[143412] in North American Network Operators' Group
Re: US internet providers hijacking users' search queries
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Aug 9 04:09:12 2011
In-Reply-To: <A169E445-D9EE-4455-8327-A78324385DFA@virtualized.org>
Date: Tue, 9 Aug 2011 04:08:27 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: David Conrad <drc@virtualized.org>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Aug 8, 2011 at 11:52 PM, David Conrad <drc@virtualized.org> wrote:
> Chris,
>
> On Aug 8, 2011, at 2:56 PM, Christopher Morrow wrote:
>> messing with basic plumbing will have unintended consequences, they will=
be bad.
>>
>> If the users her WANT to have this experience, there are lots of
>> in-browser/application methods to achieve this, hijacking DNS at the
>> resolver is really just NOT the right answer, ever.
>
> See that ship off on the horizon? =A0It appears to have sailed...
doesn't mean I can't be the cranky old man shaking my fist, right?
>
> I'm told that non-trivial revenue is being generated by ISPs who are doin=
g this redirection. =A0As long as that is true, I suspect it's unlikely poi=
nting out how broken hijacking DNS is will be particularly effective.
>
yea... so that, so I understand, depends a lot on who's telling the
tale. From one source at an ISP doing this, the revenues are not
anywhere near what was promised by the vendor(s). Anyway, I'm not sure
what they are, we probably won't ever know what they really are :(
I suppose it'll continue as long as people consider it 'ok' to be
subjected to this and don't leave their ISP for an alternative. (where
available!) Oh, maybe dns-sec will help us with this problem too?
nsec3 to the rescue?
