Comcast DNS Redirection Launched In Trial Markets 362
An anonymous reader writes "Comcast has finally launched its DNS Redirector service in trial markets (Arizona, Colorado, New Mexico, Oregon, Texas, Utah, and Washington state), and has submitted a working draft of the technology to the IETF for review. Comcast customers can opt-out from the service by providing their account username and cable modem MAC address. Customers in trial areas using 'old' Comcast DNS servers, or non-Comcast DNS servers, should not be affected by this. This deployment comes after many previous ISPs, like DSLExtreme, were forced to pull the plug on such efforts as a result of customer disapproval/retaliation. Some may remember when VeriSign tried this back in 2003, where it also failed."
malware (Score:5, Insightful)
Another great press release about how it will be helpful and a "service" for users, while the main purpose is just to gather extra advertisement revenue (while breaking internet standards). I mean, this is what malware do. Oh well, atleast these non-us ISP's dont do such dirty acts to their customers here. Time to voice your opinion maybe?
Who's providing a backdoor DNS service? (Score:5, Insightful)
Sounds like time to pick some semi-standard alternate port number and start setting up some alternate recursive DNS servers, something between alt.* and TOR.
The Sky isn't faling. (Score:1, Insightful)
Before you go calling me a troll, just hear me out, this isn't that big of a deal. It doesnt redirect you to another 3rd party site owned by the NSA, it simply provides a web GUI that suggest sites on what the system thought you wanted to see. You dont have to go any sites you dont want to. The sky isnt falling.
Re:Who's providing a backdoor DNS service? (Score:4, Insightful)
Re:The Sky isn't faling. (Score:0, Insightful)
Don't you have a mass mail marketing webinar to attend somewhere? Get lost.
Re:So should... (Score:3, Insightful)
You can opt out, you know. It says so right in the summary.
Also please don't use "evil" to describe things that are merely inconvenient. It greatly diminishes the horror and suffering people have gone through at the hands of real, actual evil.
Keep trying till you succeed (Score:5, Insightful)
When in doubt, keep trying. When rejected, keep trying. Enough people do this, it becomes the norm. Sad, but true.
Re:The Sky isn't faling. (Score:5, Insightful)
Providing a nice GUI on a DNS lookup fail is the job of the web browser not the DNS server. DNS is infrastructure not user interface.
Re:malware (Score:5, Insightful)
modern corporate culture demands profit growth. not just continued profit, but growth of profits. how do you expect that to happen in a saturated market?
They shouldn't control it. (Score:2, Insightful)
Given the shenanigans the ISPs and governmental authorities have been up to the last few years, I say we need to rethink TCP. You see, we've been assuming all along that ISPs are not malicious. We need to start assuming they are malicious. The new TCP protocol should only assume that all socket level data is sensitive and therefore must be encrypted as to both its contents AND its destination. This implies traffic shaping, onion routing and a public key based DNS
Re:So should... (Score:0, Insightful)
Real evil is like real beauty. Both are nothing more than opinion. Stop trying to make your emotions seem important.
Re:So should... (Score:5, Insightful)
No.
Knock this shit off and mods, wise the fuck up. Just because it has "open" in the name doesn't make it suddenly good and benevolent, They do the exact same fucking thing.
Anyone who's been on slashdot for more than a week or two probably has seen dozens of comments suggesting OpenDNS in cases like this, always modded up. Every single time people post corrections pointing out that they do the same thing. Does anyone ever listen?
Wise the fuck up
Re:malware (Score:5, Insightful)
Re:malware (Score:4, Insightful)
I hate their tech support (Score:1, Insightful)
https://dns-opt-out.comcast.net/
That is where you go to opt out. I called tech support and no one even new what I was talking about until I directed them to their own announcement.
Re:The Sky isn't faling. (Score:5, Insightful)
If a domain name does not exist, I want my systems to receive an error telling them so, not be redirected to a system that they were not expecting to be directed to.
Re:The Sky isn't faling. (Score:5, Insightful)
If you think it's OK to hijack DNS think about what happens if you mistype an email address, or what happens when your configured NTP server goes offline.
Re:malware (Score:1, Insightful)
OpenDNS redirects www.google.com, not google.com. Just in case somebody wants to verify it and finds that you're full of shit.
Re:I tried to circumvent this with OpenDNS... (Score:1, Insightful)
That's why I use the NoRedirect extension [mozilla.org] these days. Don't have to bother with the draconian (and often non-existent) opt-out policies, no matter whose network I'm using.
Re:I'm done. I'll be switching as soon as possible (Score:5, Insightful)
Me too.
Oh wait, Comcast doesn't have any competition for high-speed where I live.
Go go gadget free market!
Re:malware (Score:4, Insightful)
Yeah, it's exactly the same thing. Except opendns is very clear about what they're doing and any computer or network using opendns must explicity configure their system to use the opends servers. Heck, I'm looking at an opendns redirect right now. It's hard to miss the big opendns logo. And the "Why am I here?" link. And the "did you mean" links. Yeah. Exactly the same "dirty trick".
I would find this acceptable if ... (Score:3, Insightful)
... in addition to their modem MAC based opt-out mechanism, they:
Anyone that knows what they are doing, or finds out via information from some source (the provider not being obligated to supply this information), should be able to use the internet exactly as it was originally intended.
Re:comcast and netflix (Score:4, Insightful)
You are blatnatly mistaken, sir.
Because your DNS tells you what the real IP address is, and in many locations, that is not what this "redirect" DNS service will lead you to. That may be a much nearer, but more bandwidth expensive location than Comcast wants you to use, or may not go through their monitoring and proxies and load balancers and most importantly, their _streaming video choking_ services. Comcast has established their willingness to interfere with bandwidth intensive services such as Bittorrent via SYN packats and other abuses: there's no reason to expect that they will provide this service for their customer's advantage, but rather for their own to guide traffic to their desired services.