New Jersey's Cablevision Hijacks DNS Error Pages 200
Selikoff writes "I just noticed Cablevision's Optimum Online service has begun hijacking DNS Error pages with, you guessed it, ad-supported results. Aside from hurting the underlying stability of the Internet, there have been instances where hackers have used such tools against customers. I know Road Runner customers have had to deal with this for a couple months now, although at least they have an outlet to turn it off." Update: 09/30 13:18 GMT by T : Note, as several readers have pointed out, this hijacking is of DNS errors rather than 404 errors as originally presented.
Solution for ISPs mucking with DNS results (Score:4, Insightful)
Don't use your ISP's DNS servers.
Find another public server or run your own.
Re:No, they didn't (Score:5, Insightful)
Right, and while it might seem repulsive to some to have them proxy your web connections, I honestly find it more repulsive to hijack failed DNS queries, because this affects spam. Maybe it's just because I work for a professional email hosting company, but come on now. Failed dns lookup = drop mail as spam. Maybe not as critical because it's an ISP with mostly end users, but what if they're doing this to their small business customers, too?
~Wx
Re:The submitter confuses DNS and HTTP errors (Score:1, Insightful)
Except DNS errors are critical and important for non-HTTP apps too.
Mail, for instance. Now I'll send my mail to the wrong server instead of getting a host unknown error.
SSH to that server and type your password! (although SSH does to host key checking)
I can't see how you think it's *less* insidious -- never mind much less insidious.
Re:No, they didn't (Score:5, Insightful)
It's an important difference - 404 means that they are transparently proxying your connections
And inspecting the packet contents looking for HTTP 404 error code returns, and either modifying the returned HTML to insert their own ads or else (and much, much simpler and more practicable) discarding the rest of the data stream and substituting their own.
Hijacking DNS errors is wrong; hijacking HTTP 404 returns would be Evil.
Re:Easily solved (Score:3, Insightful)
Yes, incredibly easy to solve your ISP hijacking failed DNS lookups by switching to a service that (by default) supports itself by hijacking failed DNS lookups ;)
OpenDNS have (or at least used to have) a way of tagging your account as "don't show me the adverts and give me a proper response" but it is associated with an IP address.
Every time we turn our router off for the night we get a new IP because the lease expires. As I run a Linux box I can't use their Mac or Windows "update your IP from the client" apps. If I get a new IP and forget to manually update then they'll still be giving me the adverts. That means there's still going to be a lot of people who can switch to OpenDNS but still won't get rid of hijacked results.