Sunday, August 30, 2009

Comcast the Latest ISP To Try DNS Hijacking

http://www.swansonager.com/wp-content/uploads/2009/06/DR-EVIL-COMCAST.jpgI got hit with the "Comcast Domain Helper service" tonight.

I ended up on some annoying ad page  before I knew what hit me.

I go to great lengths (Firewall/Anti-Virus/Firefox/NoScript/Adblock, etc.) to avoid having to look at spam.

Comcast is irresponsible in subjecting customers to its ad laden "what you get if you type a typo" page, and is potentially damaging customer privacy if advertisers on that page track you. (Read: even more spam.)

DNS Hijacking is virus behavior (according to the Comcast rep I spoke to tonight, who hadn't even heard of the program, it seems, until I gave her the web address below.)

I must "Opt out" of being hijacked!?

How to opt out:

  1. Go here Opt out here: https://dns-opt-out.comcast.net/

  2. Figure out your Comcast email address. If you never use it, don't recall it, or don't know your email password, call customer support, they can help.

  3. They can also tell you the MAC address of your cable modem which you will need for the above form.

  4. Submit the form.

  5. GO to your Comcast email. Read the Opt out email

  6. Click the op out confirmation link

  7. Wait 2 freaking business days for the hijacking to take effect.

  8. Ask the rep how many people have complained about "Comcast Domain Helper service" so far, and then add your thumbs down vote.


"In the latest blow to DNS neutrality, Comcast is starting to redirect users to an ad-laden holding page when they try to connect to nonexistent domains. I have just received an email from them to that effect, tried it, and lo and behold, indeed there is the ugly DNS hijack page. The good news is that the opt-out is a more sensible registration based on cable modem MAC, rather than the deplorable 'cookie method' we just saw from Bell Canada. All you Comcast customers and friends of Comcast customers who want to get out of this, go here to opt out. Is there anything that can be done to stop (and reverse) this DNS breakage trend that the ISPs seem to be latching onto lately? Maybe the latest net neutrality bill will help."

via Slashdot Technology Story | Comcast the Latest ISP To Try DNS Hijacking.

4 comments:

silkyray said...

Xeno,

Even if you opt of of this program your isp can and will still track you by dns you just don't get the fancy typo search. What I suggest you do is not use your isp for any thinh other then the pipe. If you have a router go into its setup and manually set your dns server. As for what server to use I personally use http://www.opendns.com/ this protects me from the isp snooping my dns records. If they want to know what I am doing they have to do deep packet inspection and they better have a court order for that. Also run peer guardian, all the time http://phoenixlabs.org/pg2/.

Xeno said...

Thanks for the tips! OpenDNS's safer faster internet: loading... loading... loading... loading ... ugh. Is Opendns.com under a Denial of Service attack or something?

silkyray said...

Some people have had issues with the delay. You can create your opendns account and turn off all the filtering and this usualy speeds up the process. Doing this will slow down your page load sometime but you gain privacy over load times. You decide what is important.

Xeno said...

Crud! They turned it BACK ON! How many times do I have to freaking opt out? Opted out again. This time it had better stick or I'm dumping Comcast over this.