"It's a trap! Reported phishing or malware site" : who?

[ankh]

Yep. I tried the
"Think this is blocked in error?
Tell Us!"
button yesterday evening for the washingtonpost block.

I haven't found any mention that there's a real problem, you'd think it would be news by now if WaPo is troubled.

[Guest]

Looks as if the Washington Post has been anonymously and wrongly censored by Sonic and their upstream DNS provider since at least 10pm last night.

It is hard (likely on the order of impossible hard) for the majority of Sonic's customers to be able to work around the problems inflicted by the censorship.

- It does not identify who is responsible for the block
- It does not permit an "I'll take the risk, let me in" response (as the similar Firefox function does or once did)
- Although Sonic claims it's 'opt-out,' it's opt out only for those people able to find out how it's implemented and with access to make the changes

It is now almost a year since this thread started, but the setup is just about as pigheaded as it was at the time of first complaint.

Sonic could surely, by now, know whose customers are hitting their censorwall and deliver them a tailored landing page. The dns tampering platform they (bought? really? for money? you couldn't have had one of your very talented team write something better by now?) are using probably didn't have that baked in at time of purchase.

ITS BEEN A YEAR. YOUVE UNDERSTOOD THE COMPLAINTS. FIX THE PROBLEMS.

Sonic's landing page, for their customers, ought to have the email address and a NOC phone number to call. Censoring the Washington Post for a half day isn't acceptable. The NOC team needs to be very accessible on this topic and to have a way of immediately updating the dns tampering service on customer request.

As long as you're building that system to permit modifying - very quickly - the behavior of the censoring platform, might just as well add that 'remove the censorship' function to the customer portal for use on a per-customer basis, too.

One way: everyone gets something like SpamAssassin prefs, where we can each decide what domains we trust but keep the rest of the blocking in place. But that'll cost real money on the censorware side, because it would suck resources like they were going out of style to implement a per customer per domain opt-out.

Another way: the form the current landing page takes you to, where you can ask for the service to permit seditious, illegal content to come through and someone, somewhere, reads your request to see the Communist Post and notes it down? Add a button that points your account to the less censory servers for once and for all (if you're a dynamic customer) and explains the issue (if you're a static customer.)

By the way: I've had the Sonic NOC recommend I not use my own DNS settings. In the past I'd preferred to use Google's DNS to Sonic's, but was occasionally seeing issues at my girlfriend's place where I was able to ping remote gateways, connect non-DNS-dependent services but completely unable to get DNS operating. Sonic's NOC strongly advised that we accept the DNS that came off their system rather than trying to use our own settings and explicitly said that they had seen manual DNS entries make problems.

ITS BEEN A YEAR. YOUVE UNDERSTOOD THE COMPLAINTS. FIX IT.

All that said, Sonic remains the best of the bunch and I suspect that what we're not hearing about is the number of customers whose PCs were pwned by drive by malware before the DNS rules went in.

Still, though - the problems seem largely unaddressed for a long time, and the fix is not easy to track down or implement, particularly when the NOC on at least some occasions recommends leaving the settings as they are.

[cdkeen]

If you would like to visit a site that is being blocked and you are a Sonic.net (or affiliate ISP) internet user you have the option of using our opt-out name servers listed at the link below (includes links to configuration instructions for multiple operating systems) to bypass the blocking mechanism:
https://wiki.sonic.net/wiki/DNS_Opt-Out
If you need additional assistance with this you can contact customer support either at support @ sonic.com or by calling 707.547.3400 between 6am-11pm M-F 8am-10pm Sat-Sun. Thanks for choosing Sonic!

[ankh]

How about bypassing just the one blocked site?

I'm thinking of Tom Toles's editorial cartoon page at the Washington Post, which was blocked for a while -- DOSed, I think.

[frustrated customer]

i'm posting to echo "guest guest"'s comment above. they put it quite succinctly - ITS BEEN A YEAR. YOUVE UNDERSTOOD THE COMPLAINTS. FIX THE PROBLEMS. i'm just posting to let you know they're not the only customer that is of this opinion.

also, to remind you that over a year ago, one of your employees posted the following:

"by cdkeen » Wed Jan 22, 2014 6:23 pm

... at some point the page will likely be skinned to allow the proper ISP to direct user's on where to call for support if necessary and eliminate the perception that there is possibly something amiss due to the lack of attribution. Thanks for choosing Sonic.net!"

"at some point the page will likely be skinned" - when exactly is that going to happen? i'm a fairly literate computer user and i have found myself confounded by this "it's a trap!" page for MONTHS now (my first reaction, like others, to a COMPLETELY UNBRANDED AND UNLABELED page, is perfectly reasonable skepticism - to the point of thinking that perhaps the page itself was a phishing site, since it's COMPLETELY unclear where my comments are going). it's only now, upon googling the initial text on the page, that i found this thread. i had to read through several posts to finally find a link to instructions on how to update my DNS servers - not just text that says - "change your DNS servers to these ones if you don't like this". and *i* could have probably figured it out by myself anyway. how many other sonic.net customers can? also, i *can*, but i don't have the time for such an inconvenience.

several posters' original points remain, have been UNADDRESSED, and i would like to reiterate. i GET that you want to prevent people from visiting phishing or malware sites. HOWEVER. the page that you display contains NO identifying information. it contains NO information on WHY the site has been designated as such. it contains NO ability for the user to bypass said information (here's an easy thing: include the original link to the page, on that page. GIVE YOUR USERS A CHOICE.) - and they SHOULD have that option. from top to bottom, and inside to out, this "It's a trap!" page is a perfect example of awful, terrible, no-good, un-user-centered design.

sincerely,
a very irritated sonic.net customer

[digitalbitstream]

If you would like to visit a site that is being blocked and you are a Sonic.net (or affiliate ISP) internet user you have the option of using our opt-out name servers listed at the link below

Those instructions DO NOT belong here.
They belong on the mousetrap page.

Disclosure is the better part of ethical. What should be Sonic's strength comes off as a weakness here.

[ocraig]

Love Sonic. Sing its praises every chance I get.

The mousetrap snagged "letsopen.com," an Ubuntu repository. Using Joe Mueller's suggested urlvoid.com, I see only SURBL as having blacklisted this site. Makes me wonder whether the mousetrap's sensitivity can be adjusted to require more than one service's blacklisting...

Still, I'm with digitalbitstream on this. It would be good to continue working on making this service more immediately transparent and actionable. I don't have much more to add on the transparency front. With respect to "actionable:"

Instead of a button leading to a form telling us to justify why we think a page is legit, would you please consider replacing it w/a button that says "I believe this page was blacklisted in error?" No form necessary.

thanks,
-Craig

[Mike]

Strongly agree with all complainers. This is WRONG and a huge disappointment from an otherwise great company. You shouldn't be blocking web access AT ALL unless someone opts in, and then, the block page needs to offer the option to bypass it, and MOST IMPORTANTLY needs to say who is doing the blocking, why, and how to get around it. To me, as it stands, this "feature" itself meets the definition of malware: something I didn't want or ask for, being added to my service without my knowledge, preventing me from doing what I need to do without leaving me any workaround, and not identifying itself or its source.

Switching my nameservers on my laptop is a pain. It's a laptop, I don't always use my home network, and I want to get the nameservers through DHCP, like it's supposed to work, without a mysterious unidentified stranger interposing itself between me and what I need to get done.

Seriously. I'm completely baffled as to why such an otherwise great company would do something so spectacularly stupid. I'm definitely lowering my Yelp rating of Sonic. This is seriously uncool. Stop doing it.

[dherr]

Sonic offers name servers that do not block. They also offer servers that do. If you want DHCP to feed out a non blocking answer then you just set that up on the router. Are you saying that can not be done?

P.S. It can *not* be done for most/all? of the AT&T FTTN routers but they are using non blocking name servers, so that issue does not apply there.

Sonic help page info for this (Not the FTTN info, just the "on net" Sonic products):

Primary recursive name servers
These name servers are recursive only, and have DNSSEC and RPZ enabled.
208.201.224.33 ( ns2.sonic.net )
208.201.224.11 ( ns1.sonic.net )

Opt-out recursive name servers
These name servers are recursive only, and have DNSSEC and only a minimal set of hand blacklisted domains.
75.101.19.228 ( optns2.sonic.net )
75.101.19.196 ( optns1.sonic.net )

[femalefaust]

amazing. i was sure this could not have been sonic; even wrote a post about it, because Sonic, i thought, wouldn't do this. here is the letter i submitted under the 'tell us' button, when i was alerted that i could not get to grooveshark.im (after they lost their case and just after their CEO was found dead):


----------------------------------------------
My Letter To Whoever Authorizes DNS Redirects (Sinkholes)

The Internet is dangerous.

Countermeasures are assumed to be the responsibility of the end-user. If offered, these are considered a value-added service by the ISP, and availability is driven by market forces; they are traditionally offered on a volunteer, or "opt-in," basis, and ISPs are under no legal obligation, as far as I know, to provide such services.

The Internet will be dangerous, or it isn't the internet.

If one is really skydiving one must pack one's own parachute; if one is really surfing there may be a freak wave, or shark; a certain percentage of individuals crossing the street will meet with their demise at the hands of an oncoming vehicle; a certain number of patients undergoing routine surgical procedures will never regain consciousness; healthy individuals in the prime of their lives, described with terms like 'optimistic' 'enthusiastic' or cheerful' by those few last known to encounter them, have nonetheless been found suddenly, inexplicably, incomprehensibly dead; and not every jetliner forced to attempt an emergency water landing will be lucky enough to have the legendary Chesley Sullenberger for a pilot.

Notwithstanding, 'free' and 'open' are not fungible, nor negotiable.

The internet has to be dangerous -- if it is really the Internet, the real Internet, and not just a walled garden, an infomercial, shopping network, reality tv, photo album, fancy telephone, ankle-bracelet, or, screen-saver.

The web-page I requested contains neither spoofed pages (phishing) nor code that seeks to infect or control my computer or my files (malware); this may, however, not be as easily able to be said of "you," whoever "you" are, since a) you appear to have created a page which is being given to me in lieu of the page in which, it seems, we both share a rather keen interest; and b) not only have you, at least for now, succeeded in preventing me from surfing according to my own will, but also c) it appears that the button enabling me to "opt out" of this 'protective' service is missing entirely, having been replaced by a cryptic, rather ominous assertion -- more warning, or threat, really, than helpful pointer -- concerning the close interconnectedness between my desire for un-'filtered' content and my relationship my sweet, honest, forthright ISP, Sonic.net, a tone which my many positive experiences to date would lead me to consider uncharacteristic and unwarranted.


I have set up this page at piratepad: http://piratepad.net/XWZrpiK4yF.*

Please contact me there, if you would, to confirm receipt of this communication. Please feel free to comment or reply.
----------------

*no one contacted me about it.
i will check the piratepage, here, and the blogpost from time to time.