• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Free Trial
  • Contact us
  • Blog
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Products
    • Product
      • Cisco Umbrella Cloud Security Service
      • Cisco Umbrella Investigate
      • Product Packages
      • Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Interactive Intelligence
      • Cloud-Delivered Firewall
    •  
    • Webinar signup
  • Solutions
    • By Need
      • Protect Mobile Users
      • Fast Incident Response
      • Web Content Filtering
      • Shadow IT Discovery & App Blocking
      • Unified Threat Enforcement
      • Reduce Security Infections
      • Secure Direct Internet Access
      • Securing Remote and Roaming Users
    • By Network
      • Protect Guest Wi-Fi
      • SD-WAN Security
      • Off-Network Endpoint Security
    • By Industry
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
      • Our Customers
      • Customer Stories
    • Ransomware Defense for Dummies book
  • Why Us
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Cloud Network Activity
      • Recursive DNS Services
      • Top Reasons to Trial
      • Getting Started
    • Unmatched Intelligence
      • Cyber Attack Prevention
      • Interactive Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco SD-WAN
    • Navigation-dropdown-promo-SASE-madness_021721
  • Resources
    • Content Library
      • Top Resources
      • Cybersecurity Webinars
      • Analyst Reports
      • Case Studies
      • Customer Videos
      • Datasheets
      • eBooks
      • Infographics
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Cisco Umbrella Blog
      • Latest Posts
      • Security Posts
      • Research Posts
      • Threats Posts
      • Product Posts
      • Spotlight
    • For Customers
      • Support
      • Customer Success Hub
      • Umbrella Deployment Hub
      • Customer Success Webinars
      • What’s New
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
      • Secure Access Service Edge (SASE)
    • Security Threats
      • Ransomware
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
    •  
    • Navigation-dropdown-promo-threat-report_020521
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Become a partner
  • Free Trial Signup
  • Umbrella Login
  • Cloudlock Login
  • Contact Us
Spotlight

Google turns the page… in a bad way.

By David Ulevitch, Founder/CEO
Posted on May 22, 2007
Updated on October 15, 2020

Share

Facebook0Tweet0LinkedIn0

This is a long post but it’s worth the read. In short, Google and Dell have teamed up to install some software on Dell computers that borders on being spyware. I say spyware because it’s hard to figure out what it is and is even harder to remove. It also breaks all kinds of OpenDNS functionality. At the end, I’ll tell you what we’re doing about it.
About a year ago Google and Dell announced a partnership to include the Google Toolbar on new Dell computers. At the same time, Google was trying to convince the Department of Justice that changing the default search engine in the (then) new IE7 was too difficult (when in reality it’s really simple). Installing the toolbar meant that users would have Google as their default search engine in IE7. It also meant that Dell and Google would share some of the revenue from the advertising clicks that resulted from these installations, much like The Mozilla Foundation does with its Firefox browser.
The computer hardware business has razor-thin margins which means making a profit is tough. So the opportunity for Dell to get a recurring revenue stream from an existing customer long after the sale of the computer is more than just enticing, it’s huge. It also means a couple other things:

  1. Dell and Google have an incentive to make it very hard for users to turn this off.
  2. Because users can’t get rid of it, Dell and Google can get away with putting more ads on the page and pushing user-relevant content off the page.

They’re now doing both of these things.

The screenshot below shows what the Dell-branded Google search results page looks like when you make a typo in your address bar. You can’t even see the search results in the picture (800×600 resolution) because the entire top of the page and right side are plastered with ads.

This page isn’t being shown to Dell owners just because they have the Google Toolbar. In fact, uninstalling the Google Toolbar won’t get rid of it. Dell and Google are now installing a second program on computers that intercepts all sorts of queries that the browser would normally try to resolve. This program has no clear name and is very hard to uninstall. In some circles, people would call this spyware.
Google tries to explain the hidden software with this ambiguous statement:

Wow. Are you kidding me? In order for a user to get rid of this brokenness the person has to remove a piece of software called “Browser Address Error Redirector?” That barely makes sense to techies and it makes no sense to normal people. Would your Mom uninstall something with a name like that? I don’t think so.
Not only that, but due to some support inquiries we’ve gotten it seems like this software is being installed on older Dell computers that use some sort of automatic update service from Dell. Is this thing spreading? Ugh. How bad is it?
Let’s see what happens with certain queries and what shows up above the fold. For good measure, I’ve included what we do too, for comparison.

Typed               Dell/Google             OpenDNS
Digg.xom            Paid results            Automatically typo-corrected
Digg                Paid results            Shortcut / Search results
Digg,com            Paid results            Search results

As an aside, for every single one of these pages, OpenDNS provides an unpaid link at the top of the page asking, “Did you mean Digg.com?” If Google and Dell were really trying to give users a good experience, they would offer that, at the very least. They are certainly smart enough.

Is Google being true to their roots?

I love Google’s technology, don’t get me wrong. But I think Google has turned a page here. They have now enabled a piece of software that is hard to remove and forces users to look at a really bad page. In fact, Google knows that this provides users with a dramatically worse experience.

Here’s a press release that talks about what people look at while using Google. (You can be sure Google uses similar technology internally.) Here’s a screenshot, with a red-line indicating what is below the fold.

The Dell-branded page doesn’t look anything like that at all. If you were to put a heatmap on the Dell-branded page… well, users can only look at ads. Dell and Google’s behavior here isn’t okay. Users never asked for this experience and they can’t get rid of it!
Moreover, this new “functionality” breaks things. Instead of making DNS requests, the address bar now sends single word queries to Google. This application breaks a lot of OpenDNS functionality our users love. Typo correction? Broken. Shortcuts? Broken. Google’s application breaks just about every user-benefiting feature we provide with client software that no user ever asked for.

We enjoy challenging problems at OpenDNS. But we’d rather spend our time making the Internet better rather than solving problems that shouldn’t have been created in the first place. We know that Google is capable of launching great products and services, but this isn’t one of them.

How is OpenDNS solving this problem?

Fortunately, we have a fix which does not require more client software. OpenDNS applies intelligence to the network, and we’ve stretched a bit beyond DNS itself to work around Google’s mis-directed efforts. Before I get into that, let me digress for a second:

Many of you have toolbars installed on your computer. Some of you have the Google toolbar, some have the Yahoo toolbar, and some of you have Zwinky (Don’t ask… I think little kids use it). These toolbars are able to see every single website you visit when you surf the web. Most report your surfing habits back to the company that operates the toolbar. Toolbars are something worthy to be concerned about, if only because so little attention is paid to them.

Okay, back to our solution. We did not want to enter the toolbar market. We don’t have any interest in it, and we don’t believe more software installations are the answer.
The solution to this problem was to route Google requests through a machine we run to check if the request is a typo or one of your shortcuts. If it is a typo or shortcut then we do what we always do, just fix the typo or launch your shortcut and send you off on your way. If it’s not one of those two things, we pass it on to Google for them to give you search results. This solution provides the best of both worlds: OpenDNS users get back the features that they love and Google continues to operate without problems.

I want people to know (and be sure) that we aren’t doing anything shady. We’re not spying on you. We don’t care what websites you visit. (Check our privacy policy.) Solving the issue like this allows us to fix the problems with Google (and future similar services) without having to route all your traffic through a toolbar or other service.
Below, there is a mini-FAQ.

Update: Danny Sullivan has a great write-up on this too.

Mini-FAQ

Will this make Google slower?

No. We are doing this URL redirection on all of our servers in all of our locations. Loading Google should take no longer than it took before we made this change. Also, all of Google’s other domains like like gmail.com and even subdomains like reader.google.com still work as they did before. We don’t re-route any of those.

Are you tracking or keeping a log of my searches?

No way. Absolutely not. We don’t keep copies of your cookies, your search history or anything else that would cause an AOL Search disaster. Any logs we have for technical debugging are wiped within an hour of the request, usually much sooner. We also aren’t in a position to log it for the government, and we aren’t a front for the CIA. “The Feds” already know that if they want to know what websites you visit they can just talk to your ISP, unfortunately.

Does this break anything?

Nope, but let us know if you see anything awry.

What about secure logins to Google? Can you see them?

No. Typically when people try to proxy SSL pages it creates an error. We didn’t want that to happen so we did something we think is pretty clever. We actually just forward your packets on to Google when you are doing anything that is secure. This keeps your data encrypted and ensures we can’t perform a Man in the middle attack on you.

Does Google know about this?

We contacted a couple of friends who work on the security side of things at Google to give them a friendly heads up. They said it’s not a technical or security problem on their end. Based on that we don’t think Google has any problem with it. The technology we’re using is pretty standard stuff.

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2021 Cisco Umbrella