, even if your ISP is on the up and up.

FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5

1 recommendation

Re: Using https whenever possible kills these search hijackings

said by Crookshanks:

You beat me to it. There's a reason why Google rolled out Google SSL. I can't think of any compelling reason NOT to use it, even if your ISP is on the up and up.

And I use an add-on to Firefox that makes it easier to use HTTPS on many, many web sites automatically.
»www.eff.org/https-everywhere


--
»www.rickperry.org/
Mr Matt

join:2008-01-29
Eustis, FL
kudos:1
Reviews:
·Millenicom
·Embarq Now Centu..
·Comcast
·CenturyLink

1 recommendation

More screwing of the consumers by ISP's.

I wonder what would happen if your telephone company pulled the same crap as these abusive ISP's. What would happen if they were caught rerouting a call you placed to Hertz, to Expedia, and had a CSR at Expedia that represented that they worked for Hertz. How long would it take for the Justice Department to file a lawsuit against a telephone company that pulled that crap. Fact is that many ISP's are amoral and have no sense of decency.
tpkatl

join:2009-11-16
Dacula, GA

We're innocent ! We didn't do anything!

But we're going to stop doing what we weren't doing.
cewagy

join:2004-02-03
Santa Barbara, CA

How can we tell?

Is there an easy way to see if my ISP is tinkering with my search traffic?

Does it only happen if I use the ISP's DNS service?
nweaver

join:2010-01-13
Napa, CA

Re: How can we tell?

a: This is done using DNS. Using a third party DNS service like Google Public DNS prevents this from happening.

b: Netalyzr ( »netalyzr.icsi.berkeley.edu/ ) automatically detects this behavior.

dlathem
Premium
join:2000-08-11
Birmingham, AL

Re: How can we tell?

Why does that netalyzr link always crash when I try to go to it? The page will show for a few seconds and then IE closes and says the page was a problem. I have never seen IE do this on any web page. Either it gives me a 404 error or it churns and does not load. I am on Earthlink but I have been an OpenDNS user for some time.
nweaver

join:2010-01-13
Napa, CA

Re: How can we tell?

Its probably triggering some obscure IE bug on your system.

You could try Firefox.

If you are using OpenDNS, this wasn't a problem because it was a problem with Earthlink's DNS servers.

not quite right
I'm not cool enough to be a Mac person

join:2001-06-23
Puyallup, WA
kudos:1

TIL

I had to read this only because I had no idea Earthlink still existed ...
--
"I'm A PC, And Windows 7 Was My Idea."

alanxenos
Perot 2016

join:2008-09-26
Winnetka, IL
Reviews:
·AT&T U-Verse
·T-Mobile US
·Sprint Broadband..

Re: TIL

Right? Lol, same here. Even if I had earthlink it wouldn't matter though, as the 2nd thing I do after setting up a new internet connection is set the DNS servers to OpenDNS.
--
I'm pretty sure the small hole isn't a reset button, but is actually a microphone hole. So best not to stick anything inside it. ~jdkoreclipse@RootzWiki on the Nexus One