Rogers Looks For New Ways To Annoy Customers, Hijacks Failed DNS Lookups

from the nobody-likes-anti-features dept

Rogers — a Canadian telco — has been attracting a lot of negative attention lately between deliberately disabling notifications for cellular roaming charges, setting ridiculous iPhone pricing plans and injecting its own content into Google’s home page. As if that wasn’t enough, Rogers has started hijacking failed DNS lookups. This means that when a user types in a web address that doesn’t exist, instead of getting a “page not found” error, the user is redirected to a search page filled with banner ads and sponsored links. Michael Geist notes that there’s an “opt-out” feature, but it doesn’t take long to see that it’s pretty pathetic. The “opt-out” sends a cookie which just redirects the user to a different Rogers page instead — a fake “Internet Explorer” error page hosted on the same server. It does essentially the exact same thing, only pretending (poorly, for non-IE users) to revert back to expected behavior. And the option is reset whenever the browser’s cookies are cleared. The comments on Geist’s post are evidence that many Rogers customers are not pleased (myself included).

This isn’t just annoying, it’s also a security threat. It breaks how the internet was designed to work; a lot of software is written with the expectation that a DNS lookup for a non-existent domain name will return an error. For example, Kevin Dean notes in the comments on Geist’s post how this has caused problems for him accessing his VPN. At first, he thought his computer had been compromised, since Rogers’ new “feature” ends up resembling a hostile attempt to redirect traffic to an unknown server.

Some American ISPs already do this, such as Earthlink (which was used to demonstrate the security risk), though it seems to have a slightly better opt-out process, instructing users to configure alternate DNS servers instead of setting a browser cookie. VeriSign had originally tried to do something similar with SiteFinder back in 2003 (though not at the ISP level), but it didn’t exactly go over too well. VeriSign reluctantly backed off, though it just recently obtained a patent on the concept. Rogers is the first Canadian ISP to implement the practice and it seems to think it won’t meet much resistance. In another comment on Geist’s post, Ian relates a telling quote from the FAQs page for Paxfire (the American company handling this for Rogers): “What feedback you do receive typically will come from a small group of highly technical users. Even that feedback tends to fall away after just a few weeks — as they get used to the new behavior.”

Rogers thinks it can just brush off complaints from its users, especially since there really isn’t a lot of choice in the Canadian ISP market. However, Rogers should be careful in treading so brazenly into what some consider “net neutrality” territory. Bell Canada (one of Rogers’ few competitors) has landed itself in front of a national regulatory body over its throttling practices. Rogers wants to have complete control over its network, but by continually pushing the line they only spur on the debate about net neutrality and government regulation. We haven’t heard the last of this.

Filed Under: ,
Companies: rogers

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Rogers Looks For New Ways To Annoy Customers, Hijacks Failed DNS Lookups”

Subscribe: RSS Leave a comment
Chris Charabaruk (profile) says:

More than a security risk; it also breaks a lot of VPNs...

With the triple threat of unwanted advertising, security risks, and failing VPNs that rely on the proper DNS behaviour, my advice to Rogers customers is to find another provider. Preferably for all services that the customer gets from Rogers now.

The only thing those crooks understand is money. Take enough of that away from them, well…

Craig says:

Sucks to be us...

Rogers is much more than a telco. They are a media giant in Canada, with video stores, TV stations, telephone and internet as well as cable TV services too.

The problem here is often we can’t just find another provider. Why? There are so few. Also, because of their monopoly, Rogers, Bell, Telus etc. often bundle all of their services together at a “discount” price. So if you dropped your Rogers cellular you may impact the cost of your other Rogers’ services.

If you buy your services a la carte from the various providers, you will pay much more than with buying the bundles.

We are over a barrel here, and the government and regulators are impotent. I see very little difference between Bell, Rogers and Telus. They all fuck us over and they get away with it. We want and need the services, so you have to decide which of the big three demons is the lesser evil to deal with.

It doesn’t help that we have such a small population, either, but that’s a whole other blog post 🙂

Chris Charabaruk (profile) says:

Re: Sucks to be us...

It may cost more to not bundle them, but it’s still better for us. As a former customer of Rogers for both mobile phones and cable TV, I made sure when I got my current internet access that I wouldn’t go anywhere near those bastards. Bell may suck, but at least they don’t go trying to break the internet for profit.

Blaise Alleyne (profile) says:

Re: Is it really surprising?

It’s not that there’s something inherently or absolutely wrong with redirecting failed DNS lookups, but when you use OpenDNS, that’s an opt-in. Rogers changed the behaviour of the DNS accounts on all its home and business accounts without notice, and it’s now the default behaviour and they’re opt-out is a sham.

If Rogers offered this as an opt-in, it’d be different. Even if they offered a real opt-out, it’d be better. Instead, customers get surprised with the change and have to find their own solution if they want to fix it.

Anonymous Coward says:

Re: Opt out works fine

ah, but you see you only think you’ve opted out. actually your DNS requests are being redirected to a fake error page. Problem with this is that other applications arent getting proper error data back.

It’s kind of like someone bricking up a window in your house and putting a giant ad board on the inside. when you ask them if they please make it the way it was, they keep the brick wall there but instead paint the wall to look like the outside world. Oh, and the ad board sneaks back in every time you clean the room.

John Biggs says:

I just don't care

I don’t care that ISPs or other DNS services do this. For me I actually like it because it provides a link to what I meant to type and I don’t have to type it again.

I use OpenDNS now since verizon’s DNS has seemed slower for me. It also has phishing and other protection built in so it’s really beneficial.

BTW, most US ISPs do this. Switch to a bigger DNS service such as OpenDNS and get better speeds and more reliable lookups.

Brandon says:

Internet Explorer

How is this different from what Microsoft does with Internet Explorer? That one automatically takes you to Microsoft’s Live Search if the address fails. Maybe I’m missing something somewhere. I also haven’t seen an opt-out feature for the Internet Explorer redirect but then I usually use Firefox so I haven’t really done much looking for an opt-out on IE. Some tell me if what Rogers is doing is different from what Microsoft is doing please!

Xanthir, FCD (profile) says:

Re: Internet Explorer

The difference is somewhat technical, but important.

When IE (or most any browser) takes you to a search page after you type in a non-existent address, that’s purely an action on the *browser’s* part. It *tries* to go to the page, receives a 404 error, then instead puts you on a new page. It knows that the original request failed, though. (The normal ‘page not found’ error also works exactly like this, except that the page it sends you to is stored on your computer rather than being somewhere else out on the net.)

On the other hand, what Rogers and some other ISPs are doing is redirecting you on the *server’s* side, so that the browser never knows that it tried to access a bad address. Specifically, the error code that the browser is supposed to receive (404) never gets sent.

There’s a third similar thing that can happen, actually. Individual sites can specify that 404 errors should bring up a specific page of their own (rather than the browser-specific page-not-found page). This can even be an ad-laden search page, just like what Rogers is doing. However, this practice *still* returns the proper error code as well, so that services which depend on that code to know that a link is bad will still work correctly.

Blaise Alleyne (profile) says:

Re: Internet Explorer

Your browser is on your machine. It’s getting the failed lookup, and deciding how to handle it, just like any other application would (e.g. VPN software). In this case, Rogers is pre-emptively taking control and not returning to your applications the information they would expect or need to handle a failed lookup.

What Internet Explorer does only handles web browser. What Rogers does is at the service provider level, not the application level, so ALL your applications are affected by it.

Kevin Pemberton (user link) says:

Re: Internet Explorer

Firefox! Why help the evil empires. Open source has nothing to gain by using unethical business practices. Net neutrality issues robs everyone. Remember any advertising that is hijacked has been paid for by the person who didn’t receive the traffic.

You must remember that the advertiser calculates his ROI(return on investment)to stay in the black. With time these unethical practices will put advertisers out of business. You can then kiss the internet good by as a channel of commerce. For those in locations where there is only one ISP because of population, this means the people can go back to the dark ages and forget that many things don’t exist, at least for them.

It isn’t OK to turn a blind side to any issue like this, When you complain at a site like this, and not to the government that can regulate such practices you are accepting part of the blame.

John Wilson (profile) says:

Here we go again

This is reminding me of something that Rogers did more than a few years ago when it went to tiered packages for cable tv. Back then you just got it and had to opt out in a very convoluted process that involved calling a help line that took forever to answer. Once answered you got a sales pitch telling you how wonderful the service was and you didn’t really want to cancel did you, oh, by the way, there’s a cancelation fee!

There was a nation wide rebellion with people witholding payment and screaming from the rooftops particularly when they discovered that areas serviced by Shaw didn’t have to go through that junk. Shaw offered the tiers as an opt in.

It got so bad that the normally “prisoner of cablecos” CRTC actually had to ban that particular practise.

Of course, that was before Rogers and Shaw did a sweetheart deal and cut the English speaking market into East/West which was dutifully approved by the CRTC.

Shaw. at least, still returns the 404 error and if they are serving ads there they’re wasting their time because I use AdBlockPlus and won’t see them.

Rogers has a well earned reputation for arrogance and money grubbing that has kept me well away from their non cable offerings and will continue to do so.

I’m glad that I don’t live in an area served by Rogers as a cableco and, therefore, ISP though I’m not at all happy about this or the BS that Paxfire hands out about how those who complain about this are merely a bunch of unhappy geeks.

The really sad thing is that additional regulation won’t help until the CRTC is told that it’s job isn’t to protect cablecos but to actually regulate them with the public and customers in mind rather than cableco profits. Right now it’s actually tasked with encouraging cable growth in the most cabled country on earth!



Blaise Alleyne (profile) says:

Re: Here we go again

Agree with you here, it’s all very frustrating…

One technical note though, for anyone reading this: “Shaw. at least, still returns the 404 error and if they are serving ads there they’re wasting their time because I use AdBlockPlus and won’t see them.”

404 errors are a bit different from a failed DNS lookup.

A 404 error occurs when you are successful in contacting the web server (meaning, amongst other things, the DNS lookup succeeded) but the page you have requested does not exist on the web server. In this case, the protocol is for the web server to return a 404 error page explaining that. The error page comes from the web server you’re contacting.

With a failed DNS lookup, you don’t get as far as contacting the web server because the domain name you entered cannot be found. The protocol is for the DNS query to return “false”, and then your application decides how to handle it (e.g. your web browser says “cannot be found” or something). The error page comes from your browser.

In both cases, ISP interference is troubling, but this is a case of the latter. (The former would be even more troubling, that’s the type of thing Rogers was experimenting with using deep packet inspection.)

Pappy says:


Verizon (Massachusetts, USA) also redirects erroneous URLs to its search page and also throttles download speed if you are detected downloading from a torrent.

They also route all tech support calls to India (nice people but not very helpful).

AND…….. They also discontinued most newsgroups.

This is, unfortunately, the way most ISPs are going, unfortunately.

It’s more profitable for them and makes the stockholders happy.

This is the future of the Internet. Gone are the days of the friendly voice of tech support the other end of the phone, unlimited bandwidth and free speech.

“They” are now in control…

Wayne says:

Rogers incompetence

Yes, incompetence. I first became aware of the problem when a web comic that I read every day refused to load, and I got the Rogers “not found” page. Since I could tell the server for the web comic was up (by going to a different page on the server), I did some experimentation. The page would load some times, and wouldn’t load others. Apparently Rogers is making the assumption that if something doesn’t load within a specified time, that it’s “not found”.

Of course since the “opt out” function is a fake, using it didn’t fix the problem. I couldn’t access a page that was up and working more than half the time, because it took longer than Rogers liked.

I run a Mac, with OSX Leopard. I confirmed this under both Firefox and Safari.

The answer to the problem was quite simple. I added:

to Add Block plus, and my problem disappeared. I’ve recommended that the Add Bloc folks add this site to their automatic updates, and hope that they will shortly.

Bruce A. Knack (profile) says:

Safari whoas and Rogers

Tonight I noticed this new behavior from Rogers. I setup to use OpenDNS and opted out of everything. Problem solved?

Not really…

At some point over the last few months Safari started taking me to google if I made a mistake in address field (or purposefully typed a search rather than a website). I really liked this as I use google all the time.

After switching to OpenDNS, I now get the old Safari page that offers google as an optional search. To activate this search I have to click on the link rather than being taken directly to google with the search already run (as was the case up until this new behavior from Rogers).

Has anyone else seen this behavior?

BTW: I’m guessing the reason the “highly technical users” stop complaining is not that they get used to the service, rather that they switch to other DNS providers.

Cheers and TIA,

Blaise Alleyne (profile) says:

Re: Safari whoas and Rogers

Not sure if this addresses your problem or not, but OpenDNS actually redirects failed lookups too. Except, you can actually turn it off.

You have to setup a (free) account and turn off “typo correction” in order to get normal DNS behaviour again.

I don’t know if that’s related to your problem or not though.

Ybra (profile) says:

Sucks to be us...

I have a look at Michael Geist’s blog from time to time. He’s a people’s champion. I can’t follow a lot of his tech talk, but I get some of it. He certainly has a low opinion of Bell. He thinks it’s the worst when it comes to caring about our privacy. It’s just a miserable task trying to figure out which of these mafia capitalist operations is less brutal. I’m on Rogers at home, in a rooming house owned by a friend who is supplying us all with our wifi, from Rogers. And it’s looking like Rogers is treating my vpn (HMA) like a problem.

I paid for the VPN and it’s looking like I threw my money away. It’s constantly disconnected (by Rogers I suspect) and I keep getting a message to the effect that there’s a DN problem (conflict with two or something) yadda yadda.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...