Isn’t this the same thing that happened a few years ago with ICANN or Verisign or one of those big names? (strangely, I can’t find relevant search results about this!).
I clicked on my toolbar shortcut for Toggl and my Embarq DSL service redirected me to a search-results page instead of telling my browser the truth. This makes me mad. The core layers of the Internet are designed the way they are for a reason and I don’t want to “opt out” of a stupid DNS hijacking stunt I never opted into.
Here’s a screenshot of what happens when I type in any old non-existent (or, in Toggl’s case, timing-out) domain name.
And here’s what happens when I do a DNS lookup:
baron@kanga:~$ dig www.toggl.com ; <<>> DiG 9.4.1-P1 <<>> www.toggl.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27795 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.toggl.com. IN A ;; ANSWER SECTION: www.toggl.com. 22 IN A 66.199.249.106 ;; Query time: 72 msec ;; SERVER: 208.33.159.39#53(208.33.159.39) ;; WHEN: Fri Nov 23 15:50:14 2007 ;; MSG SIZE rcvd: 47 baron@kanga:~$ ping www.toggl.com PING www.toggl.com (66.199.249.106) 56(84) bytes of data. 64 bytes from 66-199-249-106.reverse.ezzi.net (66.199.249.106): icmp_seq=1 ttl=53 time=79.2 ms
Did I mention that this makes me mad? Time to get on the phone.
PS: it looks like Verizon is doing it too.
Technorati Tags:DNS, Embarq, opt out, Toggl, Verizon
Well, much like Verisign I’m guessing their doing it for the ad revenue.
Wiki has a good read on the original Verisign site finder.
http://en.wikipedia.org/wiki/Site_Finder
Earthlink is doing it too - AND they are sending a personal ID traceable to each of their users (me too) to this site. yesterday they blocked access to alternative DNS name servers listed on DNSserverlis.org.
There are numerous articles on this, including two on their own defunct Earthling blog site - this started August 2006. Now it (DNS wildcarding) has just gotten worse.
See
http://blogs.earthlink.net/2006/08/handling_dead_domains_1.php
http://blogs.earthlink.net/2006/09/update_on_dead_domain_handling_1.php
Earthlink technical support feigns complete ignorance and is telling me that it has always been this way - they are lying through their teeth.
Yeah, I saw that too. I love how they repeat that their goal is to improve the user experience while generating more revenue. I think the real goal is to generate more revenue in a way they think they can just barely get away with.
More on Embarq’s antics: the “opt-out” is cookie-based. It doesn’t turn off the behavior for my DSL connection, as they imply.
I’ve about had it with Embarq, not only for this reason but also because their DSL performance frequently sucks. I think I’m going to just cancel their service and use Blue Ridge Internetworks, a local, friendly company whose staff I know. As one of their people wrote to me, they have their own, non-altering DNS servers. I’m only putting it off because I’m writing a book and I don’t want to touch anything until it’s done.
http://www.opendns.com/
Here’s the response I got from Embarq:
Is it just my imagination, or does DNS not work that way? When I request http://kq278vb9bv5.com/, my browser sends a DNS request to the router, which queries Embarq’s DNS tables. Embarq sends back a spoofed IP that points to one of their servers. Only then would my browser send a cookie, as part of the GET request. So, it’s quite impossible for the opt-out to be cookie-based.
We can actually provide that to you just fine, without relying on cookies. Just setup a free account (with dynamic IP support if yours dynamic) and email our support group for the next steps.
Tell ‘em I sent you. :-)
-David (from OpenDNS)
@David: Splithorizon mentioned OpenDNS above. I’m using it on my laptop for now, but I’d like to see the ISP stop this practice altogether, I see the spoofing as a first step towards more invasive practices.
As I noted above, it would be extremely impressive for someone to rely on cookies, given that it seems somewhat impossible.
What OpenDNS is not telling you is that they do EXACTLY the same thing–they will redirect dead domains and typos to their revenue-generating page!
So you cannot look to OpenDNS to fix this hijacking problem! It gets you no benefit–except you’re then transmitting your data through ANOTHER company with its own set of privacy policies and corporate partnerships.
@Kelly: Actually, OpenDNS is very clear on this — but they allow you to turn it off completely, unlike Embarq.
It has happened to me too!
I went to look on Google and somehow the OpenDNS marketing machine has gotten to nearly everyone.
This violates legislation in the United States. They essentially hacked into my conversation with DNS and hit me with a ‘man-in-the-middle’ attack. This stopped me dead in my tracks while I was recovering a server from backup, upgrading a machine and commissioning a new server on my network here. I was not sure what was wrong at first. I happened to be testing uploads on the Internet with a client as well as all the other stuff. Even now I am not sure who is responsible. There are four devices between me and OpenDNS and four or more other companies involved. Who is the culprit? I still do not know.
This is beyond wrong. I have the option of simply setting DNS to my own DNS servers. That is what I will be doing, pronto. However, that only helps me work around something evil. It does not remove that evil.
People do this stuff because the law does not stop them and they make a net profit. That’s what drives SPAM, of which this DNS hijacking is just another lame variant. They KNOW beyond a shadow of a doubt that they are doign a bad thing. They will never be stopped unless they are financially punished.
I am easy to find on the Internet by my name. If you are starting a class-action suit against these guys, count me in. I have lost a bunch of time on this and that takes the bread off of my table.