Tuesday, 21 September 2010

Opting out of BT and Barefruit and BT Web Address Help

So, BT are using Barefruit to return DNS queries again. It even has a name: BT Web Address Help.

Very cosy name. They are helping out us poor misguided users and definitely not trying to make a quick buck on sponsored links @ google.cmo or bbc.couk or anything. Thanks BT.


You can test it by creating a shell script bt_dns.sh

tng@danny:~$ cat bt_dns.sh
#!/bin/bash
for DNS_SERVER in `cat all_bt.txt`
do
dig sausages.ora @${DNS_SERVER}
done

Then we need a configuration file all_bt.txt containing the following:

tng@danny:~$ cat all_bt.txt
194.72.9.38
194.74.65.69
194.72.9.34
194.72.9.38
194.74.65.68
194.74.65.69
194.72.0.98
194.72.0.114
62.6.40.162
62.6.40.178
8.8.8.8

tng@danny:~$ chmod a+x bt_dns.sh

The last server 8.8.8.8 belongs to google and is our control.

Which results in the incorrect DNS with NOERROR s instead of NXDOMAINs.

tng@danny:~$ ./bt_dns.sh | egrep "NOERROR|NXDOMAIN"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37643
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26799
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21054
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37604
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50429
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10757
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52823
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40204
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17590
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43674
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39713

BT offer an opting out web page:
http://preferences.webaddresshelp.bt.com/selfcare/preferences.cgi. It would have been polite if they had offered an "Opting In" button instead, but it is BT and we can't expect them not to try and make a quick buck.

Does it work?
[EDIT]Yes - see below[/EDIT]. BT explain why they are doing it (Browser NXDOMAINs are just so unhelpful).
http://bt.custhelp.com/app/answers/detail/a_id/14244/c/346,402,405

tng@danny:~$ ./bt_dns.sh | egrep "NOERROR|NXDOMAIN"
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24075
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18186
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61799
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20473
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 942
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6652
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42690
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27564
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54089
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3370
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24662

1 comment:

idle RAT said...

I don't know if you're still interested, but 2+ years on, they're still doing this! It's ridiculous and obnoxious, the only other hijack pages I've experienced are from malware and I can't say I think any better of it when it's from bt!

I wouldn't mind so much if it was a free service, but we're paying for this. And, they don't bother to tell you how to disable it, I only found out after your posts came up in a google search(Thank you!).