On Thu, Nov 19, 2009 at 2:08 PM, Paul Foote <span dir="ltr"><<a href="mailto:pfoote@gmail.com" target="_blank">pfoote@gmail.com</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
All that's left for them to complete the "404" strategy is to put transparent proxies in place that redirect on real 404's :P<br><br>Did nobody learn the lessons from when Verisign did this with .com ? baah.</blockquote>
<div><br>In fairness (and I use that term loosly) to BigPond, this is probably a little different to what Verisign did. <br><br>I haven't seen the BigPond details, but I have seen what Comcast are doing on my US cable connection, and I presume BigPond is doing something similar.<br>
<br>The major differences between the two are :<br>* Only responds for "www" addresses. a lookup for "<a href="http://non-existantdomain.com">non-existantdomain.com</a>" will still return an NXDOMAIN, but "<a href="http://www.non-existantdomain.com">www.non-existantdomain.com</a>" returns their search page. This means that (the majority of) things like RBL/anti-spam/etc things which broke under Verisign's redirection no longer break.<br>
* It's only home users. Business plans/etc are not redirected. Obviously this is different to Verisign where everyone was hit.<br>* You can turn it off, and the page you end up on even gives you the details on how to turn it off.<br>
<br>Also despite claims to the contrary, Comcast are not actually "intercepting" DNS traffic - or at least they aren't for me. They are only doing this for traffic sent directly to their DNS servers, and pointing to another DNS server works as expected, as does running your own resolver.<br>
<br><br>I'm still not saying that it's a good thing for them to be doing, but it's not quite as bad or destructive as Verisign's move was...<br><br> Scott.<br><br>
</div></div>