back to article TalkTalk customers demand opt-out fix for telco's DNS ad-jacking tactics

Budget ISP TalkTalk has been accused of forcing customers to remain opted into a so-called Error Replacement Service that swaps NXDomain DNS results with an IP address. The option to turn off the system has been busted for months now, but subscribers are still waiting for TalkTalk to fix the error with the Error Replacement …

  1. Neil Barnes Silver badge

    Virgin does the same

    Mistype a URL and you get to a Virgin search engine. Don't know if they also serve adverts - I block them - but it annoys me every time.

    1. wolfetone Silver badge

      Re: Virgin does the same

      The girlfriend has this and I thought it was just some crap they stuck on the router. Sort of glad to know it's not just me.

    2. Daggerchild Silver badge

      Re: Virgin does the same

      Had that. Complete and utter **** when you want to verify your DNS changes worked. There's nothing that says customer service like being repeatedly ****ing lied to.

      They have an opt out. Or maybe I stopped using the DNS servers. Can't remember.

      1. Joe 18

        Re: Virgin does the same

        Virgin has an opt-out. Broken domains remain broken for me. Still don't see why these "useful" services shouldn't be opt-in, they do break an awful lot of stuff.

        1. John Brown (no body) Silver badge

          Re: Virgin does the same

          "Virgin has an opt-out."

          They do, and it's a proper server-side opt-out, not a "cookie" based one so you opt out your whole home LAN. I opted out as soon as the "service" was announced and it's never "accidently" been reset.

      2. BillG
        Happy

        Re: Virgin does the same

        When I had Comcast they had the same. Except that when you disabled it, after a few weeks it would re-enable itself while the box for disable was still checked.

        At first Comcast made me jump through hoops to disable - multiple levels of telephone support where EACH level told you to restart your PC, restart your modem, clear your cache, clear your DNS, etc. You would tell them you just did it and they would say "this is the procedure in front of me". Each level of tech support made you do this until I discovered from a neighbor that worked for Comcast that it was done on purpose to discourage you from disabling it. They would annoy into giving up.

        I finally got it permanently disabled by going full Rainman techno-geek on one particularly difficult and condescending support guy. I mindlessly talked about DNS hijacking, routing tables, etc. When they asked me to reboot my computer I would quickly ask "soft reboot or hard reboot? Do you know the difference? Won't a reboot clear my DNS cache secondary lookup table (I was just making up technical phrases)" I spoke so fast and refused to hang up or let him end the call. I finally made myself so difficult that he permanently disabled it!!!

    3. goldcd

      Meh

      I'm in the same position as you, but really don't feel the urge to get annoyed over it.

      Sure if something I type *should* have been resolved, and doesn't due to Virgin, I'd have a mard - but seeing a page of adverts over a 'not found' message, isn't really destroying my quality of life.

      Moreover I can see there being value in gathering info on what people have tried that doesn't resolve - using this for *something* productive does appeal (basically, if I were Virgin I'd do the same, so can't blame them for doing it).

      I have however plenty of actual gripes with Virgin - fucking about with caps, caching youtube badly, pandering to site blocking requests etc etc etc.

      But, by and large, they're a pretty good ISP given their size. I also feel slightly guilty over my wife haranguing them over out 'internet being down' - when it turned out I'd stuffed up the cat wiring in the house. Lovely offshore support guy was very tolerant of her abuse, and resisted inflicting my deserved raking-over-the-coals as the phone was passed over to me and the penny finally dropped.

      *guilt*

      I'm now off to see if there's anyway I can go and give him a medal..

      1. Tom Wood

        Re: Meh

        This is known as DNS hijacking. While it's merely annoying for users using Web browsers, it's a real pain for developers of other Internet-connected software, Web browsers etc. They rely on the NXDOMAIN response to help ydiagnose Internet connection issues etc. I develop software for set top boxes and we had to change our internet fault diagnosis tools significantly to cope with DNS servers that mess around with the DNS results in ways such as this. Basically, any DNS server that does this is broken and not compliant with Internet standards.

        1. Neil Barnes Silver badge

          Re: Meh

          This was rather my point. If a failed DNS request does not respond according to the appropriate RFC, it's broken.

          Having learned in this thread that the service is switchable, I shall be investigating how to kill it.

          Aha: http://community.virginmedia.com/t5/Up-to-120Mb-Setup-Equipment/Can-t-turn-off-Advanced-Network-Error-Search/td-p/1884740 indicates a method, but also suggests that the method may not work without Virgin tech also getting involved.

  2. Woodgie

    I'm not an expert but...

    Can't you just switch to using someone else's DNS on your local machine?

    Does it hijack all traffic outbound on port 53 and redirect it? If so WHAT THE HELL?!

    1. Salts

      Re: I'm not an expert but...

      You used to be able to kill it with the bogus-nxdomain setting in DNSMasq when ISP's did this, not on TalkTalk therefore not sure if it still works, anyone tried?

    2. garden-snail
      Flame

      Re: I'm not an expert but...

      Virgin Media have also nobbled the DHCP server built in to their "Smart Hub" home routers so you can no longer change the DNS servers that get assigned to hosts. I don't know if TalkTalk devices are similarly crippled.

      Yes, you can manually specify DNS servers on most hosts, but the more devices you have on your network the more of a pain that becomes.

      Currently running my own DHCP server on a Raspberry Pi, but it's not a solution that would suit everyone!

      1. Paul Crawford Silver badge

        Re: I'm not an expert but...

        If/when I get a Virgin "Smart Hub" it will be put in modem mode and a proper router behind it...

        1. Woodgie

          Re: I'm not an expert but...

          OK, so I have to admit this is what I have. Virgin 120mb/s with their box in modem mode and another router/firewall doing the heavy lifting. I also have my own DNS (& DHCP) server for resolving some stuff on the local network and pointing at Google for the rest of it. Hence I've never been subjected to Virgin's DNS issues (as far as I'm aware).

          The reason I asked the question as to whether TalkTalk intercepted outgoing port 53/DNS traffic and re-routed it to their own servers is that I see that breaking a lot of things quite badly. It's bad enough not returning NXDomain when you should if someone is using your DNS servers but to intercept traffic destined for someone else's DNS servers and munging it is unforgivable.

          I sincerely hope this is NOT what's happening. (I accept that it likely is not)

  3. Marvin O'Gravel Balloon Face

    Don't mess with DNS

    Intercepting ones browsing session in order to insert adverts is the height of bad manners. Especially when you're paying for the experience.

    OpenDNS do the same thing, but to be fair to them, it's in lieu of providing a free DNS/content filtering service (if you're that way inclined you can block their ad page at the router, giving you the original "failed" ad-free experience).

    1. Anonymous Coward
      Anonymous Coward

      Re: Don't mess with DNS

      Even better, OpenDNS stopped displaying ads on their DNS error pages back in June.

  4. AMBxx Silver badge
    FAIL

    Talk Talk

    Aren't they the people you use if you like complaining about poor service?

    1. edge_e
      Facepalm

      Re: Talk Talk

      Indeed. Can someone explain how they have any customers?

      1. This post has been deleted by its author

  5. Steve Loughran

    Focus on HTTP/Web breaks everything else

    One issue with all these "helpful DNS" services is that they applications other than browsers, applications that expect unresolveable domains and hosts to fail. It also breaks applications that expect to get XML or JSON back, rather than some HTML crud

    This surfaced when Verisign tried to roll out a similar service on the root domains: every SOAP stack failed in different ways when they tried to handle the output.

    http://www.xml.com/pub/a/ws/2003/10/28/sitefinder.html

    There's also the fact that example.com, example.net and example.org are required by the IETF to be unresolved, which is something I've used in tests in OSS projects. Tests that turned out to fail on Verizon fibre connections, because ISPs getting search revenue is more important than working applications.

    1. Martin Gregorie

      Re: Focus on HTTP/Web breaks everything else

      There's also the fact that example.com, example.net and example.org are required by the IETF to be unresolved, which is something I've used in tests in OSS projects. Tests that turned out to fail on Verizon fibre connections, because ISPs getting search revenue is more important than working applications.

      All three resolve domains and ping from here as 93.184.216.34, which is registered to a resident of Santa Monica, CA so is unlikely to be anything to do with Virgin's munging. If you look at them with a web browser, they all show the text:

      Example Domain

      This domain is established to be used for illustrative examples in

      documents. You may use this domain in examples without prior

      coordination or asking for permission.

      And, as a link on this page says they are IANA reserved domains and adds that "These domains may be used as illustrative examples in documents without prior coordination with us. They are not available for registration or transfer", I think you're wrong in claiming that they should not resolve. Did you check your assumptions before posting?

      1. Tom Wood

        Re: Focus on HTTP/Web breaks everything else

        Yes - the TLD that should never resolve is .invalid

  6. Vince

    I hate this sort of stuff. Recently I happened to be at my sisters, and she (foolishly) had chosen Virgin Media because they offered the usual cheap starting deal and then ramp it up jobbie.

    Anyhow... I had connected to her Wi-Fi simply because there was no mobile service at all, so last resorts and was checking something by PING. It was a few minutes before I realised that no matter what host I would ping, it would always respond, even when it didn't exist.

    I immediately VPN'd back to work so I could actually get reliable answers.

    This stuff is so broken it is unreal - responding to PING though is really pathetic.

    1. Jamie Jones Silver badge

      Three Mobile do this also. I run my own nameservers instead of using theirs, so it doesn't affect me any more.

      Three use 'Barefruit' as the company to provide this 'service' - NX is remapped to 92.242.132.9

      It's still evil though, and assumes internet == web and can break all sorts of other things.

      Whilst they appear to firewall everything apart from TCP port 80, there are still issues that I would be interested to get clarified legally.

      Firstly, I am NOT saying that Barefruit, Three, Talk-talk, or any of the others are doing any of the following. In fact it would be commercial suicide if they did, and for little or no gain. So I'm not implying any bad faith here on any of the actors.

      However, a *major* mistake of theirs in my opinion is they remap *all* NXDomain results, even if the domain portion is valid, so, for instance, if a three customer goes to http://forum.theregister.co.uk/ (note the missing 's') they will be sent to this third-party site, DOMAIN COOKIES INCLUDED.

      A hackers dream to steal login credentials.......

  7. This post has been deleted by its author

  8. Anonymous Coward
    Anonymous Coward

    Why even bother...

    ... with this:

    "The TalkTalk error replacement service helps customers find the right website when a web address isn't recognised."

    Surely the last person dumb enough to swallow the idea that what they're really trying to do is be helpful must have died somewhere before the start of recorded history.

  9. Phil Kingston

    I jsut tyep domian addrrsses corerctly in da frist plaec.

  10. Henry Wertz 1 Gold badge

    Mediacom and CenturyLink do this

    The joys of this city... the cable and DSL provider both disallow 3rd party ISPs on their systems, running as a near-duopoly in the city (other choices are cellular data, which usually is stupidly expensive like $80 for 5GB cap, and satellite internet, which due to the duopolies absurd pricing is actually price-competitive with their offerings.). BOTH hijack DNS!

    Mediacom (cable co. and first member of the ISP duopoly here) not only runs DNS servers that violate internet standards, they would hijack *3rd party* DNS and redirect NX to a garbage domain. (No, the results were NEVER useful -- they resemble what you see on one of those "this domain has expired" pages with a bunch of nosense ad links thrown about, except with Mediacom logos strewn about.) You used to be able to disable it, just to find it re-enabled at random intervals. The disable does now seem to stick (I don't know if they still hijack 3rd-party DNS since I've disabled it.)

    CenturyLink (the DSL provider and other member of the ISP duopoly here) ALSO runs an invallid DNS. Luckily using 3rd-party DNS completely evades theirs.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like