Orange Broadband ISP Hijacks Error Pages

An article in the FT last week (referenced here: British ISP Orange Shuns Phorm) described how ISP Orange have decided not to go with the behavioural advertising service Phorm, which profiles users internet activity in order to serve them with relevant ads.

But one thing I have noticed them doing over the last week is hijacking certain “domain not found” pages:

Orange broadband intercepting (some) page not found pages...

…which means that Orange must be looking at my HTML page headers for certain error codes?

Now I wonder if anyone from Orange Customer services or the Orange Press Office would like to comment on whether this is reasonable or not, and/or how they are doing it?

Just by the by, I found the Orange Customer Services web page interesting – not just the links to all the premium rate phine lines, more the font size;-) (click through for the full size image):

//www.orange.co.uk/contact/internet/default.htm?&article=contactussplitterwanadoo - check out the font size

I’ve also noticed what appear to be a few geo-targeted ads coming at me through my browser, so wonder if Orange is revealing my approximate location data to online ad targeting services (I’ll try to remember to grab a screenshot next time I see one). The reason I suspect it’s Orange is because I ran a test using a cookie blocking browser…

PS note to self: try to find out how ad services like NebuAd, Tacoda and of course Phorm make use of user data, and see just how far their reach goes…

PPS Hmmm… so just like there is a “junk mail opt out“, “unaddressed mail opt out and “junk phone call opt out” in the UK, it seems like there is a (cookie based….?!) initiative for opting out of online ad targeting from the Network Advertising Initiative. Does anyone know anything about this? Is it legitimate, or a gateway to yet more unwanted ads? I’d maybe trust it more if it was linked to from mydm, which I trust becasue it was linked to from the Royal Mail…

Author: Tony Hirst

I'm a Senior Lecturer at The Open University, with an interest in #opendata policy and practice, as well as general web tinkering...

9 thoughts on “Orange Broadband ISP Hijacks Error Pages”

  1. There are 2 companies which offer what you are seeing. One which has been around for a long time is FrontPorch – they do use DPI. The other is BareFruit who claim not to use DPI – Tiscali started using BareFruit earlier this year and BareFruit is switched on/off at account level.

    If you look at the source code for the links on the ‘portal’ page it should contain sufficient information for you to discover if either the above or one of the lesser profiling networks is involved.

    The object of the ‘error hijack’ is to monetise the portal which most customers won’t be seeing.

  2. @M Thanks for that – I maybe need to go reading around DPI (deep packet inspection, e.g. http://www.gcn.com/online/vol1_no1/47475-1.html ).

    I guess policy briefing docs from advocacy groups are one place to start?! e.g. https://www.dpacket.org/articles/online-behavioral-advertising-discussing-isp-ad-network-model

    Also:
    http://www.frontporch.com
    http://www.barefruit.com/ (“Barefruit provides a comprehensive solution to error traffic, enhancing the user experience and generating revenue for ISPs. Uniquely able to resolve both DNS and HTTP errors, Barefruit provides highly relevant alternatives to the user, putting ISPs back in control of users’ address bars. Operating at network level, Barefruit technology enables ISPs to resolve error traffic across the customer base with no capital outlay.” Sheesh…)

  3. Are you using a web browser customised by Orange? That might explain the custom DNS error page.

    As for geo-targetted adverts, that’s not necessarily Orange. There are lots of services that attempt to calculate your approximate location from your IP address or browsing habits.

  4. @andymurd “Are you using a web browser customised by Orange?” No… I use a personally downloaded version of flock. And I get similar behaviour with Safari, and any other browser I use… Here’s a URL that pulls up the page: http://hijack.o and if I try http://orange.hijacking I briefly get the Orange error page, then a redirect to the Orange homepage…

    “As for geo-targetted adverts, that’s not necessarily Orange. There are lots of services that attempt to calculate your approximate location from your IP address or browsing habits.” Yes, I appreciate that… But I’m pretty sure my IP address that gets seen by third party sites is located to an ISP hub somewhere miles away, whereas I’m noticing geo-targeted ads that are far closer to home? Checking that out properly is on my to do list, though…

  5. Phorm was doing behavioural advertising. Geo-targeting is one down from that in terms of spookiness, i think?

    And note that I’m not saying that Orange ARE selling my geolocation, I’m just confused as to how it’s apparently being done (unless it’s just chance and I’m getting served ads that are relevant close to home…)

  6. “If you look at the source code for the links on the ‘portal’ page it should contain sufficient information for you to discover if either the above or one of the lesser profiling networks is involved.”

    The Orange homepage/portalpage appears to be using DART for Advertisers from doubleclick – http://www.doubleclick.com/products/dfa/index.aspx – if the js function names are anything to go by (e.g. /dartUK()/, which sets /dartUK.svr = ‘http://ad.uk.doubleclick.net’/ ;-).

    Question: can “third party” sites serve you geo-targeted ads if: a) you don’t register and tell them where you are (?!) and: b) are cookie free? Presumably “yes” if your IP address locates you. But if you do an IP geo lookup using cheap’n’nasty free online services, they usually pinpoint you at an ISP locations, not *your* location? However, your ISP is likely to know where you are either through billing information or more definitely through resolution of the local telephone exchange/mobile cell that supplies you with your network connection.

  7. Okay, here’s maybe another way to get “weak” geo data for an IP address:

    – I run a website, that
    – records IP addresses, and
    – uses onsite behaviour (search, browse etc etc), to
    – make a weak guess at location, which is then
    – aligned with the IP address.

    So for this to be ‘useful’ in a domestic case, I guess the question then is: to what extent do e.g. users with always-on braodband connections have a persistent IP address?

  8. Is it not possible that Orange are not just using their DNS servers to provide you with these pages? I have my router configured to use OpenDNS and when it can’t find a domain, it comes up with suggestions in an OpenDNS “sponsored” page.

Comments are closed.