Reports of IE Hijacking NXDOMAINs, Routing To Bing 230
Jaeden Stormes writes "We just started getting word of a new browser hijack from our sales force. 'Some site called Bing?' they said. Sure enough, since the patches last night, their IE6 and IE7 installations are now routing all NXDOMAINs to Bing. Try it out — put in something like www.DoNotHijackMe.com." We've had mixed results here confirming this: one report that up-to-date IE8 behaves as described. Others tried installing all offered updates to systems running IE6 and IE7 and got no hijacking.
Update: 08/11 23:24 GMT by KD : Readers are reporting that it's not Bing that comes up for a nonexistent domain, it's the user's default search engine (noting that at least one Microsoft update in the past changed the default to Bing). There may be nothing new here.
Update: 08/11 23:24 GMT by KD : Readers are reporting that it's not Bing that comes up for a nonexistent domain, it's the user's default search engine (noting that at least one Microsoft update in the past changed the default to Bing). There may be nothing new here.
Re:Who cares!?! (Score:3, Interesting)
Example.com on the other hand -is- a valid site and will return "You have reached this web page by typing "example.com", "example.net", or "example.org" into your web browser. These domain names are reserved for use in documentation and are not available for registration. See RFC 2606, Section 3." if the point is searching for an invalid site to test for this, why the heck would you use a valid site which wouldn't return the error message?
Re:Who cares!?! (Score:3, Interesting)
Can you point me to the relevant RFC, or at least a standard from a recognized standards body which is being violated here?
Re:Who cares!?! (Score:4, Interesting)
Domain hijacking is a huge deal for me. Primarily, when I'm on an internet connection that's hijacking the domain, if I type 'amazon', firefox first checks if I have an amazon in my searchdomain (ie: amazon.example.com), and if not, it tries adding a .com, then a www. and a .com... if the ISP is hijacking it, I get an answer to 'amazon' with the hijacked page. This means that I have to type the .com every time.
with a browser doing the same thing, I could be trying to connect to my primary server (wolverine) and if I mistype the webaddress, it redirects me to bing, changing my URL bar to the bing URL which means that when I've typed 'wolverine/some/really/long/path?with=variables' I have to go type that whole thing over again to correct it rather than just fixing it in the addressbar.
so, hijacking the DNS is a BITCH and is totally annoying all the time.
Anonymous Coward (Score:1, Interesting)
Of course, the "Slashdot effect" (of everyone trying "donothijackme" in their browser) has now caused an increase in the requests for that domain, and now someone (wisely) has purchased the domain www(dot)donothijackme(dot)com and re-directed THAT to their primary web page...interesting use of an unrelated article to promote one's own business.
I chose not to link to that site again in this post. Just doin' my own little part to not artificially inflate his traffic numbers.
Re:Ridiculous (Score:4, Interesting)
Re:Verizon does it for me... (Score:1, Interesting)
No, as usual, when there is /. FUD or stupidity, it's kdawson's fault...
Re:Who cares!?! (Score:4, Interesting)
This isn't an example of domain hijacking, this is an example of an annoying browser feature.
Domain hijacking refers to a range of activities, some of which are illegal, and some of which are just annoying. In the traditional sense, domain hijacking usually involves exploitation of domain registrar update process or social engineering to steal a domain name, and direct traffic to another (possibly nefarious) website. In this case, someone has literally taken (stolen) another person's property and used it for their own purposes.
I've also seen the term legitimately used to describe NXDOOMAIN hijacking, where ISPs answer requests for 'nonexistant' domains, redirecting traffic for their own purposes. This causes a lot of headaches for IT, but is not illegal.