 | | Boo Hiss This doesn't look like NXDOMAIN hi-jacking either, this is DPI and Layer 7 tampering. We currently have NXDOMAIN hi-jacking, Walled Garden, and now this.
The "opt-out" sets a client-side browser cookie. This means that the DPI is always running, inspecting this cookie, and the redirection occurs if the cookie value isn't set.
There are two tiers of Windstream's DSL, residential and business, and it appears that business grade DSL is not being targeted. I am business class and I'm not having the issue. Two doors down they're hi-jacking residential customers.
Many trust-worthy users have reported that it doesn't matter what your DNS server is set to, the hi-jack still occurs. This isn't NXDOMAIN fun-games. | |
|
 |  SeleniaI love DebianPremium
join:2006-09-22
Lanesboro, MA
kudos:2 | Re: Boo Hiss said by SirMeowmix_I :
This doesn't look like NXDOMAIN hi-jacking either, this is DPI and Layer 7 tampering. We currently have NXDOMAIN hi-jacking, Walled Garden, and now this.
The "opt-out" sets a client-side browser cookie. This means that the DPI is always running, inspecting this cookie, and the redirection occurs if the cookie value isn't set.
There are two tiers of Windstream's DSL, residential and business, and it appears that business grade DSL is not being targeted. I am business class and I'm not having the issue. Two doors down they're hi-jacking residential customers.
Many trust-worthy users have reported that it doesn't matter what your DNS server is set to, the hi-jack still occurs. This isn't NXDOMAIN fun-games.
It could also be simple firewall redirection. Even iptables could do something like this, with the right ruleset. I am not saying this is not Layer7/DPI tampering necessarily, but it seems that firewall rules are more likely, especially if this was an accident of some sort. Why throw DPI hardware at what a simple firewall can do?
--
The new Sony rootkit-Using the ability to remove features you paid for. What's next? Boycott Sony products »[Rant] ps3 update = no more Linux | |
|
| | network neutrality violation! Sounds like forged packets to me! | |
|
| | | Re: network neutrality violation! what is this Network Neutrality thing you speak of? Because I didn't know there was a such thing---at least "offically" yet with actual rules/laws.
--
www.twopugsbrand.com ONLINE STORE NOW ONLINE! up to 50% off SRP of Happy Tails Spa products. | |
|
| | I had it with Verizon doing this too... that I went to OpenDNS.
Ofcourse, they all take advantage of your mis-typed URLs...
--
Splat | |
|
 rchandraStargate Universe fanPremium
join:2000-11-09
14225-2105 | shades of VeriSlime (.com/.net) The only difference is the scope (a specific ISP vs. global). Browser cookies are insufficient! There are a gazzlion Internet applications which are not Web browsers. Taking udp/53 packets and NATting them to your DNS server is just plain WRONG. I am not a particularly litigious person, but I hope someone slaps these bozos with a class action lawsuit (restraint of trade perhaps?).
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.
Jeopardy! replies REALLY suck! | |
|
|  morboComplete Your Transaction
join:2002-01-22
00000 | Re: shades of VeriSlime (.com/.net) Thanks for the flash back to VeriSlime. | |
|
cacoPremium
join:2005-03-10
Whittier, AK | Dns settings set in router Didn't matter still get windstream search page. Not end of the world just a pain. Someone screwed up at Windstreeam.
--
Politicians and diapers have one thing in common. They should both be changed regularly, and for the same reason. | |
|
| | Ridiculous Ridiculous. If I were Google I'd start setting that cookie for everyone and stick it to Windstream.
I'm glad they are not my ISP. | |
|
| |  sure about cookies?
| |
|
| | | Re: sure about cookies? Ok, according to Windstream, their opt-out does not use cookies. I have seen some ISPs use cookies for this, and they never work particularly well. | |
|
 WindstreamPremium,VIP
join:2009-03-31
Twinsburg, OH
kudos:33
2 edits | Change to this service being applied tonight We will be making a change to this service tonight based on feedback from our customers who wish to continue to use Google for the search box. We apologize for any inconvenience this may have caused.
On a different note, the preferences are not cookie based. Cookies can be cleared without affecting the choices for this service.
--
We're here to help! wci.broadbandhelp@windstream.com | |
|
| | | Re: Change to this service being applied tonight It's nice to see this change being made in light of the customer feedback. How Windstream could construe that someone really wanted a ad-laden search portal provided by the ISP when they were clearly wishing to access Google is beyond my comprehension.
Please use this as a learning experience. Your customers wish to have unfettered/untampered access to the Internet -- we're not a cash cow to be milked at every opportunity.
Future changes should be well communicated to your customer base, not a big Easter surprise. Future changes should be opt-in, not opt-out. | |
|
| cacoPremium
join:2005-03-10
Whittier, AK | So this wasn't a mistake. You folks in your wisdom decided to do this without notifying your customers. Nice. | |
|
|
1 edit | Nah, you're just sorry you got caught. Someone high up thought it would be a great idea to try out and that customers wouldn't notice.
PS: I would love to see what the original post said before it got edited twice. | |
|
| | Well... Guess people will have to start tunneling encrypted DNS as well...  | |
|
WindstreamPremium,VIP
join:2009-03-31
Twinsburg, OH
kudos:33
1 edit | Resolution The issues with search results modified when using the search field in Firefox has been isolated. A fix will be applied later tonight. If the issue is occurring tomorrow morning please let us know.
We apologize for the inconvenience.
-BP
--
We're here to help! wci.broadbandhelp@windstream.com | |
|
|
1 edit | Re: Resolution Well, was this intentional or not? Your post above makes it sound like it was intentional (and the redirect optout sure confirms that). But this post makes it sound unintentional (an "issue" that has been "isolated.")
So which is it? Was this intentional or not? And don't even think about lying about it, because Comcast did that when it got caught redhanded using forged RST packets. Fess up now, lest you look like a liar when the FCC sends you a letter of inquiry. | |
|
| | WindstreamPremium,VIP
join:2009-03-31
Twinsburg, OH
kudos:33
1 edit | Re: Resolution No it was definitely not intentional.
-BP
--
We're here to help! wci.broadbandhelp@windstream.com | |
|
| | | | | Re: Resolution How that could be? Did Windstream "accidentally" program its routers to intercept code from the Firefox toolbar? This is a pretty specific thing, that had to involve effort on your part to get it up and running. | |
|
| | | | WindstreamPremium,VIP
join:2009-03-31
Twinsburg, OH
kudos:33 | Re: Resolution I won't go into the technical details, but this was not a desired result to modify the Firefox search field regardless of which search provider is used in the browser.
-BP
--
We're here to help! wci.broadbandhelp@windstream.com | |
|
| | | | |  Logan 5Enjoying the CataclysmPremium,MVM
join:2001-05-25
Austin, TX
kudos:7 | Re: Resolution said by Windstream:I won't go into the technical details, but this was not a desired result to modify the Firefox search field regardless of which search provider is used in the browser.-BP Ummm maybe you SHOULD go in to the technical details.. that is unless you have something to hide. Don't assume that users here wouldn't understand no matter 'how' technical the issue may be.
Giving evasive non-answers & avoiding direct questions does not make your Company look particularly innocent or sorry that this happened. IMHO, total transparency will be your best bet to move quickly past this with as little hit to your companies rep as possible..
I mean you can answer anyway you want to, after all you do have a choice how to handle this but at the end of the day, owing up to this 'mistake' and explaining what happened in detail and how your company took steps to prevent it from happening again is really the best way to make this all go away... isn't it? | |
|
| | | | | | | | Re: Resolution IF they did this on purpose, do you think they'd actually own up to it? Quickest way to get the FCC on your ass, as Comcast found out. | |
|
| | | | | | | Seeing as to how this appears to be DNS agnostic since many of the contributors in the Windstream thread indicate they are using non-Windstream DNS servers such as OpenDNS, the fact that a specific URL was targeted, and the fact that Residential (not Business) DSL customers were targeted how exactly are we supposed to believe this was not Layer 7 DPI and was/is the existing NXDOMAIN DNS hi-jacking gone awry?
This simply does not make sense. Based on input from the thread and what little we're able to assemble from your responses one of the below is accurate:
1) You're using DPI and rewriting URLs.
2) You're re-writing/intercepting DNS replies matching URL criteria (so, DPI (or at least Layer 7 inspection) is being used).
3) All of the above coupled with some misleading statements.
You see, the HTTP HOST header for the Firefox toolbar goes to "www.google.com" and is passed as HTTP/1.1 with an HTTP GET method. This cannot be NXDOMAIN/DNS hi-jacking since a specific URL was targeted.
This isn't redirecting non-existent domains (NXDOMAIN), this is willful rewriting on a URL for a valid functional domain. | |
|
| | | | | woode
join:2003-09-21
Jonesboro, GA
1 edit | said by Windstream:I won't go into the technical details, but this was not a desired result to modify the Firefox search field regardless of which search provider is used in the browser. -BP You obviously don't understand the folks reading these comments. We're perfectly capable of understanding the "technical details."
FYI. I'm a former Windstream business customer. I'm now in an area that you don't service, and suddenly thankful for that.
I hope, though, that this will be a "teachable moment" for your company, and you will have learned that your users don't like having their internet monkeyed with behind their backs. | |
|
| | | | | You jokers should not have been monkeying around with this in the first place. In my opinion the FCC should consider issuing your CEO and CTO a subpoena to explain yourselves in court. Maybe Congress would find this case useful to see what companies are doing or will do and why we must have Network Neutrality and other consumer protection laws. | |
|
| | Are you blind or dumb? "It goes to reason that if users are using the Google toolbar for search they'd want Google results, yes? Implementing this kind of change without informing consumers is such a bad idea, we have to assume it was an accident."
Sure it was a bad idea but I dont get how you would still assume it was a mistake? Verizon charges $1.99 Phantom fee for internet access to cell phones even if the customer does not use the internet. Time Warner raises prices and blames everyone but themselves but yet still have the balls to say they are looking out for the consumer all while eliminating channels the comsumer wants while adding worthless channels no one wants. My point is these days with all the BS companys try to pull and succeed in pulling I would assume they meant to do this. Atleast till someone noticed. Their botttom line would have been inflated and they would be able to see why. If it was a mistake then they would have corrected it and refunded customers money. But they didnt. | |
|
| Host:
Time Warner Intern..
PC gaming GAMES
PC gaming Tech
| Re: Are you blind or dumb? Are you blind or dumb? No. Thanks for asking.Sure it was a bad idea but I dont get how you would still assume it was a mistake? Well, in part because Windstream says it was a mistake:
»Re: Resolution
said by Windstream :
No it was definately not intentional. Also, hijacking Google toolbar results is just too stupid for a company to do intentionally. | |
|
| | | | Re: Are you blind or dumb? Hey Karl, mistake or not, this is new DPI/Layer 7 inspection. We're not used to this, this isn't the NXDOMAIN stuff. This is new.
Windstream isn't giving us the full story.
I am a Windstream DSL customer | |
|
| | Goooooooooood Greif "Most ISPs out there have now implemented some form of DNS advertising redirection"
Stop lumping all of the WISPs, ISPs and Smaller CLEC in the same pile as the 1M+ subscriber ISPs. I think that if you look at "most" ISPs you will find that they are not engaging in such tactics. | |
|
| | its my choice for the link NOW FUCK OFF with this stupidity
if i want to goto google.com or fredflinstonesearch.com ITS MY RIGHT
stupid this ought ot be illegal and a hack of whatever federal hacking laws you have. | |
|
| |
| | Hmm I am a Windstream customer, I am using Level3's DNS servers 4.2.2.5, 4.2.2.4 and 4.2.2.3 as my DNS servers and I have not experienced this issue even one time. | |
|
 camaro92Question everythingPremium
join:2008-04-05
Westfield, MA
 ·Comcast
| Lighten the mood What ever happened to the good old day's when a address typo would make you go duh and not have a advertisem... i mean a "browser helper" or whatever. | |
|
|  pokesphIt Is Almost FastPremium
join:2001-06-25
Sacramento, CA
kudos:1 | Re: Lighten the mood said by camaro92:What ever happened to the good old day's when a address typo would make you go duh and not have a advertisem... i mean a "browser helper" or whatever. well there's your problem right there.. using IE8
--
Webmaster - Steve
- - - - - - - - - - - -
»www.1-gb.net
»www.ppnstudio.com | |
|
|
|
