back to article Comcast trials Domain Helper service DNS hijacker

The DNS hijacker is here to stay. When Denver-based developer Brent Gartner returned home from vacation this week, he discovered that Comcast, his home ISP, was redirecting his mistyped urls to its very own ad-laden search pages. Earlier this month, the cable giant resurrected this age-old land-grab scheme in several US …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Pirate

    As Long As They Don't Grab My Site's 404s...

    ...I could care less.

    However, I design my sites with very specific and helpful 404/403/500 catchers; designed to help guide lost souls back into the site, and to report server errors. I would get rather peeved if they grabbed that. I strongly suspect such an action would be legally actionable.

    Since I don't seem to have one of these services to test against, I'll see how this shakes out.

  2. RW
    FAIL

    Comcast sucks

    Quote: "The goal is to roll it out nationally when we’re done testing in these initial markets," a company spokesman tells us.

    IOW, regardless of the results of these "tests", implementation has already been ordained from on high.

  3. Kanhef

    Could be done well

    If a requested domain doesn't exist, run it through a spell-checker using the list of known domains as the 'dictionary'. Also try different top-level domains (com/org/net/etc). Display the best five or ten matches, with some sort of content preview so people can avoid typosquatters.

    Of course, you can't make money off of that, so they'll never implement it that way.

  4. Anonymous Coward
    Pirate

    @Alacrity Fitzhugh

    But if your site is example.com and I type exmaple.com (which is how I usually manage to spell it) then I may never get anywhere near your site or your 404s. Comcast will likely lead me to paying competitors.

  5. Anonymous Coward
    FAIL

    fix the problem

    I installed the updated search provider from here

    http://timheuer.com/blog/archive/2009/02/17/cox-opendns-isp-stealing-search-traffic.aspx

    and now Comcast don't steal my searches at least

  6. Ray Simard
    Thumb Down

    A double standard, methinks

    From: http://www.theregister.co.uk/2008/10/23/google_and_typosquatting/

    "According to a recent study from McAfee and Harvard prof/cyber watchdog Ben Edelman - which relies on web data from May 2008 - at least 80,000 domains are typo-squatting on America's 2,000 most popular web sites, just waiting for innocent web users to misspell or mistype their next url...

    "For instance, the study (PDF) says, 742 domains sit just a few misplaced characters from freecreditreport.com, and 327 are shadowing cartoonnetwork.com. "Cartoon Network with three Os. Cartoon Network with two Ts. Cartoon Network that starts with a k. More ways to misspell Cartoon Network than you ever imagined," Edelman tells The Reg. "And almost all of them serve Google ads."

    "In the US, typo-squatting is against the law. The 1999 Anti-Cybersquatting Consumer Protection Act (ACPA) prohibits anyone from "registering or using" domains misleadingly similar to a trademark or famous name."

    [end excerpt]

    So (in the U.S. anyway), it's a crime to register a domain in the hope typo-typers will happen to land on it, but it's fine to diddle (and defile) the DNS to accomplish the same thing--provided you're an ISP in control of the nameservers that nearly all your clients, save those savvy and motivated enough to point their resolvers elsewhere, use.

    Someone's not paying attention...

    Hmm...

  7. Anthony Bathgate

    Nice little reminder.

    I'd forgotten to reset my new DNS server to consult a root server directly instead of just talking to Comcast's. I'd have found out later anyway, when Comcast's DNS inevitably goes down. Again.

    Unless they've decided to actually make sure it stays up because they make money off of it - heh.

  8. Brian Scott

    A good jon for DNSSEC

    Roll on DNSSEC aware resolvers and the fraudulent DNS entries for the non-existent domains will result in a local error on the client machine.

    Rather than seeing the "Domain Helper" service, users will just see a warning that someone upstream is fraudulently altering their traffic. They will then move to a different ISP to avoid the warning. Eventually the ISPs will work it out or die. Easy.

  9. Robert A. Rosenberg
    FAIL

    This "Service" Should NOT be Opt-Out

    If Comcast thinks this hijacking is a service to the customer then it should be an OPT-IN service not an OPT-OUT one. IOW: If I want to have them do this "correction" for me, I should be required to turn the feature ON not have it forced on me until/unless I turn it OFF.

  10. jake Silver badge

    Yet another reason

    Yet another reason why the term "it's comcastic" means "a totally shit service" around these parts.

    Examples:

    Q 1: What do you think of AOL?

    A 1: It's comtastic.

    Q 2: What do you think of politics as usual?

    A 2: It's comtasmagorial.

    Q 3: What do you think of mass-media news?

    A 3: It's comfuckingtastic.

    Q 4: What do you think of Comcast getting loud (sound truck with 500+ watts) and in your face (70" flat-screen) in front of the doors of the local biggie-wiggie-mega-mart, trying to shovel their version of TV at me, despite the fact that I was obviously born before color television, and thus probably have a bit of a clue as to what my options are?[1]

    A 4: (me, dripping sarcasm, to the salesdroid) "It's comcastic, isn't it?"

    Salesdroid: "Why yes, it is!"

    Me: "Fuck off, asshole. I'd prefer rabbit-ears to a company that spends as much on advertising as yours obviously does, to the detriment of customer service."

    Salesdroid: (mind shuts off, obviously never taught about my kind of option in salesdroid school)

    [1] comcast was in front of that store for about five days. I needed to buy stuff there twice during that time.

    I complained to the management of the store both times, and followed up to the head offices of the national chain. I suspect I wasn't alone ... comcast was gone the day after the second incident. comcast is again advertising at the same store, some 6 months later. This time with a table INSIDE the entrance of the store, and no electronic blaring to go along with it.

    A couple days ago, the same salesdroid got in my face. Waving a pamphlet. I replied with something along the lines of "Short memory, asshole? Try to remember me next time. During the meanwhile, fuck off. I get enough advertising shoved in my face without this kind of shit."

    Management was called. I reminded said management of my original complaints. Manager called secretary. Secretary showed up less than 5 minutes later with my original, wet signature complaint paperwork. comcast was asked to relieve the salesdroid of his position in that store ... I have no idea what happened after that, except the secretary looked quite pleased, and the manager gave me 20% off on the beer I was buying for my field hands :-)

  11. Anonymous Coward
    Grenade

    what makes this even scarier...

    is that they don't mutilate their own NXDOMAIN replies. Try it for yourself, enter a nonexistent hostname @ comcast.net.... like http://garbage.comcast.net or http://stupidity.comcast.net Your browser will return the proper error: address not found.

    Many more sophisticated, nah... competent, DNS administrators typically create a wildcard DNS entry that takes you to a 'the site you're looking for doesn't exist, click on this link blah blah blah' page so that you still land on their webserver and they can let you click through to their homepage or auto-redirect you if you let them.

  12. Number6

    Who Bothers?

    Usually when I type a URL I know what I expect to see and as soon as it's obvious that I've mis-typed the URL I'm correcting it and not even really noticing the page I've landed on apart from the fact that it's full of adverts. No idea what any of them say though.

  13. Jeff Rowse
    Coat

    @Jake

    Kudos to you, sir - very well played indeed.

    Just one minor niggling thought though - everybody has to eat, and one suspects that the salesdroid you encountered might not be suited to a role requiring much more than the ability to grin inanely, spout corporate marketing fluff and waste other peoples' time...

    I know the temptation is to let these "people" know what you think of the services they advertise, but it's like Spammers - even though *you* know it's a pile of stinking brown stuff, there are other shoppers who will be taken in by it and the senior people in whichever company is responsible (in this case Comcast) will see sufficient returns from this shameless badgering that a few complaints will not stop it. Unfortunately you'll never see the high muckety-mucks getting their nice patent leather shoes dusty standing around the doors of your local superstore, and the corporate drones that you do see are (almost literally) ten-a-penny, and can be replaced easily - I fear all you may have achieved is to make it harder for one salesdroid to put food on his (or her) table... all Comcast will do is send someone else in their place...

    Mine's the one with "Eat@Joes" on the back.

  14. Jeff Deacon
    Unhappy

    Anyone making a typo in OpenDNS

    will find that they do exactly the same thing.

    Are there any good guys left?

  15. Avalanche
    Boffin

    Not 404 jacking

    This is not responding to 404s, but to failed DNS resolution. Big difference

    404 is an error returned by the HTTP server after requesting a non-existent object. In this case a non-existent server was queried and instead of returning an empty DNS response (protocol specifics elude me at the moment), the IP-address of the ComCast landing page is returned.

  16. Dale Richards
    Boffin

    @AC 7:19

    "Many more sophisticated, nah... competent, DNS administrators typically create a wildcard DNS entry that takes you to a 'the site you're looking for doesn't exist, click on this link blah blah blah' page so that you still land on their webserver..."

    You have to remember that WWW isn't the only Internet service, and there's no guarantee that clients performing a DNS lookup are looking for a web server in the first place.

  17. Anonymous Coward
    Anonymous Coward

    @jake

    Congratulations, you were a prick and got a lowest-on-the-totem-pole dude with no power fired. Fight the man!

    Basically, this poor bastard is trying to hang onto his job, being ordered to push hard (or he'll get fired) and sees about a bajillion people go by every day. So you come by a second time, and - amazing! - he doesn't recognize you. And you get your jollies by getting him fired.

    You're a real winner.

  18. Anonymous Coward
    Anonymous Coward

    re: Dale Richards / other apps

    True, but www is the only one that Comcast et al are targeting.

    If you pay-by-the-byte for your internet connection you should be up in arms over this because instead of simply receiving an NXDOMAIN DNS response packet, you're going to recevie a "valid" response AND your browser is going to connect to the ISP and download a page of advertising.

    What would prevent them from embedding streaming HD-video in their ads and jacking some poor users' internet bill off of the charts?

  19. Anonymous Coward
    Stop

    ...Kingston

    Kingston do this in the UK. Pay £14k pa for a leased line and the default DNS they provide throws up advertising.

  20. YumDogfood
    Coat

    @David W

    “Does anyone here work in advertising or marketing? Well if you do, when you get home take a gun shoot yourself. No bullshit, I'm not joking just do it. I'm just sowing seeds, one day they may take root.”

    - Bill Hicks

    The chance for someone to re-evaluate their life and do something worthwhile, or else top themselves. Either way its a win.

  21. TeeCee Gold badge
    Alert

    Re: re: Dale Richards / other apps

    "What would prevent them from embedding streaming HD-video in their ads and jacking some poor users' internet bill off of the charts?"

    I'm guessing that the propect of receiving several hundred pounds of dogshit mailed in individual jiffy bags by pissed-off customers would be the right answer here.

  22. Nigel 11
    Thumb Down

    Passing off

    Surely typosquatting is a form of passing-off,specially if the page contains advertisements for competing products. It is using a name that is deceptively similar to that of a genuine business, and using it to the detriment of the genuine business. (It must be deceptively similar or you wouldn't have typoed it).

    Cue lawsuits, I hope.

    In passing: for some reason I often typo firstdiirect when trying to get to my bank, and I get to a squatted page. How/why is the double-i a common typo?

  23. Anonymous Coward
    Paris Hilton

    The, um, service

    Service is what a bull gives a cow.

    She knows all about service.

  24. Anonymous Coward
    Anonymous Coward

    @YumDogfood

    It looks to me like your beloved Mr. Hicks has published quite a few books, DVDs, and CDs.

    It's nice to know that all those DVDs, CDs, and books were never promoted or marketed in any way - otherwise, Mr. Hicks - and you - would be hypocrites, as well as misanthropic assholes.

    And I'm sure that's not the case, is it?

  25. jake Silver badge

    @David W. & other "jakie was an evil meanie poo-poo head" idiots.

    Do you REALLY think that getting into people's faces and invading their space is a good way to promote your goods/services? Do you have any clue how many people are using AdBlockPlus, FlashBlock & NoScript? Do you know WHY? To tell you the truth, I don't either. But I have my suspicions ...

    Me, myself, personally, I'm sick and tired of being marketed at.

    I've been on this dampish dirty rock for quite a few decades. I have a brain, and I know how to use it. I can feed myself, clothe myself, house myself, and purchase the variety of geegaws that make my !copious leisure time a pleasure WITHOUT some idiot spewing corporate bullshit in my face.

    Advertising has become entirely too pervasive. I am trying to do what I can to let BigBidness know that there is unrest amongst hoi polloi[1] they are pushing their ads at. I invite you, and others capable of making an informed decision for yourselves, to help the cause.

    I try to make telemarketers cry[2]. I lie heavily when asked to take part in telephone surveys. I lie on "club card" applications, or use a card I found in a parking lot somewhere[3]. I carry a programmable remote control to turn off televisions that push inane drivel like RachelFuckingRay demonstrating yet again how to dry out pork in the meat department of my local grocery store. I unplug the monitor pushing advertising in the checkout line. I have a 110 second "mute" button on the dash of the cars so I don't have to listen to commercials during baseball games. When I watch TV, it is 30 minutes after scheduled times so I can fast forward thru' commercials (thanks, MythTV). Etc.

    If someone loses a job over this, whoop-dee-do. Frankly, I don't care. There are tens of millions of other uneducated, ineducable idiots out there without work. One more won't hurt in the great scheme of things. Maybe, just maybe, it'll convince some twentysomething dropout to go back to school and learn how to become a useful member of society.

    When the revolution comes, marketers will be the first up against the wall. Or maybe second, after lawyers. Or maybe third, after politicians ... Not that I have an opinion or anything.

    [1] Note: no "the" between amongst & hoi. Look it up.

    [2] "Try getting a job as a prostitute. At least then you'll be paid to make people (think they) feel better, instead of getting paid to irritate people" is a good start. Use your imagination. As long as you don't swear, they aren't allowed to hang up on you[4].

    [3] When forced to fill out forms, online & off, I was born on Feburary 29th, 1904. I am a one-legged black lesbian lumberjack who commutes from the bay area to the Pacific North West on rollerblades. And etc.

    [4] I kept one poor sap on the phone for almost an hour driving from Solvang to Napa before hanging up with "You know, I have no idea what company you work for, nor what product you are selling. GREAT form of Marketing and use of your time, no?". I was bored, transporting 12 horses for my wife ...

  26. jake Silver badge

    @David W.

    "It looks to me like your beloved Mr. Hicks has published quite a few books, DVDs, and CDs."

    Not beloved, not any more than Carlin or Pryor or Bruce or O'Rourke or Franken or Zappa or Hackett ... I could go on, I'll spare you. I'll address publishing below.

    "It's nice to know that all those DVDs, CDs, and books were never promoted or marketed in any way - otherwise, Mr. Hicks - and you - would be hypocrites, as well as misanthropic assholes."

    a) In the year that he died (1994), DVDs didn't exist yet.

    b) Those that knew of him went looking for his recordings. I remember no advertising.

    c) My Hicks collection from the era is on vinyl, not CD. I had a bunch of CDs at the time, and I'm absolutely certain if his stuff was released on CD I would have purchased that format.

    d) The only book (that I know of) with his name on it was published ten years after his death.

    e) A little misanthropy is a healthy thing, youngster, as long as it doesn't run your life.

    f) As Ms Bee put it (paraphrasing) "We're all hypocrites, in one way or another".

    "And I'm sure that's not the case, is it?"

    With the above caveats, not for me, no. And from what I can remember, not for Hicks, either. Try listening to some of his humor, and pay attention to his message. Maybe you'll get it, maybe not. During the meanwhile, I'm sure he's spinning as the corporations profit from his work.

  27. Thomas Kent 1
    Thumb Up

    @Jeff Deacon

    If just deliberately typed an incorrect URL using OpenDNS (nisa.gov vs nasa.gov) and I received a "Server not found" error message. I was NOT redirected to another URL.

    I'll just keep on using OpenDNS, thenkyew!

This topic is closed for new posts.