[dns-wg] Hijacking DNS traffic for fun and profit... or something

> On 6 Jul 2016, at 20:36, Max Grobecker <max.grobecker at ml.grobecker.info> wrote:
> 
> "Do not do illegal stuff with your internet connection" and "We will hijack your DNS requests (and maybe other services, too) just to make sure you don't do illegal stuff" are two completely different things.

Indeed. And sometimes ISPs hijack DNS traffic (or whatever) even when there’s nothing untoward going on: think stupid hotel and coffee shop networks for instance.

My point remains though. Unless your contract and national law explicitly says the ISP never rewrites DNS responses, you shouldn’t assume it doesn’t happen. And even if those legal documents did say this, that doesn’t necessarily mean DNS rewriting doesn’t happen either. FWIW this is one reason why all my computers run their own validating resolvers. :-)

> Of course, the contract with my ISP (in my case Deutsche Telekom) contains paragraphs that make me fully liable to anything I do with my internet connection, including
> illegal file sharing, hacking attacks or whatever. But they won't finger in my data traffic.

Your contract might not explicitly say that Max. But I expect the small print will say somewhere that DT has the right to do things to your service if they consider your use of their interwebs to be naughty or harms others or is blocked by court order, blah, blah, blah. Those contractual provisions will go beyond holding you liable after the fact: eg blocking port 25 if they decide you're sending spam. As you’ve just pointed out.

> The worst thing that can happen to you is that they block port 25/TCP on your connection if you're sending SPAM.

Hmmm. I wonder what would happen if you tried to visit a child abuse web site or something that was similarly illegal in Germany? [It doesn’t matter where that content happens to be hosted BTW.] And please note I am not suggesting you actually test this.