A New Low For Rogers – They Do DNS Redirects When You Mistype Web Page Addresses… A Massive No No! [UPDATED X2]
Its bad enough that Rogers was caught altering web pages (which ticked off Google). But now it seems that Rogers appears to be redirecting invalid DNS requests to their own search and advertising page:
“The hijacking appears to be an attempt by Rogers to use its Deep Packet Inspection (DPI) technology to cash in on the mistakes of its users.”
Basically, what they are doing is hoping that you mistype the address of a website in your browser so that they can use that to display ads. This is bad for you because it is a huge security risk as it opens the door for hackers:
“The hacker could, for example, send spam e-mails to Earthlink subscribers with a link to a webpage on money.paypal.com. Visiting that link would take the victim to the hacker’s site, and it would look as though they were on a real PayPal page.”
Rogers has some balls to pull a stunt like this. Hopefully their customers have the balls to dump them for an ISP that is not this stupid.
UPDATE: A couple of my customers called me to ask me how to fix this. The simple thing to do is to not use Rogers DNS servers, so I did two service calls to configure their computers and routers to use the OpenDNS servers instead. At least when you mistype something, it tries to find you the correct web page and any advertisements that get displayed are for the purpose of keeping OpenDNS alive. Plus OpenDNS is WAY FASTER than Rogers DNS servers and WAY MORE RELIABLE too. Finally, you can filter out things like porn or other “evil” content. So, I figure if you’re going to see ads, at least get a better Internet experience out of it (not to mention a safer one). By the way, even if you don’t use Rogers, it’s a good idea to use OpenDNS instead of your ISPs DNS servers. Take a look at it today. It’s easy to make the switch.
UPDATE #2: If you really don’t want to be redirected to a search page with ads when making a typo on a domain name, you can still do that with OpenDNS.
You can sign up for a FREE account and then set up the option to turn off “typo correction”. You go in to the Dashboard at http://www.opendns.com and select “settings” and then “typo corrections” and then uncheck the box “enable typo correction”.
This turns off all redirection and returns the standard browser error page. OpenDNS then acts as a normal DNS server you can use to bypass ISP DNS servers that do DNS redirection. One thing to keep in mind is that if you turn off typo correction, then none of the blocking capabilities will work either. But if you don’t like ads, then go for it.
July 30, 2008 at 11:17 am
Use 4.2.2.1 and 4.2.2.2 as the dns servers instead of opendns. they give you normal control with no redirection.
can use the firefox redirection like normal now
December 12, 2019 at 9:25 am
[…] with ads. Besides having unwanted ads displayed, it’s also a security risk that I wrote about here. It was a pretty shady thing for Rogers to be doing as ISP’s in my opinion shouldn’t be […]
July 5, 2020 at 9:10 am
[…] don’t run my ISPs DNS settings on my network. That’s because my present ISP is Rogers, and about 12 years ago they were caught redirecting mistyped URLs to their own search page. That is a huge security risk. Now I don’t know if they still do that. But to be safe, I […]
January 11, 2021 at 9:00 am
[…] provided my any ISP that I am doing business with. That’s because my present ISP is Rogers, and about 12 years ago they were caught redirecting mistyped URLs to their own search page. Presumably to make a few bucks. And Rogers main competition Bell was caught doing something […]