Saturday 17:50:43
Details
Posted: Saturday 17:30:55
We have identified a small number of TalkTalk connected circuits that have 1-4% packetloss in the evenings between 7pm and 9pm. We have worked with TalkTalk NOC and have helped them to identify a link running at full capacity within their network. Work is still ongoing to fix this.
Update
Saturday 17:42:22
To aid with TalkTalks investigations we have shutdown our interconnect in Harbour Exchange to TalkTalk. We still have plenty of capacity in Telehouse so this work is not service affecting.
Update
Saturday 17:50:43
TalkTalk say: "NOC troubleshooting has identified that one of three 10 gig circuit between the LTS and the LDN at hex is reaching capacity between 19:30 and 21:30hrs and is the root cause of the packet loss."
Broadband Users Affected 1.50%
Started 18 Oct 19:00:00
Update was expected Yesterday 18:00:00

20 Oct 15:01:04
Details
Posted: 20 Oct 15:01:04

Multiple vulnerabilities have been reported in dnsmasq, the service on the ZyXEL routers which provides a DNSresolver, DHCP functions and router advertisement for IPv6.
A list of these can be found here.

The scope of these is relatively broad, and most attack vectors are local. causing the router to fail DNS/DHCP/RA if exploited (DoS condition), one additional vector includes execution of arbitrary code.
As dnsmasq is tightly integrated into the router, it can't just be turned off, however as a workaround you can change the DNS servers the routers serves in it's DHCP server to minimise potential impact from a local attacker should they perform a DNS request in a way which exploits the DoS conditions. This can be performed by going to the Router Settings page on your control pages, and entering our nameservers 217.169.20.20 and 217.169.20.21 into the IPv4 DNS fields, clicking save, then clicking on the DHCP button at the bottom (for B10Ds only) or clicking on Send ZyXEL configuration (B10As or B10Ds, will wipe existing settings on the router)

An official patch from ZyXEL is estimated to be provided during December 2017 for the VMG1312-B10D routers (Firmware V5.13(AAXA.7)), and January 2018 for the the VMG1312-B10A routers.
An update will be made to this post once firmware updates have been released.

Expected close 01 Feb 2018

16 Oct 12:00:00
Details
Posted: 13 Oct 13:45:25
We are doing some work on the Control Pages during Sunday 15th October starting from 10AM. We expect the Control Pages to be unavailable for a few hours whilst this work is carried out.
Update
15 Oct 10:05:31
We are beginning work on the control pages now.
Update
15 Oct 18:08:45
The ops team have been hard at work all day. We expect the control pages to be visible shortly, but there will be some issue still I am sure. Some may not be resolved until tomorrow. Please do let support know if anything seems to not be working.
Update
15 Oct 18:21:27
The control pages are now live. There are several smaller jobs to finish, some of which will be later today and some will be tomorrow.
Started 15 Oct 10:00:00
Closed 16 Oct 12:00:00

16 Oct 17:19:12
Details
Posted: 16 Oct 14:03:30

There are lots of news articles and discussions about the 'KRACK' attack vulnerability affecting WiFi client devices.

In summary, this affects WPA2 (and WPA3) (as well as being an additional insecurity with TKIP) And is actually a bug in the WiFi spec - ie the design wasn't thought out properly. So any implementation which follows the spec is vulnerable. There is more technical information about this in the links below.

From an customer of AAISP point of view, we do sell DSL routers with WiFI as well as WiFi access points but, this is a vulnerability in WiFi clients rather than the routers themselves.

Generally, the fix for this vulnerability is on the client side - ie the computer or mobile device connecting to a WiFi network, and so customers should look for software updates for their devices and operating systems. There are links below regarding devices we are involved with which contain further information.

We'll add further information to this post as we receive it.

Update
16 Oct 14:04:01

For more information see: https://www.krackattacks.com/ and all the gory details are in the paper: https://papers.mathyvanhoef.com/ccs2017.pdf

WiFi device specific information:

Remember the main devices to patch are your devices such as computers, phones, tablets etc - once updates have been released and many devices will already have been patched if they are up to date. Updates to Routers and access points will will address the problem when they are acting as a WiFi client themselves and so won't really help if your devices are still unfixed.

Started 16 Oct 10:00:00

16 Oct 14:00:00
Details
Posted: 16 Oct 13:33:49
Texts and emails reporting lines up/down, engineer visits and some other information have been broken over the weekend. This means some delayed messages are being sent out. Sorry for any confusion, it should all be sorted shortly.
Started 16 Oct 13:00:00
Closed 16 Oct 14:00:00
Previously expected 16 Oct 14:00:00

15 Oct 12:14:02
Details
Posted: 10 Jul 22:52:30

OVERVIEW:

Using encryption is strongly recommended wherever possible to as to ensure private communication between you and the server and to protect your username and passwords from being intercepted by other people.

Historically, accessing our email servers using SSL/TLS has been available but problematic in that the certificates we use is issued by 'CA CERT' which although is 'secure', email programs often popped up a warning about the security settings.

SOLUTION:

We have added a new set of servers which customers can use to access their email. These use a Let's Encrypt certificate which will be accepted by email clients without any warnings.

IN TESTING:

At the moment (July 2017) we are still testing this out, and this should be viewed as 'beta'. There are a few rough edges which we are still working on fixing before making this an official service. that said, customers may try this out and we will make any maintenance as seamless as possible - meaning that it should work fine but there may be short periods of time when it stops working.

USAGE:

A simple change needs to be made to your email account settings within your email program (eg account settings in Thunderbird, Outlook, Mail etc). Go to the account settings where the IMAP or POP3 server details are, and ensure the following is set:

For IMAP:

Server hostname: mail.aa.net.uk

Port: 993

Security options: SSL/TLS

For POP3:

Server hostname: mail.aa.net.uk

Port: 995

Security options: SSL/TLS

You must use SSL/TLS as we do not support insecure access on these servers.

CHANGING BACK:

Customers are free to change the settings back to what they had before. This will not affect the emails stored on the server in any way.
Update
28 Jul 20:46:50
Note: mail.aa.net.uk can also be used to manage your sieve filters (TLS on port 4190)
Started 10 Jul 22:00:00

15 Oct 12:05:00
[DNS, Email and Web Hosting] Problems accessing email - Closed
Details
Posted: 15 Oct 11:44:27
We're looking in to a problem with customer accessing email via IMAP and POP3, this is related to maintenance on our control pages. We expect email service to be restored very shortly.
Resolution This has been resolved.
Started 15 Oct 11:00:38
Closed 15 Oct 12:05:00

13 Oct 09:45:00
[DNS, Email and Web Hosting] Incoming mail issues - Closed
Details
Posted: 13 Oct 09:34:51
One of our mail servers is currently down. We are investigating and will update the status once we have more information.
Update
13 Oct 09:48:24
Staff are working on this, this will be affecting some customers for accessing their email accounts via POP3 or IMAP.
Update
13 Oct 09:49:54
Service has been restored, there is a small backlog of email which will take a few minutes to be delivered to customers mailboxes.
Started 13 Oct 09:33:01 by AA Staff
Closed 13 Oct 09:45:00
Previously expected 13 Oct 10:00:00

10 Oct 20:03:21
Details
Posted: 26 Apr 10:16:02
We have identified packet loss across our lines at MOSS SIDE that occurs between 8pm to 10pm. We have raised this with BT who suggest that they hope to have this resolved on May 30th. We will update you on completion of this work.
Broadband Users Affected 0.15%
Started 26 Apr 10:13:41 by BT
Closed 10 Oct 20:03:21
Previously expected 30 May (Last Estimated Resolution Time from BT)

10 Oct 19:58:12
Details
Posted: 10 Oct 20:00:14
The "B" LNS restarted for some reason, we are looking in to why but this will mean some customers lost PPP connectivity. Obviously customers connected back again as fast as their router will retry - either to backup LNS or the "B" LNS which rebooted within a few seconds. Sorry for any inconvenience.
Started 10 Oct 19:52:00
Closed 10 Oct 19:58:12

6 Oct 04:46:00
Details
Posted: 3 Oct 14:57:54
We will be doing some maintenance on one of our new 10G routers at 4AM on Friday 6th October. We are not expecting this to impact customers but it will involve some minor routing changes across our core network.
Update
6 Oct 04:08:26
This work has started.
Resolution This work has been completed.
Started 6 Oct 04:00:00
Closed 6 Oct 04:46:00

30 Sep 07:46:32
Details
Posted: 30 Sep 07:46:32

Most customers expecting a direct debit on Monday 2nd October will actually be debited on Wednesday 4th October.

As this is within the 3 banking days allowed under BACS rules for the "on, or immediately after" notices already issued, we will not be issuing a separate new notice of Direct Debit collection.

Started 2 Oct

27 Sep 13:15:00
Details
Posted: 27 Sep 13:06:43
At 13:01 we saw a number of broadband lines drop and reconnect. We are investigating the cause.
Update
27 Sep 13:18:20
This affected circuits on our 'H' and 'I' LNSs, customers on LNSs 'A' through to 'G' were unaffected.
Started 27 Sep 13:01:00
Closed 27 Sep 13:15:00

Details
Posted: 27 Sep 10:16:11
We are making a change to our TR-069 router provisioning service this morning. It is not expected to cause any disruption, but between 11:00 and 12:00 should be considered an "at risk" time. Apologies for the short notice.
Previously expected 27 Sep 12:00:00