Sky Broadband firmware update bricks routers using third-party DNS settings

Graham Cluley

Sky Broadband firmware update bricks routers using third-party DNS settings

Sky Broadband firmware update bricks routers using third-party DNS settings

Many tech-savvy computer users choose to adjust the settings of their ISP-provided broadband router to use different Domain Name System (DNS) settings.

For instance, you might want to use the DNS settings provided free by CleanBrowsing to block adult content from your children’s eyes, or 1.1.1.1 from Cloudflare for speedier DNS resolution, OpenDNS, or Google’s Public DNS at the IP address 8.8.8.8.

If that’s all gobbledygook to you then you probably haven’t changed the DNS settings of your router from the default it shipped with – which also means that you won’t have suffered the kind of problems that some Sky Broadband customers are reportedly experiencing in the UK:

Sky Broadband has rolled out a firmware update which is bricking users’ broadband hubs if they are not set to use the ISP’s default choice of domain name server.

The Reg was contacted by a Sky subscriber who wants to remain anonymous. They lost internet access on Friday morning and were told it was due to a firmware update which went out overnight on Thursday. Initial promises of a fix within 72 hours were then amended to between three and eight days..

There are plenty of complaints from unhappy Sky Hub users on SkyBroadband’s online forums.

An official response from Sky Broadband spokesperson says that customers will have to request a firmware rollback, and then wait up to a week, before they can access the internet via their third-party DNS settings again:

“Our latest firmware update is designed to support new, exciting features coming to Sky Broadband soon. If customers wish to continue using a third party DNS server, they can request a roll-back to the previous firmware which can take up to 7 days however customers will still be able to access the internet using Sky DNS servers throughout this time.”

So there you go. Your ISP just denied you access to the internet with no warning. Presumably you’ve already taken remedial action (perhaps you’re using mobile data, or someone else’s Wi-Fi, or simply given up and using Sky’s DNS settings instead) otherwise you might find it tricky to work out why your internet access stopped working as you expected.

I’m not alone in recommending to folks that, whenever possible, they use their own router rather than the one supplied by their ISP.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “Sky Broadband firmware update bricks routers using third-party DNS settings”

  1. Hi Graham, it's all well and good telling users to use alternative DNS for very good reasons but to suggest a work around to this issue is to use our own router I don't think will work, however I could be wrong. I am a Sky customer myself with a Sky Q router rather than the SR01 or SR02 as pictured in your article. When I went to use my own router Sky told me that they did not allow the use of a third party device for receiving the internet connection so I had to put the sky provided router into bridge mode and hard wire my own into it in order to receive an internet connection, however you still have the issue of having the DNS settings being controlled by the Sky router so I don't think simply buying your own router would help in this case, although the reason for using your own router is so very much recommended for other reasons such as segmentation, proper firewalling etc… which the sky router does not provide.

  2. I think leaving the ISP router is probably the best advice for the majority of non-expert people. The ISP can update it when they discover problems. If a vulnerability is discovered, it's massively in their interest to sort it out. If they can't sort it properly, they can probably put mitigations at the network level to block malicious users on those particular routers.

    If you buy a 3rd party router, it will never update unless you understand what you are doing and update it yourself. After not very long, it's likely updates will no longer be available. The router maker will want to sell you a new router, not fix the one you have.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES