OpenDNS Says Google-Dell Browser Tool is Spyware

PetManimal writes "David Ulevitch, the founder of OpenDNS, claims that Google and Dell have placed 'spyware' on Dell computers. Ulevitch made the claim based on his observation of the behavior of the Google Toolbar and homepage that comes preinstalled on IE in new Dell machines. He says that a browser redirector sends users who enter nonexistent URLs to a Dell-branded page loaded with Google ads. Another observer, Danny Sullivan, says that this is a different result than what happens on PCs without the redirector. However, the original article notes that Ulevitch has a vested interest in the results of mistyped URLs."

Instructions to Remove

[eldavojohn]

Anyone who's looking for a way to remove this, Dell's support site [dell.com] gives these instructions:

To uninstall the Google URL Assistant, perform the following steps:

1. Click Start and select Control Panel.
The Control Panel window appears.
2. Select Add or Remove Programs.
The Add or Remove Programs window appears.
3. Select Remove a Program.
The Add or Remove Programs utility window appears.
4. Click to highlight the URL Assistant program and click Remove.
5. Follow the instructions on the screen to complete the removal process.

However, a user on the bottom of one of the links reports a way to disable it (but leave it on your machine) if you want to keep it:

In Internet Explorer, click on Tools,Internet Options,Programs, Manage Add-ons. Look for the CBrowserHelperObject published by Dell, then disable it.

Personally, I've bought two computers from Dell a long time ago and the first thing I did, like a good little Slashdotter, was format it and install a real operating system. When my friend bought a Dell, I brought a case of beer over and we took his Windows install disc and we re-installed Windows. Why? Well, just because of all the crap software like this that somehow magically is installed on a new box. If I recall, he had a 30 day trial version of Norton Antivirus, a trial version of Nero, quicktime crap, one of the most heinous media applications I've ever witnessed (due to his sound card) & to top it all off they had some 30 startup entries in msconfig--over half of which I couldn't tell what they were!

Now I work for a fortune 500 company and guess what we do with every box we get from Dell? Re-image it.

Now, for the 99% other Dell customers, this is just purely unfortunate because I'm not so naive to expect everyone to know how or why they should take the above actions. I hope that all the virus scanning apps (HiJackThis, Lavasoft's Adaware, etc) get this thing because Adaware is about the most useful thing I can show my family how to use frequently enough to keep the computer protected.

This sounds a lot like something the old Gateways would do. Huh, I never would have thought Dell would reach that level but, well, here we are. The important thing is to factor this in when you're thinking about a new computer. Hopefully some competition will spring up for Dell and, you know, quality of the software (not just the hardware) will start to matter for Dell.

Re:

[daeg]

That goes double, or triple, for Dell laptops. I've never seen so much sh*t installed on them. It started appearing about 2 months ago, and despite contacting various account reps, they have no idea what I'm bitching about. Very few of the programs uninstall cleanly, either.

Of course, nothing can come even close to the pile of crap called "ConfigFree" on Toshiba laptops. Dear God that software is awful! Remember kids, when you are looking for badly written, badly tested software to hijack network connection

Re:

[thePowerOfGrayskull]

That goes double, or triple, for Dell laptops. I've never seen so much sh*t installed on them. It started appearing about 2 months ago, and despite contacting various account reps, they have no idea what I'm bitching about. Very few of the programs uninstall cleanly, either.

If it started 'appearing' two months ago on a laptop you purchased before then, it very likely has nothing to do with Dell, and quite possibly more to do with the things you're picking up/installing yourself (albeit inadvertently).

Re:Instructions to Remove

[HeroreV]

Dell Windows computers come with a program that updates some of the Dell crapware. I've heard this updater has recently starting installing new crapware without user confirmation.

Re:

[cerberusss]

I truly, truly don't understand the fuss with the preinstalled crap. I've just bought a Dell with Vista preinstalled for my gf and I boot it, menu -> Control Panel -> Add/Remove Programs. Remove crap. Install Firefox, remove the IE icon. Done.

Re:

[Some Kind Of Record]

Says the guy who bought a laptop with Vista.

Re:

[cerberusss]

No, it's a desktop. Sorry, I don't think I understand your reply. What are you trying to say?

Re:Instructions to Remove

[cmorgan47]

hen my friend bought a Dell, I brought a case of beer over and we took his Windows install disc and we re-installed Windows.

i with you on the rest of the post, but as a good little Slashdotter you should know that the friend buys the beer.

Re:Instructions to Remove

[Anonymous Coward]

i with you on the rest of the post, but as a good little Slashdotter you should know that the friend buys the beer.

Computers are the new automotives. I used to work with my dad on cars when I was younger and we used to drink beer while replacing someone's break pads/cylinders, changing their oil or rotating their tires. Sometimes we'd get daring and tighten someone's serpentine belt pulley.

Haggling over who buys the beer when it's a prime excuse for some guys to just sit around and shoot the shit isn't worth it. I'll buy the beer and I'll make sure it's something you've never had ... like a variant of Leinenkugal's or a nice Belgium White Wheat brew, you know something exotic. These days, a case of beer is a trivial amount of money for me but not for all my friends.

Computers are the new excuse to sit around and "bond" as corny as that sounds--like fishing or camping. Enjoy the excuse to stop and upgrade someone's ram, it'll make you feel useful. I'll bring the beer since I'm the one getting something out of the deal. If you haven't seen a friend in years, call them up and talk to them. If you want to hang out, ask them if their computer's running alright and offer to come over and help them out with the problems, everybody has them.

America has become too centered on who pays for what, I say relax and enjoy life before you die.

OT eldavojohn

Re:

[operagost]

Naturally, the shrill harpi... I mean WOMEN criticize these male traditions as foolish time-wasters-- probably because they can't drive to the mall to spend your money while you're chillin' wit da homies.

Re:

[MobyDisk]

I can give multiple examples of this kind of stuff. I know of 2 Dell PC's purchased a year apart, and both of them came with 3 CD burning programs, all of which ran in the background, and none of them worked because they conflicted with each other. So right out of the box you could not burn CDs. That's unacceptable.

Re:Instructions to Remove

[TheLink]

"Now I work for a fortune 500 company and guess what we do with every box we get from Dell? Re-image it. "

If you are buying a bunch of boxes I heard you can send Dell your preferred image, and they'll image all of them for you.

Re:

[DerekLyons]

Now I work for a fortune 500 company and guess what we do with every box we get from Dell? Re-image it.

Not buying it. Companies that buy in any kind of bulk can get a custom setup from Dell (or any other big vendor) pretty easily. Heck, my wife's business just bought 20 Dells directly (the boss likes Dell for whatever reason), and with a single phone call all 20 machines were shipped sans crapware.

So either a) your company is screwing up pretty badly, or b) you re-image simply because it makes yo

This crapware matters because...

[gjuk]

... not all users know how or what to uninstall - and some of it is virtually uninstallable.
By way of example; my Grandmother got a Dell. She's 80 odd, but can use a browser, email, etc. Her Dell was great - but she couldn't wo rk out why she wasn't able to receive emails. Time and again, she, or her friends would, with or without telephone support - would configure Outlook Express correctly - only to find that that it kept changing the POP3 server URL. I gave her remote assistance - and could swear it was working; but every time she told me it wasn't owrking, sure enough - the POP3 details had changed. Eventually, I tracked it down to McAfee which had a year's subscription to anti-virus; but 30 days' subscription to an entirely unnecessary spam blocker. A bug in their spam blocker meant that it correctly diverted all attempted POP3 connections to itself; but then screwed up the address of the actual POP3 box and couldn't actually connect. Of course, it only inserted itself at boot time - so every time I'd fixed it by remote desktop it looked great; till Gran rebooted...
I disabled this - but only after Gran had basically been emailless for 3 weeks. Lo and behold! On day 30 - it suddenly prevented here using email again - this time because its license had expired - so it refused to allow her to use her email app - even without it! Cue - Add/Remove Programs. Only it wouldn't allow itself to be removed because its AntiVirus companion was running... it took me hours to clear out this crap. And yet - without me doing it; Gran couldn't get her email, first because of their sloppy coding - and then because of their "license expiry" hijack.
That's why crapware preinstall should be banned. By all means - include a CD or a link to a website where I can choose to download trials - but preinstalling them is outrageous. Imagine if a car came with a pre-installed alarm system which wouldn't let you drive the car without getting out your credit card or a screwdriver?

Can you really blame google

[Organized Konfusion]

This seems like junk that Dell have installed to make some cash one the side. If firefox bundled the same dns hijacker then who would you blame? Firefox or google?

Just because google make the tool doesn't mean its their fault that it is installed by default in a spywareish fashion.

Re:

[ronadams]

Parent wasn't trolling; he made a very valid point. Google made the tool, Dell configured the machine. Dell turned the software to spyware. Google has, AFAIK, no under-the-radar delivery system for any of their software, including the URL redirection tools they've made (there's a few). However, system configurators like Dell have been doing this crap for years. Our sniper's scope should be aimed towards Round Rock, not Mountain View.

Re:

[B'Trey]

How did Dell turn the software to spyware? They installed in on the machine, yes, but Google created it and dictated it's behavior. It allows Google to track every website you visit, even if you never intentionally use Google at all. It can be removed, but it's certainly not user friendly for a non-techie. You have to go through Control Panel, and the name is hardly intuitive (again, for a non-techie.) At the very least, there should be a simple "Uninstall" entry in the Start menu. Spyware? Eh, that'

Re:

[Crazy Taco]

Depends very much on where it is directing you to. The article said it directs you to a "Dell branded page full of google adds." If the page it redirects you to is in google's domain (i.e. - maybe has a URL of google.com/delladpage), then google will in fact be monitoring and tracking your traffic as you hit their servers. If the page it redirects you to is in Dell's domain, then Dell will be able to track your traffic. Either way, one of them can see you hit that page, and of course if you visit any of the

Re:

[Mountaineer1024]

As I understand it, Mozilla DO do something like this with firefox.

When you perform a search with the default firefox screen (with it's Firefox customised Google) Google is notified of this fact and kick back some money to Mozilla.

When you perform a search from Firefox's search box you'll also notice that it's identifying you as a Firefox user, here take a look:
http://www.google.com.au/search?q=test&le=en&sourc eid=mozilla-search&start=0 [google.com.au]

Note the sourceid in the querystring.
Nefarious? That's for

Not the same

[Comboman]

Oh no, Google knows that I'm using Firefox! That narrows it down to me and 199,999 other people. Not exactly personally identifying information.

Re:

[weicco]

Yeah but that's so hideous and embarassing thing which should be kept hidden so that even Google shouldn't know about it ;)

Re:

[jp10558]

Yea, but they get that from your UA string anyway. And google can track you going on their site. It's the toolbars that track you on other sites + Google Analytics/Urchin ad/tracking cookie mix that would be worse.

Re:

[Zonk (troll)]

Talk about spyware, this redirector happens who knows where - Time Warner,RR,Earthlink, etc. - so clearly someone is spying on me:) although it only works on structural URL typos. if I put the examples used in articles (digg.xom and http://microsoft/ [microsoft] I get earthlink redirect and IE error page, respectively. This page source has to come from somewhere. Heck the /microsoft/ example is even better the Doogle way - at least it shows MS as top links..

Earthlink does it at their DNS servers. I'm currently using Earthlink and find this rather irritating. However, they do provide a way around it. It's documented here: DNS Opt Out Servers [earthlink.net].

If you don't want to bother reading the article, here's the important part:

In rare circumstances DNS error page routing may cause problems for some EarthLink customers running various specialty programs or services. As a work around, EarthLink provides two DNS addresses that do not route to our EarthLink/Yahoo! error page. These DNS addresses can be used as a means of opting out of the error re-routing service.

207.69.188.172 (East Coast)
207.69.188.171 (West Coast)

Re:

[HeroreV]

This Google+Dell spyware comes preinstalled and is purposely more difficult to uninstall than it should be.

OpenDNS provides DNS service (duh!) which is often much better than users' default DNS service. OpenDNS doesn't come preinstalled. Users have to willing chose to set it up and can just as easily disable it. The pages it shows for malformed URLs can even be turned off if you have a static IP address.

It makes absolutely no sense for you to say "bravo to Dell" for "using the leader in search relevance to

When I work on a Dell ...

[WrongSizeGlass]

... the first thing I do for my clients is either clean up all that crap or reinstall the OS (depending on which one will be faster and cheaper for them). I doubt Dell installs this kind of sh!t (and all that other crapware) on the computers their employees use ... Google probably doesn't either.

Obligatory Google Reality Check

[i_want_you_to_throw_]

Google is a publicly traded company and as such here's what's important to them.....

Making money for their stockholders.

That means doing things like creating spyware if it helps their bottom line. The mantra of "Do no evil" becomes null and void once you become a publicly traded company. They should change their motto to "We do less evil than everyone else".

Google is going to do what is best in their corporate interest. Surprised? Don't be. It's business

Re:Obligatory Google Reality Check

[gnud]

Some would argue that doing no evil will prevent alienating consumers and customers, and thereby keeps the bottom line from dropping.

yea

[waspleg]

but not the people in management; they tend not to think unless it involves their stock options, and the status quo is fuck the world show me the money.

waspleg

Re:

[Ngarrang]

They should change their motto to "We do less evil than everyone else".

We would need some proof of this. The cynic in me is waiting for some story to break involving the credit card companies, travel agencies, book stores and the government.

Re:

[medlefsen]

Google is not a "normal" publicly traded company. The power structure where insiders hold the special class B stock that has 10 times the voting power of the public class A stock means that they're aren't subject to the whims of public investors. Brin and Page have 30% of the power alone. Here's a quote from Google:

"We anticipate that our founders, executive officers, directors (and their affiliates) and employees will together own approximately 84.8 percent of our Class B common stock, representing appro

Re:

[Belial6]

I thought that a publicly traded company had to act in the best interest of their stockholders. Now one would presume that this is always to make as much money as possible no matter what, but that isn't necessarily the case. Google in particular could argue that given their company motto of 'Due no evil', that they could legitimately expect their shareholders to feel that doing the right thing is MORE important than making as much money as possible. Thus, doing evil to make money would be counter to the

OpenDNS is bummed

[Mr. Droopy Drawers]

The issue here is that Google / Dell beat OpenDNS to the punch. Both accomplish the same purpose: when a user types a malformed URL into the address bar, they get an "enhanced" experience.

OpenDNS is bummed that Google figured out a way to make money off the proposition. OpenDNS should have thought of that first.

Re:

[neoform]

Isn't the very nature of a 'toolbar' to in fact *be* spyware?

They all track what you view and send that info back to home base.

Re:

[Pollardito]

no, a toolbar is just a place to locate lots of tools and usually a nice visible logo for the company that made it, nothing more is implied. in some cases using browser tools causes interaction with the hosting site, but this is not the same as saying that the toolbar should necessarily be involved in other web browser functions such as intercepting bad domains. the old google toolbar only connected to home base if you did a google search with it or if you turned on the pagerank display

Re:

[bodan]

I think he just meant that OpenDNS dislikes the sudden (and advantaged) competition. Anyway, I'm not sure I'd call "stealth" a page that has the owner's (Dell's) branding. It's not even hidden, it's just automatic. (Yes, if you're a beginner you don't know that it's optional, but that's true of WMP, the Flash plugin and Java, too.) Nevermind, that wasn't why I answered. When you say you "have the option of switching away to other forwarders", do you mean there's something like OpenDNS that doesn't do that

Re:

[monsted]

Dell is doing the exact same thing as IE already does, except they point it at their site instead of msn.com.

A quick test on my danish IE sent me to http://sea.search.msn.dk/dnserror.aspx?FORM=DNSAS& q=slashdoz.org [search.msn.dk] which doesn't have ads but still gives MS info about my browsing habits.

OpenDNS is not open

[Anonymous Coward]

Dell is "monetizing" mistyped URL traffic, like OpenDNS. The customer has a choice which DNS server he uses and which preinstalled software he gets with a new computer (by choosing different vendors). Both do the same, for the same purpose. If I had to choose between the two, I'd choose Dell. At least they don't fly under a false flag, like OpenDNS, which only claims to be Open for marketing purposes.

Kinda fitting

[Anonymous Coward]

http://www.iwebtool.com/domain_lookup?domain=www.g oogle.com [iwebtool.com]

Age of domain 9 year(s), 9 month(s) and 9 day(s) - Online since: 15-Sep-1997

P.S. Roll your monitor 180 degrees.

Re:Kinda fitting

[kestasjk]

Some may say that was coincidence. Well here's the creepy part:

Take the number of days Google have public (2321), multiply by the number of Chinese people imprisoned thanks to Google (7), multiply by the number of web pages that Google indexes (11,029,291,583), divide by Nostradamus' number that he foretold would mark the beginning of the end (10,392), and round to the nearest 6 (6 as in 666). Now simply base64 encode the number, and you get DLOeVFT0501l==, rearrange the letters and you get "D0LOTSOFeV1l".

This has nothing to do with Google toolbar...

[LLKrisJ]

... Or at least _not only_ The same behaviour happens on my company issued Dell D820. It comes loaded with IE6 and NO Google toolbar and yet when I mistype a URL I do not end up at the MSN search page like on any other IE installation! Instead IE redirects me to a Dell branded Google search page full of Google commercials.

Re:

[cerberusss]

Dell uses the Internet Explorer SDK to adjust IE on a number of points. Lots of big companies do this as well, it's noticeable in the title bar of IE, which will say something along the lines of Internet Explorer presented to you by MegaCorp or something. At which point I start FireFox.

Claim is complete FUD

[Odiumjunkie]

The gist of the 'Spyware' claim comes from OpenDNS claiming the error redirecting service from Google

has no clear name and is very hard to uninstall

Complete FUD. The service is called "Browser Address Error Redirector" - which is a completely accurate and clear name for the service, and to remove it, you uninstall it from the Add/Remove Programs dialogue, as you would any regular peice of software.

I'm sure slashdot denizens will have a good time discussing how useless the bundled software and trialware that comes with Dell computers is, and how the sensible thing to do is reinstall from scratch, but that's been the case for a while. There is zero story here.

Re:Claim is complete FUD

[wwmedia]

"Browser Address Error Redirector"

yea do you HONESTLY think that you average Joe user would uninstall a program with such a scary name? thats if they even understand 1 of the 4 words in that name!

Re:

[Odiumjunkie]

If average Joe user speaks the English language, then I imagine he'd be able determine what the service did. There's really no jargon. What does the service do? It redirects addresses that contain errors when entered into the browser. It would be irresponsible to call it something like "Google Search Helper" because then even techies won't have a clue what it does.

Re:Claim is complete FUD

[hclyff]

Are you being sarcastic?

Browser - "What's a browser? You mean, like, the internet?"

Address - You are telling me that people who can't tell difference between a search bar and an address bar know what an internet address is?

Error - Sounds scary...

Redirector - "Redi-what?" (I very much doubt average user knows what's a redirect, you can as well tell them it polynormificalizes their antroendoretarterons, it does the same effect)

Re:

[Odiumjunkie]

You're reducing the level of average Joe user's intelligence to such a level as to render meaningless your point. The type of person you describe is incapable of performing even the most trivial of computing tasks. The type of person you describe will not realise that a custom Google ad-laden error page is not the normal result of a mis-typed url or a bad link. The type of person you describe will believe that is just how the internet works, and will have no need or desire to disable such a page.

However,

Re:Claim is complete FUD

[davidu]

Wrong.

It's highly unusual for a piece of software to not mention who put it there. Look at your other Google software you have installed. Do you have "Desktop" installed or do you have "Google Desktop?" Does it say "Toolbar" or does it say "Google Toolbar?"

Oh wait, I know what kind of software hides things like that... software that is trying to be opaque and hidden.

-davidu

Re:

[asninn]

What would your proposal be for a better name, then? One that doesn't confuse the average Joe even though it's still concise...

I'm sure Dell is listening.

Re:Claim is complete FUD

[jackbird]

How about "Google Website Address Assistant"? I don't know about you, but my add/remove programs list gets very long very fast, and something that fits into an alphabetical scheme with a clear indication of who put it there seems better than what they're using.

Re:Claim is complete FUD

[stubear]

I recently purchased a Dell M2010 and noticed this "problem". It bugged me but I found no obvious way to shut it off, including the add/remove programs suggestion mentioned in the article. After reading this article I did a little more poking around and discovered that Dell is now utilizing a browser add-on called CBrowser Helper Object (or something close to that) to perform this functionality, which I promptly disabled. The point is this is not an obvious fix and Dell shouldn't be doing it anyway. PC manufacturers need to really stop loading the system up with crapware and silly little "branded experiences". I have utility programs on my Dell that basically mimic the basic functionality for some things already available in Windows. The biggest difference is Dell has their programmers "design" hideous interfaces that make absolutely no sense whatsoever and redirect the user to these utilities at every chance, just to get in yet another "branded experience". My experience thus far has been great computer, now how can I go about obtaining another clean copy of Windows Vista Ultimate to replace the shit Dell installed.

Re:

[davidu]

Bingo. We found out about this yesterday, AFTER the blog post.

Re:

[ajs]

Thanks, you beat me to the obvious anti-fud post. I hope people actually read it. That said, Dell is not above exploiting a captive audience, so even though one guy cried wolf here, that doesn't mean we shouldn't keep a close eye on what their machines ship with.

Re:

[davidu]

As it turns out, this part might not be true -- It might be even harder to uninstall. And remember, lots of people aren't comfortable adding and removing software. That's what Google is betting on here. We've heard more than enough reports to believe that there are multiple names for this software, including the infamous "Browser Helper Objects" that are put into IE, outside the Add/Remove Programs arena.

But that's not the point here. This might not be spyware by your definition, but as someone else men

Not spyware

[mysidia]

The fact that it sends you to a custom page if you make a URL typo does not mean it is spyware. That's a visible change, and you would be hard-pressed not to notice the effects of the software, or the fact that it sends you to a Dell branded page.

Since Dell ships it to you that way, you have no meaningful opportunity to establish an expectation that the Dell system behave differently. I.E. Since the software "comes that way" for you, it's not as if the software made a change to your computer without your permission.

So not only is it not spyware, it's not malware, or software that secretly modified your system without authorization (because, you see, your system came that way in the first place).

Don't Be Evil (unless the shareholders say so)

[einer]

Google is beholden to capitalism. No longer a private organization, its board can be sued for making decisions that negatively impact the value of the stock.

Google's motto should now be "Don't be evil, unless it increases our stock price."

Face it geeks, your idols have jumped the shark.

They're not

[mithras invictus]

AFAICT Google is just used by Dell on the Dell search page, thats all.
This wouldn't have anything to do with opendns being powered by Yahoo, right?

Re:

[GTMoogle]

Companies are beholden to their stakeholders, not capitalism. Over 80% of Google's voting power is still in the hands of the founders, who are idealists, and so rich as to be unbribable.

Read all the replies to this guy who said the same thing you did: http://yro.slashdot.org/comments.pl?sid=235955&cid =19250783 [slashdot.org]

Re:

[Vexorian]

I just don't get it why some people feel so threatened about the "don't be evil" motto. It is just a motto! getting tired of guys that do all the efforts possible to demonstrate it is not true...

Charter do it too

[ByteofK]

When I got broadband from Charter they changed my 404 settings to go to some Charter-specific search page and I had to go through some hyperlinked hoops to change it back to just plain old 404. I didn't look to see if they were earning from the pages.

Decrapifier

[astrogirl2900]

Lifehacker recently had an article on a piece of software called the PC Decrapifier [lifehacker.com]. I haven't tried it, but it seems relevant to this thread.

Re:Decrapifier

[Mr. Droopy Drawers]

Ran this on my Father-in-Laws spanky new Dell. Clean as a baby's bottom after doing so. Dunno if this specific piece of software was on this system tho (did this over Christmas). But, a VERY good piece of software whether it's a Dell, HP, Sony or other manufacturer to take your system back to the way it was before they got their hands on it :-)

a way to test

[DaMattster]

This claim may very well be FUD but there is a way for people to test. Just download a network packet capture program and look at the traffic being sent. I did this myself and didn't see anything untoward being sent nor did I see any gibberish traffic to indicate encryption. But, that isn't to say that I didn't miss anything when scanning the log of the output. Basically, anything offered by a for profit company for free, really is not. If the service were entirely gifted, the company would rapidly drift into the red. Also, read the EULA. I get scared by long convoluted statements which can be subjected to interpretation. I do like Dell hardware but the first thing I do when I get my dell is to delete the partitions, re-partition, and format the HDD. I recommend everyone doing the same.

Decrapify it

[spectrokid]

If you don't want to reinstal: http://www.pcdecrapifier.com/ [pcdecrapifier.com] My mother in law bought one. Now I am used to your anti-virus no longer getting updated if you don't pay. But when her spamkiller expired, her email stopped working . And I can assure you there is NO WAY she would have been able to fix that herself without paying.

David Ulevitch is a hipocrite

[binaryspiral]

Using OpenDNS redirects mistyped URLs to their own site.

http://www.opendns.com/faq/#how_does_opendns_make_ money [opendns.com]

How does OpenDNS make money?

OpenDNS makes money by offering clearly labeled advertisements alongside organic search results when the domain entered is not valid and not a typo we can fix. OpenDNS will provide additional services on top of its enhanced DNS service, and some of them may cost money. Speedy, reliable DNS will always be free.

Now, to be fair I use OpenDNS at home, but I find it hard to take this kind of warning from a person who makes money the same way.

Re:David Ulevitch is a hipocrite

[Anonymous Coward]

Their product seems to use e.g. resolver1.opendns.com (208.67.222.222).
If I use that as my DNS, and do a lookup for www.google.com, I get
redirected to a CNAME of google.navigation.opendns.com.
What's up with that? DNS hijacking, anyone?

This was a result of this same article!

[Aero Leviathan]

As a user of OpenDNS, I didn't believe your post at first, but I verified it for myself:

$ host www.google.com
www.google.com is an alias for google.navigation.opendns.com.
google.navigation. opendns.com has address 208.67.217.230
google.navigation.opendns.com has address 208.67.217.231
www.google.com is an alias for google.navigation.opendns.com.
www.google.com is an alias for google.navigation.opendns.com.

So I went searching around OpenDNS's support areas, and found this thread [opendns.com] in their forums in which user

Re:David Ulevitch is a hypocrite

[davidu]

We have a vested interest in this space, that's also how we figured out what Google was doing. And we have a vested interest in giving people a great experience. I don't think I'm being hypocritical in my post at all. Go to the dell page and search for microsoft.xom, then go to Google and search for microsoft.xom. When users are trapped and locked-in, they are taking advantage of them. When users have choice (like on google.com) they are given a great experience.

I'm not being a hypocrite. Everyone who

Re:

[binaryspiral]

You may correct the user's misspelling and send them merrily on their way - you still get the data.

You get a LOT of data on users DNS usage which would be worth a lot of money to a lot of people. You may or may not be using it - but it's there.

I'm not much of a Google fanboy but this criticism is hypocritical.

Re:

[davidu]

You can call me a hypocrite the day that I sell or share the data with a third party. Until then, I suppose you'll have to settle for calling me a "potential future hypocrite." I can live with that. We get phone calls all the time about buying our DNS data. For lots of money. We've never once even considered selling it. This is a core belief we have at the company.

Re:

[binaryspiral]

Fair enough, and I applaud you if it's true - but I have no way to verify. So I always assume people will do what it takes to make money and lots of it while still attempting to do "the right thing". But in the end, money most always wins.

Oh, while I have your ear (eye?) - opendns is a great service, kudos to you and your company.

Re:

[rhizome]

You can call me a hypocrite the day that I sell or share the data with a third party

Are you implying that you wouldn't sell any derivatives of that data?

Re:

[davidu]

Are you implying that you wouldn't sell any derivatives of that data?

You mean like selling domainers a list of all unregistered domains?

Correct, we will never sell that kind of data. It's not the right thing to do. It also doesn't make any business sense. If the data has so much value to someone else that they're willing to pay a large price for it then it probably has value to keep to yourself. That's not our entire rationale, but it's a part of it. It's a bad PR move, it's a bad business move to do.

Re:

[Chelloveck]

Frankly, I don't give a damn whether or not you sell or share the data. What I do care about is that you hijack requests for valid domains and redirect them to your own servers. OpenDNS tells me that the IP addresses for "www.google.com" are 208.67.217.230 and 208.67.217.231, which is a flat-out lie. Those addresses are actually your own machines which are proxying traffic between me and the real Google servers. At the very least this gives you data on my search habits. Your servers could easily change

Re:

[davidu]

Hold on, let me take out my iPod earbuds and get off my scooter. :-)

Ok. Done.

Google isn't impacting our revenue, read the post. They are just being lame to their users. They are putting their partnership in front of user experience, for the first time. Hence the title of my blog, "Google has turned a page."

So did Google actually write this?

[deadsquid]

I'm wondering who actually developed the software. Was it Google who developed it for Dell, or was it Dell who developed it internally and called it the "Google URL Assistant" because it redirects traffic to serve up Google ads which I presume it gets a cut off of. It's not clear if the name of the app means it was written by Google or if it just refers to what service Dell is redirecting to.

Re:

[deadsquid]

Ahh... the links to the OEM pages below probably mean it is an app developed by the folks in MV. Never mind, then.

Hi, I wrote that post...

[davidu]

Hi guys,

Yesterday I got a lot of feedback from people who just assumed I was biased and an underdog out to complain about Google. This is not what it's about!

Here's what I mean:

Use the smell test. Does what Google is doing smell bad? Is it giving users a good experience?
Compare:

• http://www.google.com/hws/dell/afe?hl=en&s=http:// microsoft.xom [google.com]
• http://www.google.com/hws/gateway/afe?hl=en&s=http ://microsoft.xom [google.com]
• http://www.google.com/hws/sony/afe?hl=en&s=http:// microsoft.xom [google.com]
• http://www.google.com/hws/emachines/afe?hl=en&s=ht tp://microsoft.xom [google.com]
• 
  with
  
• http://www.google.com/search?hl=en&q=microsoft.xom &btnG=Google+Search [google.com]

(and if you want to see ours)

• http://guide.opendns.com/?url=microsoft.xom [opendns.com]

If you just compare what google is doing to their own users you'll see that they are showing a terrible experience to the users who are Locked-In versus the users who have the choice to use any search service.

Thanks,

davidu

Re:Hi, I wrote that post...

[forand]

Okay so you have showed that some people dislike the results that google provides to is BRANDED websites. First off how much of that is Google and how much is the BRAND? Second what you describe IS NOT SPYWARE!! Where did that claim come from?

Re:

[99BottlesOfBeerInMyF]

If you just compare what google is doing to their own users you'll see that they are showing a terrible experience to the users who are Locked-In versus the users who have the choice to use any search service.

What, exactly, locks people into using the Google toolbar pre-installed with the default settings on Dell machines. That is a instance of bundling, but I don't see how it is a lock-in in any way. What prevents users from migrating to a different toolbar or just a different toolbar config? Are you sure you know what "lock-in" is?

Re:Hi, I wrote that post...

[1000Monkeys]

Thanks for responding to this, but claiming that your monetized URL typo page is better than Google's hardly justifies your claims of spyware or lock-in. Every discussion of this article has been filled with stories of people who have removed the browser redirection. Let's face it, the sort of people that aren't afraid to use custom DNS servers usually also aren't afraid to remove programs from their computer. In fact, it seems like you used a lot of inflammatory language to mask what boils down to a simple advertisement.

And lost in all this is the fact that you seem to be redirecting google.com to your own servers. I really liked OpenDNS when it was just a DNS server, please trust your users to be able to follow instructions and stop intercepting their google queries.

Re:

[Trip Ericson]

OpenDNS is intercepting Google queries? Where did you get that from? I'm using OpenDNS and have no such trouble.

OpenDNS hijacks www.google.com

[JackHoffman]

Go to this page: http://google.navigation.opendns.com/ [opendns.com]
I hope you can see that that isn't Google.

If you know how DNS works and look behind the curtain, you'll notice that the OpenDNS resolvers don't return A records for www.google.com, but a CNAME (alias) record "google.navigation.opendns.com", which makes the resolver lookup that name instead. That resolves to 208.69.34.231, which is in an OpenDNS network range of IP addresses. That's the server you connect to when you use OpenDNS and go to www.google.com.

Re:

[Trip Ericson]

I did an nslookup of Google.com and did not get that address.

The DNS server is of course my router, which passes it on from there to my internal DNS server which is then routed out to OpenDNS.

trip@trip-laptop:~$ nslookup google.com
Server: 192.168.11.1
Address: 192.168.11.1#53

Non-authoritative answer:
Name: google.com
Address: 72.14.207.99
Name: google.com
Address: 64.233.167.99
Name: google.com
Address: 64.233.187.99

Those sure don't look like 208.69.34.231 to me... That said, perhaps you have

Re:

[JackHoffman]

To be sure that you talk to their DNS server, use "dig @208.67.222.222 www.google.com" (or "nslookup www.google.com 208.67.222.222", if you must use nslookup). This gives the following results:

www.google.com. 30 IN CNAME google.navigation.opendns.com.
google.navigation.opendns.com. 30 IN A 208.69.34.230
google.navigation.opendns.com. 30 IN A 208.69.34.231

or from nslookup:
www.google.com canonical name = google.navigation.opendns.com.
Name: google.navigation.opendns.com
Ad

Re:

[JackHoffman]

And here's a way to check this from a different network: http://www.simpledns.com/lookup.aspx [simpledns.com]

DNS Server IP: 208.67.222.222 (that's one of the two OpenDNS resolvers)
Domain Name: www.google.com
Record Type: Any (*)
Request Recursion: yes

Re:

[Trip Ericson]

DiG 9.3.4 @208.67.222.222 www.google.com
(1 server found)
global options: printcmd
Got answer:
HEADER opcode: QUERY, status: NOERROR, id: 39034
flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

QUESTION SECTION:
www.google.com. IN A

ANSWER SECTION:
www.google.com. 604528 IN CNAME www.l.google.com.
www.l.google.com. 267 IN A 64.233.167.104
www.l.google.com. 267 IN A 64.233.167.99
www.l.google.com. 267 IN A 64.233.167.147

Query time: 79 msec
SERVER: 208.67.222.222#53(208.67.222.222)
WHEN

Re:

[JackHoffman]

Maybe they're giving different answers to different geographical regions, or maybe you have a transparent DNS resolver in your network path. Try from a different network. I've already posted one webinterface to check from in a sibling post to yours. Here's another:

http://www.kloth.net/services/nslookup.php [kloth.net]

I'm sure you can find more.

Re:

[pecosdave]

I second that! OpenDNS has worked great for me.

I'm firmly in the "If it aint broke don't fix it" school on DNS. Verizon's DNS is broke, bad, OpenDNS lets me browse the web without every 3rd query being a man in the middle.

Re:

[metamatic]

Well, yours gives me a totally blank page, because I have JavaScript turned off by default. So it's not clear to me that yours is a big improvement...

Re:

[kindbud]

This URL shows a blank page when the browser (Firefox) has Javascript disabled:

        * http://guide.opendns.com/?url=microsoft.xom [opendns.com]

What kind of user experience is that?

Re:

[davidu]

How do you live in this web2.0 world? Seriously.

We'll do something to fix that though. Thanks for pointing it out.

Re:

[Medievalist]

How do you live in this web2.0 world? Seriously.

The OP is probably one of the clueful group of people who run firefox with noscript [mozilla.org] - a firefox add-on that helps prevent crime2.1.

Are you seriously running around with Javascript turned on all the time?

Re:

[davidu]

It appears to me by using your dns service instead of the one provided by an isp, I forfeit the ability to have my dns lookups remain anonymous. That seems to fall closer to the definition of spyware in my book.

Your DNS requests are not anonymous right now. Don't mislead yourself into believing they are. Even if you run your own resolver that talks to the roots. DNS is one of the most tapped, mined and inspected pieces of the infrastructure I can think of. People do it for profit (domainers) and for res

Same as Microsoft?

[scuba0]

Internet Explorer has always redirected you to Microsofts homepage in some way, why shouldn't Dell/Google be allowed to do the same?

Re:

[pecosdave]

always?

You must be a young one. I still remember the IE 2 piece of shit that sometimes came with Windows NT, then IE 3 that came after it which was only marginally better. Of course back during that time I used Netscape. Then when it became unbearable I was already using the Mozilla Betas, I never found a reason to go to IE. Since switching to Linux only back in 2000 I don't really have that option.

Deceptive article!

[argent]

Setting aside the fact that using IE at all is the best way to get infected with spyware in general[1], the alternative to Dell's site is NOT Google's normal page.

The only way to get to Google's page from Internet Explorer in its default configuration is to explicitly go to google.com, and with the redirector in place you still get to the regular google home page if you do that.

If you open up Internet Explorer without the redirector and type a "keyword" into it, you normally end up on Microsoft's search engine.

Given the alternative of going to MSN.com or a Dell-branded google.com, I know which one I prefer.

[1] If you care you should be using Firefox which (for all its flaws) has a design that's many times more secure than IE...

Just another Arugment...

[Nom du Keyboard]

Just another argument...
for FireFox.

Re:

[pecosdave]

....on a Linux system.

(I use OpenDNS because Verizons DNS sucks hardcore)

Way too many typosquatters

[Animats]

Way too many people are into typosquatting now. From OpenDNS to the "toolbar" guys to the guy who paid off the government of Cameroon (try anything in ".cm"), there can now be several layers of typosquatting between the user and the actual domain. At least we got Network Solutions to back off from their attempt.

Search may be coming apart. There are too many people trying to "game" the search systems now. "Search engine optimization" used to be viewed as evil and was done by low-rent operations. Now we have publicly held companies (Marchex [marchex.com], ticker symbol MCHX) formed just to create dummy domains. Collactive [collactive.com], the Digg spammer, just got venture capital from Sequoia Ventures. Computer vendors load up their preinstalled machines with unwanted "toolbars", which, as this article mentions, produce mostly user-hostile information. All the sources of information which drive search engines, from inbound links to user ratings, are now being spammed by sizable companies. It's a big change from the situation two years ago, when the troublemakers were all little guys with limited resources.

It's going to get worse before it gets better.

Re:

[Achromatic1978]

That's utter crap. I have Winamp on my system, which has a couple of global hotkeys. Some of these conflict with Photoshop hotkeys. Tell me, is it Winamp, or is it Photoshop, that is the malware? After all, one of them breaks functionality of the other, so one has to be malware.

Or the two services/software could be incompatible. Yeah, that has a ring of possibility to it, a little more realistic than "OMG MALWARE!"