Are ISPs Profiting at the Expense of Your Security? - The Controversy
(Page 2 of 4 )
Originally, when computer users went to a website like Google, they would type the following website: http://www.google.com. However, if they misspell the website’s name by typing http://www.googe.com, they would usually receive an error message from the server. The message would say that there is no such listing for this website.
Most users don’t understand the technology working behind the scenes. But here is a quick overview of how the technology works. The DNS (domain name system) maps all of the domain names to IP addresses. So every time you type a website name in your address bar, the ISP converts that domain name (website name) into an IP address. For example, if you go to google.com, the DNS maps that domain name into an IP address, such as numbers like 72.333.50.09.
But what happens if you misspell google, and instead type in, for example, googlee.com? The DNS server will look for that IP address, but it can’t find it. The DNS server will send the message to your browser, saying the site doesn’t exist. Of course, you’ll see the message on your screen. As previously stated, this was the original way.
As of August, 2006, some ISPs started using a new method. Earthlink and Comcast are two of the ISPs that implemented this change. Here’s a brief overview of how it works. When Earthlink sees that a domain name or NXDOMAIN (Non-Existent Domain) site does not exist, the ISP catches the error and transmits the IP address to Barefruit’s servers. You will then see a list of suggestions for what website you are trying to access. But in addition, you will see Yahoo advertisements and a search box. The ISP is hoping you will click on these advertisements so they can profit from it. Everything is fine up to this point.
The controversy arises when ISPs interject their content into the sub-domain of your website. The unfortunate part is that you can’t prevent them from doing this. As a result, this can create a security breach, leaving the door wide open for hackers and phishers to launch all kinds of attacks. This will also make the job harder for the security experts.
For example, let’s say you want to access your Yahoo mail account. You mistakenly type http://www.webmale.yahoo.com as opposed to http://www.webmail.yahoo.com. The sub-domains are webmale and webmail. However, webmale does not exist. As previously stated, an ISP like Earthlink intercepts this and sends it to the Barefruit server. You’ll see the ads in your browser, and your title bar will show Yahoo. So you’ll think it’s an official Yahoo site.
Next: The Security Threat Still Exists >>
More Web Hosting Articles Articles
More By Joe Eitel
