ISPs Hijacking Browser Functions, Continue Proud Tradition Of Value-Free Added Services

from the added-value-for-us-but-not-for-you dept

ISPs over the last few years have quickly rushed to embrace DNS redirection advertising. Instead of users being directed to a traditional page not found message (or Google in some browsers) should they enter a nonexistent or mistyped URL, they’re redirected to an ISP-run search portal laden with advertisements. The concept creates a revenue stream out of your clumsy typing, giving ISPs an extra few bucks per month, per user (of course on top of whatever they make supposedly not selling your clickstream data). While many users don’t like the practice, most ISPs provide some kind of opt-out mechanism (though they often don’t work well), and users can often choose alternative DNS servers. Slashdot directs our attention to the fact that users continue to be surprised when they find out their ISP is hijacking user location bar results:

"Today I noticed that this great feature of Firefox (combined with Google of course) has stopped working, and has instead been replaced with an add-laden (sic) search result from another website. I’ve confirmed that my keyword.URL setting is still pointed at Google, so this must be happening at the traffic level, I would imagine either by use of a web proxy or something to do with DNS lookup, which makes me wonder if this new ‘feature’ my ISP (Netvigator by PCCW in Hong Kong) has introduced is also affecting my privacy?"

Here in the States one ISP (Windstream Communications) was recently busted for taking this concept one step further, going so far as to actually hijack Firefox Google search toolbar results. Windstream quickly backed away from the practice once users started to complain, insisting it was a mistake. However, the ISP wouldn’t offer technical specifics about what technology they were using that created this "bug," and employees were told not to elaborate. To be clear, in Windstream’s case this went well beyond DNS redirection, worked no matter what DNS servers were being used, and involved manipulating actual traffic streams using a new flavor of deep packet inspection. Whether this new layer 7/DPI is being used for copyright enforcement, surveillance, data mining or search result hijacks isn’t clear — but whatever it’s being used for, it’s being implemented with absolutely no transparency to the end user.

It seems unlikely that any U.S. ISP would take things further by hijacking toolbar results, given ISPs are busily trying to argue to regulators that network neutrality rules aren’t necessary. Still, as deep packet inspection technology gets more sophisticated, precisely how ISPs are meddling with your traffic is something to keep a close eye on. ISPs already have a bad habit of offering value added services that fail to provide any value to consumers, and DNS redirection ads are only the latest example. ISPs were in such a hurry to grab this additional revenue, they failed to bother to make sure opt-out mechanisms for these "services" even worked, much less consider adding any kind of enhanced DNS functionality (as seen by companies like OpenDNS) that would make these services worth something to the end user. While DPI itself isn’t bad, it holds a lot of potential for abuse among ISPs eager to make an extra buck at any cost.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “ISPs Hijacking Browser Functions, Continue Proud Tradition Of Value-Free Added Services”

Subscribe: RSS Leave a comment
Jim (user link) says:

Pleeeeezzzz, Mike!

“The concept creates a revenue stream out of your clumsy typing, giving ISPs an extra few bucks per month, per user …”

It’s disappointing to see you write an otherwise good post, but then loose credibility with a statement that you have to know isn’t accurate. You run a Web site with ads. You know better. In order to make a “few bucks per month, per user,” the average user would probably have to mistype URLs thousands of times each month. It’s far more likely that the ISPs make pennies per month, per user (and perhaps less). Your data points and arguments were good enough without the egregious exaggeration, which seems to have been inserted to make the story a little bit more compelling. The problem is, when I see something like that, it makes me wonder what other liberties you’re taking with the truth.

Jim (user link) says:

Re: Re: Pleeeeezzzz, Mike!

First, I don’t work for an ISP, and I have zero affection for them. Second, the comment in question referred to mistyped URLs, not deep inspection. Third, you missed my point, which was that by grossly exaggerating, Mike hurt his credibility, at least with me.

A decent CPM (i.e., how much advertisers pay for 1000 impressions) is about $1. That’s 3,000 impressions to make a “few bucks.” How many URLs do you mistype a month? Since Mike runs a Web site that gets a lot of traffic, he should know better. I was also disappointed because it seemed to me that he may have done it (perhaps subconsciously) to juice up his story. And by the way, I have no problem with just about everything else in his post.

Ryan says:

Re: Re: Re: Pleeeeezzzz, Mike!

Yes, “an extra few bucks per month” just sounds like phenomenally overblown hyperbole, designed maliciously or perhaps just ignorantly to exploit our sympathies and inherent vulnerability to sensationalism with gross overexaggerations.

Actually, on second thought it sounds more like a figure of speech.

Jim (user link) says:

Re: Re: Re:3 Pleeeeezzzz, Mike!

“An extra few bucks” is a figure of speech. “An extra few bucks per month, per user” is much more specific. Comcast has 25M subscribers. Your statement suggested that Comcast alone makes hundreds of millions per year on mistyped URLs. That’s significant, and it’s nowhere close to reality.

I didn’t say it changed the story; I said it hurt your credibility with me. I know what ad rates are. I might not know if you exaggerate about things that I’m not familiar with. Your response to my point, which I found very dismissive, makes me even less comfortable.

chris (profile) says:

Re: Tunneling

Perhaps we need some form of VPN tunneling to a trusted portal/relay which would then give us unadulterated access to the Internet. This would thwart any deep-packet inspection or redirection. I guess there’d be a performance hit however.

you can tunnel just about anything over an SSH connection, all you need is a trusted host to connect to. i do this on untrusted wifi networks.

that said, this is something stupid that ISP’s do with their DNS and it’s uber easy to get around. just use a different DNS, like google mentioned above ( and or level3 (

i normally use them because residential ISP DNS is often unreliable.

Anonymous Lily Liver says:

Greed blinds them to the inevetiable concequences.

If you use Google as your preferred search engine, I suggest you start paying closer attention to how often you see the “Did you mean: xxx?” link at the top of your search results. Despite being good at spelling, I would say I see this at least 50% of the time. There definitely is money to be made from page hijacking. The more users you have, the harder it would be to resist too, I think.

The thing that got me really wondering is ISP liability. With the copyright industry eyeballing them, ISP’s have found themselves having to stress their “dumb pipe” defense more frequently as of late. However, when they start employing DPI strategies in more obvious (aka obnoxious) ways, one would think that the whole concept of them being a dumb pipe begins to collapse. If you are using DPI to watch users and are able to hijack anything they access, then you should easily be able to control piracy on your network. After all, that was the original intent of DPI to begin with, was it not?

Another aspect regarding the potential for increased ISP liability for those whom use DPI is that it may finally pave the way forward for new laws. After all, DPI is not unlike wiretapping from my point of view. ISP’s that use it have always claimed it is solely for the benefit of their customers. The explanation most often given is that DPI allows an ISP to better manage the health of their network by preventing “heavy” bandwidth users from eating it all up. Personally I’ve always felt it was just an excuse for not properly reinvesting in their network. DPI is a far less expensive proposition, plus as we can clearly see it allows them to do more than just monitor users. However, when those uses begin to cross the line more and more, how will lawmakers (undoubtedly under greater pressure from consumer groups) be able to justify continuing to stand by and do nothing? If DPI abuse becomes prevalent enough, it may force the government to finally take net neutrality seriously. Just like the copyright industry, their greed is what may undo them in the end.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...