VeriSign Looks At Earning Money on Domain Typos

Harald Paulsen writes "In a recent article Computer Business Review uncovers how VeriSign Inc is testing a service that would return a webpage if a user mistypes an URL. Basically all nonexistant domain queries could return an IP address and if the user was trying to access a page with a webbrowser they could get redirected to a search-engine, or worse: a page asking them to buy a domain. This is most certainly breaking the DNS standard and could be compared to cybersquatting (Hey Ford, want to have a banner ad whenever someone mistypes Toyota?). This is interesting in relation to an earlier story about register.com and holding-pages."

Typical Verisign/Network Solutions crap...

[LinuxMan]

So not only do they spam us, reserve weird rights [slashdot.org] to our domain names, and cybersquat [slashdot.org], but now they are doing this. It is really too bad there is not some kind of ICANN policy against this type of thing... Then again, ICANN is made up of a bunch of organizations like them anyway, so the whole thing is corrupt.

Code and Other Laws of Cyberspace [amazon.com]

If they wanted to be heroes...

[Atario]

...they'd create a service that sends you to the page you wanted when you mistype the name. Instead, they're out for a fast buck that annoys us. Feh.

Comment removed

[account_deleted]

Comment removed based on user account deletion

URL typo's

[someguy456]

Hasn't that happened already? A while ago, I could've sworn http://www.gogle.com pointed to one of those all-in-one search pages usually in place for dot-com busts.

Statistics on mistyping of "slashdot "

[prakslash]

http://slsahdot.org

Re:You can't cybersquat....

[dhwebb]

The issue is that all unused domains to come to a versign ad basically. What about the other registrars that you could register through. This seems like a mis-use of power.

And people trust Verisign?

[Edgewize]

"Paxfire's Sullivan said his company's service is set up so that only web traffic returns an IP address. Domain queries for non-web applications such as email or FTP are dropped or return error messages, he said."

Bullshit. He's lying or clueless, or both. It's not like DNS requests have a flag saying "I'm sending this query for a web page!" My take? They're lying to hide the side-effects of this blatant violation of internet standards from the general public.

I've said it before

[toddhunter]

and I'll say it again, 'this internet is stuffed'.
Anyone else have the dream whereby us computer people create a new internet and leave this heap of crap behind for corporate and marketing types to die in?
And whilst we are at it, lets do away with the ISP's and telcos so information doesn't cost anything anymore. Surely we can work something out?

This is already done

[Anonymous Coward]

Tell me how this is different from IE giving you a "Domain not found" page when you mistype a URL, complete with microsoft search engine, suggested related domains, and an offer to buy the nonexistant domain name?

I've always hated that, especially because it lets MS log every single incorrect URL typed.

Precedent?

[DarkBlackFox]

If precedent is already set as per online advertising through a competitor (think Gator, where it was deemed legal to show pop-ups of a competing company when visiting certain sites, or sites with certain keywords), how would something like this hold up, where it is the user's fault for mis-spelling the intended domain?

If it's legal to pop up competing websites without consent, then surely it's legal to redirect to a competing website when there is indirect consent (e.g. the user types in the erronous address).

Not that it's a desireable thing, just based on past precedent it seems the direction the legal system is heading.

I just thank my lucky stars I don't get redirected to some obscure/spyware infested search engine when I misspell slashdot- just a simple page informing me I've misspelled it, with a convenient number of how many others are afflicted with the same travesty.

try corn.com

[Anonymous Coward]

see where it went?

Anyone tried variations of Slashdot (.org)?

[R33MSpec]

I've tried a couple of variations like slashdto.org and slashodt.org - seems to go to just the types of pages the article is describing.

more IPs, less domains...

[illumina+us]

With IPv6 on the verge of being implemented, how will this affect domain names? There will be a plethora of IPs but less and less usable domain names to bind to. Unless of course people want to start using stuff like y4h00.com! or 47t4v15t4.com; registering unused domains for comerical purposes is a detriment to the world wide web, and also, forces developing groups to use awkward domain names.

Re:I'm confused

[mobets]

I'd say root them all, then delete all their files, but that might be a little less than legal...

Oh, root _for_ ... *shrug* good luck.

Re:Ugh. No!

[samj]

Good point. A djbdns [cr.yp.to] user myself, I'm not sure how BIND handles wildcards, but presumably the independent roots would have to get behind this for it to work 100%. It wouldn't necessarily matter if they didn't have *all* the roots, but one could argue that the roots should all return the same answer for a given query.

This may be a stupid question..

[SixDimensionalArray]

.. but why would they only forward "misspelled" domain names.. why not EVERY SINGLE combination of letters and numbers that is not being used?? I mean, why not just register a bunch of domain names that might be popular and forward them to advertising pages? That's essentially what they are coming close to doing.

Not to give them any ideas mind you, but it just screams ILLEGAL that they are trying to steal traffic from people's mistakes. That has to have some implications, if not completely violating the notion of standards.

Remember, standards are what made the Internet in the first place, and standards are what keep it ALIVE!

Re:If they wanted to be heroes...

[BiggerIsBetter]

Um, why do it at the DNS level? How about the next version of Mozilla includes a domain name correction? Type ahead does this to some degree, but a dictionary based system should work ok for many sites that aren't in browser history.

Re:Typical Verisign/Network Solutions crap...

[Lehk228]

Want to know a Secret.... The only reason ICANN and Verisign have any control is that people agree to use them as the basis for DNS, anyone who wants to could set up a network of DNS servers with names identical to those that exist on existing DNS servers that point to totally different websites and there would be nothing illegal about that.

Interestingly enough...

[Akardam]

... neither misspelling seems to be actually registered (no WHOIS information), yet both do indeed resolve. Curiously enough, the first resolves to a Sprint netblock (which in turn is subdevided) and the second to a Verio netblock. What's more is they both resolve consistantly over multiple name lookups. Kinda interesting, if this is an unknown wildcard redirect, that different typos would end up different places. Perhaps this is part of the strategy?

Microsoft could do this already

[Krellan]

From the client side, Microsoft is already collecting every mistyped URL and substituting their own search engine!

In MSIE, a hostname that is not found will be sent to Microsoft. A page will be auto-generated, containing links to similar hostnames, and the Microsoft MSN search engine.

Microsoft is already receiving this information. I'm sure that there is a high commercial value in knowing the exact data on which domains are mistyped the most often! I would be surprised if Microsoft doesn't use this information internally, or resell it to the highest bidder.

Since MSIE is 90% of the installed browser base, I would be very surprised if server-side information on mistyped domains (as Verisign is logging) is very different from client-side information. The client-side information might even be more accurate, due to intermediary DNS servers doing caching of negative results!

Does anybody know for sure what Microsoft is doing with their large database of mistyped domains?

Who ordered a sub?

[yerricde]

From the perspective of a DNS server or client, what's the difference between a subdomain and a domain? Isn't "slashdot.org" a subdomain of "org"?

These are subdomains: sub 1 [subway.com] sub 2 [quiznos.com] sub 3 [blimpie.com]

Re:Aren't they already doing this?

[mccready]

I installed ad-aware, and it did find a lot of junk (mostly cookies, but one odd IE extension), but it didn't fix the problem, so I dug a little deeper. Unfortunately, the cause turned out to be even more sinister than spyware: my own stupidity.

Whenever I setup a machine at home, I always set the domain name to home.net (or, in this case, option domain-name "home.net"; in dhcpd.conf) but I forgot to make the local dns server authoritative for the home.net domain. So what happens when windows can't find a host X? It searches again with X.localdom. So ilikekittens.com turns into ilikekittens.com.home.net, which ds1.domainspa.com is happy to tell me is located at 67.96.63.112.

I didn't have the problem under linux because nslookup there will only retry X.localdom if X contains no periods. (and konqueror seems to ignore localdom altogether)

The interesting question is, why is IE totally unable to lookup hosts sans domain name even if no domain name is set on the local machine? If I strip home.net from dhcpd.conf and the dns host list, nslookup on win has no problem telling me tivo is 10.0.0.7, but IE cannot find http://tivo/ui ??

At least I don't have to see that damn search page ever again.

how to defeat this

[wotevah]

I am sure we will find a way to defeat this "improvement". Possible options include (with the caveat that they might find another way to do this):

• Have the browser (or proxy, for unfriendly browsers) pair a "www.domain.com A" lookup with a "domain.com NS" (expecting the NS query to return NXDOMAIN)
• • If the NS query does not fail and returns something, we can check that the domain nameserver's address is NOT owned by a Verisign or affiliated company (using black lists if we must, since this is not the kind of setup that is easy to change). I am expecting them to use a different set of nameservers for this than the roots (because the roots are critical infrastructure and the others are not, and also because these fake nameservers will be a different type of setup, database, management and all), so it should be fairly easy to catch. This might also cause the temporary domain pages to become unreachable, I am sure no one will miss them. I don't know how we would handle people who use redirects with them though.
  • If the NS record looks suspicious (such as if it has the same TTL as the www record, or some other indicator that suggests it has been returned and cached from the previous www.domain.com query) force a direct query to the root servers to make sure. This might cause unnecessary load on them but hey they are asking for it.
  • Variations of the above such as trying to query the SOA and MX records on the domain and check them against the www record.
• Do whois on the domain (slow).
• Do not use Verisign's root servers. The zone files for .com and .net are available. (requires significant resources, but I am sure someone out there, such as larger ISPs will do this)
• Use bayesian filtering on the web pages to make the browser learn of the pages you do not want to see and the ones you do. This can probably work for a lot of other things too. Distribute a pre-taught package that is able to discriminate the verisign and other annoying content. Even better, have proxy modules for squid and the like that can enable the proxy to participate in the filtering.

I'm sure there are a lot more possibilities. Oooh let them try and do this.

Re:Typical Verisign/Network Solutions crap...

[CaptnMArk]

Anyone have a dns->Google: I feel lucky mapper?

Re:Typical Verisign/Network Solutions crap...

[NickFortune]

The problem dosen't lie in them directing me to some cheesy gateway, the problem lies in them directing me to something that looks like what I wanted but isn't. Unless there's a "typo-corrected" flag on the returned DNS entry then I don't see how I can detect the change.

Even if such a flag exists, I'm not sure I trust them to honour it once a scheme like this starts generating revenue for them. They could morph their business from service provider to internet censors overnight. That'd be a popular movce in certain corporate and governmental circles.

Re:Typical Verisign/Network Solutions crap...

[Anonymous Coward]

If a typo directly leads to a competitor's server, the trademark law issues are obvious. I think I can hear the corks pop in law firms everywhere. It would effectively be identical to someone exhaustively registering the codespace around other domains (aka cybersquatting extreme) at a discount. The one thing which has been tried (redirecting to a search engine) is detectable, the other way unleashes the lawyers.

DNS Wars

[querencia]

Can't any name server do this?

For example, couldn't my ISP return its web page instead of a broken link (since my nameserver is assigned to theirs via DHCP)?

Maybe this is good --- maybe we will choose our nameserver based on who does the most useful thing with mistypes. For example, I'll bet Google could do something very useful with a mistype, and figure out a way to make money without pissing me off.

Of course, if Verisign is returning bogus entries, a nameserver has an additional, but mostly trivial (probably as simple as IP address filtering), job of filtering BS Verisign links to identify mistyped urls.