For the past several months Christian Kreibich and Nicholas Weaver over at the International Computer Science Institute in Berkeley, California, have been tracking a laundry list of ISPs to confirm what they thought to be true: that the ISPs are intercepting customers’ search queries and surreptitiously redirecting them to advertiser or affiliate links. What’s being alleged is that when the ISP customer types something into his or her own browser address bar, instead of making a DNS request or sending the traffic to the browser-configured search provider, the ISP decides which page the customer is taken to and just sends them there. Last week New Scientist magazine broke the story about the findings and caused a stir across the Internet, which has also prompted Congress to take a look, potentially calling some of these ISPs and bad actors in front of the new Congressional Subcommittee on Privacy, Technology and the Law.

Keyword redirection is something new we’ve not seen before, and it’s particularly pernicious, but the practice of ISPs somehow trying to shake more nickels out of their customers is certainly not new. It’s happened before here and here. There are some technical similarities to what we do and what these ISPs are doing, though our methods and motives could not be more different. One of the most important differences relates to choice — everyone chooses to use OpenDNS but most people, if they are lucky enough to have access to broadband at all, only have one choice of ISP.

Our goal at OpenDNS is to help protect people from exactly this kind of security and privacy violation, be it from a malicious hacker or even your ISP. In fact, one of the great ironies in this saga is that while we have never done the things the ISPs are being accused of, we did pioneer some of the techniques that ISPs are using to accomplish this redirection. That doesn’t make us very happy.

Everything we do at OpenDNS has been with our users’ best interests in mind. We’ve always operated an opt-in service with the sole aim of making you thrilled about using it. Using OpenDNS provides you a healthy level of insulation and privacy between you and your ISP. In the case of the newly-found keyword redirection, switching to OpenDNS empowers you to regain control over your address bar. With OpenDNS enabled, the ISP-controlled keyword redirection stops happening and your address bar searches go back to taking you where you want them to.

I fear the keyword redirection the ISPs are being accused of doing is only the beginning, as we’re seeing more and more evidence of ISPs doing things (that most would agree) they shouldn’t be doing. Even if you use OpenDNS and the ISP keyword redirection fails, it’s unclear whether ISPs are still able to sniff your traffic and create a profile about your Internet use – a blatant privacy offense. The idea of anyone, including your ISP, spying on your traffic raises serious security and privacy concerns.  We fully intend to follow this closely and continue to help you do something about it.

You can be sure we will respond by delivering even stronger solutions that protect your security, privacy and ability to use the Internet unencumbered anywhere in the world, on any device, at any time.

Tagged with: