Computer Science Canada

Rogers.com hijacking 404
Author:  btiffin [ Thu Aug 07, 2008 9:59 pm ]
Post subject:  Rogers.com hijacking 404
So, if you are like me, on rogers, and the new deep packet scanner hijacking of 404 being a complete tick off, and you run Konqueror; here is one way of getting rid of the new annoyance.

In ~/.kde/share/config/kdeglobals (I'm running KDE 3.5.9) add
code:

[KDE URL Restrictions]
rule_1=open,,,,http,www20.search.rogers.com,,false
rule_count=1

Basically denies access to that URL. Note, don't be running any KDE apps during this edit, just about all desktop applications adjust this file when they start/run/stop. And if you put the edit at the bottom, like I did, it will be re-organized the next time you look. (I put the rule_count=1 above the rule for instance). No doubt there is a KControl GUI editor for this somewhere, but I haven't found it yet. KDE is sooo well documented. Smile

You'll now have to deal with a Konqueror "Denied" popup box, but rogers no longer gets to "Enhance your web browsing" when you mistype a URL in the location bar, but at least the mistyped url stays in the location bar for edit.

I'm still looking into ways of putting http://www20.search.rogers.com into a Firefox restricted list. I'm sure IE and Windows has a similar Restricted List. And there may be a way to just loop the URL back to localhost loopback in /etc/hosts/ too.

And if you go through the rogers.com MyAccount settings to disable this feature (I didn't - and don't even know how to get to the setting, I just read about it), it sets a cookie. I have all browsers set to nuke all cookies on exit, so that would be no good for me anyway.

Cheers
Edit; typo
Author:  DemonWasp [ Thu Aug 07, 2008 11:22 pm ]
Post subject:  RE:Rogers.com hijacking 404
Why not just make a startup script that goes:

1. Make stupid Rogers cookie.
2. Start web browser of choice.

That way, it'd be effectively transparent to you in normal use, you could keep your cookie-deletion settings, and you'd avoid that stupid Rogers nonsense.
Author:  octopi [ Thu Aug 07, 2008 11:27 pm ]
Post subject:  Re: Rogers.com hijacking 404
I don't quite see how they could manage that with a cookie, cause cookies only get sent to the domain if it matches. So suppose you go to a non-rogers page, and get an error, they're still gonna have to redirect you to their rogers servers to check to see if you have the cookie.
Author:  md [ Thu Aug 07, 2008 11:32 pm ]
Post subject:  RE:Rogers.com hijacking 404
octopi, they don't. They return a look-alike IE 404 page if the cookie is detected. Maybe a firefox-like page if they managed to UA parsing.

There has to be something illegal about it... I just can't figure out what.
Author:  DemonWasp [ Thu Aug 07, 2008 11:40 pm ]
Post subject:  RE:Rogers.com hijacking 404
I suspect that's a violation of their terms of service, but since that's subject to unilateral change at any time without notification...

...pretty much we just get to hang on for the ride while they do all sorts of stupid nonsense to our connections. I approve of them sending notifications (ie you've reached 100% of your line cap, we're charging more now...), but I don't approve of having line caps in the first place, so you can imagine I'm not terribly happy with them right now.
Author:  Zeroth [ Thu Aug 07, 2008 11:44 pm ]
Post subject:  Re: Rogers.com hijacking 404
The part thats illegal is quite subtle. Rogers as an ISP, has common carrier status, which means they are not liable for any illegal content they transport. By doing deep packet inspection, they give up their common carrier status, and thus are perfectly liable for carrying Child Porn, etc, on their network.

Now, a much more elegant fix: alter your hosts file. TADA! Just assign 127.0.0.1 to the url you want to block, and you're done!

Another elegant fix: Use opendns: http://www.opendns.com/

Yes, the 404 pages have ads on them, but the services provided are extensive... and free. Automatic redirects to mistyped urls, phishing protection, domain blocks, etc etc etc. Very very awesome company, and I don't mind the ads as its how they make money. I've also found that A)they're faster than ISP DNS servers, and B) much lower TTLs, so if you change a domain or whatever, you see the change quicker.

Much better, no?
Author:  Tony [ Fri Aug 08, 2008 12:34 am ]
Post subject:  Re: RE:Rogers.com hijacking 404
DemonWasp @ Thu Aug 07, 2008 11:40 pm wrote:
...pretty much we just get to hang on for the ride while they do all sorts of stupid nonsense to our connections.

I want to see them inject some sort of "friend not found" ads into IM messages. Simply to make general public actually care about what's going on. Because really, there isn't that much of a difference between that, and what they are doing with HTTP injections and DNS hijacking.

Posted Image, might have been reduced in size. Click Image to view fullscreen.
Author:  md [ Fri Aug 08, 2008 8:47 am ]
Post subject:  Re: Rogers.com hijacking 404
Zeroth @ 2008-08-07, 11:44 pm wrote:
The part thats illegal is quite subtle. Rogers as an ISP, has common carrier status, which means they are not liable for any illegal content they transport. By doing deep packet inspection, they give up their common carrier status, and thus are perfectly liable for carrying Child Porn, etc, on their network.


False! ISPs do not have common carrier status. There are other laws which offer the same protections for them, only without the burden of not looking at your traffic. (I'm afraid I do not remember what they are right now).
Author:  Zeroth [ Fri Aug 08, 2008 9:16 am ]
Post subject:  Re: Rogers.com hijacking 404
MD: I think you're wrong. You could argue semantics, and say its not technically common carrier status, but this says that they effectively do, under the Copyright Law. http://strategis.ic.gc.ca/epic/site/ippd-dppi.nsf/en/ip01089e.html

Quote:
Quote:

Recent case law, SOCAN v. CAIP et al., [2002] F.C.A. 166 supported the exemption of ISP liability under the Copyright Act for ISPs with regard to transmission of musical works. Paragraph 2.4(1)(b) of the Copyright Act outlines the ?common carrier? exemption:


Its an exemption called the common carrier exemption, and they have it. Therefore, their status, is that of common carrier. Not the specific law, but their status. Razz
Author:  btiffin [ Fri Aug 08, 2008 12:58 pm ]
Post subject:  Re: Rogers.com hijacking 404
Quote:
Now, a much more elegant fix: alter your hosts file. TADA! Just assign 127.0.0.1 to the url you want to block, and you're done!
Yeah, I tried adding
code:
127.0.0.1 www20.search.rogers.com
to /etc/hosts, but what you end up with is still a forced redirect to
code:
http://www20.search.rogers.com/search?qo=nonexistenturl.org&rn=UoMvyTx0sKvdohU
and /search not found for this URL pestering my local webserver. And the location bar is still nuked from editting. (I don't really mind a colorful 404 page as much as the change to the location bar. I just want my location bar back. My typos are usually 1 character off).

The current Firefox instructions rely on either going through a proxy or mucking about with the user preferences javascript user.js. http://www.mozilla.org/projects/security/components/ConfigPolicy.html More reading to do.

But just so I don't sound too too crusty; I don't mind commercials. I find them fascinating and one of the truest views of the state of society. Unlike the entertainment, which by its very nature is usually pretty much fiction, including the News, filtered by the ownership to reflect how they think we should see the world. I simply want my location bar to stay MY location bar and if the current rogers redirect didn't modify that space, I wouldn't have said anything publicly.

Offtopic; By the way, has anyone else noticed that we spend far too much time worrying about how white our teeth are? Smile

So far the KDE URL Restrictions setting is just the ticket.
Cheers
Author:  md [ Fri Aug 08, 2008 1:04 pm ]
Post subject:  RE:Rogers.com hijacking 404
semantics are very, very important. The letter of the law is what counts, not the original meaning (which is always up for debate).

There is other case law that pertains to ISPs too; which may give or take away their protections depending on the circumstance.

:


You can syndicate this boards posts using the file backend.php or view the topic map using sitemap.php.

Terms of Use | Privacy Policy