Earthling

One reason this may create some controversy is that at first glance it looks identical to the behavior of many so-called browser hijacks, defined at http://en.wikipedia.org/wiki/Browser_hijacker as any program that changes the browser's error page or search page to go to a destination controlled by the hijacker. Many of these look a lot like the landing page we are using on this now. Hijackers do this to get revenue from the user clicking on suggested links or searching from the destination page. So this is going to be considered a hijack by some, and that has a bad connotation. We'll have to see how it goes. (disclaimer- I work for EarthLink but these opinions are my own)

(blogger's note: John sent me some edits to his comment, and I changed his comment to reflect them)

John - Obviously EarthLink has a different view on the functionality, and there's certainly a lot of debate to be had about it. But the bottom line is that the intent here is to improve the user experience around dead domains while at the same time generating some additional revenue for EarthLink.

If, however, the system ends up negatively impacting users through unintended consequences, that wouldn't be good for EarthLink or our users. In that event, we can simply turn the functionality off.

I should note that I'm the EarthLink product manager for this initiative on the customer-facing end (the results page users see).

John's comments are right on target. I saw this the other day and immediately assumed it was a browser hijack. Stopped what I was doing, ran an EarthLink Protection Control Center scan, ran an Ad-Aware scan, ran a Spybot scan. Nada. Well crud, I muttered to myself. Meant to followup on it, but later on the "problem" went away, so I didn't think any more about it. But the point is this "feature" robbed me of a few minutes of productivity the other day.

As far as it's usefulness, it sort of seems rather newbie-oriented, where we have to dumb down everything so a total idiot can still function in this world. AOL, anyone? I for one have never found the default messages in various browsers confusing ... but I'm not normal either. But I, for one, would prefer to let the browser maker dictate what I see when I fat-finger a web address because at least that makes my user experience more consistent.

But if it's a "feature" to be retained, it's certainly nice to know that based on the screen shot from your example, if I mistype www.lsusprts.net in my browser, I may, courtesy of my friends at EarthLink and Yahoo, be served an advertising link where I can go buy a sports bra or some snowshoes. Now that *IS* indeed a useful enhancement to my web browsing experience.

"The system is specifically configured to handle only NXDOMAIN HTTP traffic as it is being returned to the user’s browser and to not impact email and other non-web-browsing traffic."

I don't think this means what you think it means. There is no such thing as NXDOMAIN HTTP traffic. When a DNS request is made, the protocol that will be accessing it is not known. This DOES impact all services, not just web browsing. This IS a major abuse of how DNS works. And unless Earthlink offers alternate DNS servers for those of us who refuse to use this, it WILL cost you customers.

I give it 2 days, and then I'm switching. If I can't trust my ISP to not abuse DNS, then what good are they?

Michael: I appreciate your concerns. I have a good basic understanding, but I'll be the first to admit that the inner workings of this system fall outside of my area of expertise. I'll work with our network experts to make any necessary clarifications or corrections on my descriptions of how it works.

That said, we do believe that it will bring benefit to the vast majority of users on our system and won't result in unintended negative effects.

We are and will be watching the system, and if we determine that it is negatively impacting users, then we'll tweak it or turn it off.

The biggest and most obvious issue is spam filtering.

Much spam comes from non-existant domains. The lookup to see if those domains will no longer fail, it will pass, and spam will go through.

If there was a way to make it either:
1) HTTP only
2) opt-in
or worst case
3) opt-out
it could be acceptable. As the system currently runs, you'll lose at the very least 1 customer. I suspect more.

Google for "earthlink dns error page" and you'll find lots of upset customers.

What you're doing is fundamentally wrong. However, how about you making a small concession that will please both sides of this issue. Provide DNS servers that will NOT use this "new feature" for those "ISP geeks" who know what you're doing is wrong. I second what others have said. Change this practice, provide alternate DNS for your customers to use that don't have this service, or lose me as a customer -- I've been a customer for over 7 years. Get a clue!

I use my address bar for searches. It is setup to automatically bring back google searches. Fat fingering a certain server is not the case here. I have reset web settings for the last time here. If you do not provide a way for those of us that don't won't this feature of hijacking or redirecting our address bar I for one and everyone that I do pc services for will be swithing ISP's. This so reminds me of the AOL days and we had no other choice of providers. This is not the case today. There are many ISP's available. Your testing is already done in my books. Fix it or lose customers.

PS: I'm a 4 year subscriber to EL but that can soon change

Sincerely,
Dave

It also breaks lookups when using a DNS search path. If your search path is 4 domains, and the host you want is in #3, you can't reach it anymore. You have to type the full domain name.

I just spent 15 minutes resetting the SSHd on my server until I figured out what was going on.

Thanks Earthlink!

- Mindspringer since pre-merger, who is trying to figure out if I'm more angry or sad about this.

This would be possibly OK if you were NetZero of the old days and gave away the Internet connection, but I pay for my Internet and I do not want broken protocols because someone in Accounting thinks it's ok to *abuse* paying customers in the false guise of helping them. Please get rid of people that think like that. This is purely a making Earthlink money venture regardless of how much Internet functionality is broken. Anyone can read the Sales Pitch at http://www.barefruit.co.uk

I find it to be closer to Malware from Earthlink since the company you are dealing with outright lies about this function being able to be turned off by the end user. That is 100% a lie in the implementation currently running.

http://www.barefruit.co.uk/?page=Q+%26+A

How easily can a single user switch your service off? What is the process and how long does it take?

For users to by-pass the Barefruit service, they would need to go through a proxy that does not have the Barefruit plug-in or not use a proxy at all. This can normally be done at user level by changing settings in the browser.

No, that is 100% FALSE. This is 100% forced OPT-IN with no way to OPT-OUT. Earthlink should have learned this lesson already. You don't force users to subscribe to anything, you let them decide and then if they are interested then they can voluntarily OPT-IN if they want to. This is purely a DNS Hi-Jack and it is Malware of the worst kind. An ISP should always be above this. This walks over the paying customers back without permission.

It breaks Ping and Tracert (Trace Routes) plus *anything* that requires DNS resolution. It is not a Browser only issue (not HTTP only) as some appear to think.

Try and ping a fake name. It should return "Unknown host" but in the mess Earthlink has added to my paid for service (I sure don't get it for free) I would get this response now.

PING www.fakedhost.com (209.86.66.94): 56 data bytes
64 bytes from 209.86.66.94: icmp_seq=0 ttl=56 time=26.488 ms
64 bytes from 209.86.66.94: icmp_seq=1 ttl=56 time=23.524 ms
64 bytes from 209.86.66.94: icmp_seq=2 ttl=56 time=27.332 ms

The the ONLY reason EL has implemented this Internet Protocols breaking change. $$$$ MONEY off the backs of Paying Customers $$$$

What will the Barefruit service be worth to us over three years?

A trial will provide evidence from a significant sample thus enabling reasonably accurate financial projections. However as an indication, a simple financial model which is based on a mixture of research, empirical evidence and industry estimates indicates that implementing Barefruit would have a positive effect in excess of £5m on the ISP bottom line over three years for every 1m users. This is ‘per capita scalable’ – hence over £500k per 100k users and so on.

Perhaps a history lesson is needed?

http://www.icann.org/topics/wildcard-history.html

This is causing no end of grief when I VPN in to my work network...if Earthlink responds more quickly than my VPN connection, I get the Earthlink error page rather than the one from my VPN. Earthlink support wasn't helpful with the problem since it is with "my" VPN software, so I'm tracking it down with my company. But now I've got to waste time not doing my real job. Grrrr.

Well, at least it is an incentive to seriously investigate other options (I think FIOS is due here soon).

I've been a customer for over l2 years starting in the dialup days and currently am paying over $1000 a year for HSI access in several locations plus commercial web hosting going on 8 years now. I've put up with incompetence at every level of the company but managed to work around it each time.

This asinine DNS redirect is the last straw. I stuck with you out of some odd loyalty to independent ISPs but can no longer afford that luxury if Earthlink sees me merely as a revenue stream to milk dry at the expense of properly functional basic ISP services like DNS.

I believe I can speak for many here who mourn the death of what was a premier ISP. Rest in peace. I won't be around for the funeral.

I also see these redirects as more of an annoyance than a feature. Not specifically the http ads but the other interferences as mentioned in previous comments.

Maybe this can be enabled only for those that install the EarthLink Total Access software? With the option in TA settings somewhere to disable it.

Or if you'd like to take it a step further it can be enabled by default in the EarthLink TA install but users are still given the option during the install to uncheck a box to disable the feature.

Mr. Coustan, IMO this was a very bad business decision by Earthlink. Though it may have looked good in theory, i.e. make money from users' typos, in reality you're breaking DNS lookups. You wrote in your reply to Michael, "...I'll be the first to admit that the inner workings of this system fall outside of my area of expertise." Funny how you're the one that Earthlink has chosen to announce this *cough* feature to their members, via this offical Earthlink blog... Someone who can't technically address our concerns. Btw, I've been with Earthlink for nine years. NINE YEARS. I can get my ADSL (768/128) connection cheaper and faster with Verizon, but I've stayed with Earthlink out of loyalty. Perhaps it's time to switch. Oh, and to Mr. Womack, please be honest. The only reason Earthlink has implemented this is to generate additional revenue. That's it. Period. End of story.

I should have mentioned as well that if you do go with the idea mentioned above, you should be able to push this out to existing TA users with a TA update possibly.

This is bad! Spam filtering, DNS domain search etc. and a number of other applications are broken. If a domain is non-existing it is meant not to be found.

Make it opt-in. Fine. But do not force it on the people. I prefer the actual error screen from my browser or my applications to work correctly.

Please give up this ill advised experiment or make it right with opt-in. I am a Earthlink customer but if these sort of things continue it might change.

I am sure Earthlink can add this sort of functionality simply by providing a browser toolbar functionality for those that might find this useful.

Ken , I'm extremely unhappy with this change.

First off this is forced via to DSL customers via IPCP which is just wrong. Why not have an optional service, like OpenDNS where the DNS servers will block phishing sites and the tradeoff would be users would have to put up with the failed DNS redirect page full of ads. Furthermore it could be bundled like with TA, like garayr suggested.

Under no circumstances should you force this to users.

It's also causing problems with my router since the firewall logs are getting filled up with this entry:

"Unrecognized access from 69.3.194.174:4338 to TCP port 445"

So why should I stay with EL? Please someone tell me ;-)

I'm also an EarthLink employee so in regards to my comments above, they are strictly my opinion and do not represent the opinion or position of EarthLink.

It might be helpful to earthlink mgmt if we could provide URLs or at least names of programs that get broken by not getting NXDOMAIN for domains that do not exist.

Since Earthlink will conceivably be generating additional revenue from paying customers by using this Barefruit malware, can we expect our rates to go down?

Please allow us to opt out of this service. From a user standpoint it's exactly the same as browser hijacking and it's unpleasant.

I need to know in a 'pure' way what's being returned by whatever URL I type in to a browser, including incorrect ones. And I don't need to see any more ads than I do already.

If you want to charge me, say USD$20 less per month and have me endure this unpleasant redirection, that might be a fair tradde. Otherwise, turn it off, please.

Now.

Update: I spent over an hour on the phone with the tecnical dept. of Earthlink.

I started out with a person that could barely speak clear enough english for me to understand.

After trying to convince her to connect me with someone that had technical knowledge about what was going on. Instead she kept trying to read from a computer screen with predescribed solutions (to which I already knew would not work).

Short of verbally abusing her (which I tried not to do) I was finally connected to a supervisor. Once I described the situation to this person and assured to him that this was not a spyware/adware situation I then was connected to his supervisor.

After spending countless minutes explaining things over and over to him. His reply was (which I'll have to admit was was very professional manner) was that he was unaware of any such redirects and that he would do further research himself.

He then gave me the number to the corporate office (404-815-0770) which he told me is where he answered to.

By the time I went through all of this of course the corporate office was closed.

Conclusion:
Either Earthlink is not even letting their technicians know of the failed DNS querying to a earthlink-help.net error page or they have given them instructions to play dumb.

Soon to be an "X" Earthlink Subscriber if they don't fix this issue

I have been a subscriber for many years. I always appreciated Mindspring's focus on the end user. I felt like they were in the business to make money, but the customer still came first. Even through the Earthlink merger... I still thought Earthlink had a customer commitment.

Well, I guess that's a thing of the past so I would like to be clear... The change is NOT appreciated.

I used to keep AOL around for a couple of their features quite a while back (w/ MS/EL as my ISP). That was until I couldn't stand them shoving unsolicited content in my face any longer.

So is that was Earthlink is trying to accomplish? Or just idiot-enhance their product to gain AOL users? Or has the dollar just flat replaced customer commitment?

Well I just cancelled my Earthlink account and went back to Road Runner because of this non-sense. It is affecting people that do work from home like VPNing into the office and such.

Later

Other people have said just about all, but I would like to add that I am a long time Earthlink customer and am very angry over this abuse of the DNS system just to make a few bucks. I really resent getting an unexpected response when I make a typo, and especially having advertising shoved in my face instead! I strongly disagree that this is a customer service, this is just self-serving revenue generation on your part. I don't know anyone who has trouble figuring out that his browser is telling him a domain does not exist, and needs a page with "helpful" links to guide him.

It was wrong when Verisign tried it and it is also wrong for Earthlink to do it.

If you provide alternate DNS servers or some other way to opt out I might consider staying. Otherwise drop this scam or lose a customer!

I have a slightly different issue with barefruit.com, but will say first that I strongly agree with those who disdain this new "service" and who advise making it opt-in. (At the very least, Earthlink or Barefruit should provide a link on the redirected page explaining how to opt-out!!)

I've been using Earthlink for years, and have brought in at least two new customers to Earthlink, who depend on my recommendation of ISP's. If this new policy is not changed, I will start looking for another ISP, and when I find one, recommend it to my contacts as an alternative to Earthlink.

My concern with barefruit.com began in late August 2006, when my firewal began blocking requests to elydm.03.am.barefruit.com at address 209.86.66.92. Not understanding why any process on my computer should be contacting this server, I started investigating. I ran (fruitless) checks for a possible virus using AVG Free, and for spam using Ad-Aware SE and Spyware Doctor. The firewall identified the offending program as "system" (no path, no exe file name) which surprised me. Why would a system process on my PC be trying to contact the barefruit server? Since I couldn't find the offending program to eliminate it, I set the firewall to block access to 209.86.66.92, but specified that it should pop-up a warning every time it blocked an attempt. I forgot about it for 15 minutes, until the pop-up occurred. Then I waited, and again in exactly 15 minutes, another attempt was blocked. These warnings occurred for hours on end at precise 15 minute internals, and then just stopped.

The next day, same thing, only this time, the firewall began warning me of a request by elydm.06.am.barefruit.com at 209.86.66.95 for outgoing communications. This new address I put in the firewall, similar to the one described above, and again, the attempts to contact barefruit.com went on for hours at 15 minute intervals. Again, they suddenly stopped for some reason. But I noted that upon rebooting, there was a rapid series of requests every few seconds to try to contact barefruit.com. That stopped, too, after a short while.

Until the next day, when a new request showed up, a request to contact barefruit at elydm.01.am.barefruit.com at 209.86.66.90. This, too, I blocked in the firewall filter setup, and for a couple of days now, I have had zero barefruit activity.

I emailed Earthlink about this problem, but received a reply advising me to run spyware and antivirus scans - which I had already done, and which I had noted in my email to Earthlink. No help there, the person replying was clueless, in my opinon.

I've also notified Ad-Aware SE and Spyware Doctor of this problem, in the hopes that they will find a way within their respective products to eliminate this behavior. But, I have received no reply from either acknowledging the problem.

I'm not sure if this spyware-like behavior has been caused by Earthlink, but am very suspicious. The only thing I can find on the web about barefruit.com is the forum referenced in one of the posts, above, that discusses this new change of policy by Earthlink. (The forum is Broadband Reports - see http://www.dslreports.com/forum/remark,16763566~fmode=flat~days=9999~start=40)

I would like to see Earthlink issue a flat-out denial that these "phone home" occurences have anything to do with their new redirect service. But if they have been somehow programming my computer to contact the barefruit web site, well, I hope some bright lawyer brings a class action suit against them, similar to the one brought against Sony for the 'rootkit' fiasco a while back!

Earthlink wrote
"For more than a year we have been offering DNS error functionality for EarthLink Toolbar users through our Yahoo relationship, and Barefruit provides the technology that allows us to extend this functionality to EarthLink’s entire access customer base."

I didn't ask for a proxy. If I wanted a proxy to enhance my user experience, I would build my own squid-based gizmo. It would be in my house and I would adjust the solution, or simply unplug the solution if it bothered me.

Earthlink's Barefruit solution bothers me.

I don't use the Earthlink Tool Kit for personal reasons. I do not welcome this extension of functionality to my personal DSL connection.

I subscribed to an ISP, not a nanny service.

I strongly, strongly, adamantly prefer to manage my own "user" experience.

I would prefer the ability to configure my account to opt-out of any technology that tries to enhance my user experience without my consent.

I would prefer to adjust my Earthlink network participation in a manner that excludes my connection from the Barefruit egress proxy. I do not care if it's restricted to HTTP or not.

Please empower the more independent customers in the community to opt out as some of us "opt out" of The Earthlink Tool Kit.

-jon

Thanks to all of you who have commented here and via e-mail. There are some specific individual issues that I'd like more information on and will e-mail you directly to help address (or e-mail me at earthling at corp dot earthlink dot net ), and if there are any new issues surfacing, please feel free to add them to this thread or e-mail them to me. Specifically on Al S.'s concern -- what you're describing shouldn't have anything to do with our system. (edit: to be clear, it's not an intentional part of the system, and I'm emailing Al directly to see why it might be happening. I'll share the details when I know what's up)

Though it's tough to read at times, I'm glad you've all shared your thoughts and concerns. I understand your passion for your internet experience and for keeping things the way you're used to, and know that any change can be jarring, especially one that takes place on the level of DNS. Smart people can disagree on the philosophical side of this discussion, but on the practical side I want to emphasize that we wouldn't enact a change like this if we didn't believe it to truly be a benefit to the vast majority of our users. Many of our members would prefer a helpful error page to one that leaves them where they started.

That said, most of those who have spoke up here and in e-mails to me have said in strong terms that they'd rather not have this functionality in place on their system. We're reading and listening and discussing, and I want to thank those who have suggested some solutions that might allow us to better serve users who would prefer to opt out of the service. We take all of these considerations seriously, and if any alternatives become available, I'll let you know.

Called corporate office today and spent over 30 minutes on the phone listening to glorified elevator music.

Then was redirected to tech services in San Antonio, TX. Once there most of the techs were still unaware of what was happening.

After finally being transfered from supervisor o supervisor finally found talked with someon that knew what was going on.

He told me that this was implemented to protect 95% of our customers and that I should use Google's main web page to do my searches instead of using the address bar.

HORSE CRAP!!! (trying to stay within post guidelines) and thinking worse. This is merely a smoke screen for EL to generate income off of unwilling participants.

What are they going to do next? Start blocking certain websites? If you love having stuff shoved a you w/o your consent why not go back to AOL?

For those of you that are on cable and you came here looking for a work around here's what I done and have tested for the past 24 hours and have gotten rid of the redirects.

First of all you will need to set a static ip address for your pc. Don't know how to do that go here http://www.portforward.com/networking/staticip.htm

for dns servers use 4.2.2.1 and 4.2.2.2

If for some reason this doesn't work you may also want to modify your HOSTS file in c:/windows/system32/drivers/etc

open with note pad and add this at the bottom:

127.0.0.1 elydm.01.am.barefruit.com
127.0.0.2 elydm.02.am.barefruit.com
127.0.0.3 elydm.03.am.barefruit.com
127.0.0.4 elydm.04.am.barefruit.com
127.0.0.5 elydm.05.am.barefruit.com
127.0.0.6 elydm.06.am.barefruit.com
255.255.255.255 www.earthlinkhelp.com
127.0.0.7 http://earthlink-help.net

click on file.... click save

Reboot PC and problems should go away.

Don't know if this post will stay up or not. I personally don't care. If EL insists on continuing this path I will switch to Road Runner or another ISP provided by Time Warner in my area. Not only that but every customer that brings their pc in I'll be sure to steer them clear of any services provided by EL.

PEACE OUT

(Blogger's note: This is not a suggestion or solution coming from EarthLink and not something we can confirm, deny, endorse, or support. - Dave C.)

Thanks Dave. All too often customer frustrations like this disappear into corporate voids, and it's good to know EarthLink gets the other half of blogging: it's not just marketing or talking TO users, but listening to them as well.

I look forward to hearing more from you about how EarthLink will address our concerns.

Why didn't Earthlink use a service like OpenDNS?

It's opt-in and provides lots of actual real benefits like faster Internet and blocking phishing sites. I've been using it for the last couple weeks and I like it.

They make money the same way as Barefruit does but users are free to turn it on or off.

Dave C. wrote:

Smart people can disagree on the philosophical side of this discussion...

I couldn't disagree more. It is not a matter of keeping things the "way we
are used to", its keeping them the way they are specified to work. Some
very smart people went hammer & tong on this issue when Verisign tried this
scam, and Verisign lost decisively. See the Wikipedia entry on SiteFinder
if you need education on this issue.

The only difference is that Verisign is a monopoly and Earthlink customers
have a choice and *will* leave. Many people left AOL and joined Earthlink
because they resented AOL's interference in their Internet experience. Look
where AOL is now -- is this where you want Earthlink to go? This is a huge
step in the wrong direction.

There are a huge number of web hits at stake here and therefore a large dollar
amount for the redirect royalties. That makes me very suspicious of your
statement that you are doing it as a customer benefit.

BTW: Lately I've noticed intermittent problems resolving domains that I use
constantly. Is this service affecting the reliability of your DNS for domains
that do exist?

This thing is stepping on my intranet. A couple of the wireless machines in my office are constantly getting redirected to the earthlink-help.net page when they try to connect to my intranet. This is completely unacceptable and will result in cancellation of my account if it's not fixed by next week.

This 'feature', as I hesitate to call it, breaks standard and expected functionality. You say it should only affect web traffic, but as of this momment I VPN into my work network and none of my work network name resolutions work becaue of this DNS snafu. I am changing my home network DNS service to a NON-EL service and I will keep it there until EL removes this 'feature'.

I want to note that this feature is 1. NOT WANTED and 2. BREAKS STANDARD FUNCTIONALITY. This decision, if left the way it is, will be the final straw for me and I will be changing providers to another cable ISP who does not implement these rediculous changes. There is a good reason no other ISP has followed through on a permanent change like this.

-a very dissatisfied for-now-EL subscriber

I won't put up with this for very long, I will switch, in fact switching will actually save me money for the next 6 months.

At least from my IP address Earthlink now seems to be returning NXDOMAIN errors for non-existent domains again. So maybe (I hope) the problem is fixed.

However, this raises serious questions about Earthlink's technical competence. Earthlink technical staff should be well aware that the HTTP is only one of tens of thousands of applications that depend on DNS, that even with HTTP not all uses of HTTP are by web browsers, and that applications quite reasonably treat NXDOMAIN errors differently than "not found" web pages or "connection refused" errors. They should have been able to anticipate the problems associated with returning false information about a domain. (And yes, returning bogus A records, even in the non-authoriative answers section, is deliberately returning false information). Whether they simply failed to understand this, or didn't think it mattered - either way it does not speak well for Earthlink.

What Earthlink needs to do now is admit that it made a mistake and that it should have known better.

Can you please give me (and the many other unhappy customers) a way to return their DNS to normal.

Ironic, the very thing that led me to choose earthlink as my provider is now causeing me to switch. I pay for broadband...Thats what I expect RAW CONNECTIVITY! If I want your help in searching, I will ask for it. Thus far, the address bar on my browser kept me happy.

SCORE:
Road Runner 1
earthlink 0

Let me add one more dissatisfied vote for this new "feature".

Other than Earthlink themsemselves, I'm still waiting to read a single post from somebody who likes this.

I have Earthlink SOHO DSL at work and I hope I won't have to change providers.

I have wasted hours tracking down the browser hijacking that Earthlink initiated without my knowledge or consent -- going so far as to avoid mentioning any of this in its newsletter and keeping all references to its 'hijack' domain, earthlink-help.net, off its website -- so I'll be preparing to cancel our Earthlink cable account and switch to RoadRunner.

Hi buddy,

I am an Earthlink customer. I found this page trying to figure out why I was getting your stupid, unexpected "earthlink-help.net" page in my browser.
If you want to provide a "friendly" experience to your users, give them a web proxy and a bunch of settings they can CHOOSE and configure - like content filtering, privacy, filtering, whatever you want.
I DID NOT CHOOSE this behavior from your network, it is extremelly intrusive.
This is not how the web is designed to work. Have you heard of the word STANDARD? My browser should decide what to do when the DNS query fails. I bought an internet connection from your company, I expected nothing else.
And why mess up with other protocols? (telnet to a dummy host.afhbasfbfdsa.com results in "telnet: connect to address 209.86.66.94: Connection refused").

Have a happy life, learn some manners, and get a decent job.

George

I have to admit, spending 45 minutes on the phone with a tech telling me this is exactly what is NOT happening was rather frustrating. Listening to you tell me that it is "improving the EarthLink user experience" is a load of marketspeak; if I wanted the "EarthLink user experience", I would have installed the Earthlink software - from the fact that I didn't, it is safe to infer that I'm not interested. As others have pointed out, there are other braodband option available; I've kept Earthlink out of inertia, but if it's going to start affecting the way I work, it's time to move on.

we believe we are improving the EarthLink user experience with a system that will not interfere with other network processes.

saying this is almost as bad as breaking DNS to begin with

a non existant domain is not going to exist no matter how many ads you show the user.. the majority of users that type anything in to begin with can figure out real quick when a domain doesnt exist from the standard error message

lying about only affecting http doesnt help either

..Dale

As an addendum, before you worry overly, I don't really intent to test the DOS idea. Though you might feel the slashdot effect from earthlink customers.

What did you do to my traceroute? What did you do to my spam filters? Why did you break the whole MX system? Why on earth would you ever do anything to break the DNS protocol so completely? This is outrageous. I've been with Mindspring for years and always recommended it. That's got to change. I have my elderly parents calling me up because their browsers have been hijacked. My god this is a disaster.

This is completely unacceptable to me. It completely mucks with expected and correct behavior, and rather than getting the very useful and appropriate page I have configured my browser to give me on a dns error it gives me your useless and annoying one. If this persists I'm going to have to look for a different ISP.

I use to be able to simply type google into the address bar and it would take me there. This functionality has been taken away from me. I find this a negative. As a customer, I am letting you know that I prefer the way that it worked before. One strike against Earthlink.

Because of this DNS 'feature', I am canceling my service as well, and will make sure that I let all my friends and co-workers know about this. As others have said, the only thing different with EL doing this rather than Verisign doing it, is we can opt out by getting another ISP. So I'm opting out.

I intend to keep my box free of malware, even if it means switching my provider after over 5 years.

I run a development server on my home network. When a DNS error occurs, I need to see the error. I consider this way of handling DNS errors malware, and I'll also be boycotting Yahoo! Until this is cleaned up.

Your commercials are stupid, even if you are trying to express your inner troll.

I've ignored you up until this point. I'll recommend to everyone to avoid you like the plague.

You are a bottomfeeder, worse than AOL. I hope your stock goes into the crapper as well.

I intend to keep my box free of malware, even if it means switching my provider after over 5 years.

I run a development server on my home network. When a DNS error occurs, I need to see the error. I consider this way of handling DNS errors malware, and I'll also be boycotting Yahoo! Until this is cleaned up.

This is nonsense. I'm used to typing in the name of an address without '.com' and having Safari automatically resolve it to the .com address. Now, thanks to this obnoxious new feature, I cannot do what I've been successfully doing for years.

I am seriously considering dropping my high-speed earthlink account because of this. (I've been a used of earthlink since 1989.)

The problem with this is that you are replacing a simple and straightforward, standardized error message, with an annoying, distracting link to a less than desirable search engine, ad-supported and ad-distorted search results, and a smattering of annoying banner ads.

One might expect this sort of junk from a spammer or some sleazebag website, but not from a major ISP that one is PAYING for internet access.

People don't want yet another source of unwanted advertising - especially when it's coming from their for-pay ISP.

but then again, the only reason I heard about this was because it's all over Slashdot. Naturally, I dumped Earthlink a LONG time ago.

Earthlink:

* your redirection amounts to typosquatting;
* you breached the trust with your clients by using technical architecture for marketing purposes;
* the redirection breaks various RFCs and disrupts existing Internet services;
* your redirection is contrary to the proper operation of the DNS, ICANN policy, and the Internet architecture in general.

I invite people to contact Earthlink and let them know that this situation cannot stand. Call them, send emails, send faxes...

This is a money grab plain and simple. I prefer to get a 404 response when I fat finger a URL. I find it irritating when there are domain squatters all around a domain, but that is the way it goes and people need to take some responsibility on their part to realize that they hit the wrong site. However, if I should receive a 404 because there is no squatter, I don't want to ever be redirected to a commercial search engine not of my choice. For one, is the search engine going to remain agnostic and return a naked list without censorship or insertion of their own interest? Or is it going to push a preferred list of commercial site owners that paid a premium to have their site show up on a list for people that fat finger? The other money grab here is that now competitors have a way to advertise themselves and this is very powerful for what would normally be an anonymous site to the person typing in the address. Obviously, the user received a message somewhere for the site they are trying to reach and most likely the site that got the message out had to pay for this advertising, whether it be direct or indirect through word of mouth or viral or other nonstandard means. But now a competitor can pay earthlink to be affiliated just because of a fat finger mistake. That seems like opportunism. For instance, if I type in McDonards and the search engine interprets that I want to look up fast food or hanburgers, I now affiliate with McDonalds other hanmburger restaurants and fast food. It is quite possible these competitors did not invest in marketting like McDonalds to create the impulse for a user to visit their website. However, with Earthlink's redirect to their search engine, a competitor can pay a small fee, nothing probably compared to what McDonalds pays, and they are instantly associated. If the person did not directly go to a search engine to look up McDonalds, where it would be normal for other hits to come up, then this is a hijacking to make money.

Do you really expect Earthlink to be honest about its motives? When does the customer ever come first? This service costs money and customers aren't paying more, so this is business development that will probably net Earthlink more money at the expense of spamming their customers with paid ads.

Please stop doing this redirect. It intereferes with the way my browser works and leads me to a page I did not want. I can handle 404 errors or page not found, not this advertising.

I am noting the advertising that is being generated and am sending complaints to the advertisers as well. Not only are you getting me angry at Earthlink, but I am angry at every company listed on the pages that this redirect creates.

In addition to, and in agreement with, all of the negative comments you've received above, I'll add mine to the pot.

There are two fundamental reasons why this is an absurd money-making scheme:

- it breaks the net for users who've configured address-bar searching. This isn't an issue of me being "resistant to change". It's an issue of you breaking something that I specifically set up, in order to create another revenue stream. I pay you for internet access, not "user-enhancement". I'll enhance my own user experience. Your job is to provide the gateway.
- more importantly, your new trick violates the DNS specification. This breaks the net for VPN users, who depend on failed net queries to fold back into their own intranet.

Like the rest of the users here, I'll be happy to switch ISPs soon (and urge others to do so as well) unless you either remove this absurd Verisign-like malware or provide me a simple opt-out.

By the way - your malware is a lead story on Slashdot now, where you're roundly being assaulted. Congratulations - you're just made Earthlink that much better known. There's no such thing as bad press, right?

Fools.

"we do believe that it will bring benefit to the vast majority of users on our system and won't result in unintended negative effects."

Everyone here knows this isn't true, by the way, so by typing things like this, you just come off like a corporate shill.
Of COURSE you know it won't benefit users. It's not supposed to. It's supposed to bring in ad revenue. Of COURSE it will result in negative effects. That's because it's broken by design. You just hope that most users won't notice or know how to complain.

Stop pretending this is for the users. It just comes off as insincere.

DNS is one of the very foundations of an Internet connection. This change in DNS behavior is a direct violation of DNS standards. As such, you are simply no longer providing the product that your customers have bought and are paying for.

If I were an Earthlink customer I would consider this a breach of contract, or at the very least a cancellation of the current contract. Your change in product functionality is significant enough that it is no longer the same product, and as such you should cancel your existing contracts within their predefined cancellation periods. It's perfectly acceptable to offer your customers a new contract, but you can't avoid having to cancel their existing contracts.

This is all fine and good, until I start getting this page whenever I go to Apple.com. Again, this looks like a browser hijack, which is all the more confusing since I'm on a Mac. If the system truly works like you say it does, then I should get a "server not found" instead of your page, since Apple's servers were apparently offline for five minutes. To the best of my knowledge, the domain name still existed.

I'm a long time Earthlink customer on Time Warner Cable's Road Runner service.

You should note that my primary reason for using Earthlink vs. RR on the same cable transport service is simple -- you had better DHCP and better DNS servies.

Point: Yes, I fully realize that by using the term DHCP and DNS I do not represent the "vast majority" of your user base.

However, you just dropped 50% of your value proposition on the floor and rubbed it out of existence.

I also took the time to register a complaint with your feedback system here:

http://www.flickr.com/photos/jcuthrell/232825143/in/photostream/

Also, I also find it fascinating that the feedback loop does not specifically allow for the selection of a "Feedback Categories" for the complaint within the form that would clearly indicate it is tihs new DNS hijacking service from Barefruit that Earthlink has foisted upon all subscribers.

Perhaps the people driving this project really don't care about getting an accurate feedback categorization of incoming complaints.

I welcome and will respond to any feedback -- note: I'm using my gmail address as my Earthlink address is subject to going away very soon.

I'm very disappointed with this new function. I find it really intrusive and can't find any added value. If there is no way I can turn this off or use another DNS server that does not do this I will be soon changing to another provider.

I just want to say that think that this is something that will only upset "geek" users and will be "useful" to non-geek users is a risk bet, since "geek" users usually act as prescriptors for their friends and family.

Please, make it opt-out.

This is utterly, completely, and absolutely unacceptable. I'm going to be canceling my Time Warner/Earthlink account as soon as I can arrange a replacement.

I don't care that much about hijacking web page requests -- but the Internet is more than just the web!

As an example: My intranet has a series of domains: customername.vpn.customers.mycompany.com; customername.external.customers.mycompany.com; etc. To find the correct name to contact a customer's server on (depending on whether their connection to the VPN is working), we iterate through the search domains until we find one that resolves. (Obviously, only services with their own encryption and authentication layers are available with the VPN down). Except, with a wildcard in our DNS upstream, they all will resolve (from outside our company network, at least) -- breaking our ability to automatically failover when trying to do a lookup from a VPNed-in home system with the company DNS server as only one source (and an Earthlink pseudo-DNS server ["pseudo-DNS" because of its failure to follow the standard specification] as another).

This is unacceptable. Completely, totally, entirely unacceptable. 'Yall are breaking protocol specifications which your customers may have reasonably relied on in designing infrastructure in the past, and for what? Extra marketing revenue. The 95%-idiots excuse (read: that 19 out of 20 of 'yall's customers don't know how to interpret a DNS lookup error as presented by their browser) could justify offering the feature to those who install the Earthlink software bundle (they're the folks who want the "Earthlink experience" to modify how their computers work, after all) -- but changing behavior for those of us who haven't taken that affirmative step is beyond asinine.

It's a long weekend, so I'm going to wait 'till this coming week to change out my account. I'm long past the 6-month promotional pricing period which convinced me to purchase 'yall's service, and have been staying with Earthlink by inertia; this is more than enough reason to leave.

Earthlink personnel wishing to discuss technical aspects of my objections are more than welcome to do so directly. My email address is cduffy at spamcop dot net; my voice number will be provided on (emailed) request.

What a pile of garbage.

Goodbye Earthlink, you just lost a customer that has been with you for over 6 years because of this horsecrap.

Not only is it interferring with my web browsing activity, it is interferring with a couple of IE toolbars that i use in addition to sites that i visit on a daily basis.. Apparently sites that no longer exist (LMAO)

Ah well, i hope the added revenues you will generate from this will be worth all the customers you are going be losing over this.

http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html

I know this has already been mentioned, but the Earthlink people don't seem to get it: It isn't just mis-typed URLs or dead domains that are being redirected.

Now, if you leave off the "www." and the ".com", you are considered in need of "help," and get redirected. For example, I just typed in "yahoo" and wound up at the help page, where it asked "You entered "yahoo ". Did you mean www.yahoo.com?"

It doesn't happen every time, and this leads me to believe that it's a glitch, and not what was actually intended. If Earthlink can't make this thing work in an unobtrusive way, they should just drop it ASAP.

Craig - I can do one better - working at my company in network administration, I get asked quite often to comment on service providers (we have over 10K employees). Given this "functionality" and how much other true *functionality* it breaks, I will be STRONGLY recommending that a) everyone with an account cancels it and b) it be placed on our "not supported" list of ISPs.

I just canceled my home account with earthlink. SiteFinder caused huge havok at my workplace due to it destorying our spam filtering software and one of the software packages we sell. We voted with our wallet then(transfered away from Verisign), I'm voting with my wallet now(I'm at work right now searching for a different provider). I'm sure this was a business decision, since the page has advertisements on it. Hopefully more will demonstrate that by not playing nice, no one will want to play with you.

I saw a post way up there stating that this will help most earthlink users ... well then most of your users are dumbasses and most likely just come by earthlink after getting off the aol band wagon. (insert more bad statements here about earthlink and aol users. )

This issue made it to Slashdot today, and this comment is the best explanation I have seen yet of how Earthlink's intentionally warped DNS can break Internet applications: (link to comment)

A 404 is NOT a DNS error, its a page not found error that is returned to the browser from a web server you've SUCCESSFULLY connected to. an NXDOMAIN error is a DNS error returned by the DNS server for a domain name that doesn't exist. Thank you.

This problem hit us Friday on our business T1 line from earthlink. When I called into customer service, I was told that they had no idea about this change.

As a business customer I would like the option to opt OUT of this. Sure we could install our own DNS servers and indeed we have them for VPN related lookups but not informing your customers BEFORE doing this and not providing an opt out option is just plain rude.

Why is it SO difficult to get straight IP connectivity to the internet anymore?

The only reason for breaking basic internet functionality like this is to gain a few advertising dollars. If that's a tradeoff that earthlink is willing to make, then they are not an isp that I would consider or recommend.

While I can respect someone actually coming back here and reading the responses, it's obvious to me that either nobody considered the technical implications of this change, or that they were considered, and nobody cared.

This change breaks the ability to detect spam sent from non-existent domains. It will redirect traffic (web, email... any traffic) that would otherwise be unroutable to Earthlink servers; something a lot of people (myself included) might consider a security risk. It breaks multiple kinds of browser functionality.

I have to wonder if anyone at Earthlink has been doing this sort of work for more than a year. This was a bad idea when Verisign tried it, and it's a bad idea now. That anyone would think it's worth trying, after the huge uproar it caused last time someone tried it, is incomprehensible to me.

You can be sure I will never again recommend Earthlink to anyone. This move was ignorant and misguided at best; greedy and mailcious at worst.

Wow, a reason never to use earthlink...I'll be sure to tell all my friends.

My God, how could you break ping? It has to be the simplest feature of an IP network, yet with EarthLink's so-called "feature," you've managed to break it (as explained in Dr. Olds' post).

The wife's been pushing to swtich to AT&T DSL from our Time Warner/Earthlink connection. It's a lot cheaper. I can have domestic harmony, unbroken DNS, and a few extra dollars in my pocket.

Bye, Earthlink.

wow, i am glad that i no longer live in an area monopolized by sprint / earthlink.

i stopped considering sprint / earthlink as an option years ago, but this certainly would have broken the camel's back for me if i had not.

How is this any different from other typo-squatters? If anything it is worse. Earthlink has taken a working service, DNS, and broken it. End user applications can no longer work properly so this can hardly be considered a service. At least the typo-squatters only effect a limited number domains. Earthlink has gone after the entire universe.

If Earthlink needs to increase revenue, it should do it the old fashioned way - increase its customers by offering a better service at a competitive price. If Earthlink is chasing after a dime from such bottom feeding tactics, I would guess they have lost the ability to devise a real plan for growth and is a signal that ELNK is about to end up in the can.

From the comments, it looks like the most willing to leave Earthlink are those that have had the service for a long time and considered themselves loyal customers. This means Earthlink is also losing its best salesteam and gaining a very strong anti-salesteam ("Yeah, earthlink, I used them for a long time. Used to be great, but then they started mucking around with internet protocols. I could not even use my office's VPN. Stay away from earthlink.")

Let's be honest, the only bottom line is the bottom line. Everything else is rationalization. If Earthlink truly wanted to improve service why not increase mailbox size. Perhaps add business services like managed hosting and remote backup service. Maybe be bold and ask customers what they would like.

Sidenote: Check your example a. Google does own the domain gooogle.com, but not goooogle.com

Silly Earthlink. Silly, stupid Earthlink. :)

This is a bad decision, and one likely to drive me away from Earthlink. DNS is supposed to function the way it functioned, and not the way marketing droids believe it should. You can jettison the proxy or jettison your best users - your choice.

Yesterday, your proxy started redirecting me to your spam page when I was trying to reach news.google.com. Are you trying to tell me that the google.com domain had vanished? That's what your comments above indicate.

THis is not something "smart people can disagree on," this is a matter of network standards that Earthlink is violating. Stop it, or you'll also be losing me as a customer - and as the network manager of one of the largest public hospitals in the US, don't kid yourself that I don't make a lot of ISP recommendations to users.

Yes, I also worry about the privacy concerns. For example, if you connect to a mail server from an earthlink account that isn't an earthlink mail server. And the server happens to be down, your information will be sent to earthlink. Same goes for other protocols as well. I've seen many sites have a slight stutter in uptime.

Wow, didn't you guys learn *anything* from VeriSign? If a domain name doesn't exist, DNS resolution should fail; it's as simple as that. Anything more complicated should be done in the browser, not the DNS server. I'm just glad I don't have Earthlink. AT&T may not be the best, but even they don't try crap like this.

I don't have Earthlink service and I am glad I don't. If my current ISP did something like this, I would be filing a complaint with the FTC. It is a hijack attempt. If someone mistypes a url, it should not direct them to their ISP's search page. It should be up to the user if they want this functionality. Earthlink apparently doesn't give a choice and instead cares more about money then the customer. Do you forget, it's the customer that makes you money. Also, the fact that this breaks so many things and leaves them completely useless just makes it worse (ping, etc.) This is just wrong.

What a horrible idea, guys. There should be no need to re-hash this. The concept was overwhelmingly rejected when Verisign tried it, and with good reason. If you're going to do this, allow your customers to opt in. Don't force broken DNS on people.

We've got 20+ Earthlink dialup accounts for our road warriors. This might be enough to nudge us towards other options. We've been discussing it anyway.

I work in a retail computer store and will now stop recommending Earhtlink to my customers. There are many other independent ISPs out there that don't mess around with basic protocols like this. What's that mean to you? A loss of about 10-20 referrals a week.

Dave C: A little knowledge is a dangerous thing, and you certainly have little knowledge in this area. You later comments on "Thanks for the feedback" are a slap in the face. IF Earthlink were really interested in these comments they would immediately disable the service and find a way to have people opt-in to it.
Can you do us a favor Dave? Post for us a few supportive comments about the redirects? Have any of the 95% of the intended audience thanked you for it yet?

This is really helpful, especially all those banners that help you earn revenue.

Goodbye Earthlink, I'm leaving and i'm taking everyone who'll listen with me.

Your shoddy service and underhanded crap like this is the final straw.

DNS requires a specific response if a record is not found; this violates that. It breaks *so* many systems it's not funny, as is well known from the Verisign debacle.

The Internet is built on standards. Don't try to set up your own and still claim to be an ISP.