Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Cameroon Typo-Squats all of .com

Posted by ScuttleMonkey on Mon Aug 07, 2006 12:39 AM
from the can't-fault-them-for-the-idea dept.
The Internet Networking
wayne writes "As reported on CircleID, the nation of Cameroon, which controls the .cm top level domain, has typo-squatted all of the .com domain space. They have placed a wildcard DNS record to redirect all traffic to an ad-based search page. Unlike the earlier case of Verisign putting a wildcard in the real .com domain, ICANN has very little direct control over what a nation can do with their own TLD. Will the owners of .co and .om follow?"
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Cameroon Typo-Squats all of .com 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Smart move. (Score:5, Funny)

    by Duncan3 (10537) on Monday August 07 2006, @12:42AM (#15857572) Homepage
    That should double their GDP!
    • At least it will pay for the upkeep of a DNS root server that mostly had traffic asking for non existing sites.

    • Re:Smart move. (Score:4, Informative)

      by fm6 (162816) on Monday August 07 2006, @11:11AM (#15859428) Homepage Journal
      Very cute. Actually, Cameroon is an oil exporter, with an effective GDP of $40 billion. Of course, very little of this wealth has trickled down to the masses, but the country as a whole is hardly poor.

      • Re:Smart move. (Score:5, Informative)

        by Pantero Blanco (792776) on Monday August 07 2006, @01:02AM (#15857625)
        It's too bad that none of that is likely to trickle down.

        From what I understand, the government there controls (well, attempts to) the broadcast channels pretty damn strictly, and voicing an opposition political opinion is generally called "libel" and involves jail time. Hoarding the TLD isn't a surprising move for them.

        • Re:Smart move. (Score:5, Insightful)

          by CarpetShark (865376) on Monday August 07 2006, @07:08AM (#15858193)
          That's a horribly uncivilised way for a government to act. Next thing you know, they'll be using propaganda to control citizens, taking bribes from big companies, and scaring people into doing what they want, with nasty words and phrases like "terrorist cells", "weapons of mass destruction" and "axis of evil" ;)

          • Re:Smart move. (Score:5, Insightful)

            by ultranova (717540) on Monday August 07 2006, @07:37AM (#15858267)

            Then we'd be right at home then. It's not hard to change "libel" to "trator". From reading a little about Cameroon, their government is as accountable as our own. Of course, we should just assume they are evil incarnate as they aren't white anglo-saxon Christians.

            No, we should instead assume that they can do no wrong because they aren't anglo-saxon Christians.

            The idea, implied in your post, that all anglo-saxon Christians are racists against all other people is racist in itself. But of course that is okay, since it is fashinable to bash anglo-saxon Christians right now, just as it was once fashionable to bash negros, judes, redskins, gooks, insert deragatory racial group term of your choice here.

            After all, no one who isn't anglo-saxon Christian couldn't possibly do anything to deserve criticism. It's all just a plot of White Supremacists, fighting for control with the Elders of Zion and the Freemasons. Right ?

            And for the record: I know nothing about Cameroon, besides a quick Wikipedia lookup, and can't say whether their government is dictatorial or not. I am simply commenting on your idiotic, racist assumption that any criticism is motivated by racism.

            • Re:Smart move. (Score:5, Insightful)

              by Itchy Rich (818896) on Monday August 07 2006, @06:51AM (#15858142)

              I agree, although by using terms like "good guys" and "god-forsaken" you're in danger of being as irrational and downright inaccurate as the post you reply to.

      • Re:Smart move. (Score:5, Funny)

        by MECC (8478) * on Monday August 07 2006, @07:13AM (#15858200)
        pple who cant tyhp shoulndyt be ushing the inpternet anwywya

  • The fix is easy (Score:4, Insightful)

    by narfbot (515956) on Monday August 07 2006, @12:43AM (#15857576)
    Just for any address I will never want to visit, you can just block it. For example, I never will visit ad.doubleclick.net. I have very little reason to visit Cameroon. I will just block all of .cm if the resulting site is annoying.
      • Wouldn't a better solution be to redirect *.om and *.cm to the .com equivalent? or maybe display a page that has a giant link to the correct address... I'm not geek enough to know how to do this, but I assume somone with adequate knowledge of proxies and scripts would be able to suggest something... *hint hint*
        • You could, but why bother? It's a typo anyway.

        • Re:The fix is easy (Score:4, Insightful)

          by Itchy Rich (818896) on Monday August 07 2006, @07:04AM (#15858183)

          Wouldn't a better solution be to redirect *.om and *.cm to the .com equivalent?

          What happens if the typo wasn't in the TLD? They'll then get redirected to a site they didn't ask for instead of recieving a more appropriate "Not Found" message. What happens to systems that rely on DNS returning those "not found" messages? There's also the question of US-bias. There are other TLDs that could be mistyped to produce the ones mentioned. If you want your typos to be automatically translated into what the system thinks you *might* have meant then that should happen at the application level (i.e. your web browser) so that users have a choice. It shouldn't be built into DNS.

  • www.gkj.cm (Score:5, Funny)

    by tsa (15680) on Monday August 07 2006, @12:51AM (#15857597) Homepage
    I tried it, it works! I must say it's a real clever idea. I want a country too!

  • What's next? (Score:5, Funny)

    by macserv (701681) on Monday August 07 2006, @12:59AM (#15857613)
    I'm sure the government of Vomania will benefit highly from my URL mistakes.

  • Not an issue. (Score:3, Insightful)

    by natrius (642724) <niran.niran@org> on Monday August 07 2006, @01:00AM (#15857619) Homepage
    As long as the money made from this is going to the goverment of Cameroon and not some registrar, why is this an issue? The .cm ccTLD belongs to Cameroon. Why can't they decide what they want to do with it?

    • Re:Not an issue. (Score:5, Interesting)

      by Maestro4k (707634) on Monday August 07 2006, @01:11AM (#15857643) Journal
      As long as the money made from this is going to the goverment of Cameroon and not some registrar, why is this an issue? The .cm ccTLD belongs to Cameroon. Why can't they decide what they want to do with it?

      Same reasons that Verisign's wildcard service was decried, among other things this will cause every name.cm to resolve so it's going to at least screw with some spam blocking methods. If other countries follow suit then it gets even messier.

      You're right that it belongs to them but there is such a thing as playing nicely. Also it's a bit of a spammy trick, so it's already making me associate Cameroon with spammers and their ilk. Was that their intention? Will they be happy with that? If you lived in Cameroon would you like the fact that your government (since the government assigns who runs the ccTLD) is making your country look like that?

      • Re:Not an issue. (Score:5, Informative)

        by KiloByte (825081) on Monday August 07 2006, @04:24AM (#15857938)
        Same reasons that Verisign's wildcard service was decried...
        And, fortunately, the fix is exactly the same: Here's the default named.conf:

        // From the release notes:
        // Because many of our users are uncomfortable receiving undelegated answers
        // from root or top level domains, other than a few for whom that behaviour
        // has been trusted and expected for quite some length of time, we have now
        // introduced the "root-delegations-only" feature which applies delegation-only
        // logic to all top level domains, and to the root domain. An exception list
        // should be specified, including "MUSEUM" and "DE", and any other top level
        // domains from whom undelegated responses are expected and trusted.
        // root-delegation-only exclude { "DE"; "MUSEUM"; };

        So, this option will preemptively avoid all jerkwads like Verisign and Cameroon. The only question is, why this isn't enabled by default.

    • Re:Not an issue. (Score:5, Interesting)

      by Pantero Blanco (792776) on Monday August 07 2006, @01:35AM (#15857705)
      Because the government of Cameroon is not Cameroon.

      This isn't just an attempt to grab cash; that's a side effect. This is to hamper the ability of opposition parties to use the Internet as a voice. The government in Cameroon controls the TV stations, radio stations, and newspapers tightly; they don't want the Internet to be any different.

      • Re:(Still) Not an issue. (Score:4, Interesting)

        by icepick72 (834363) on Monday August 07 2006, @07:32AM (#15858252)
        Because the government of Cameroon is not Cameroon.
        That can be said about any country, anywhere, about the people and the government.


        This isn't just an attempt to grab cash; that's a side effect. This is to hamper the ability of opposition parties to use the Internet as a voice.
        Then they will have to find another voice. The masses aren't stupid. If they are being owned by a government, they know it, and if they don't like it they will do something sooner or later. BTW, some people don't mind being under a military or controlling government. It's not what everybody is accustomed to, but there are many ways to rule on the face of this earth.


        The government in Cameroon controls the TV stations, radio stations, and newspapers tightly; they don't want the Internet to be any different.
        Then practically speaking why should the Internet be any different? It makes sense in the context of that country.


        I can see no good reasons in this discussion why Cameroon (the government) cannot do what they want with their domain name. The exceptions are: we don't like typo-squatting, or we don't like the government. The government is representing the people whether outsiders agree with it or not, and even if the people being represented don't agree. Everybody else in the world is too opinionated about what other countries should do, whether it be a different ruling style or something as small as a domain name suffix. We don't like being told what we should do with our country's domain name suffix, so why should we care what another country (yes the government, not the people) does with theirs?
        (Actually, I expect to get many good reasons back about the history and politics and Cameroon and the people because I only know what I've read in the news and wiki -- I've never studied the country in depth.)
        Everybody who surfs the Internet has no doubt experienced a typo and a typo-squatter. People will correct the spelling and move on. The generic Cameroon page looks like any other page full of advertisements on the Internet. Nobody is going to think it's the actual destination they want to surf to.

  • If you think about it (Score:5, Funny)

    by Koragnar (780289) on Monday August 07 2006, @01:05AM (#15857632)
    .com is typo-squatting all the .cm sites for people who suck miserably at typing.

  • This story is complete bullshit (Score:4, Interesting)

    by njdj (458173) on Monday August 07 2006, @01:16AM (#15857657)

    Cameroon is not typo-squatting anything. If you type in a domain name ending in .cm that hasn't been specifically assigned to someone, you get a fairly innocuous default page with links to ads. So what?

    • Cameroon is not typo-squatting anything. If you type in a domain name ending in .cm that hasn't been specifically assigned to someone, you get a fairly innocuous default page with links to ads. So what?

      The "so what" is that when you try to go to a non-existent domain, you should get a name resolution failure. That way, you know that you have an error. The screws that up.

    • Cameroon is not typo-squatting anything. If you type in a domain name ending in .cm that hasn't been specifically assigned to someone, you get a fairly innocuous default page with links to ads. So what?

      So that's exactly what typosquatting is. What do you think it is?

      • The definition of typo-squatting (Score:5, Insightful)

        by DrYak (748999) on Monday August 07 2006, @04:56AM (#15857985) Homepage
        - Typo squatting is *registering* a specific typo. Like trying to get www.gooogle.com and www.gogle.com assigned to your own ad-page (it won't work actually, google have though of it first. But you get the idea). Typo-Squatters buys specific name and puts his page there.
        Original customer un-happy because someone else has bought the typo-name and he can't have it (he can do what google did and buy typo names, because typos are registered to someone else).

        - This case is using wild-cards to divert *UN-registered* domain names. One types something with .CM at the end. If genuine website exists, website is displayed. If website doesn't exist, instead of error message, you got sent to an search engine.
        Original user doesn't mind anything, because if he wants he can still buy the typo name : the typo-name is free to buy, only NON-assigned names are diverted to search site.
        The one who is pissed of is the IT-guy, because everything breaks because TLD aren't suposed to work that way, TLD are supposed to give error messages for non-existing domain (and this can break an algorithme that was supposed to detect bogus URLs. URLs aren't invalid any more, they always point to something now !).

        So the both aren't exactly the same.

        The official rationnal behind wildcarding is that people make typo.
        One solution is to buy all possible typo name, but this can be quite expensive and cumbersome, because you have to guess all typos and you may have a lot to buy.
        The other solution would be to harness the power of a search engine (and even better if the engine supports spelling suggestions like Google) and help the user find what they really wanted.
        This is not unlike what the infamouse Microsoft Explorer "simplified error message" whitch gave you the opportunity to search the name on msn's search engine, and somewhat related to a side effect of the "search engine keywords from the URL bar" function of FireFox.
        But the main difference is that those two are users choices, where as in .cm's case it's a governement forcing it.

        The real rationnal behind is that the Cameroune governement can make huge amounts of money from an ad-supported search engine, and even more money when some big company realise that there are a few more typo that they can buy a few more typo domains (only the non-existing domain are search diverted. The typo are still available to buy !).
        Even if the wildcarding gets forbiden and/or blocked, it will have attracted enough publicity around this few more typos to buy (and the side effect to also attract attention to other TLD that the big companies may have missed, like .OM (oman) and .CO (colombia) ) more money to come from domain name selling !
        (Let's hope that at least part of this money will go to the poeple and not only to the pocket of a few highly placed guys :-/ )

        Sadly, because in this case the people that are pissed off aren't the one with the money (big company will be happy to buy more typo domain, unlike what happens with real cases of typo-squatting) but are the average users (who except tld to issues error for non existing domains), we probably won't see any massive action against Cameroune.

        Unless they suddenly happen to discover huge underground petroleum reserves. Then except to see Bush leading a god-inspired holy war to liberate all the poor American-.COM domains squatted by vilain .CMs, and be ready to accept those evil "Typo-Squatters" as a new entry in the list of subject used to scare people, next to "Terrorist", "Pirate", "Pronographer" and "Communist (now defunct)" and other un-american freedom haters.

    • You are missing the point. The issue isn't people who want to go to aaa.cm accidently typing aab.cm, it's people wanting to go to aaa.com and forgetting the 'o'.

      • Re:This story is complete bullshit (Score:4, Insightful)

        by njdj (458173) on Monday August 07 2006, @02:14AM (#15857789)

        The issue isn't people who want to go to aaa.cm accidently typing aab.cm, it's people wanting to go to aaa.com and forgetting the 'o'.

        I think you are missing the point. The owner of, say, neimanmarcus.com would be a victim of typosquatting if someone else took the domain name niemanmarcus.com, because someone typing in the latter spelling would really be deceived if it went to the wrong page. He could look carefully at what he typed and think, "yes, niemanmarcus.com, that's right." But if you type neimanmarcus.cm, the mistake is obvious when you look again.

        When trying to allow for users' mistakes, at some point you have to draw a line. Beyond a certain point, the user has to take responsibility to type what he or she means. For example, philips.com [philips.com] and phillips.com [phillips.com] are different domains. Neither is typosquatting; the user has to get it right. Top-level country domains are a much clearer case than that.

  • From some dude's blog that was linked to TFA:

    The lesson here is that something is fundamentally screwed up in the domain world when one server manager in Cameroon can enable this much confusion. But I still can't figure out what the right solution is.
    (from here: http://weblog.johnlevine.com/ICANN/cameroon.html?s eemore=y [johnlevine.com])

    ... is to require that US based sites use a US-specific country suffix, just like the rest of the internet.

    I.e., migrate all of .com, .net, etc to .com.us, .net.us (or whatever).

    That way, typoing the .com or .net suffix won't take you to a different country unintentionally :D

    Sure, the internet was originally created in the US, but it's bigger than that now, and having one country that just doesn't use country suffixes is non-standard. :)

    Of course, typo-ing the country suffix will still either not work, or take you to a different country, but what can you do...

    As a side-effect, this would no doubt deter other country's businesses etc from simply registering .com, .org or .net domains because the domain rego is cheaper and it's "country-ambiguous"... (yes, I own .net and .org domains and i'm in australia. if it was going to have to be .com.us or whateever, I probably wouldn't be using up your precious US namespace :D)

    • why do we even have "country" codes? isn't the whole point of the internet to connect the world? where does politcal and geographic lines come into play here? cnn.com and cnn.co.uk should be the same site with different localization options available for users.

    • Re:correct solution (that will never fly)... (Score:4, Interesting)

      by khallow (566160) on Monday August 07 2006, @02:22AM (#15857805)

      The problem is that .com isn't just US companies. And having domains by country isn't that useful. Given that you use .net and .org domains and aren't US-based, I'd have thought you'd understand this.

      I gather that the Cameron business is pretty serious. My take is that if all else fails, *.cm addresses can simply be blocked at the root DNS level till the .cm admins comply by removing the wildcard DNS entry.

  • How long until... (Score:4, Funny)

    by FlyByPC (841016) on Monday August 07 2006, @01:21AM (#15857669) Homepage
    ...the Nigerian scammers get wind of this, and move? I mean, it's right next door!

  • Ctrl+Enter (Score:3, Informative)

    by IceCreamGuy (904648) on Monday August 07 2006, @01:31AM (#15857694) Homepage
    I seriously don't think I've actually typed out "www." or ".com" in at least 4 years. Just type website then Ctrl+Enter and Firefox and IE add it for you. I don't think Safari, Nautilus, or Konqueror do it by default but I might be wrong. But if you're using Firefox, it's so much easier. There's also Shift+Enter for ".net" and Ctrl+Shift+Enter for ".org".

  • who cares (Score:5, Insightful)

    by no-body (127863) on Monday August 07 2006, @01:31AM (#15857695)
    There are so many missdirects on search results anyway, if it's not the right one, just delete the browser tab and move on.

  • Once upon a time... (Score:5, Insightful)

    by rmckeethen (130580) on Monday August 07 2006, @02:03AM (#15857766) Homepage

    I might have cared passionately about something like this. Now, I have more faith -- the Internet tends to route around folks with bad manners. This isn't the first time someone's come up with a grandiose plan to corner the market on user error and I doubt it will be the last. If Cameroon pisses off or annoys enough people with a stunt like this, I suspect someone, somewhere will do something about it. At the moment, there's not much more I can do than whine and complain, and I just don't see that it serves a useful purpose to do so.

    If any one of the geniuses who dreamed up this little scheme happens to read this message, than I've got just one thing to say to them -- good luck. Maybe it will work out for you... and than again, maybe it won't. Regardless, if you could tell those Nigerian bankers to stop sending me letters asking for my help with fraudulent transactions, I'd surely appreciate it.

  • More concerned with domain name squatting (Score:3, Interesting)

    by Adrian Lopez (2615) on Monday August 07 2006, @02:04AM (#15857767) Homepage
    Considering it's only the .cm domain that's being polluted, this problem doesn't really bother me that much. On the other hand, the mass registration of domain names under the .com TLD for the purposes of advertising or resale is a much more significant problem. Most of the domain names I've tried to register have already been registered for such purposes. I'd rather see that situation fixed than the .cm typosquatting issue.

  • Ah... time to crontab wget again (Score:5, Funny)

    by MrPerfekt (414248) on Monday August 07 2006, @02:19AM (#15857802) Homepage Journal
    Once every 5 minutes I think I'll be hitting www.youcontributenothingtotheinternet.cm!

  • Company behind it (Score:5, Informative)

    by rf0 (159958) <rghf@fsck.me.uk> on Monday August 07 2006, @02:22AM (#15857804) Homepage
    Looking at this is appears that a company called "NameView Inc" is supplying the ads from the IP block 72.51.27.0 - 72.51.27.255 http://www.nameview.com/ [nameview.com]

    Prehaps calling them on +1 (309) 424-5497 might help to say what a bad idea this is or we can just block the IP range (which is now what I'm going to do)

  • BIND has a quick fix for this (Score:5, Informative)

    by sa3 (628661) on Monday August 07 2006, @02:49AM (#15857840)
    ;; QUESTION SECTION:
    ;google.cm. IN A
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6369
    ;; ANSWER SECTION:
    google.cm. 518 IN A 72.51.27.58
    zone "cm" IN { type delegation-only; };
    ;; QUESTION SECTION:
    ;google.cm. IN A
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12264

  • WWW/HTML is a minor problem (Score:5, Interesting)

    by Bjarne Bula (11937) on Monday August 07 2006, @07:09AM (#15858195)
    While possibly the most visible effect, landing on a page full of ads when you wanted www.cnn.com is the least of your problems.

    Remember, this is DNS, so this will affect not only your web browser, but all your Internet applications.

    So, guess what happens if you try to send a mail to friend@gmail.cm? Yup, it also gets the Cameroon treatment:
    $ telnet gmail.cm smtp
    Trying 72.51.27.58...
    Connected to gmail.cm (72.51.27.58).
    Escape character is '^]'.
    220 blackhole.gdei.com
    Even though the server currently will bounce your mail with a 550 Domain does not exist, they now have your email address and, with a quick typo-fix, that of your friend.

    Hey! Guess what country is next door to Cameroon? Yup, Nigeria. Now, who in Nigeria might want a fresh source of email addresses...? [419eater.com]

    And who is to say they bounce all mails? Or will continue to?

    • Bad Article Title - Bad Summary Title (Score:4, Informative)

      by pjotrb123 (685993) on Monday August 07 2006, @04:46AM (#15857968)
      They did NOT typo-squat "all of .com".
      They typo-squatted "all of .cm".

      Quite a difference, if you ask me.
      Unless you are a sensationalist, of course.

      • Re:Bad Article Title - Bad Summary Title (Score:5, Insightful)

        by j-turkey (187775) on Monday August 07 2006, @01:33PM (#15860387) Homepage
        Quite a difference, if you ask me. Unless you are a sensationalist, of course.

        If one were to register micosoft.com, mirosoft.com, and mcrosoft.com, that would be typo-squatting on Microsoft.com, no?

        In adding a redirect for .cm, with a wildcard redirect for all nonregistered entries, it seems that Cameroon is typo squatting on a TLD. It's the same idea as the Verisign deal, it's just that this one is doing it on a tld that could easily be a typo for .com. Why could this not be classified as being both a Sitefinder-type redirect, and a TLD typo squat?

        It seems to me that rather than being bullshit, the headline is getting to the meat of the story.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.