On-Prem

Networks

Baby, I swear it's déjà vu: TalkTalk customers unable to opt out of ISP's ad-jacking DNS – just like six years ago

Have you tried turning it off and on again? Yes!


Updated TalkTalk broadband users are complaining they can't opt out of its Error Replacement Service, which swaps NXDomain DNS results with an IP address. And if that sounds familiar, it should. Users of the budget ISP complained about the very same issue back in 2014.

The Error Replacement Service redirects links to DNS addresses that don't exist, like those created by fat-fingered address bar typos, to a TalkTalk-run webpage. El Reg reader Louis described it thusly:

"If I type a non-existing domain in the browser, instead of getting the proper 'Hmm. We're having trouble finding that site' message, I get a list of 'search results' vaguely linked to the the non-existing domain. This is mildly annoying, as I'd rather not send my typos to some random advertiser," he said.

His woes don't stop there – the "service" also prevents him from logging into his work VPN. "During connection, instead of seeing the login window, I see a TalkTalk-branded page with 'search results' and I can't complete the login process," he complained.

This isn't an isolated problem. The TalkTalk support forum is flooded with similar complaints, no doubt partially thanks to the rise in home working caused by the COVID-19 epidemic.

TalkTalk offers a way to opt out of the service, requiring users to visit a specific web page and then restart their router. But this appears to be somewhat ineffective, with both Twitter and the TalkTalk forum filled with complaints.

"Can anyone tell me why the opting out of the TalkTalk Error Replacement service is not working? I have twice now opted out and twice rebooted router and still I am pestered by this annoying 'Service'," tweeted TalkTalk customers James Hewitt earlier last year.

So far, it seems like the sole silver bullet is to switch to a different DNS provider. In the case of Reg tipster Louis, he used TalkTalk's own non-hijacking server (with the records 62.24.134.1 and 62.24.134.2). Presumably OpenDNS, Cloudflare, or Google Public DNS would work just as effectively.

Other users have reportedly found that replacing their router works just as well – although one would assume this is because a new router would have different DNS records to those issued by TalkTalk itself.

The Register has asked TalkTalk to comment. We haven't heard back yet, but when we do we'll update this story.

Updated on 21 April @ 09.23 GMT to add:

A TalkTalk spokesperson said: “We are aware of an issue with our Error Replacement service and we’re looking to resolve as soon as possible. While some customers may wish to opt-out, the service works as designed and provides further guidance with their online search.” ®

Send us news
90 Comments

Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC

'You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge

Square blames last week's outage on DNS screw-up

It's not hip to be this Square

Microsoft DNS boo-boo breaks Hotmail for users around the globe

ALSO: NYC says kthxbye to TikTok, slain Microsoft exec's wife indicted, and some ASAP patch warnings

If your DNS queries LoOk liKE tHIs, it's not a ransom note, it's a security improvement

It’s not Google's plan. There’s no way it’s Google's plan. It was Google's plan

Microsoft opens up Defender threat intel library with file hash, URL search

Surprised there's no ChatGPT angle and that it's not called MalwareTotal

Microsoft squashes Windows 11, Server 2022 bugs with preview patches

Remote Desktop, domain controllers giving you gyp? Gamble on these fixes

Two thirds of DNS queries for IPv6 hosts sent to Chinese resolvers fail, researchers find

Network boffins can't say why, suggest not using the worst providers

He's only gone and done it. Ex-Register vulture elected to board of .uk registry

Kieren's here to chew bubblegum and kick Nominet ass. And he's all out of bubblegum

Apple network traffic takes mysterious detour through Russia

Land of Putin capable of attacking routes in cyberspace as well as real world

Client demo in 30 minutes. Just what could go wrong?

DNS means Do Not Shove under desk

ICANN responds to Ukraine demand to delete all Russian domains

Even if we wanted to, which we don't, we can't, so we won't, says boss

Russia acknowledges sanctions could hurt its tech companies

Cuts taxes, offers subsidies, defers military service for developers – and preps for internet isolation