The Electronic Frontier Foundation worked with UC Berkeley's International Computer Science Institute to uncover a widespread program of search-hijacking by American ISPs. Many US ISPs run covert proxies that redirect certain lucrative search queries (made by customers who believe that they are searching Google or another search engine) to their preferred suppliers, pocketing an affiliate fee for delivering their customers. Participating ISPs, which include Cavalier, Cogent, Frontier, Fuse, DirecPC, RCN, and Wide Open West (Charter used to do this, but appear to have stopped), did not disclose the practice to their customers, who were meant to believe that they were getting the search results that their preferred search-engines had presented.
EFF and ICSI uncovered the vendor that supplied the hijacking software, a company called Paxfire.
Using EFF's HTTPS Everywhere Firefox extension and a search-engine that permits HTTPS logins (such as Google or DuckDuckGo) will prevent this sort of hijacking.
Widespread Hijacking of Search Traffic in the United States
The proxies in question are operated either directly by Paxfire, or by the ISPs using web proxies provided by Paxfire. Major users of the Paxfire system include Cavalier, Cogent, Frontier, Fuse, DirecPC, RCN, and Wide Open West. Charter also used Paxfire in the past, but appears to have discontinued this practice.
Why do they do this?
In short, the purpose appears to be monetization of users' searches. ICSI Networking's investigation has revealed that Paxfire's HTTP proxies selectively siphon search requests out of the proxied traffic flows and redirect them through one or more affiliate marketing programs, presumably resulting in commission payments to Paxfire and the ISPs involved. The affiliate programs involved include Commission Junction, the Google Affiliate Network, LinkShare, and Ask.com. When looking up brand names such as "apple", "dell", "groupon", and "wsj", the affiliate programs direct the queries to the corresponding brands' websites or to search assistance pages instead of providing the intended search engine results page.
(Image: 2005_South Africa_Centurion_DSCF0242, a Creative Commons Attribution Share-Alike (2.0) image from hmvh's photostream)
Vtech is a ubiquitous Hong Kong-based electronic toy company whose kiddy tablets and other devices are designed to work with its cloud service, which requires parents to set up accounts for their kids. 4.8 million of those accounts just breached, leaking a huge amount of potentially compromising information, from kids’ birthdays and home addresses to […]
The new Raspberry Pi Zero is a $5 general purpose computer, manufactured in Wales, with more power than a 1980s personal computer.
BMG Rights Management and Round Hill Music. has been trying to enlist Cox Cable as an accomplice in a copyright trolling scheme, demanding that the company pass on copyright infringement notices that accuse users of downloading music and order them to pay large sums of music or face punishing lawsuits.
The Micro Drone 2.0+ is truly in a league of its own, offering a new perspective on aerial photography, and a world of technological capabilities that make flying ridiculously fun. Simply throw it in the air at any angle and its self-correcting algorithm will stabilize for smooth sailing in no time. You’ll stay entertained with […]
Celebrate Cyber Monday with some brain food. Save on any eLearning deal in the Boing Boing Store today using coupon code: CYBERMONDAY25. Below are a couple of our favorite eLearning offers: eduCBA Tech Training Bundle: Lifetime Subscription:Welcome to your personal online classroom, where you can finally study at your own pace, on your own time (and […]
This minimalist multi-tool will see to it that instead of rocking a tool belt, you’ll carry just one. It’s shaped slightly like a key and weighs less than an ounce, so it plays nice with your keychain. The strong surgical-grade stainless steel blade will last, and is handy for everyday tasks like opening boxes and […]