Browser HiJacking in FireFox under Linux (on Charter Service)

HiJacking

Browser HiJacking in FireFox under Linux (on Charter Service)

So I booted Ubuntu (I became annoyed with vista – happens frequently) and loaded up SwiftFox. Don’t remember what it was, but I typed something into the address bar and hit ENTER. Typically in FireFox (and SwiftFox) this initiates a ‘feeling lucky’ search via Google. Much to my surprise I am greeted with something along these lines (see image).

Needless to say, when you get used to seeing something a specific way, it stands out a bit when it changes – especially when you have done nothing to change this setting yourself. Typically I would have assumed that I had some spyware/adware/hikacker on my computer, but I am not in Windows nor in IE… and well… truthfully.. yea, it will happen one day, but it really doesn’t happen much in FireFox (even in windows) and really just isn’t in Linux yet. So, it has to be some other cause.

So I bounce over to the Google search box to the right of the address bar (in Firefox) and search “Charter Communications Privacy Internet” to see what their policy on hijacking customers browsers was… There really wasn’t much listed in their policy and I couldn’t really find anything pertaining to the whole deal. I did however find this article by Tony Bradley from my Google search. Fortunately this dude went through the same ordeal before me and saved me time through his insights.
<!– #toc, .toc, .mw-warning { border: 1px solid #aaa; background-color: #f9f9f9; padding: 5px; font-size: 95%; } #toc h2, .toc h2 { display: inline; border: none; padding: 0; font-size: 100%; font-weight: bold; } #toc #toctitle, .toc #toctitle, #toc .toctitle, .toc .toctitle { text-align: center; } #toc ul, .toc ul { list-style-type: none; list-style-image: none; margin-left: 0; padding-left: 0; text-align: left; } #toc ul ul, .toc ul ul { margin: 0 0 0 2em; } #toc .toctoggle, .toc .toctoggle { font-size: 94%; }@media print, projection, embossed { body { padding-top:1in; padding-bottom:1in; padding-left:1in; padding-right:1in; } } body { font-family:'Times New Roman'; color:#000000; widows:2; font-style:normal; text-indent:0in; font-variant:normal; font-size:12pt; text-decoration:none; font-weight:normal; text-align:left; } table { } td { border-collapse:collapse; text-align:left; vertical-align:top; }

Apparently Charter has started grasping for those precious advertising dollars and so via the usage of some questionable trickery they are ‘hiJacking’ your mistypes (or less conventional searches – as was the case with me) and supplementing them with partner ads and results from Yahoo!. By going to the ‘Charter HiJack page’ and clicking “About this Page” you can goto the ‘opt-out‘ page and well… opt out…

Unfortunately opting out doesn’t do anything to restore your address bar ‘keyword’ functionality. Best I can tell Charter is likely employing a proxy and then obviously a cookie to control your entries into the address bar. You can check about:config, keyword.url and see that your settings for the ‘I’m feeling lucky’ address bar is still there but since Charter is hijacking all DNS requests before routing them to the ‘appropriate’ location, Firefox does not know to implement the keyword.url. Since Charter sends back a valid response, firefox loads the page as sent by Charter = a bogus Charter+Yahoo! page. Funny enough, if you opt for the old fashion ‘page not found’ DNS error, you get a janky, f’d up ghetto one – they even try to make it look MS-like… LAME.

In my humble (who gives a shit) opinion, this is not exactly Kosher computer policy. I don’t really think that I pay them for this ‘service’ and that if I wanted them to interpret my requests before they handle them, I should have opted-in to begin with. This kind of feels forced.

Charter, if you are reading, this is not good business and does not make me, a customer, like my provider. I don’t like sneaky packet hijacking, not in my software and damn sure not in my ISP.

Update/Edit: Ok,  so the DNS hijacking seems not to be affecting my Windows XP Firefox searches.  It does however affect my ‘mistyped’ address entries in IE.  I don’t know why Firefox under Linux seems to be susceptible while the windows version isn’t – just is.

Leave a Reply