joeykahn
join:2005-09-10
Bay City, MI
3 edits | Charter Corrupting DNS protocol (ie: hijacking hosts) Remember when Network Solutions altered the root servers to stop returning NXDOMAIN for unknown hosts in unregistered TLDs? (Instead, they hacked the root servers to return an IP address of one of their servers in an attempt to hijack domain name typo web traffic.)
Now, Charter is doing exactly the same thing; and perhaps a bit worse. Charter's DNS service now returns an IP address to a machine servicing only port 80 for any DNS lookup which fails; not only for unknown TLD's, but also unknown hosts within delegated domains.
leo125> nslookup ableeblee.dslreports.com
Server: 24.247.24.53
Address: 24.247.24.53#53
Non-authoritative answer:
Name: ableeblee.dslreports.com
Address: 64.158.56.56
Name: ableeblee.dslreports.com
Address: 206.112.100.132
Thus, if you are using a browser and type any bad domain or host name, you are connected to 64.158.56.56:80 which then returns a hybrid Yahoo search page based on the "Host:" HTTP header, such as:
»www11.charter.net/search?qo=bad_···38-DQTRq
In the returned search results each visible link is wrapped in a javascript on-mouse-over script which updates the status line to indicate the final, legit, target URL while the underlying href= contains a unique identifier pointed at www11.charter.net. Clicking on any link in the search result page only redirects you to the final target through charter.net; in other words, Charter is also tracking your clicks on the redirected, failed-DNS, typo page.
While some may refer to his as "404 Hijacking", the underlying problem is the corruption of a core Internet Protocol/RFC which states unknown hosts MUST return NXDOMAIN. Normal DNS service is important and should not be corrupted in this way (I can outline the problems in further posts if needed).
Charter may also claim they have an "opt-out" feature; but this feature only alters the behavior of your web browser experience and doesn't effect their DNS service implementation.
Furthermore and sadly, "opting out" of the default search return merely makes the intermediate web server redirect you to search.msn.com.
If Charter wants to hijack typos, they should do so in the co-branded browser they ship to new customers while paying the appropriate licensing fees; they should not be corrupting a core Internet Protocol.
Does anyone know how wide spread this "new service" is and how we can go about changing it?
I am located in Bay City, Michigan.
Any advice is appreciated,
Best,
Joey
(Edit: Changed two instances of SERVFAIL to NXDOMAIN, thanks for pointing that error out, I'm pretty dumb sometimes  | |
|
 Lazlow
join:2006-08-07
Saint Louis, MO | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Joey
Same BS in St Louis.
Lazlow | |
|
stivvy
Technonerd
join:2002-05-08 | Change your DNS servers.
4.2.2.2 and 4.2.2.3 work fine for me. | |
|
 | joeykahn
join:2005-09-10
Bay City, MI | Re: Charter Corrupting DNS protocol (ie: hijacking hosts)
There's a far bigger issue here: is it acceptable for ISPs to alter core protocols? What then becomes the point of having protocols and standards? | |
|
|
| Darkk
join:2003-10-03
Almont, MI
 ·Charter Pipeline
| Re: Charter Corrupting DNS protocol (ie: hijacking hosts) They've altered it here in Michigan too.
Tech support is apparently unaware of the issue. (Not that you can understand offshore support, or get them to understand you either.)
This is simply unacceptable as it breaks the standards-based way that the Internet operates. It not only affects browsers (in a bad way) but other apps as well. None of the other apps can handle errors correctly now, and will report false error messages because of the redirect.
AN ISP should not alter standards-based Internet behavior, period. And we shouldn't be forced to use alternate DNS servers to get around an act like this. It's just plain bad technically.
I called Charter Corporate to complain and I suggest others do also. What Charter is doing to DNS resolution is simply unacceptable.
Here is a number at Charter Corporate to call:
888-561-1030 x28377
Call and voice your displeasure at this. | |
|
| | mworks
join:2006-06-13
Faison, NC
| Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Download treewalk at »ntcanuck.com/
Change your dns servers to another provider like level 3 at
4.2.2.2 and 4.2.2.3 . Enjoy MUCH faster browsing .
For those that don't know, Treewalk runs a dns server on your own pc and only goes on the net to get site addresses if they aren't in the local cache.
Much faster than the charter BS | |
|
| | | dks7
join:2004-05-31 | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) I personally locate some DNS servers of a business or something close to me to use, I use ones that are like 50 miles from me, works great. | |
|
| | | | Velocity92c
join:2006-12-04
Louisville, KY
1 edit | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) . | |
|
| | | | | Darkk
join:2003-10-03
Almont, MI
1 edit | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) So does that mean no more VPNs to the workplace for residential customers?
Any info on the broken VPN issue? | |
|
| | | | | | Velocity92c
join:2006-12-04
Louisville, KY
1 edit | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) . | |
|
| | | | | | | Velocity92c
join:2006-12-04
Louisville, KY
1 edit | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) . | |
|
| | | | | | | | Snavvie
join:2006-09-28
Louisville, KY | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Hrrm. Interesting topic. | |
|
| | | | | | | | | 
gimlet420
join:2001-03-07
Madison, WI | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Marketing people need to be handled Garfield-style... dragged out into the street and shot. | |
|
| | | | | | | | | |
| | | | | | | | | Darkk
join:2003-10-03
Almont, MI | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Sounds like Charter needs to learn how to properly set up a system of DNS servers before it allows some third-party corporation to hijack them. | |
|
| | |
| molochi
join:2007-02-21
| Re: OpenDNS said by radiofreq  :OpenDNS! Try it! OpenDNS is guilty of the same thing. They however tell you up front that mispellings and known phishing sites will get redirected. Whether you trust them or not is up to you. | |
|
| | markopoleo
join:2003-04-02
Bonne Terre, MO | Re: OpenDNS Big freakin woopity do about the change. lol | |
|
bylaws
@charter.com
| If you know an adress is at a certain name, and you type it correctly, what are the chances that you will NOT get the original content by x author at x address?
As long as the original auther has their domain registration fee's paid, there are copyright laws that are designed to prevent misrepresentation, alteration, and replacement of original works or dirivitive works based on an original works registered name, and also to prevent other companies from saying "you can't use that domain"
So, if your ISP does not PAY for the registration of the domain name that you misstyped, they cannot "redirect" you to their own page content without breaking the Domain registration LAWs.
To add to this, if they do pay for their registration fee's and are not trying to misrepresent your original destination, replace or compose a derivitive works of your original destination, there's nothing you can do!
said by loose wire blog :
"Paul Thurrott of Windows and .NET Magazine tells the story of a Canadian teenager called Mike Rowe who brought down the full wrath of Redmond's lawyers when he set up a website called MikeRoweSoft.com. They sent him a 25-page letter demanding that he hand over the domain name. Rowe goes to the press, his site gets massive interest, his case gets lots of support, and suddenly, Microsoft has backed down, issuing an
apology in which the company admitted that it had acted improperly."
It's not a stretch of the laws context to point the finger directly at the company allowing the works to be replaced by 3rd party, or replacement of original works by another company with their own content without paying for the domain registration, or!!!! Redirection of an incorrect url to their content on their page instead of ERROR 404; where it can be considered unlawfull to redirect someone to another site simply by the mis-spelled URL; because it's unlawfull to replace an original work with their own content, at their own URL, without paying for the registration rights for the accidentally mistyped URL. | |
|
|
hotoffthepress
@charter.com | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) You can turn off redirection in windows Internet explorer options, where it says, "search for most likely address" or "do not search from the address bar" etc.. This will prevent your DNS error redirections. | |
|
| | joeykahn
join:2005-09-10
Bay City, MI | Re: Charter Corrupting DNS protocol (ie: hijacking hosts)
HTTP/404 redirection isn't the same thing as DNS corruption. No 404 is ever returned; rather, a misdirected IP address for whatever host you typed in is returned and your browser blindly directs your request there. | |
|
| | | useless
join:2006-07-16
1 edit | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) This is def interesting, i do not use them so I dont care much, but it is contradictory to "accepted practice"
Problem is, there are no laws governing businesses in this type of activity. Im sure there is probably something in the agreement you agreed to that makes this a moot point, although I haven't looked. | |
|
| | | | joeykahn
join:2005-09-10
Bay City, MI
1 edit | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Right now, I feel utterly powerless trying to do anything here and am embarrassed that Charter's own Engineering Staff aren't strong enough to stand up to their Marketing Department. Embarrassed for good Engineers, that is.
So far my letter to Charter has resulted in form-replies saying that they've received my complaint and will get back to me.
Phone calls have gotten nowhere useful; the experience has so far been frustrating -- I need a better speaker phone while waiting on hold.
I probably should iron a good shirt and put on a suit then visit the nearby office to see if there is anyone who understands the issue. There must be, right? | |
|
| | | | | useless
join:2006-07-16 | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Sales > everything else. That is just about every company.
dunno what to tell you man sorry. | |
|
| | | | | | Darkk
join:2003-10-03
Almont, MI
·Charter Pipeline
| Re: Charter Corrupting DNS protocol (ie: hijacking hosts) I never got past the Charter corporate voice mail after I got the letter saying they had tried to contact me in the mail. So I haven't received an answer either.
Charter definitely blew it with this move...
What I want to know is whether they are tracking browsing habits now by IP, so that they can shape their new nasty advertising based on your browsing habits? Does anyone know any details about how the re-direct service handles this?
One other point is that since all domains now resolve, real ones to their IP and fake ones to Charter's bogus re-direct IP, there is no way to validate broken links with meta-search tools, or to validate bogus email domains to filter spam at the user level. Anyone know if this might break the Can SPAM act in that it prevents proper domain validation of email sender domains of potential SPAM email messages at the customer level? | |
|
| | | | |
local_chtr_engr
@charter.com
| said by joeykahn :Right now, I feel utterly powerless trying to do anything here and am embarrassed that Charter's own Engineering Staff aren't strong enough to stand up to their Marketing Department. Embarrassed for good Engineers, that is. Don't feel bad for us. It has nothing to do with standing up to other departments. All you can do it vote with your wallet. Don't loose too much sleep over it man, because we don't. And please be aware that this is a corporate initiative .. be aware of that when barging into your local office yelling at poor Suzie, sitting behind the customer service desk. | |
|
| | | | | | Darkk
join:2003-10-03
Almont, MI
·Charter Pipeline
| Re: Charter Corrupting DNS protocol (ie: hijacking hosts) You know the sad part about it is that after calling the Corporate number, explaining my complaint with this to the initial call taker, getting a promise of a callback later by someone who could help me, never having Charter make that promised callback instead sending out a letter saying that they "tried to contact me and could not", me calling twice per day the phone number of the Escalation Specialist on the mailed out letter and leaving voice mail messages for 3 days (which say that a call back will be made that day on the recording), I still haven't been able to get charter Corporate to respond.
I mean at least answer the phone and tell your customers you don't care what they think and that you feel that it is your (Charter's) right to mess with the very standards that make the Internet run, foul up our locally run applications, track our every move online by IP address using your new non-standard Internet DNS ad insertion partner (who also does who knows what with that IP based browsing history) so you can use that data in your plan that breaks DNS to send us advertising we don't want, violate the Can SPAM act by resolving DNS lookups that anti-spam apps need to see fail to properly reject bogus email messages (you Charter were pretty clear in your filing to the FTC in that this was one way you were allowing your customers to handle the requirements of the Can SPAM act when trying to minimize any actions you had to take Corporate-wise), and break truth in advertising because you are not offering standards-based DNS resolution to allow applications that anyone would expect to work as expected and designed (and Internet RFC standards dictate) on an "Internet" connection without having to look elsewhere for some of the services that an Internet service provider must provide as part of the marketed service.
I mean, you didn't even configure the DNS redirect correctly.
I suspect that regardless of what Charter Corporate might be thinking right now, this isn't done yet. At some future date we may yet be thanking Charter for being the final straw that broke the camel's back and finally launched oversight across the board which may later affect themselves and other companies providing ISP services that dearly hoped to avoid such oversight. | |
|
| | | | | | joeykahn
join:2005-09-10
Bay City, MI
4 edits | I would never barge into a local office yelling at anyone, for any reason. I would never doubt that Sally is sincere in her job. The proper place to address this problem is conversation with the corporate higher-ups, not screaming at Sally. It is most likely that marketing persuaded an entire corporation that corrupting DNS is somehow a good thing and they can some how rake in extra money by altering the very functioning of Internet Services. I simply have no direct way to engage decision makers and provide them with honest dialog. Charter's support escalation system doesn't appear designed for actual dialog.
If you are interested, you might want to read The Cluetrain Manifesto: The End of Business as Usual, available on amazon.com.
Either way, if you actually work for Charter, you should consider taking a stand for the doing the right thing. Not all corporate initiatives are worthy; this particular one makes Charter vulnerable to many problems which aren't too difficult to figure out. You might consider trying to find a way to protest from the inside because, regardless of the cliche', there are more important things than money and using your wallet, namely: social trust.
No offense and Best Regards,
Joey | |
|
| | | | | | |
anon_engr
@cogentco.com
| Re: Charter Corrupting DNS protocol (ie: hijacking hosts) said by joeykahn :Either way, if you actually work for Charter, you should consider taking a stand for the doing the right thing. Not all corporate initiatives are worthy; this particular one makes Charter vulnerable to many problems which aren't too difficult to figure out. You might consider trying to find a way to protest from the inside because, regardless of the cliche', there are more important things than money and using your wallet, namely: social trust. No offense and Best Regards, Joey I know what you're saying Joey, but trust me, the people at Corp are NOT interested in what we have to say from a local standpoint. They just call us to fix things when they're broke. I could go on for hours about Corp, trust me, but I won't, because deep down I want to believe we are doing the right thing as a company. The only thing I can tell you for sure is, engineers are never consulted on these decisions. We are just told what to do, and woke up at 4 in the morning when it breaks. | |
|
| | | | | | | | keybrdmssiah
join:2007-01-29
MI | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) I just changed to the open source dns, thanks  | |
|
| joeykahn
join:2005-09-10
Bay City, MI
|
Thats an interesting argument. When Network Solutions pulled this same routine, they were smart enough to not redirect unknown hosts within delegated domains.
Charter DNS server doesn't care and redirects ALL failed host or domain lookups; even within existing domains. To me, this is very nasty and I wonder what the Fortune 500 companies think of the practice, since it now looks like they might be sponsoring Charter's search results. | |
|
k7aab
join:2001-04-03
Granite City, IL | Been using a different non charter DNS in my TCP properties ... no problems since. | |
|
joeykahn
join:2005-09-10
Bay City, MI
| Darkk,
I hadn't thought of your SPAM act point. I really thank you for taking the time to post about it.
Tonight I'm going to work on a factual letter in an attempt to explain why Charter's DNS change is simply bad business for Charter. Every bullet point helps
(I may have emailed this note?) My route via Charter's support has also gotten me no place. Today I received a letter explaining how I can terminate my Charter account as well as how to use their new Epay service to pay my future Charter bills. Go Figure I never once hinted at terminating my account; rather, I simply asked for someone to interview to understand what they were trying to do to the core Internet Protocols.
Best,
Joey | |
|
|
See 9 replies to this post |
|
useless
join:2006-07-16 | *BUMP*
Check this again. In St Louis I think we reverted back to the old DNS, would be interested to see if the MI people reverted back as well. | |
|
| joeykahn
join:2005-09-10
Bay City, MI | Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Thanks, "useless". No change here, yet ;( | |
|
| wispagod
join:2001-06-28
House Springs, MO
| there for a few day's i had website i know was up cause they was loading for a buddy over a IM, and i changed DNS servers and the site worked, liket here 24.217.0.5 server was not resolving new address.. but i just changed dns servers now all is good! | |
|
test5477
join:2005-12-20
Asheville, NC | used 4.2.2.1 and all is fine for now but this is horrible, called cs and they had no clue wtf i was talking about.
thanks for the help guys, you saved me from a nervous breakdown I was getting that page all the time | |
|
|
See 9 replies to this post |
|
bartg
join:2000-08-27
Burbank, CA
| Charter has also implemented their corrupt version of DNS protocol recently (~1 week) here in Burbank CA as well. I doubt it will be left in place for long, and will probably end up costing them far more to deal with the mess (answer to ICANN, settle potential class actions, bad press . . .) than the immediate short term profits effectively stolen from users.
Not to mention the person(s) at Charter that cooked this one up. Hope they don't make too many typo's trying to get to monster . . . | |
|
| joeykahn
join:2005-09-10
Bay City, MI
| Re: Charter Corrupting DNS protocol (ie: hijacking hosts) Yep, bartg, Charter's new "service" is very annoying. I ended up previously known internal DNS servers from Charter's business class service -- which I used to have, long ago, when the finer company of Bresnan Communications ran things locally .
Let us know how your charms work on Charter, please
Best,
Joey | |
|
Monster Rain
Premium
join:2002-08-03
USA | You guys must make a lot of typos. | |
|
|
See 10 replies to this post |
|
shakka_kahn
@charter.com | yo joey, we are waiting for you to post your "letter". | |
|
|
|
|
