Back in '09 we complained about Comcast's service "Domain Helper," which redirects requests for non-existent URLs to a Yahoo search page. The company has now ceased using Domain Helper because it's incompatible with the DNSSEC internet page-naming security specifications, which it just implemented. Their statement:
When we launched the Domain Helper service, we also set in motion its eventual shutdown due to our plans to launch DNSSEC. Domain Helper has been turned off since DNS response modification tactics, including DNS redirect services, are technically incompatible with DNSSEC and/or create conditions that can be indistinguishable from malicious modifications of DNS traffic (including DNS cache poisoning attacks). Since we want to ensure our customers have the most secure Internet experience, and that if they detect any DNSSEC breakage or error messages that they know to be concerned (rather than not knowing if the breakage/error was "official" and caused by our redirect service or "unofficial" and caused by an attacker), our priority has been placed on DNSSEC deployment -- now automatically protecting our customers...
Translation: (i) "We'll treat you like idiots until it's no longer in our interests to do so" and (ii) "I meant to do that."
TechDirt reads this as an unintended admission that the anti-piracy schemes of the SOPA and PIPA bills won't work:
Comcast (an official SOPA/PIPA supporter) has rolled out DNSSEC, urged others to roll out DNSSEC and turned off its own DNS redirect system, stating clearly that DNS redirect is incompatible with DNSSEC, if you want to keep people secure. In the end, this certainly appears to suggest that Comcast is admitting that it cannot comply with SOPA/PIPA, even as the very same company is advocating for those laws.
(Because SOPA/PIPA envision a system for redirecting traffic away from allegedly offending websites).