Sign in / up

back to article BT promises firmware update for Mini Whole Home Wi-Fi discs to prevent obsessive Big Tech DNS lookups

Users of BT’s Mini Whole Home Wi-Fi range-extender discs have noticed their devices are making hundreds of thousands of daily DNS lookups for big tech companies’ websites – causing problems for some wanting to access Gmail and Microsoft services. The huge volume of requests generated by the BT-branded discs has caused problems …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Dave559 Silver badge

    BT… Phone… Home…

    "BT… Phone… Home…"

    Wait, no! Not like that!

    This sounds like the dumbest way of checking for internet connectivity imaginable, essentially trying to DDoS well-known sites. Hopefully a future "Who, me?" article will confess why someone ever thought that was a good idea…

    21 0 Reply
    1. Dan 55 Silver badge
      Reply Icon

      Re: BT… Phone… Home…

      One wonders why they didn't spam www.bt.com. Perhaps their website isn't reliable enough?

      16 0 Reply
  2. tip pc Silver badge

    flaw only affected those users with custom DNS setups on their personal networks.

    "the flaw only affected those users with custom DNS setups on their personal networks."

    The flaw affects everyone, just that BT don't trigger rate limits or extra checks when their DNS servers are used.

    while I don't have these disks, I'm dropping all tcp/udp 53 on my fw and have a pi-hole requesting to a cloudflare DoH proxy.

    doesn't stop the new fangled browsers or other IoT doing the same though so I may not see what the IoT is looking for if they do DoH too.

    14 0 Reply
    1. Crypto Monad Silver badge
      Reply Icon

      Re: flaw only affected those users with custom DNS setups on their personal networks.

      A while ago, Unifi APs started calling home to the vendor to report stats.

      Now my Unifi APs have their management address on a separate VLAN, which blocks *all* outgoing traffic. The controller sits on this VLAN too. And I only open up outbound access from the controller when fetching a new firmware version.

      It's sad that we can't trust vendors not to spy on us these days.

      2 0 Reply
  3. Fonant

    Ping?

    Why not ping to see if a connection is available?

    I suspect something targetted-advertising-related is going on. Still Big Money available in that field, it seems.

    9 0 Reply
    1. the spectacularly refined chap
      Reply Icon

      Re: Ping?

      You still need an IP address to ping. You know, the one you get from DNS...

      3 5 Reply
      1. iron Silver badge
        Reply Icon

        Re: Ping?

        You could ping a known IP address that isn't going to change without using DNS. Maybe one provided by BT themselves.

        6 0 Reply
      2. iGNgnorr
        Reply Icon

        Re: Ping?

        And ... once you've looked it up, keep using the one you got until either it doesn't work, or the device is rebooted. Seems pretty basic really.

        2 0 Reply
    2. AndrueC Silver badge
      Reply Icon
      Meh

      Re: Ping?

      Why not ping to see if a connection is available?

      And another reason is that responding to a ping is not mandatory. Any router or the target device can decide not to bother if it can't afford the time. It might also be configured never to respond to pings at all.

      A ping failure does not necessarily indicate a connection failure. It might not even indicate a fault. And if it indicates a fault it could be so close to the target as to be irrelevant/unfixable.

      2 0 Reply
    3. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Ping?

      Yeah BT have PHORM where it comes to attempting to cash in on their customers internet usage

      4 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    BT Retail have Phorm for crap like this.

    27 0 Reply
  5. Roland6 Silver badge

    Pixelated Paula

    Now we know why Pixelated Paula's broadband suddenly started to fail, she had installed BT Home WiFi discs...

    4 0 Reply
  6. zb42

    BT recently pushed new firmware to "Smart Hub 2" internet boxes.

    It broke communicatioms between devices on the 2.4GHz and 5GHz wifi bands.

    I have the log from one Hub2, it took a little over a month from BT saying that they had a fixed version of the firmware until it was actually pushed out to the box. An old wifi access point as a workaround is still plugged in at that office.

    2 0 Reply
    1. gryphon
      Reply Icon

      Interesting. Never noticed that.

      However I had been having quite regular service disconnections, at least once or twice a week for ages. I.e. the wan connection, not Wi-fi.

      Would sometimes reconnect itself but usually swmbo got impatient and did a power cycle.

      Got really bad after they updated the firmware on may 27th this year happening every couple of hours.

      Talked to BT who suggested a factory reset. Did that and was even worse for about 2 hours then seemed to stabilise itself and has been fine for a week.

      Give BT their due i phoned them after reset and said it was still having problems and they sent me one of the little cellphone routers right out and arranged an engineer visit. But of course I pay extra for Halo whatever.

      First time I called them she couldn’t get the logs from the router to verify the problem. 2nd time different lady managed to so could actually see the problem.

      0 0 Reply
  7. OpenSauce
    FAIL

    I logged the following with BT on 12th Feb this year:

    I have noticed my firewall getting connections to AKAMAI every second

    and hogging firewall resources.

    The disc is trying to connect to various Internet addresses:

    23.40.113.217

    23.56.184.216

    104.78.177.250

    104.121.137.246

    Got a reply on 3rd March saying BT were investigating and believed would be fixed in the next release of firmware, and they'd inform me when it was available.

    Heard nothing, problem still exists.

    2 0 Reply
  8. John Sager

    If this is supposed to be a link integrity check, it's a criminally stupid way of doing it. My ISP sends LCP echos to my border router every second in the PPP session to monitor link integrity, delay, etc. That's the proper way to do it.

    4 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Even better if they didn't use PPP at all!

      0 0 Reply
  9. Martin
    FAIL

    It's not just custom DNS setups.

    a spokesman told us the flaw only affected those users with custom DNS setups on their personal networks

    No, it affects EVERYONE. And if, like me, you're using a non BT router, you're using a non BT DNS server, and so they get zillions of hits, not BT.

    The flaw only APPEARS to affect users who have got custom DNS setups, because we're the only people who notice our DNS being hit by multiple requests to Microsoft.

    That's what really pissed me off about this issue. It was the suggestion that because the software didn't cause most people to complain (because they weren't aware of it), then it doesn't matter that you're making over half a million DNS requests a day to someone else's name server.

    The question I've never managed to get answered is - why do they need to do this? These discs are basically clever access points. They are not routers, and they shouldn't care two hoots whether the internet is working or not. That's the job of the router.

    Oh - and according to BT, the reason they do this is so that they can put a little red light on to alert the user that something has gone wrong if the internet goes down. As if the router doesn't already do this.

    Anyway, we're promised a new firmware on June 21st, which is going to reduce the impact to once a minute, not once a second. Still more than is necessary though.

    9 0 Reply
  10. Gene Cash Silver badge

    So how can we push this up the chain?

    BT is obviously lying, and anyone with minimal technical background can figure it out. How does a customer push it up the chain of regulatory authority?

    I know in the US, if you write a letter to the FTC or FCC with a modicum of grammar and spelling and minimum capslock, and some sort of complaint that has any substance, then it's taken very seriously.

    3 0 Reply
    1. katrinab Silver badge
      Reply Icon
      Unhappy

      Re: So how can we push this up the chain?

      The equivalent here is OFCOM. Good luck getting them to do anything about it.

      1 0 Reply
  11. Doctor Syntax Silver badge

    The explanation's a classic case of "It's not a bug, it's a feature."

    1 0 Reply
  12. The Onymous Coward

    I've got six of these discs and only noticed what they were up to when I had cause to log into Pi Hole. I'd been wondering why Google kept asking if I was a robot.

    BT's response is pathetic. This is fourth generation bork. Access points shouldn't care about internet connectivity. Doing a DNS lookup is a stupid way to test internet connectivity. Doing a DNS lookup for a domain you don't own is a stupid way to use a DNS server to test internet connectivity. Doing a DNS lookup once per second for every client on the network is a stupid way... etc etc.

    The discs still point at Pi Hole for DNS, but ufw drops their requests. They don't complain.

    IT NO MAKE ANY SENSE

    3 0 Reply
  13. Michael Wojcik Silver badge

    Typical incompetence

    This sort of thing is all too common for commodity devices, which generally run firmware thrown together by people with no network-engineering experience or training, and no incentive to do things correctly.

    I'm sure many here remember the many cases of NTP vandalism (to use Poul-Henning Kamp's phrase), such as the U Wisconsin DOS.

    0 0 Reply
  14. Anonymous Coward
    Anonymous Coward

    Canary does this.

    Canary “security” devices do this this. It hammers my DNS servers, asking for a.root-servers.net. ad infinitum.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like