My ISP is by-passing Firefox's Location bar search

MozillaZine ^ | 27 April 2010 | Gothicawakening

[ShadowAce]

Hi All,

I just got back from 10 days abroad and noticed my Firefox at home was acting oddly. My preferred way to go to many websites is simply to type their name into the location bar, and then let Google's "I'm feeling lucky" feature take me to the actual site. I realize this might not be the most conventional way to do it (sure, I could have bookmarks etc.), but it's they way I like to do it.. I also use KDE's Alt-F2 launcher to start programs.

Today I noticed that this great feature of Firefox (combined with Google of course) has stopped working, and has instead been replaced with an add-laden search result from another website. For example, typing in just "slashdot" into the location bar used to get me to the Slashdot website, but now I end up with this instead (full size version):



I've confirmed that my keyword.URL setting is still pointed at Google, so this must be happening at the traffic level, I would imagine either by use of a web proxy or something to do with DNS lookup, which makes we wonder if this new 'feature' my ISP (Netvigator by PCCW in Hong Kong) has introduced is also affecting my privacy?

Is there anyway to get Firefox working the way it used to again? For me using that feature was my main way of visiting websites, and it's really annoying that I can't do that any more. In addition, the search provider my ISP is forcing on me does not seem to know about many websites, I would rather be receiving result from Google when the word typed does not have an obvious site match, not from yp.com.hk

As a last though, if other ISPs start doing this too, will it have any affect on the deal Mozilla has with Google, as this effectively replaces that feature in Firefox, so the traffic does not go though Google anymore.

Any help or advise would be much appreciated.

[zeugma]

I'd scan your computer with a few different A/V products to check.

The user is apparently using Linux. A virus or other malware is possible but extremely unlikely. From reading the /. article mentioned earlier, it would appear this is actually occuring at the ISP level.

 

[TChris]

The user is apparently using Linux. A virus or other malware is possible but extremely unlikely. From reading the /. article mentioned earlier, it would appear this is actually occuring at the ISP level.

AFAIK, malware might still mess directly with Firefox even in Linux, no? A hacked home router is still possible too.

If it IS the ISP, really stoooopid move.

[JerseyHighlander]

redirector malware phishing using the hong kong yellow pages as the phisher’s false front.

the screencap doesnt’ schow the address bar, which makes the whole story suspect, anyone who posts scare stories worth their salt would have posted the url so people could look in to it properly.

And Cablevision in the NYC metro area does the same thing unless you manually opt out of their redirector search service. Magically the opt out gets erased every few months on their systems, and users have to opt out again, funny how that works.

[JerseyHighlander]

I should rtfa before posting.
So yes, this guy has the same situation we have in the NYC metro area with Optimum Online broadband by CableVision,
At least Cablevision provides a opt out page about 6 clicks deep to stop this nonsense.

[JerseyHighlander]

Anyone else suffering from this with OptimumONline,
http://www.optimum.net/Article/DNS
is the opt-out page.

[zeugma]

Either of those is possible. Of the two, a browser attack is more likely, though easily fixable.

It is also the easiest to determine if it is the cause.

Close firefox.

mv ~/.mozilla ~/.mozilla.bad

start firefox.

if the problem goes away, your browser has been hacked and you should investigate further. If not close FF again, then

rm -fr ~/.mozilla

mv ~/.mozilla.bad ~/.mozilla

A hacked router is going to be a bit harder to troubleshoot.

[The Great RJ]

Try running “Super Anti Spyware” (www.superantispyware.com). I had malware get past my A/V software and it turned off my Windows update. Super Anti Spyware was the only thing that removed this malware.