Grande Communications Hijacks Browser Traffic

I currently have services with Grande Communications, here in San Marcos.  And I have been a happy customer from the 1st day they offered service…some 7 or 8 years ago.   I enjoy the speed of their service, the speed of their customer service, and the quality of their service.  This is not a bad review of their overall service but a bad review on a not well thought out service.

As with any service there are times when something occurs that causes grief, such as outages, lost static IP addresses…things like that.  Things that I can understand that happen.  This however is not one of them…

 I noticed a few days ago, when I mis-typed a web address and landed on . 
this screen.
 

I was not sure what it was…where it came from or even how I got there.

After doing a little research I discovered what they are doing and why.  I also discovered that allot of big name ISPs are doing the same thing and or testing similar services.  Basically what they are doing is using their DNS servers to redirect nonexistent web addresses to their ad supported search portal.  This is a direct violation of the DNS standard, which requires that a query for a nonexistent domain must return the “NXDOMAIN” error response.

As of this writing I have not found out what software Grande Communications uses to redirect the traffic, but hopefully when I write a follow up I will have additional information on that. 

Now what does this mean to the average user? Well late last month a bug in the software that EarthLink uses to redirect customer mistyped domains may have allowed attackers to launch undetectable phishing attacks against any Internet site and get the pages to run the hackers own JavaScript code. With the browser treating this code as if it were from a legitimate domain, hackers were able to steal users’ cookies, create fake Web sites that appeared to be hosted on legitimate domains, and even log into certain Web sites without authorization.  “This”, According to Dan Kaminsky, director of penetration testing with IOActive, a security consulting firm, “underscores a fundamental security risk in the way that some ISPs are attempting to generate advertising revenue from mistyped Web addresses.”

Please contact Grande Communications today and file a complaint.  Tell them you don’t like the service, you don’t want the service, and you don’t like the fact that Grande Communications is hijacking YOUR web traffic.

Call 512-878-4600