2
   

My ongoing battle against Comcast DNS hijacking

 
 
Reply Thu 29 Dec, 2011 10:22 pm
DNS hijacking is a sleazy way for Comcast to make a few extra dollars from unsuspecting customers. Every few months I have this same damn problem.

Let's say on Firefox you type "gmail" instead of "www.gmail.com". What is supposed to happen is that the DNS server sends back a "404" which means "page not found". Firefox then can do something intelligent like saying let's try it with .com.

This "page not found" code is a feature. Your browser can then do something intelligent (which I can control). For example it can try gmail.com and then gmail.org or any other of a number of combinations until it gets back a page.

To me this is a nifty feature. It means my browser can do what I want it to do. The key to this feature working is that when there is no page at an address, it must return a "page not found" error.

Well, Comcast never returns a "page not found" error. Instead it returns a fake page that tricks your browser. The browser has no reason to believe it isn't the page you wanted. This page says "we couldn't find the page you wanted, so here are some links that we will get paid for".

This is annoying. They are getting money for taking away a feature that I find useful.

Now, if you are in the know, there is supposedly a way to opt out of this spam page. However the automated way to do this never works the first time meaning I have to spend 20 minutes on the line with their customer service people trying to explain to them what the problem is.

Yes there are solutions, including opendns etc. But the internet should just work, and it does as long as companies like Comcast don't keep screwing it up.
 
jespah
 
  1  
Reply Fri 30 Dec, 2011 04:25 am
Sounds to me more like you've got spyware. Is it Freeze.com by chance? I recall I got rid of it - can't recall how, but it may just have been a matter of searching for something like that on my computer and deleting it.
maxdancona
 
  1  
Reply Fri 30 Dec, 2011 08:46 am
@jespah,
Nope Jespah. It ain't spyware. The spam page is definitely coming from the Comcast DNS. Comcast is foisting advertising on its paying customers.

I had to call two representatives and spend about 35 minutes, but they finally got rid of the damn thing.

Quote:
The idea behind the helper service is a simple one. Despite going against what many might refer to as Internet standards, Comcast among other ISPs are producing “landing pages” for misspelled Web addresses as you hit submit in your browser. So if you type in a domain spelled like Google but mismatched something in the spelling, you will be taken to a Comcast page with advertisements on it.

Now here is where most people don’t care. To Joe Average, this is not a big deal. It’s about as scary as “Page cannot be displayed.” So the user will likely stop, then try again — this time getting the page right. For SoHo and power users on the other hand, this is an issue with the lack of NXDOMAIN when Comcast uses this type of service. Why does this matter? Well, it can create some serious complications with services like some spam filtering or VPN access where a company’s own nameservers need to be used as the public ones are failing. Sadly, in order for software to know they are failing means that NXDOMAIN must be in play. With Comcast by default, they are not


http://www.lockergnome.com/it/2009/08/10/comcast-domain-helper-service-is-not-welcomed/

rosborne979
 
  1  
Reply Fri 30 Dec, 2011 09:18 am
@maxdancona,
Hmmm, interesting. I just tried inducing this error (by making up a bogus www.blahhhht.com) address, and Comcast intercepted it and actually produced a fairly helpful search result page. But the URL has to be at leas somewhat recognizable. If I completely mangle the URL, like sewe333.treal.muk all I get is a browser error saying it can't find the domain.

The comcast page I get also has a "disable this error" link on it, which I assume will let me disable the result screen. But I don't want to disable it, because what I'm seeing appears fairly useful.

I don't see any ads on the pages I'm getting.
maxdancona
 
  1  
Reply Fri 30 Dec, 2011 09:40 am
@rosborne979,
How is the search result page "fairly helpful"? The top half is even called "featured links" which means "we got paid for giving you these ads". There are lots of things you could get, including a google search, which would be better.

The point is that you should be able to control what happens when you the address you type doesn't return a page. The issue is that this advertising page, whether it is "fairly helpful" or not, breaks the Internet standard behavior.

The Internet is designed to return a page not found code (i.e. 404). If Comcast returns a 404 than I can have my browser handle this however I choose. This feature is then something I control. I could choose to redirect to a google search. Or (as I prefer) I could have my browser understand my common mistakes and fix them without me even knowing it.

When Comcast intercepts your page request to send you to their advertising page, they are taking away any other option that you might choose (unless you go through this long painful process to "opt-out").

It would be interesting if you turned off this Domain Helper and see how much better your browser handles missing pages without it. I bet you will like not having this "feature". The great thing is if you don't like it, once Comcast is out of the picture, you can configure your browser to handle it however you want. Comcast is taking options away from you to give you a page that is designed to give them advertising revenue from a service that you are already paying for.



maxdancona
 
  1  
Reply Fri 30 Dec, 2011 09:55 am
@rosborne979,
Let me make it clear what firefox should do (and does on my computer one the stupid Comcast thing is fixed).

1) I type "www.amazon.com" I am brought to the amazon.com website no search pane no advertisements and no extra clicks. (Even comcast gets this one right).

2) I type "amazon" (missing the ".com" part) I am brought directly to the amazon.com website. No advertisements and no extra clicks.

3) If I type "amazon.co" I am brought directly to the amazon.com website.

4) I type "able2know" I am brought directly to the able2know.org website.

5) I type "www.brahhhhts.com", I am brought to a Google search page (exactly the same as if I had typed "www.brahhhts.com" into the google search bar).

The fact is that I don't want to see a freakin' search page on any of the first 4 examples. 99% of the time I just want to go to the page I am thinking about and 99% of the time the page I want is absolutely obvious. If I want a search I will type into the search bar and the only other time I want a search is as a last resort.

But the real point is that I can configure this myself. Once Comcast stops hijacking the page not found code the behavior in each of situations is under my control. I can set it up however I like.

If you want a search page, you should be able to choose to have one (and I really doubt that if you had this choice you would choose Comcast. You use this Comcast search page because you are a somewhat captive audience.

Comcast is making it difficult for you to customize your own system because they want to sell advertisements.


0 Replies
 
BillRM
 
  1  
Reply Fri 30 Dec, 2011 09:58 am
@maxdancona,
Simplist solution is to not to used the comcast default DNS server but one that will return a 401 error and below is a utilty program that will find the fasters dns servers for your location.

I do not think this progra give 401 error handling information but trying a few and testings does not seems all that hard to do.

http://www.grc.com/dns/benchmark.htm
0 Replies
 
rosborne979
 
  1  
Reply Fri 30 Dec, 2011 10:09 am
@maxdancona,
I guess I so rarely mis-type my URL's that this whole situation isn't even on my radar as something I want to spend time on. But good luck on your quest. Smile
DrewDad
 
  2  
Reply Fri 30 Dec, 2011 10:21 am
@jespah,
jespah wrote:

Sounds to me more like you've got spyware. Is it Freeze.com by chance? I recall I got rid of it - can't recall how, but it may just have been a matter of searching for something like that on my computer and deleting it.

No, I've seen this with other companies as well.

If they don't find a DNS record for the address you typed in, they send back the IP address of their webserver that dishes out advertisements.

It's very annoying for me, because that address then gets cached on customer DNS servers (who use the ISP DNS server as a forwarder).
0 Replies
 
maxdancona
 
  2  
Reply Fri 30 Dec, 2011 10:21 am
@rosborne979,
I like being able to type just the important part of the URL. This is why I always notice when Comcast breaks again. I don't even type "www.able2know.org", or "www.dailykos.com". I just type "able2know" or "dailykos". The internet is smart enough to figure out what I mean as long as Comcast doesn't break it.

Sure this is more of an annoyance than a disaster.

The fact that Comcast is earning advertising money by making the Internet work a little worse for their customers bugs me.
DrewDad
 
  3  
Reply Fri 30 Dec, 2011 10:28 am
@maxdancona,
That's not the Internet, that's your browser.

My suggestion: Install your own DNS server on your PC to perform your recursive queries.
maxdancona
 
  1  
Reply Fri 30 Dec, 2011 10:42 am
@DrewDad,
Installing a DNS server is a little overkill for me. There are alternative DNS services including opendns and Google DNS. Or I can keep fighting with Comcast to do the right thing...

BillRM
 
  2  
Reply Fri 30 Dec, 2011 10:55 am
@maxdancona,
Why the hell would you trouble yourself with fighting comcast when using another DNS server is so easy?
maxdancona
 
  1  
Reply Fri 30 Dec, 2011 11:11 am
@BillRM,
I am paying Comcast for internet service. It should just work according to internet standards.
BillRM
 
  2  
Reply Fri 30 Dec, 2011 12:30 pm
@maxdancona,
Quote:
I am paying Comcast for internet service. It should just work according to internet standards.


Lord a lot of things in life should not be how they are however in the schema of life this is very minor with a fast work around beside.

If you are that unhappy you can complain to the state agency that license them and or try to find another ISP that does not do the same thing.

I question if they had any obligation to follow the internet standards in every detail and most ISP do not do so in one way or another,

Some ports for example with a history of being abused are closed by most ISPs or giving pings back inside their networks and a millions and one others ways that they do not follow the standards.





0 Replies
 
BillRM
 
  1  
Reply Fri 30 Dec, 2011 12:31 pm
@maxdancona,
Quote:
I am paying Comcast for internet service. It should just work according to internet standards.


Lord a lot of things in life should not be how they are however in the schema of life this is very minor with a fast work around beside.

If you are that unhappy you can complain to the state agency that license them and or try to find another ISP that does not do the same thing.

I question if they had any obligation to follow the internet standards in every detail and most ISP do not do so in one way or another,

Some ports for example with a history of being abused are closed by most ISPs or giving pings back inside their networks and a millions and one others way that they do not follow the standards.

JTT
 
  3  
Reply Fri 30 Dec, 2011 12:43 pm
@maxdancona,
Why don't the phone companies, when a number rings busy or there's no answer, divert the caller to a new number where they can listen to ads?

That would be so neat.
maxdancona
 
  1  
Reply Fri 30 Dec, 2011 05:10 pm
@JTT,
GPS companies, instead of telling you you typed in the address wrong on your GPS device, could direct you to the nearest McDonalds(tm). The revenue opportunities are endless.
JTT
 
  1  
Reply Fri 30 Dec, 2011 05:48 pm
@maxdancona,
Quote:
GPS companies, instead of telling you you typed in the address wrong on your GPS device, ...


Or an even better idea, ignore your request altogether andsend you to the place of their choosing that they think you would enjoy more than your own first choice.
0 Replies
 
maxdancona
 
  1  
Reply Fri 30 Dec, 2011 05:51 pm
@BillRM,
This DNS hijacking is fundamentally different from the port blocking you describe for two reasons.

1) ISPs don't directly generate revenue by blocking ports. Comcast is generating revenue by selling ads on this hijack page.

2) Blocking ports has a benefit to the user. It makes the internet more secure by countering specific threats from bots. The Comcast page generates no benefit to the user since browsers work better without the hijacking and the user has the option of a search page (even Comcast's search page) if he chooses.

Comcast is making money selling ads in a way that makes the internet experience worse for their customers.
 

Related Topics

So I just joined Facebook.... - Discussion by DrewDad
YouTube Is Doomed - Discussion by Shapeless
Internet disinformation overload - Discussion by rosborne979
Participatory Democracy Online - Discussion by wandeljw
OpenDNS and net neutrality - Question by Butrflynet
Internet Explorer 8? - Question by Pitter
 
  1. Forums
  2. » My ongoing battle against Comcast DNS hijacking
Copyright © 2021 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.04 seconds on 05/13/2021 at 05:04:05