Rogers takes over my browser
Rogers is one of Canada's biggest ISP's. I've pretty much been subscribed to them ever since I moved here. The last few months I've been seeing some shady behaviour, which lead to find out:
- They have some sort of transparent proxy in place, not only intercepting tcp packages; but sometimes even change them.
- Every DNS lookup to an unknown host will be responded to with a rogers ip.
Both of these are a little scary. The first time I noticed they were rewriting packages, was when I was just browsing around. All of a sudden rogers injected some html telling me my bills were due. This one is the most scary, who knows what else they log or modify. Wouldn't this cause some privacy concerns in most western countries?
I didn't make a screenshot at the time, but I'm not the only one.
This one has primarily been a major annoyance. I've been used to just type a word in the addressbar, and expect a search engine to bring me to the top page. Firefox does this by default when a non-existant domain is requested.
With rogers, I get this:
Notice the first 3 items are spam.
I wonder if they put thought in the potential side-effects to applications. Some can definitely rely on negative replies from DNS servers. Firefox is a simple example, but similarly a ping to a misspelled domain will always succeed.
$ ping -c 4 thisiscreepy.rogers PING thisiscreepy.rogers (126.96.36.199): 56 data bytes 64 bytes from 188.8.131.52: icmp_seq=0 ttl=54 time=63.920 ms 64 bytes from 184.108.40.206: icmp_seq=1 ttl=54 time=48.662 ms 64 bytes from 220.127.116.11: icmp_seq=2 ttl=54 time=50.744 ms 64 bytes from 18.104.22.168: icmp_seq=3 ttl=54 time=84.603 ms --- thisiscreepy.rogers ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/stddev = 48.662/61.982/84.603/14.311 ms
I wouldn't be surprised if there's security related implications as well. All a bit scary to me. If you're currently a rogers customer, I would definitely recommend switching DNS providers to OpenDNS, which promises to be safe, and as a bonus; i've definitely noticed much faster DNS lookups as well.
A few tests:
|me.evertpot.com||427 msec||236 msec|
|www.rooftopsolutions.nl||381 msec||33 msec|
|www.weddav.org||4370 msec||53 msec|
And who could forget: net neutrality. I feel it's time to switch isp's.