F*ck you.

So I’m cruising the Internet, having a bowl of cereal, happy as a clam. Not so great at multitasking, I get a little sloppy and mistype a URL. I, of course, expect to be shown Firefox’s usual 404 Page — you know, this:

Instead, I’m taken to this bullshit:

Now, what this means is that, besides throttling my bandwidth, Charter Communications has begun intercepting negative DNS lookup responses from queried servers and replacing that response with a URL the browser sees as valid, one that is full of Charter advertisements. Now, besides gloriously f*cking one of Firefox 3’s finest features — the ability to type an arbitrary string of words into the URL bar and, if they don’t register as a valid website after a bit of searching, to be taken to Google’s search page for that term — this is still bullshit. Let’s take a tally:

• Charter is attempting to generate revenue off each and every user typo. Already bullshit.
• Charter is overriding the preferences set by a user in their browser and adding an invisible middleman to HTTP requests, without telling anyone.
• Charter redirecting users to entirely unrequested pages, without asking permission beforehand or giving any kind of indication that it’s happening afterward.
• Charter is altering the content served by a requested website, returning a positive HTTP result when the real response should be negative.

Additionally, as user Neutron Cowboy points out on a pertinent Slashdot discussion:

a lot of site monitoring still relies on pings or basic server lookups to figure out whether the server is up and running. This feature would immediately screw with that kind of monitoring. Basically, you cannot assume anymore that because a dns lookup or a ping returns a positive result that the server with that hostname is actually alive or in the DNS tables. Yes, there are ways around that, but it basically breaks one of the central tenets of the internet: the intelligence is on the edge of the network, and everything in between is just a packet forwarder.

In other words, this technique breaks network protocols that aren’t HTTP. There’s no telling what kind of havoc a valid, positive response can cause when a negative one is expected. Tod Knarr offers a magnificent example:

Say you’ve got a program on an embedded device that automatically downloads updates. It retrieves “http://updates.devicecompany.com/model/latest-firmware.txt” to check what the latest offered version of the firmware is, and if the latest is greater than what’s installed it retrieves “http://updates.devicecompany.com/model/firmware-.dat” and installs it. If the company goes out of business or stops providing updates, updates.devicecompany.com won’t resolve anymore or will return a 404 error, so the device doesn’t need to do a whole lot of error checking. And error checking means more code, which means more memory needed to hold that code, and this device is designed to be as cheap as possible so it omits anything it doesn’t need.

Now, suppose the company goes out of business. No problem for the device, the host it’s at is supposed to not resolve anymore so it won’t try to contact it. But now TW intervenes. Instead of failing to resolve or getting a 404 error, the grab of the latest firmware version returns garbage (an HTML page, not a properly formatted indication of the latest firmware version). Bam, device crashes. Or worse, it misparses the results and tries to download new firmware. Again, garbage (HTML page) instead of a valid firmware image. But since there’s no error checking, it tries to load that HTML page into memory as a firmware image. Bam, one insta-brick.

Or suppose the device isn’t even using HTTP. The DNS servers don’t know what protocol the device intends to talk, it could be logging into an FTP server or querying data via SNMP for all TW knows. The application gets bogus DNS responses anyway, even though it’s not using HTTP or the Web at all. Breakage is the least problem here. The application’s sending things like passwords up to the server. Even if it uses SSL to protect against eavesdropping, the TW server is an endpoint and SSL won’t stop the endpoint from seeing the data. Do you want to have applications handing your vendor-support-site passwords over to TW because of a typo in a hostname? I sure don’t.

Maybe, as hal9000(jr) says, the simplest problems are the worst:

I care because if I typo an address, I can click in the URL bar and edit it. When I am redirected to a f*cking helpful search page, I can’t do that anymore. I have to select, cut, edit, a whole GET string. It’s a pain in the ass.

Beyond the immediate ramifications, there is a great threat to the future here: if this sets any kind of precedent and becomes at all commonplace, the Internet is quickly going to become as ugly and corporate as any other medium, with an added layer of subversion and underhandedness. Please, don’t give in to this kind of bullshit and reject Charter as an ISP.

More info / similar cases:

• Slashdot 1
• Slashdot 2
• ArsTechnica 1
• ArsTechnica 2
• Bruce Schneier
• And the root of the problem (via Arstechnica)
• Let me know if you find any other useful information…

← Submit me!

One Response:

Q

Aug 28th at 1:28 am

Thanks for censoring, my eyes thought you were considerate.

Leave a Reply