Insights For Success

Strategy, Innovation, Leadership and Security

ISP

Did hackers hijack your home network DNS service?

GeneralEdward Kiledjian
book-1659717.jpg

Hackers are crafty and will use any means at their disposal to trick you or steal from you. One such technique is called DNS hijacking. 

DNS is the internet's phonebook. Your browser automatically converts a URL into a numerical address that can then be routed through the internet. 

They can redirect you anywhere they want by changing the server that resolves your DNS queries (aka your phonebook). They can inject advertisements into your browsing or trick you into installing their TLS certificate so that they can intercept traffic you think is secure (think banking, healthcare, e-commerce, etc.).

Rather than provide a technical roadmap on how they could accomplish this, this article aims to provide an easy way for you to check right now.

Checking your DNS

The Internet provides a lot of websites for checking DNS settings and finding out which DNS server is in use. If you do not recognize it, then you probably need to dig in a little more and figure out why.

In most cases, if you haven't changed the default settings, your DNS service will be provided by your ISP. 

Who is my DNS, is a simple service you can use.

Screen Shot 2021-08-08 at 9.44.18 PM.png

F-secure is another simple option you can check out.

Screen Shot 2021-08-08 at 9.45.44 PM.png

You will then get a summarized result./ If you want more details, click on “View results in detail.”

Screen Shot 2021-08-08 at 9.48.26 PM.png

You then get a results page.

I have cropped the right side to protect my information.

Screen Shot 2021-08-08 at 9.49.07 PM.png

Your ISP is always watching, tracking and profiling you

GeneralEdward Kiledjian

The media loves stories about how Google, Facebook and Microsoft are tracking users and profiling them. These stories sell papers and draw in eyeballs. What they don't tell you is that your ISP actually has more visibility into what you do online than any of those giant service providers. 

If you don't see what the big problem is, read this article : How Target knows you are pregnant through data analytics. You may not realize it but the bread crumbs you leave behind are incredibly valuable to marketers, insurers and anyone else interested in using psyops to trick you.

Choose your ISP wisely

The most important fist step is choosing an ISP that will stand up for user privacy. When I moved to Toronto, I went with Teksavvy that seemed to have a more open corporate policy regarding the protection of customer information and at least says they try to limit data collection.

Choose an ISP (if possible) that has policies protecting you.

HTTPS

I have been extolling the virtues of SSL/TLS for 10+ years and Google gave the machine a kick in the but when it started favoring secure connection in its search results. Anytime you see https and that green lock icon near the URL, it means all traffic to and from that site is encrypted and cannot be modified, copied or eavesdropped on. All very good things.

A group of small to medium sites still didn't want to go through the cost and hassle of implementing TLS but a consortium called Let's Encrypt made the process easy through automation and free. Large internet site providers like Wordpress and Squaresapce jumped on-board and offered this as a checkbox addon to any site they host. So now there i no excuse.

As a user, you have to remember to force the connection to the secure https protocol (since most sites still support both and not all automatically redirect to the secure version.) Enter the free browser plugin called HTTPS Everywhere

 

HTTPS Everywhere

EFF makes this browser extension so that users connect to a service securely using encryption. If a website or service offers a secure connection, then the ISP is generally not able to see what exactly you’re doing on the service. However, the ISP is still able to see that you’re connecting to a certain website. For example, if you were to visit https://www.eff.org/https-everywhere, your ISP wouldn’t be able to tell that you’re on the HTTPS Everywhere page, but would still be able to see that you’re connecting to EFF’s website at https://www.eff.org

While there are limitations of HTTPS Everywhere when it comes to your privacy, with the ISP being able to see what you’re connecting to, it’s still a valuable tool.

If you use a site that doesn't have HTTPS by default, email them and ask them to join the movement to encrypt the web.

VPNs

In the wake of the privacy rules repeal, the advice to use a Virtual Private Network (VPN) to protect your privacy has dominated the conversation. However, while VPNs can be useful, they carry their own unique privacy risk. When using a VPN, you’re making your Internet traffic pass through the VPN provider’s servers before reaching your destination on the Internet. Your ISP will see that you’re connecting to a VPN provider, but won’t be able to see what you’re ultimately connecting to. This is important to understand because you’re exposing your entire Internet activity to the VPN provider and shifting your trust from the ISP to the VPN.

In other words, you should be damn sure you trust your VPN provider to not do the shady things that you don’t want your ISP to do.

VPNs can see, modify, and log your Internet traffic. Many VPN providers make promises to not log your traffic and to take other privacy protective measures, but it can be hard to verify this independently since these services are built on closed platforms. For example, a recent study found that up to 38% of VPN apps available for Android contained some form of malware or spyware.

Below, we detail some factors that should be considered when selecting a VPN provider. Keep in mind that these are considerations for someone who is interested in preventing their ISP from snooping on their Internet traffic, and not meant for someone who is interested in protecting their information from the government—a whistleblower, for instance. As with all things security and privacy-related, it’s important to consider your threat model.

  • Is your VPN service dirt-cheap or free? Does the service cost $20 for a lifetime service? There’s probably a reason for that and your browsing history may be the actual product that the company is selling to others.

  • How long has your VPN provider been around? If it is relatively new and without a reliable history, you’d have to trust the provider a great deal in order to use such a service.

  • Does the VPN provider log your traffic? If yes, what kind of information is logged? You should look for one that explicitly promises to not log your Internet traffic and how active the VPN provider is in advocating for user privacy.

  • Does the VPN provider use encryption in providing the service? It’s generally recommended to use services that support a well-vetted open source protocol like OpenVPN or IPSec. Utilizing these protocols ensures best security available.  

  • If your VPN provider uses encryption, but has a single shared password for all of the users, it’s not sufficient encryption.

  • Do you need to use the VPN provider’s proprietary client to use the service? You should avoid these and look for services that you can use with an open source client. There are many clients that support the above-mentioned OpenVPN or IPSec protocols.

  • Would using the VPN service still leak your DNS queries to your ISP?

  • Does the VPN support IPv6? As the Internet transitions from IPv4 to the IPv6 protocol, some VPN providers may not support it. Consequently, if your digital device is trying to reach a destination that has an IPv6 address using a VPN connection that only supports IPv4, the old protocol, it may attempt to do so outside of the VPN connection. This can enable the ISP to see what you’re connecting to since the traffic would be outside of the encrypted VPN traffic.

Now that you know what to look for in a VPN provider, you can use these two guides as your starting point for research. Though keep in mind that a lot of the information in the guides is derived from or given by the provider, so again, it requires us to trust their assertions.

Tor

If you are trying to protect your privacy from your Internet company, Tor Browser perhaps offers the most robust protection. Your ISP will only see that you are connecting to the Tor network, and not your ultimate destination, similar to VPNs.

Keep in mind that with Tor, exit node operators can spy on your ultimate destination in the same way a VPN can, but Tor does attempt to hide your real IP address, which can improve anonymity relative to a VPN.

Users should be aware that some websites may not work in the Tor browser because of the protections built in. Additionally, maintaining privacy on Tor does require users to alter their browsing habits a little. See this for more information.

 

It’s a shame that our elected representatives decided to prioritize corporate interests over our privacy rights. We shouldn’t have to take extraordinary steps to limit how our personal information can be used, but that is clearly something that we are all forced to do now. EFF will continue to advocate for Internet users’ privacy and will work to fix this in the future.

Review of Canadian ISP ElectronicBox.net

technologyEdward Kiledjian

 

Until last week, I had been a long time Bell Internet customer. My journey started with their overpriced & underperforming ADSL service and ended with their Fibe 15 Fiber Optic to the house internet service. I had stayed with Bell all these years because it was easier than moving to another provider but I was tired of being overcharged and underserved. Their helpless desk seem to be staffed with unqualified agents and their customer retention team loves to give a “take it or leave it offer”. One agent I spoke to even said “this is our price and service, if you don’t like it leave”, so I left. 
After looking around I found a local ISP called ElectronicBox which provides internet services for
Quebec City, the Montreal area and Toronto.

Why ElectronicBox

If you check out sites like DSLReports, you’ll see their agents reading customer complaints and responding appropriately. They may be a small company but they seem to have excellent customer support processes. 
I am able to buy a faster internet connection (than the Bell Fibe Service) at a much more competitive price.
I did consider the service from Teksavvy and they also seem to provide excellent customer support but ElectronicBox’s pricing tiers made better sense for my needs. TekSavvy offered the same speeds but had a 300 MB bandwidth tier then moved to unlimited. I felt that I needed more than 300 but less than 500 so I bought the 500MB service from ElectronicBox.

The Signup Process

The signup process was easy and straightforward. I found the cable based internet service I wanted and used their online ordering system. 2 days later, I received the Thomson (Docsis 3.0) cable model. 2 days later I received an email informing me of when the installer would be coming. The installer showed up on time and 3 hours after he left, the service was working flawlessly.
During the signup process I had a couple of technical questions that I emailed their tech support and generally they responded within 36 hours with the correct answer.

The Cherry on top

I had been with Bell for over 8 years and not once did they automatically improve my service. I just received an email from ElectronicBox that they will be improving the cable model upload speed (from 3 Mbps to 10 Mbps) May 1st and without any additional charge. Booya ElectronicBox!

Verdict

Although it has only been 1.5 weeks that I have been with ElectronicBox, the performance of their internet service has been excellent and consistent. I am (so far) a very satisfied customer. Anyone asking me for a good ISP, get’s sent to their website.