[ga] Re: [ PRIVACY Forum ] ISP Accused of "Hijacking" Google Search Queries and Subscribers' DNS

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

lauren and all,

  Thank you for again confirming activity that has been
ongoing for several years now all be it in this particular
incident from a different perp'.  Googles DNS is
significantly insecure and as such is subject to this
sort of hijacking.  They know what they need to do and
how, but for whatever reason are reluctant to do so.  As
such they expose their users to potential harm accordingly.


-----Original Message-----
>From: privacy@xxxxxxxxxx
>Sent: Apr 10, 2010 2:30 PM
>To: privacy-list@xxxxxxxxxx
>Subject: [ PRIVACY Forum ] ISP Accused of "Hijacking" Google Search Queries    
>and Subscribers' DNS
>
>
>
>   ISP Accused of "Hijacking" Google Search Queries and Subscribers' DNS
>
>               http://lauren.vortex.com/archive/000704.html
>
>
>Greetings.  All of the data on this situation isn't in yet, but on its
>face this appears to be an extremely problematic situation, seemingly
>involving ISP "hijacking" of their subscribers' Google-related
>traffic.
>
>Here's what we have so far, based on reports to date.  When reading
>this, please also keep in mind the "Testing Your Internet Connection
>for ISP DNS Diversions" page ( http://bit.ly/7DOv5Y ) from 
>NNSquad ( http://www.nnsquad.org ) -- more on this below.
>
>Apparently a few days ago, users of Windstream ISP services suddenly
>discovered that their Firefox-based Google toolbar search queries were
>being diverted by Windstream to an alternate Windstream-associated
>search service, through some form of DNS redirection 
>( http://bit.ly/aJ3WZB [DSL Reports] ).
>
>Complaints by subscribers resulted in confusing responses from
>Windstream, including the statement that the purpose of their
>redirection was only to deal with unresolved site lookups and that an
>opt-out was available.  (Over on NNSquad, we've frequently discussed
>the unacceptability of such diversions on anything other than an
>*opt-in* basis.)
>
>Shortly after the initial Windstream explanation, a Windstream
>employee apparently said that:
>
>    "We will be making a change to this service tonight based on
>     feedback from our customers who wish to continue to use Google
>     for the search box. We apologize for any inconvenience this may
>     have caused."
>
>This is a most remarkable statement -- since it appears to imply that
>the diversion was not a mistake, but may have been an intentional
>redirection of Google-related traffic.  After all, if someone is using
>a Google search toolbar, one would typically assume that they want
>*Google* to supply the search results, right?  You don't need rocket
>science to figure this out.
>
>Of particular concern are reports that these changes affected
>subscribers who were *not* using Windstream's DNS servers, but
>who had manually changed their DNS settings to other servers such as
>OpenDNS or Google DNS.  If these reports are correct, they imply that
>Windstream was tampering with protocols via DPI (Deep Packet
>Inspection) techniques, which elevates the severity of the situation
>to an even higher level, regardless of whether or not "opt-out"
>mechanisms of varying effectiveness were provided.
>
>Many Windstream subscribers are very concerned about the privacy
>implications of this situation, and the apparent unwillingness of
>Windstream to clearly explain what they are doing and whether or not
>the diversion of Google search queries was intentional or accidental
>in the first place ( http://bit.ly/bUrgBF [DSL Reports] ).
>
>This all appears to be a very serious situation, and exactly the sort
>of problem many of us have been warning about for years.
>
>The first useful step moving forward regarding this matter should be
>for Windstream to immediately and definitively come clean publicly
>about what they did, what they are doing, and what their true
>intentions were and are.
>
>In the meantime, I invite Windstream (and other ISP) subscribers to
>use the info on the NNSquad Testing Your Internet Connection for ISP
>DNS Diversions page to test their ISP for DNS tampering, and to report
>results to me as described on that page ( http://bit.ly/7DOv5Y ).
>
>DNS tampering is unacceptable and can easily create all manner of
>collateral damage.  Interfering with Google's (or anyone else's) users
>is atrocious, especially if done purposely.
>
>This is all yet another example of why moving toward reasonable
>regulation of the Internet access industry is so critically important.
>
>--Lauren--
>Lauren Weinstein
>lauren@xxxxxxxxxx
>Tel: +1 (818) 225-2800
>http://www.pfir.org/lauren
>Co-Founder, PFIR
>   - People For Internet Responsibility - http://www.pfir.org
>Co-Founder, NNSquad
>   - Network Neutrality Squad - http://www.nnsquad.org
>Founder, GCTIP - Global Coalition 
>   for Transparent Internet Performance - http://www.gctip.org
>Founder, PRIVACY Forum - http://www.vortex.com
>Member, ACM Committee on Computers and Public Policy
>Lauren's Blog: http://lauren.vortex.com
>Twitter: https://twitter.com/laurenweinstein
>
>_______________________________________________
>privacy mailing list
>http://lists.vortex.com/mailman/listinfo/privacy

Regards,

Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 294k members/stakeholders and growing, 
strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B; liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of
Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx
Phone: 214-244-4827