-1

Recently when I browse some multi-language websites, the default language becomes Russian.

An example is www.amd.com which redirects me to http://www.amd.com/ru/Pages/AMDHomePage.aspx

I am sure I don't specified any change to my browser/computer language options.

I even tried on my friend's laptop. same result.

Based on the recent unrest and political issues in my country (Iran) and good relations between Iran regime and Russia, I guess they are redirecting our requests to Russia to monitor our traffic by their technologies.

How can I tell this is a regular thing (maybe misconfiguration of DNS or something) or an vicious action of the dictator?

here is the output of tracert www.amd.com:

Tracing route to a24.g.akamai.net [213.155.158.25]
over a maximum of 30 hops:

  1     1 ms     4 ms     1 ms  SHOHADAROUTER [192.168.81.1]
  2    17 ms    27 ms     *     192.168.2.1
  3    13 ms    15 ms     7 ms  172.16.1.2
  4    92 ms    98 ms   103 ms  172.16.2.1
  5   199 ms    89 ms     *     217.219.236.20
  6   115 ms     *      162 ms  78.38.245.57
  7   561 ms    89 ms   156 ms  195.146.63.253
  8   106 ms   101 ms   110 ms  195.175.5.21
  9     *      188 ms   199 ms  turktelekom-ic-134131-ldn-b5.c.telia.net [213.24
8.104.42]
 10   192 ms   195 ms   192 ms  ldn-b5-link.telia.net [213.248.104.41]
 11   204 ms   214 ms   206 ms  ldn-bb2-link.telia.net [80.91.252.201]
 12     *      227 ms   220 ms  hbg-bb2-link.telia.net [80.239.147.186]
 13   240 ms   329 ms   246 ms  s-bb2-link.telia.net [80.91.251.42]
 14   280 ms   345 ms   284 ms  s-b2-link.telia.net [80.91.246.235]
 15   276 ms   232 ms   264 ms  s-hdn-i4-link.telia.net [80.91.249.209]
 16   167 ms   179 ms     *     213-155-158-25.customer.teliacarrier.com [213.15
5.158.25]
 17   163 ms   169 ms   162 ms  213-155-158-25.customer.teliacarrier.com [213.15
5.158.25]

Trace complete.
Isaac
  • 581
  • 1
  • 12
  • 25
  • 5
    Why in the world was this migrated *from* superuser? IMHO it needs to go back there. – EEAA Apr 11 '11 at 19:29
  • IMHO Maybe because it is related to networking and network configuration issues. It is not a problem of special person or computer. – Isaac Apr 11 '11 at 19:36
  • @Isaac - read the FAQ. SF is "Server Fault is for system administrators and desktop support professionals, people who manage or maintain computers in a professional capacity." – EEAA Apr 11 '11 at 19:38
  • The Government isn't spying on you. Many sites use geo-locating based on your IP in order to serve content from web servers nearest you. Frequently, you'll see that kind of URL (with /ru/ ) when the best-guess on your location is in-or-near Russia. Well... in truth the government may be spying on you but this is not an indication of such. – TheCompWiz Apr 11 '11 at 19:46
  • Just assume i am a system administrator of a small company who observers this behavior. What's the difference? The problem is still related to networks. Anyway, why the hell the question is `closed`? Would it possible to kick it back to superuser? – Isaac Apr 11 '11 at 19:47
  • 1
    @Isaac - the difference is that we'd drown in "why can't I get to example.com. Plz help. kthx" type questions if we allowed anyone to post. The superuser community is more than capable of providing an adequate answer to this question, so it's unfortunate that a single moderator there thought (incorrectly IMHO) that it should be migrated. – EEAA Apr 11 '11 at 20:01
  • @Erika: thanks. that is a good explanation of why. Anyway i somehow got the answer of the question. Thanks guys :) – Isaac Apr 11 '11 at 20:06
  • 1
    @Isaac - FYI, after a short discussion with one of the SU mods, your question has been re-opened over there: http://superuser.com/questions/269551/suspicious-redirection-to-russian-pages-is-government-spying-us – EEAA Apr 11 '11 at 21:59

1 Answers1

1

No one is "spying" on your internet connection. This symptom is most likely due to an incorrect entry in the database of whatever IP Geolocation system being used by the website of interest.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • +1 Note: I've noticed problems like this when using Firefox 4.0 that has been upgraded from a previous version. Basically it's region setting got corrupted in the upgrade; from what I've seen it's sort of a common issue. – Chris S Apr 11 '11 at 19:37
  • But as far as i know, Iran never had it's bandwidth from Russia. Iran gets internet connection from Turkey and some Arabian countries. – Isaac Apr 11 '11 at 19:39
  • @Chirs S: i am still using firefox 3.6. I have same problem with IE and my friends' laptops. Clearly this is a network issue. – Isaac Apr 11 '11 at 19:39
  • @Isaac - it's *not* a network issue. As mentioned in my answer, it's an IP Geolocation issue, which can only be fixed by the owner of the Geo database. – EEAA Apr 11 '11 at 19:41
  • The regime is really interested in this kind of things. They just hacked gmail certificates: http://www.wired.com/threatlevel/2011/03/comodo-compromise/ – Isaac Apr 11 '11 at 19:44
  • @Isaac - I'm well aware of the SSL cert compromise last month. That has *nothing* to do with IP Geolocation. – EEAA Apr 11 '11 at 19:48
  • @ErikA: right. SSL cert and this problem is not related. I just wanted to point out the regime interest. Anyway, you this weird redirections shows no possibility of spying? – Isaac Apr 11 '11 at 19:51
  • @Isaac - I'm not saying that. I'm saying that if there were spying going on, it wouldn't cause this behavior. I believe that spying requires that the person being spied on doesn't recognize that anything's out of place, which in this case wouldn't exactly be true. – EEAA Apr 11 '11 at 19:54
  • @ErikA: right. but maybe this is a goof of them. Maybe they forgot redirecting traffic to Russia and sending user requests from a Russian IP causes websites to think the user is Russian and send them a Russian version of website. Not all users cares about this change, most of them just change the language to `English`. – Isaac Apr 11 '11 at 19:58