Ojambo

Controversial malicious DNS servers

Written by

Edward

in

On 2 min, 37 sec read

Local ISPs hijacking web searches

On August, 06, 2011, Ars Technica published about small internet service providers redirecting search results. The article by Nate Anderson was titled Small ISPs use “malicious” DNS servers to watch Web searches, earn cash.

The was based on a study by Microsoft and the Polytechnic Institute of NYU. The results showed that “search queries and URL mistakes” were redirected.

The entire study is available and is titled “Inflight Modifications of Content: Who are the Culprits?”. The conclusion from the study was that 300 malicious servers affected more than 65% of clients from 9 ISPs.

Problem

A user enters a search or misspells a website name in the browser’s address bar. The usual suspects would be hackers or malware. But in this particular case, local ISPs are to blame for the hijacking of searches.

Greed

On August, 04, 2011, the Electronic Frontier Foundation (EFF) and UC-Berkeley’s International Computer Science Institute (ICSI) found the company that enables the hijacking. Technical Analysis by EFF and ICSI investigated Paxfire in an article titled “Widespread Hijacking of Search Traffic in the United States”.

Paxfire claims to generate revenue for their partners in the search advertising market. On its home page, Paxfire states “Paxfire is the proven industry leader in monetizing Address Bar Search and DNS Error traffic for Network Operators”.

Image Missing
Paxfire Home Page

Remedies

Change your DNS server. There are free public dns servers. Some of the more popular free public dns servers are Google, Dnsadvantage, OpenDNS, Norton, Verizon, and ScrubIt. Ojambo.com produced an article titled Setup Google DNS.

File a complaint with politicians so that regulation can be changed. In the UK, in 2008, service providers suffered a backlash after working with a company called Phorm which delivered targeted advertising. When users complained about Phorm’s data collection policies, several ISPs stopped using Phorm.

Join in a class action lawsuit by Reese Richman against Paxfire on grounds that it violates the US wiretap Act. On its home page, Paxfire refutes allegations in the lawsuit. Reports of lawsuit

Image Missing
Phorm Home Page

Conclusion:

ISPs are not content to make money off the service you pay for. ISPs can monetize your URL mistakes by redirecting you to advertisers websites.

The reason hijacking searches and mistakes is unethical is due to permission. Users do not opt-in to this service and do not benefit. Only ISPs and advertisers benefit.

    Recommendations:

  1. Test a public dNS server.
  2. Change ISPs to one which is more ethical.
  3. Raise concerns about your privacy.
  4. For ISPs, give users an opt-out option.

🚀 Recommended Resources

Disclosure: Some of the links above are referral links. I may earn a commission if you make a purchase at no extra cost to you.

About Edward

Edward is a software engineer, author, and designer dedicated to providing the actionable blueprints and real-world tools needed to navigate a shifting economic landscape.

With a provocative focus on the evolution of technology—boldly declaring that “programming is dead”—Edward’s latest work, The Recession Business Blueprint, serves as a strategic guide for modern entrepreneurship. His bibliography also includes Mastering Blender Python API and The Algorithmic Serpent.

Beyond the page, Edward produces open-source tool review videos and provides practical resources for the “build it yourself” movement.

📚 Explore His Books – Visit the Book Shop to grab your copies today.

💼 Need Support? – Learn more about Services and the ways to benefit from his expertise.

🔨 Build it Yourself – Download Free Plans for Backyard Structures, Small Living, and Woodworking.

View all posts | Website

More posts