NNSquad - Network Neutrality Squad
[ NNSquad ] Verizon's TOS includes expanded DNS hijacking
Here is Verizons TOS. Pay attention to section 5.5
<http://www.verizonbusiness.com/external/service_guide/reg/terms_conditions-nonregulated.htm>
(CAPS added for emphasis)
"where a Customer DNS query either (1) does not resolve to a current, valid,
operable IP address, or (2) reflects user-input text (e.g., a search term)
that is not in the form of a resolvable URL (whether or not a browser-added
URL is subsequently added to that user-input), then rather than returning
an NXDOMAIN response or THE IP ADDRESS FOR THE BROWSER-SUPPLIED URL,
Company may deliver the IP address for a web page containing information
and links that it believes are responsive, relevant or related..."
As I suspected, they will be substituting their own A records for
otherwise legitimate A records. This is not just NXDOMAIN hijacking,
it is equivalent to domain hijacking.
--
Bob Poortinga K9SQL
Bloomington, IN US
[ The last reports I have on this indicate that -- while Verizon
isn't as forthcoming with this info as previously -- it is still
possible for users to configure their own machines to use
non-Verizon DNS servers successfully. If any Verizon users
experience actual DNS port 53 hijacking (test procedure at
http://lauren.vortex.com/archive/000377.html ) please let me
know immediately. Thanks.
-- Lauren Weinstein
NNSquad Moderator ]