While home in West Virginia for the holidays, I had an interesting Internet experience.
I noticed when I Googled “Amazon” from my browser search bar, I got the Amazon home page, not the Google search results page I expected.
After some digging, I found that the ISP (Frontier Communications) was hijacking all traffic to www.google.com, and (in at least this case) inserting their own results. For my search, they were redirecting to Amazon.com with their affiliate code, presumably to scrape some commission dollars.
The technical details are documented here.
I know ISPs have been hijacking DNS for a while for typo-traffic, but I’d never seen a case where they were directly hijacking Google searches. It seems egregious to me, and I’m paying more attention to the net neutrality debate. Assuming Frontier has standard Amazon affiliate terms, why should Amazon be paying Frontier merely for a subscriber who Googles “amazon”? (And we all end up paying in the end, with higher product prices).
I ended up writing letters about this to Amazon (Jeff Bezos) and Frontier’s CEO. We’ll see if anything comes back.
UPDATE: I heard back immediately from Maggie Wilderotter, Frontier’s CEO. They’ve investigated, found a vendor doing this in violation of Fronter’s business rules, and have shut it down.
They’re continuing the hijacking apace.
It’s been going on with the family computer/I.E for awhile. I didn’t pay that much attention. This morning I find my professional machine taken over and I’m none to happy.
Typing “IBM” into the address bar of Firefox has forever (since 2000?) directly taken us to ibm.com. This was the premium selling feature of Firefox.
This morn, we instead get (as emblighted IE users have always got):
“Sorry! We could not find ibm
It may be unavailable or may not exist. Try using the suggestions or related links below, or search again using our web search. ”
with the nasty Yahoo search results returned.
What a crock, and a huge disruption to my work pattern.
If you have a connection to this CEO, please undo this bit of bad mannered nastiness.
Thank you for your comment.
What you’re describing is (I think) a little bit different than search hijacking. In your case, it sounds like they’re redirecting address typos (“ibm” isn’t a valid wed address, but “ibm.com” is), which is common practice by ISPs.
Like Ed Jones, I too noticed that now whenever I type in a search query in my address bar in Firefox I am instead sent to Frontier Communication’s search results, and I’m not quite sure when this change happened.
Well, this is funny.
I came to this blog because Frontier was hijacking searches done from IE address bar. I’m fairly sure it’s not just mistyped URL redirection, because some of those were multiple words, which the browser shouldn’t even try to interpret as URL. As well, Chrome address bar was not affected, nor were searches done in IE if I manually go to Google main page and search from there.
Now the funny part. I found your wiki page about hijacking first, and then this blog post. And now the hijacking is gone! Even single-word queries from address bar go straight to Google, where the same exact queries would go to Frontier-customized Yahoo search before.
It looks like they’re doing something really fishy here.
Okay, a correction to the above.
Hijacking is back. Not sure why it stopped working for a moment there, but it’s working now.
Furthermore, it is definitely not simply “mistyped domain name”, because it also hijacks when I type something like “? foo” in IE address bar (in IE, “?” is the keyword that tells browser to do the search and not treat it as URL). Also, when I press Enter after typing, I actually see the URL in address bar being “http://google.com/…” including my search query for a very brief moment, and then this gets changed to “http://assist3.searchguide.frontier.com/…”.
This is exactly what I saw back in Dec. What DNS servers are they giving you to use?
Firefox 4’s address bar search was working with Google, then my modem died and now the new one brings me to
http://assist3.searchguide.frontier.com/search?qo=
instead of
http://www.google.com/search?q=
As Frontier customer in WV here, I can confirm that as of May 2nd 2011 they are still hijacking. Proof:
Using Frontier’s DNS, http://www.google.com is really ple02.roch.ny.frontiernet.net
(66.133.183.165)
Using google’s DNS http://www.google.com is (74.125.45.99)
did you hear back????
would just LOVVVVE to stop getting my FFox side swiped with the
“http://assist3.searchguide.frontier.com” results
driving me nutty