Author Topic: Why Mediacom's DPI policy is both wrong and dangerous  (Read 17154 times)

mmjrogers

  • Full Member
  • ***
  • Posts: 122
    • View Profile
Why Mediacom's DPI policy is both wrong and dangerous
« on: April 26, 2011, 06:11:07 PM »
After re-reading what I wrote here I'd like Bill, Mike, Tom and the rest of you to know it's not really addressed to the support team here. I know you guys are doing everything you can and I really appreciate your rapid responses to my posts on this continuing issue. I'd like to see the opt-out system working properly, but I'd really prefer that the opt-out system not need to exist in the first place. I've laid out the reasons below.

Is there some way we can convey any of this to whatever member(s) of Mediacom's management decided that hijacking legitimate search requests and 404 errors to redirect Mediacom customers to an unwanted, unnecessary and poorly-performing search engine was a good idea? An email (or, indeed, regular mail) address I can send it to? They are the ones that really need to see this.

--

Mediacom is currently using deep packet inspection to detect search requests sent from browser address bars and forcibly redirecting users away from their chosen search engine and into Mediacom's "Assist" search page. This page contains a number of paid advertisements and does not return the sort of relevant links one expects from Google or Bing. In addition, Mediacom is intercepting 404 errors sent by web sites, and again redirecting users to its own search page. This takes the user away from the site they intended to visit and, in some cases, breaks "Back" button functionality, making the search page difficult to navigate away from again.

Additionally, Mediacom was made aware over a month ago that the mechanism in place for opting out of this hijacking process was not working properly. Since then, there has been no progress made on this issue. If anything, the problem has actually gotten worse; opt-out preferences are now being ignored for search engine hijacks as well as the 404 error hijacks, display problems resulting in confusing feedback on the opt-out page are unfixed, and 404 hijacking still occurs even if opting out is otherwise working. On top of these problems, the user's "Assist page" preferences are changed back to "enable" at random intervals, thus starting the whole process over again.

It is becoming increasingly clear that one of the following is occurring:

1) Mediacom is unable to fix these problems, or
2) Mediacom is unwilling to fix these problems, or
3) Mediacom thinks that using its captive customer base to beta test features is appropriate behavior, or
4) Mediacom does not feel these problems are important.

Number 4 is, of course, the only reasonable conclusion. Number 1 implies incompetence; this is the easiest of all internal problems to remedy and a company like Mediacom would not survive long without doing so. Number 2 implies malice. Since one should never attribute to malice what may be adequately explained by incompetence, we can eliminate this possibility the same way we did number 1. Number 3 clearly conflicts with Mediacom's stated goal of "deliver[ing] the best possible broadband Internet experience to all of its customers." That leaves 4.

So far I've seen several other customers complain about the hijacks, and at least 2 web developers state that their work is being affected by the problem. Those are just the people who have reported problems on this rather hard-to-find forum, mind you. Many topics have been created about it on other forums, and of course I have no knowledge of how many people may have called in about the issue, or been affected and just worked around it somehow.

And yet we see by Mediacom's actions that this problem is not being taken seriously. Fair enough. Mediacom is entitled to its opinion. Just in case, though, I've come up with a few reasons this issue needs to be resolved. I post them here in the hope that they will be seen and perhaps convince Mediacom that these issues ARE important, and from more than just a customer service perspective.

Intercepting and rerouting HTTP requests in the way Mediacom is currently doing breaks technical standards and misleads end users. That by itself is quite bad enough. In combination with an inoperative opt-out mechanism, however, it becomes debatable whether Mediacom is even providing the service it claims to provide. Mediacom's AUP states that it will use "reasonable network management practices that are consistent with industry standards."

What industry standard supports NXDOMAIN poisoning?

What industry standard encourages hijacking legitimate search requests and redirecting users to an inferior search engine?

What industry standard provides for impersonating web sites and inserting Javascript into their HTTP responses?

What industry standard offers a rationale for pushing these nonsensical things on paying customers while the only method in place for avoiding them is broken?

How can I now trust the responses I get from ANY server I access through this service? As recently as last February, Mediacom has shown it is willing to insert its own advertising on sites such as Google and Apple.com without even bothering to notify its customers. What industry standard justifies THAT? Mediacom has created a situation where the client and server can no longer be certain of what the other has received. Sure, I use HTTPS where I can, but many sites cannot afford the computational overhead it creates or the certificates required to use it effectively. More importantly, these site owners shouldn't have to encrypt all their packets just to make sure they arrive at their destination unmolested!

The internet and its various component protocols were developed to work in certain ways by some of the best and brightest engineers in the world. TCP was designed specifically to ensure that the data that is received matches the data that was sent. When a company like Mediacom, in its ignorance, decides to break these protocols for a quick buck (for why else would there be paid advertising on the Assist page?), they cease to be an internet service provider and take the first step toward becoming a walled garden like GEnie, Prodigy, Compuserve or the original America Online. I invite Mediacom to examine the recent history of these services and think long and hard about whether they want to continue moving in this direction.

So far, however, I don't expect anything I've said to persuade Mediacom's management that this is a bad idea. After all, it's "only" a technical standard; most Mediacom users don't have any idea of what's going on in the background and many probably don't notice or care when the hijacking occurs. For most users it's not worth complaining about, and who cares what a few idealistic tech junkies think?

So here's an argument for the management: continuing to perform deep packet inspection and injection risks hurting Mediacom's bottom line in the form of lawsuits from content providers, unfunded government-mandated filtering of all copyrighted material using lists purchased from content providers, or (more likely) both. I'll explain.

Right now, Mediacom is defined as a Service Provider and as such is protected from content providers by the so-called "Safe Harbor Provision" of the Digital Millennium Copyright Act (DMCA). In other words, if a Mediacom user distributes a copy of Iron Man 2 over the internet or hosts it on a Mediacom-provided IP address, Mediacom cannot be held liable for this distribution because of its status as a Service Provider, provided it takes certain steps as laid out in the DMCA.

It turns out, though, that the DMCA has quite narrow definitions of what a Service Provider is and how it qualifies for Safe Harbor protection. For the full list, see:

http://www.chillingeffects.org/dmca512/faq.cgi#QID129

But to save time I'll quote the most relevant sections here.

"A service provider must satisfy the following critical elements in order to qualify for the 'safe harbor' or protection...
...The transmission, routing, provision of connections, or storage is carried out by an automatic technical process...
...The Internet user, not the service provider, must select the origination and destination points of the communication..."

By deciding via company policy which user communications go where (by, for example, deciding that certain URLs should go to Mediacom's search engine rather than Google) it could be argued that  Mediacom violates the first point; someone at Mediacom made that decision, thus it is no longer entirely automated. By a similar rationale, Mediacom violates the second point as well. Now these might be arguable, but the next point is the real killer.

"The service provider must not modify the communication selected by the Internet user."

By demonstrating both the ability and the willingness to modify user communications (which the search and 404 hijack is doing -by definition-), Mediacom is placing its Safe Harbor status in serious jeopardy. This means that Mediacom may be open to lawsuits from content providers for every piece of infringing content that traverses its network. Furthermore, the current use (abuse) of deep packet inspection by a select few ISPs, Mediacom among them, is being used by content providers as evidence that internet service providers possess the ability to filter this content and are (they argue) willfully encouraging copyright infringement by NOT filtering it.

You think running an ISP is expensive NOW? Keep up the deep packet inspection and Mediacom, along with all the other ISPs in this country, will learn just how expensive it can get. Not only will the filtering hardware (and likely the lists of content to be filtered) be expensive, but it will have a tremendous impact on legitimate communications while being utterly ineffective; people who want to trade copyrighted material will simply employ encryption to continue doing so, further increasing network overhead with traffic that can no longer be effectively prioritized.

None of this is a conspiracy theory or merely academic; this is a real threat. Various content providers have been calling for this kind of law since at least 2007. Bills have been introduced to mandate this sort of filtering, and it is only the DMCA and the concept of service providers as "dumb pipes" that have prevented them from becoming law... so far. Mediacom should be fighting this, not embracing it, for its own sake and the sake of its industry if not for its customers. By using deep packet inspection and injection to hijack customer traffic today, Mediacom is stating, louder than words, "We're okay with this. We welcome additional restrictions on our operation. Bring on government-mandated restrictions on communication over the network we built. This is the future we are asking for, for ourselves and our customers."

All I am asking is that Mediacom save its own money. In the process, Mediacom can strike a blow against the encroachment of government regulation and monitoring of the internet and show itself to be a company of integrity, a company that truly -believes- in providing its customers with superior service, not just giving it lip service.

Shut this ridiculous packet injection experiment OFF. If, for some unfathomable reason Mediacom MUST do deep packet inspection, make the process opt-in, not opt-out, and make sure users who have not opted in are not routed through the DPI servers. It's the right thing to do for your customers, it's the right thing to do for your shareholders.

Make it happen.

MediacomChrisL

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 9315
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #1 on: April 26, 2011, 06:21:55 PM »
Thank you for your input and we will gladly voice your concern about this. While the number of customers that are having issues is limited we are continuing to look at why 404 redirects are having issues. We will continue to work on this and apologize for any issues that arise due to this.

Thank you,
Chris

CoMoMediacomSub

  • Hero Member
  • *****
  • Posts: 598
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #2 on: April 26, 2011, 07:25:34 PM »
Mediacom is currently using deep packet inspection to detect search requests sent from browser address bars and forcibly redirecting users away from their chosen search engine and into Mediacom's "Assist" search page.

So these redirects don't occur when the search request is typed into the browser's search bar, right? At least that's been my experience with Firefox, Opera and Safari.
Columbia, MO

MediacomChrisL

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 9315
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #3 on: April 26, 2011, 07:31:54 PM »
If the service is opted out of it should use your default search engine you have set up.

Chris

CoMoMediacomSub

  • Hero Member
  • *****
  • Posts: 598
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #4 on: April 26, 2011, 07:37:51 PM »
If the service is opted out of it should use your default search engine you have set up.

But I haven't opted out, and I encounter the redirects only in the address bar rather than the search bar, too.
Columbia, MO

MediacomChrisL

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 9315
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #5 on: April 26, 2011, 07:39:41 PM »
I am sorry, I misunderstood the question. Yes, the address bar should be the only one that will redirect if opted in. The search bar will use your default search settings.

Chris

magbast

  • Full Member
  • ***
  • Posts: 107
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #6 on: April 26, 2011, 07:43:36 PM »
We shouldn't have to opt-out.  I'm sure there are many customers, that may not be as savvy as others, who blindly accept this because they feel it is normal.  I really hope a change is made in the near future in all aspects.  I honestly don't know how this company stays afloat.

MediacomChrisL

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 9315
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #7 on: April 26, 2011, 07:45:16 PM »
Thank you for your opinion.

Chris

raevenzero

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #8 on: April 27, 2011, 12:13:01 AM »
Could a moderator please post instructions to opt out of this service.  I too have opted out and I am still having issues with a redirect.  I enjoy using my address bar as a search area and when I expect Google, I get a Mediacom's search.

Sharp

  • Full Member
  • ***
  • Posts: 124
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #9 on: April 27, 2011, 01:10:49 AM »
same I would like to opt out as well please thanks.

MediacomBill

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 10531
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #10 on: April 27, 2011, 07:05:39 AM »
Here is a link to a previous post that contains the opt out instructions:

http://mediacomcable.com/CustomerSupport/forum/index.php?topic=900.0

mmjrogers

  • Full Member
  • ***
  • Posts: 122
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #11 on: May 03, 2011, 05:40:57 PM »
The longer Mediacom continues to hijack customer-requested data against customer wishes, particularly in light of the faulty opt-out mechanism, the more ill will Mediacom generates.

Over at Broadband Reports they're starting to file FCC complaints. People on Slashdot are talking about wire fraud and getting state attorneys general involved to investigate this.

Why so stubborn, guys? You can still collect whatever metrics you need using DPI without injecting bogus data. There's no reason, technical or otherwise, to hijack customer connections, but there are plenty of reasons not to.

Your way forward is clear. Turn this "assist" service off. If you want to try it again, test it out in small areas, or with customers who choose to opt in, and -notify- us this time.

MediacomChrisL

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 9315
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #12 on: May 03, 2011, 05:42:47 PM »
Thank you for your opinion. I will make sure it is known.

Chris

ia2ca

  • Newbie
  • *
  • Posts: 9
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #13 on: May 05, 2011, 08:59:04 PM »
I can report that the 'opt-out' does not in fact work at all.  Here is my scenario:

Using Chrome 10, everything works fine.
Ditto for Firefox 4
Using IE9, if I type in the search bar or address bar (for Bing), the search is intercepted and redirected to the custom Mediacom page. 

I opted out last week, and again today.  There seems to be an issue with opting out, as when you choose to disable it, the field reports as black, not "disabled" as the other options do.  If I enable it, it does report as "enabled", but disabling it again reports as blank. 

Obviously phone tech support is clueless when it comes to this issue, and at this point has all but rendered IE useless for me.

MediacomChrisL

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 9315
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #14 on: May 05, 2011, 09:03:20 PM »
I apologize this is happening. If you want to send me your telephone# or account# I can submit this up to NOC to look into.

Chris

squest

  • Jr. Member
  • **
  • Posts: 62
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #15 on: May 08, 2011, 07:43:23 PM »
Shut this ridiculous packet injection experiment OFF. If, for some unfathomable reason Mediacom MUST do deep packet inspection, make the process opt-in, not opt-out, and make sure users who have not opted in are not routed through the DPI servers. It's the right thing to do for your customers, it's the right thing to do for your shareholders.

Agreed.  Although DPI is not illegal, as the Internet isn't regulated by the government, it does revert Mediacom from their status as common carrier (id est, "dumb pipe") to that of content provider, thus making them liable for all illegal activities performed using their network.  This is a ticking time bomb which they will learn all about with their first prosecution and conviction -- however should this happen, they will simply raise the rates on all subscribers and charge us for the added costs (thus they will learn nothing).

While the number of customers that are having issues is limited we are continuing to look at why 404 redirects are having issues.

No disrespect intended Chris, but this statement is patently false.  It appears to me, via very limited testing, that this is affecting a larger number of customers than you realize.  A trip to my mom's house and a test using her connection, confirmed she too is having this exact same issue, however she neither knew there was a problem nor how to report it.  All she does online is facebook, so the chances of her ever encountering this issue by clicking on bookmarks is low to begin with, nor do I believe she would think anything was amiss should she have ever encountered it and just assume that the spam-leaden Mediacom landing page was an appropriate results page for whatever she was doing.

At her house I was researching a cancer drug for a family member.  I entered this URL.

http://en.wikipedia.org/wiki/5-fu

I wound up on the Mediacom spam site instead.  This DPI hijacking and redirection MUST STOP!

MediacomTom

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 4024
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #16 on: May 08, 2011, 07:49:39 PM »
We appreciate your input on this. If you would like us to look into your case please PM your phone# or account# and we will get started on this for you.


To PM or Personal Message please click the talk bubble below my name on the left. It should be to the right of the email icon.

Sharp

  • Full Member
  • ***
  • Posts: 124
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #17 on: May 09, 2011, 11:19:18 AM »
The longer Mediacom continues to hijack customer-requested data against customer wishes, particularly in light of the faulty opt-out mechanism, the more ill will Mediacom generates.

Over at Broadband Reports they're starting to file FCC complaints. People on Slashdot are talking about wire fraud and getting state attorneys general involved to investigate this.

Why so stubborn, guys? You can still collect whatever metrics you need using DPI without injecting bogus data. There's no reason, technical or otherwise, to hijack customer connections, but there are plenty of reasons not to.

Your way forward is clear. Turn this "assist" service off. If you want to try it again, test it out in small areas, or with customers who choose to opt in, and -notify- us this time.
really man...I've lost hope! pm me!

MediacomBill

  • Mediacom Social Media Relations Team
  • Global Moderator
  • *****
  • Posts: 10531
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #18 on: May 09, 2011, 11:52:08 AM »
Thanks for your input.

Starcraft

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: Why Mediacom's DPI policy is both wrong and dangerous
« Reply #19 on: July 01, 2011, 09:19:43 AM »
Long time Mediacom customer here. I would very much like to see this issue resolved. Please tell your higher-ups to discontinue deep packet inspection and allow a proper opt-out choice.

For those who need ez info on DPI you can always wiki - http://en.wikipedia.org/wiki/Deep_packet_inspection

Last time I checked, the opt-out still doesn't work.

I want to see results, not just soft replies from moderators that lead me to believe that the issue is slowly being ignored. Bad practices should come to light before they manifest themselves.

« Last Edit: July 01, 2011, 09:23:24 AM by Starcraft »