Slashdot Mirror
EarthLink Establishes Their Own "Site Finder"
Guppy06 writes "Last week, instead of a regular DNS error, EarthLink's DNS servers started to return a redirect to earthlink-help.net, a site that bears a close resemblance to VeriSign's much-maligned Site Finder, to their subscribers. According to their official blog at Earthling, "By presenting users with contextual help based upon the non-existent domain the user entered, we believe we are improving the EarthLink user experience with a system that will not interfere with other network processes." Most of the responses in said blog posting aren't positive."
- A box showing suggested search terms
- A box in which I could search (through Yahoo!) for my page.
- Two banner ads.
When I enter in a term, say 'guitar', I get a page with yet more ads and sponsored links but still directed through earthlink help to Yahoo!I wasn't born yesterday, I understand the concepts of paid search, sponsored links & banner ads. They generate revenue and insult me. They waste real estate on websites and obscure my information that I would prefer to harvest un assaulted by sales pitches.
I'm betting I'm not the first to say this, but this is insane.
If they wanted to be 'helpful' they would provide you with some sort of new service. In this solution, they are simply deciding which search engine you will use and cashing in off of it also. If we want to search for another answer, I think we know where to go. If you doubt our abilities to select a preferred search engine, at least give us some choices. Do you know what happens in Firefox when I pull down the search engine on the upper right? I can select from a number of sites.
You're not improving anything, you're laughing all the way to the bank.
My work here is dung.
Earthlink subscribers can opt by not being Earthlink subscribers any longer. When Verisign did it, it affected everyone because they've been granted a monopoly on certain domain extensions.
I've kept an Earthlink dial-up account in case I took my notebook on a road trip. I haven't used it in a while though, and have been meaning to cancel it. I think I'll go ahead and take care of that now, and I'll make a point of telling the rep about this.
There has to be some way that this sort of crap can be banned, it breaks the internet, because the error code is now a "valid" page!
Here on /. the general zeitgeist follows what is commonly called the "Unix way". Things should be kept small and only do one thing, but do it well. Developers can gain power by tying these simpler components together.
The other way of thinking can be termed the "Microsoft way" or even better "Apple way". This viewpoint believes that integrating things into easy-to-use applications leads to greater productivity gains as well as a more pleasant user experience. Instead of giving a ton of pieces to the user and expect them to make sense of it all, this viewpoint presents a fully-formed solution to the user.
The Unix Way zealots will tell you that undermining this dirt road area of the internet by returning useful results instead of an error message is bad. The Microsoft/Apple Way zealots will argue that something useful is always better than an inscrutable error message.
The side you fall on is really a viewpoint issue, and not a technical one. There is no technical reason why Earthlink's move couldn't be worked around, if that is really a good solution. There's also no technical reason why Earthlink needs to go ahead with something like this when search engines are already built into most modern browsers.
How is this worse than all those "search engine" sites squatting on unused and misspelled dowmains? At least earthlink is trying to provide some meaningful info to their customers.
There are plenty of freely accessible public DNS servers; let those old school "do it our way cuz that's the way it's always been done" zealots learn to drive their own machines and stop telling everyone else how to run their lives and businesses.
Please try the related content suggestions and paid advertisements below, or try another search.
You entered "http://www.slashdot.org/".
Advertisements for cow steroids, cars, and free computers followed.
Simple. Continue to use Earthlink, but don't use their DNS. Just run your own dns server locally. Or, point to another open dns server.
The place for offering "help" in the user interface is in the client software. Perhaps the DNS error needs a metadata field for offering messages, perhaps hyperlinked, for exception handling. But those must be presented by the user agent, like the browser, not tricking the browser into "passthru" to server misdirection. That violates the DNS specs. And makes that essential global system vulnerable to unpredicted failures when dependant systems get nonstandard results.
These ISPs attract marketing people with dreams of empire and ignorance of Internet. Execs put them in power over the engineers, and just rip across the careful system designs that make the Net work. Then they cry when their stuff doesn't work, and blame the engineers.
But they compete with each other on how well their stuff works. As long as we can switch ISPs among a pool with critical mass size, they'll exploit each others' weaknesses to grab customers. These "DNS hijacks" are going to be with us forever, avoidable only while we have a choice between independent, competing ISPs.
--
make install -not war
"The Unix Way zealots will tell you that undermining this dirt road area of the internet by returning useful results"
Except that these results are not "useful", and are even less useful than a simple honest error message. When I type in a wrong URL, I don't want to be punished by attempts to redirect me to a useless second-rate search service. I just want enter the correct URL and go about my business. Such redirections to useless sites are like putting deep mudpits in the dirt road.
"There's also no technical reason why Earthlink needs to go ahead with something like this when search engines are already built into most modern browsers."
That's another lousy idea. When you want to search, you go to a search engine site. What could be easier than that? Search engines, like email clients, have no business being built into browsers.
Where were you when the voynix came?
Only terrorists would run their own DNS server.
liqbase
I noticed the Earthlink change this week and immediately put a non-Earthlink DNS server at the top of my DNS servers list. My browser now returns the proper "can't find server" message and not Earthlink's advertising. (If you do this, please consider the ethical implications of using another provider's DNS server if you do not subscribe to that provider.)
Wordnik, a dictionary project which aims to collect
The biggest problem with this is not the ads (though they are annoying). This DNS hack doesn't just affect HTTP, it affects every application that does DNS queries. The claim that the system is configured to only handle NXDOMAIN HTTP traffic is a bald lie. There is no way for the DNS server to determine whether a query is being done for HTTP or for some other protocol.
When an application queries DNS for A records (IPv4 addresses) for a particular domain, one of three things should happen:
1. if there are A records for that domain, they should be returned
2. if there are no A records for that domain but there are other records, "no information" should be returned
3. if there are no records of any type for that domain, "no such domain" (NXDOMAIN) should be returned
What Earthlink's servers appear to be doing is the following:
1. if there are real A records for that domain, they are returned
2. if there are no A records for that domain, return A records for several hosts that don't belong to that domain.
if the application tries to talk HTTP to port 80 on any of those hosts and supplies the Host: query request
(standard in HTTP 1.1) the HTTP server will do a search for the domain that appears in the Host: request
and return HTML that suggests other domains that appear to be similar to the one given in the Host: request.
however if the application tries to talk to other ports on that machine it will get "connection refused" or
it will time out.
(the behavior is actually a bit more complicated than that. the behavior seems to be dependent on the IP address from
which the queries were made - so if you make the query to their servers from a host that isn't on Earthlink DSL
you will apparently get normal results. the behavior also seems to be dependent on the domain being queried.)
There are several things wrong with this behavior:
1. It's not reporting the error correctly. Applications that do DNS queries quite reasonably expect NXDOMAIN
to be returned if the domain does not exist, and "no information" to be returned if there are no records of
the type they're looking for - not a list of apparently valid IP addresses pointing to hosts that have nothing
to do with that domain. Many applications behave differently depending on the error condition. "connection
refused" and "connection timed out" are often treated as temporary errors - the application assumes that the
remote server is rebooting or isn't reachable and tries again later. "no such domain" is more often treated
as a permanent error, or one that requires immediate user attention. So this Earthlink change can cause
applications other than web browsers to behave improperly, or to give misleading error messages.
For example: if an email server is trying to send mail to someone at a particular domain, it will first do
a query for MX records to determine if there are any mail servers assigned to that domain. If the MX query returns
no answers, it may then issue a separate query for A records. If this happens the Earthlink DNS server will return
bogus A records and the email server will try to send the mail to Earthlink's servers rather than bouncing the mail
like it should. When Earthlink's servers refuse the connection, the email server will treat the condition as a
temporary error and retry at intervals for several days. As a result, mail for nonexistent domains (say, bounced
spam) can clog up the email server's queues and slow things down.
2. It is hiding other records associated with that domain. Say an application will
A strong recommendation for someone who works in advanced broadband svcs @ BH Tampa Bay: insist on speaking to a Level IV rep to make account changes. Regional customer service is notorious for wrecking accounts when making changes involving internet service. We Level IV's are the ones who are called on to fix said accounts. In CS's defense, we have to deal with an unneccessarily complex billing system that isn't as straightforward as it should be.
Or we get a recording "doo-dah-dee. We're sorry - the number you have reached has been disconnected or is no longer in service. If you feel you have reached this recording in error, please check the number and try again."
We don't get "This recording is sponsored by Gromyko's Widget Works of Belle PPlain, Wisconsin, North American Wireless, and Joe's Pizza. You have dialed 555-1234. If you meant 554-1234, Smith, John, press 1, if you meant 556-1234, Mierzwiak, James, press 2, or if you meant 555-2233, Yung, M., press 3?"
Not to give the phone company ideas or anything :/
-b.
how many of Earthlink's customers do you suppose heve the foggiest notion of what a DNS server is or does or knows how to set up an alternative?
Attempting to test VPN-related DNS lookups with a business partner.
I IMMEDIATELY called earthlink business T1 support and the guy on the phone had no idea what I was talking about.
Why would a company roll out something like this WITHOUT telling its support people and without letting customers know in advance? Why do they not have an opt out option?
I'm in the process of going over the contract for our T1 to see if it's early enough to break (the service was purchased before I came on board but only by a month or so).
I'll get a Speakeasy T1 and be done with it. Why is it so damn hard to find a provider who gives you IP with no bullshit?
"Fighting the underpants gnomes since 1998!" "Bruce Schneier knows the state of schroedinger's cat"
... but ISPs keep treating it like it is. If this kind of web-browser-error-messages-are-so-hard-to-understa nd-whaaaa-mommmy-hold-my-hand problem is so important, it can be done using proxying. Just have everyone who doesn't know how to type or can't understand the message "the domain ww.exampel.com couldn't be found" set the proxy settings in their browser. Or if you know your user base is composed of a bunch of idiots, use transparent proxying (obviously less effective with https traffic, but then significant changes to DNS, such as this is, effectively breaks https and what little trust you do get from https anyway). Can't proxy settings be served via DHCP or something too? This would provide all the advantages of dynamic configurations based on user/client machine (mac address) without even having to walk non-technical users through the process of changing their proxy settings in the browser.
On the other hand, if SRV records had been used initially to publicize HTTP servers, then only those records would need to be overloaded to provide this kind of service. At least then it would be restricted to DNS queries related to HTTP traffic, although still not ideal.
That's going to change. We just had to cut a few features on the front-end for our initial roll out. We're definitely going to support dynamic IPs and folks with larger netblocks.
Just shoot me an email if you want to help beta test this before we roll it out. It'll be in the coming month or two.
Thanks,
David
# Hack the planet, it's important.
i'll tell you exactly how many: the number of earthlink customers that have the foggiest notion of what a DNS server is, and how to setup their own bind/named or djbdns instance, is equal to the number of earthlink customers who actually care about this issue, and don't actually want to be presented with relevant ads/search results. It's that easy.
Extraordinary Vacations. Exceptional Prices
Most of the PR from Earthlink is extremely fuzzy about what it's actually doing. The pages it points to at Barefruit say that they're doing web-proxy manipulation, not DNS manipulation, and that if their web-proxy caching server detects a DNS miss, it'll go to the substitution advertising page. That means that if you try email, or ssh, or telnet, or ping or traceroute, or some other non-http protocol to a mistyped domain, you should still see the correct DNS message, though it's not clear whether they're doing it with https (that'd be very evil) or http on ports other than 80 (e.g. www.example.com:8080, which would be a relatively bad idea). They do say that they're not messing with email, but it's not clear that they're really doing it through the web proxy or whether they're doing something else instead.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks