Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Internet Businesses

VeriSign Looks At Earning Money on Domain Typos 288

Harald Paulsen writes "In a recent article Computer Business Review uncovers how VeriSign Inc is testing a service that would return a webpage if a user mistypes an URL. Basically all nonexistant domain queries could return an IP address and if the user was trying to access a page with a webbrowser they could get redirected to a search-engine, or worse: a page asking them to buy a domain. This is most certainly breaking the DNS standard and could be compared to cybersquatting (Hey Ford, want to have a banner ad whenever someone mistypes Toyota?). This is interesting in relation to an earlier story about register.com and holding-pages."
This discussion has been archived. No new comments can be posted.

VeriSign Looks At Earning Money on Domain Typos

Comments Filter:
  • by LinuxMan ( 3590 ) on Thursday September 11, 2003 @09:49PM (#6939138)
    So not only do they spam us, reserve weird rights [slashdot.org] to our domain names, and cybersquat [slashdot.org], but now they are doing this. It is really too bad there is not some kind of ICANN policy against this type of thing... Then again, ICANN is made up of a bunch of organizations like them anyway, so the whole thing is corrupt.

    Code and Other Laws of Cyberspace [amazon.com]
    • by Lehk228 ( 705449 ) on Thursday September 11, 2003 @11:03PM (#6939605) Journal
      Want to know a Secret.... The only reason ICANN and Verisign have any control is that people agree to use them as the basis for DNS, anyone who wants to could set up a network of DNS servers with names identical to those that exist on existing DNS servers that point to totally different websites and there would be nothing illegal about that.
      • Anyone have a dns->Google: I feel lucky mapper?
    • All your domains are belong to us!
  • by YahoKa ( 577942 ) on Thursday September 11, 2003 @09:51PM (#6939160)
    This is also done when .org, .net, .com, .ca, etc. are confused. For example, Gnome [gnome.com] and Gnome [gnome.org]
  • by JayBlalock ( 635935 ) on Thursday September 11, 2003 @09:51PM (#6939164)
    VeriSign is evil... Microsoft is evil... AOL is evil... WHO DO I ROOT FOR? I don't know what to say... Um... um... Uh, San Dimas Open Source ROCKS!
    • by SHEENmaster ( 581283 ) <travis&utk,edu> on Thursday September 11, 2003 @10:06PM (#6939280) Homepage Journal
      Root for companies that no one has heard of; it makes you sound cool.

      (San Dimas Operations...)
    • Re:I'm confused (Score:3, Informative)

      by MegaFur ( 79453 )

      Corporations* are always evil to some degree or another. (Yes, that includes you, IBM--and you too, Redhat (et. al.).) Your mistake was in seeing things as a contest in which you root for some team to win. They're all evil. The only way that we win is to have the really, really evil ones take each other out (if we're very lucky), and try to somehow prevent the other ones from becoming as bad as the most evil ones. It pays to be cynical.

      * echo Corporations | sed -e s/pora/rup/ and you will see why.

      Oh

      • by saden1 ( 581102 ) on Thursday September 11, 2003 @11:22PM (#6939681)
        Since one is corporate business a sport? I root for the Redskins, I don't root for IBM. Yes, I know professional sports is business, but until I see the IBM executives physically duke it out with SCO executives I ain't rooting for anyone.
  • by Atario ( 673917 ) on Thursday September 11, 2003 @09:51PM (#6939165) Homepage
    ...they'd create a service that sends you to the page you wanted when you mistype the name. Instead, they're out for a fast buck that annoys us. Feh.
    • by weston ( 16146 ) <(westonsd) (at) (canncentral.org)> on Thursday September 11, 2003 @10:06PM (#6939276) Homepage
      And the funny thing is, they could probably even make some money off of that. Large companies like Toyota and Merill Lynch probably could afford it and would pay for the right to have users taken directly to them. Additionally, Verisign could have a service that guesses close domains built in, giving suggestions to a misguided user while serving a banner ad or two -- or heck, just says "Another service of Verisign".

      But that's the problem with modern business thinkers. It's not about providing a service and seeing if you can get paid for it. It's about controlling channels and leveraging that control.

      Seriously, I don't even suggest for a moment to anyone I know that they consider using Verisign for anything. They're the antitheses of trust.
  • Comment removed (Score:4, Interesting)

    by account_deleted ( 4530225 ) * on Thursday September 11, 2003 @09:52PM (#6939166)
    Comment removed based on user account deletion
  • URL typo's (Score:3, Interesting)

    by someguy456 ( 607900 ) <someguy456@phreaker.net> on Thursday September 11, 2003 @09:52PM (#6939167) Homepage Journal
    Hasn't that happened already? A while ago, I could've sworn http://www.gogle.com pointed to one of those all-in-one search pages usually in place for dot-com busts.
  • by prakslash ( 681585 ) on Thursday September 11, 2003 @09:52PM (#6939173)
    http://slsahdot.org
  • It is an abuse (Score:5, Insightful)

    by mindstrm ( 20013 ) on Thursday September 11, 2003 @09:52PM (#6939174)
    of a position of trust.

    They should maintain the registry from a technical perspective, period.

  • by yanestra ( 526590 ) * on Thursday September 11, 2003 @09:54PM (#6939188) Journal
    Hm, how much would it be to make Versisign redirect typos of volkswagen.com on my porn site?
  • by Edgewize ( 262271 ) on Thursday September 11, 2003 @09:54PM (#6939195)
    "Paxfire's Sullivan said his company's service is set up so that only web traffic returns an IP address. Domain queries for non-web applications such as email or FTP are dropped or return error messages, he said."

    Bullshit. He's lying or clueless, or both. It's not like DNS requests have a flag saying "I'm sending this query for a web page!" My take? They're lying to hide the side-effects of this blatant violation of internet standards from the general public.
    • by Chmarr ( 18662 ) on Thursday September 11, 2003 @09:57PM (#6939216)
      IT could very well be that they're saying that queries for www.sometyponame.com will return an IP address, but sometyponame.com will return a negative result.
      • by gregmac ( 629064 ) on Thursday September 11, 2003 @11:59PM (#6939859) Homepage
        IT could very well be that they're saying that queries for www.sometyponame.com will return an IP address, but sometyponame.com will return a negative result.

        That's another misuse of standards though. The "www" prefix is just a 'common' way of setting up websites. It's not required. It's no different from any other zone, for that matter.

        If Verisign is going to only do these for 'www.' prefixed records, it may be a bit less of a problem, but it's still a problem. Among the things I can think up off the top of my head (I'm sure other people have mentioned these, and there are many more)

        • Proxies would be caching extra data
        • Web applications (or non-web) that validate user input by checking for existance of a domain are going to break
        • For sites that don't have a www prefix, it could confuse users, since they'll see a (different) browser specific error message.
        • Obviously, lockin to a certain vendor - suddenly verisign decides who you use for searches, and what happens when you make a typo, instead of your browser settings.
        this is just YASTAPTDE (yet another solution to a problem that doesn't exist)
      • VeriSign handles second-level domains. You would ask VeriSign for the nameserver for whatever.com, then ask that server for www.whatever.com. The only way Verizon could do what they claim would be by falsely claiming that whatever.com exists.
        • Er... "Verizon" should have been "VeriSign" there. Silly me, confusing two dishonest companies that changed their names to start with "Veri" so people would trust them again.
    • by The Monster ( 227884 ) on Thursday September 11, 2003 @10:13PM (#6939340) Homepage
      Exactly. If I try to ping mispel.com, it should give me a DNS error, not create such an IP address out of whole cloth. Beware the temptation to make the Internet a 'smart' network. It works because DNS doesn't know about such things as web browsing. The ONLY place to address this is at the application level. I should be able to configure my browser to go google for the right spelling.

      Oh, I already DID configure it to do that. So I don't need this alleged 'service', thankyouverymuch.

  • I've said it before (Score:4, Interesting)

    by toddhunter ( 659837 ) on Thursday September 11, 2003 @09:55PM (#6939199)
    and I'll say it again, 'this internet is stuffed'.
    Anyone else have the dream whereby us computer people create a new internet and leave this heap of crap behind for corporate and marketing types to die in?
    And whilst we are at it, lets do away with the ISP's and telcos so information doesn't cost anything anymore. Surely we can work something out?
    • Dream? We're already here! You're missing out! Come on over, we'll take care of you. You don't have to worry about all that rubbish anymore. There's no government, no laws, and food and clothing? It grows, it always grows. Just be sure not to go out on your own after dark, and sleep in large groups.

      Weena! Don't touch that nice man's machine!
    • You're going to hear freenet so much, probably won't notice me. But I'm building an actual IPv4/IPv6 network, not some hyped up p2p on steroids.

      Networking geeks build networks at layer 2-4, not layer 7 like some of the other crap out there.
  • This is already done (Score:5, Interesting)

    by Anonymous Coward on Thursday September 11, 2003 @09:55PM (#6939202)
    Tell me how this is different from IE giving you a "Domain not found" page when you mistype a URL, complete with microsoft search engine, suggested related domains, and an offer to buy the nonexistant domain name?

    I've always hated that, especially because it lets MS log every single incorrect URL typed.

  • Precedent? (Score:5, Interesting)

    by DarkBlackFox ( 643814 ) on Thursday September 11, 2003 @09:55PM (#6939203)
    If precedent is already set as per online advertising through a competitor (think Gator, where it was deemed legal to show pop-ups of a competing company when visiting certain sites, or sites with certain keywords), how would something like this hold up, where it is the user's fault for mis-spelling the intended domain?

    If it's legal to pop up competing websites without consent, then surely it's legal to redirect to a competing website when there is indirect consent (e.g. the user types in the erronous address).

    Not that it's a desireable thing, just based on past precedent it seems the direction the legal system is heading.

    I just thank my lucky stars I don't get redirected to some obscure/spyware infested search engine when I misspell slashdot- just a simple page informing me I've misspelled it, with a convenient number of how many others are afflicted with the same travesty.
  • by R33MSpec ( 631206 ) * on Thursday September 11, 2003 @10:00PM (#6939237) Homepage
    I've tried a couple of variations like slashdto.org and slashodt.org - seems to go to just the types of pages the article is describing.
    • by Akardam ( 186995 ) on Thursday September 11, 2003 @11:10PM (#6939640)
      ... neither misspelling seems to be actually registered (no WHOIS information), yet both do indeed resolve. Curiously enough, the first resolves to a Sprint netblock (which in turn is subdevided) and the second to a Verio netblock. What's more is they both resolve consistantly over multiple name lookups. Kinda interesting, if this is an unknown wildcard redirect, that different typos would end up different places. Perhaps this is part of the strategy?
      • What are you talking about? There's nothing magical going on. Both are registered:

        Registrant:
        Alvaro Collazo (SLASHODT-ORG-DOM)
        Manuel Oribe 2028
        Tarariras, Colonia 70000
        R.O.U.
        +1.7029778198
        info@alvarocollazo. c om

        Domain Name: SLASHODT.ORG

        Administrative Contact:
        Alvaro Collazo info@alvarocollazo.com
        Manuel Oribe 2028
        Tarariras, Colonia 70000
        R.O.U.

        Technical Contact, Zone Contact:
        Alvaro Collazo info@alvarocollazo.com
        Manuel Oribe 2028
        Tarariras, Colonia 70000
        R.O.U.

        Record last updated on 23-Jul-2003.
        Record expire
      • Are you sure you're doing the WHOIS query correctly? The .org domains no longer use the same database any more.

        $ whois -h whois.directnic.com slashdto.org

        ...
        Registrant:
        Joaquin Navarro
        Plaza Lizana 6
        Huesca, Huesca 45000
        ES
        0034963527520


        Domain Name: SLASHDTO.ORG
        ...

  • by Bloodmoon1 ( 604793 ) <be.hyperion@NoSpam.gmail.com> on Thursday September 11, 2003 @10:01PM (#6939242) Homepage Journal
    From the same company that not all to long ago tried a scam [slashdot.org] to steal away domain names from their initial registrars, and is now being sued class-action style [soundtrax.net] and being investigated by the FTC [internet.com]?
  • by illumina+us ( 615188 ) on Thursday September 11, 2003 @10:02PM (#6939247) Homepage
    With IPv6 on the verge of being implemented, how will this affect domain names? There will be a plethora of IPs but less and less usable domain names to bind to. Unless of course people want to start using stuff like y4h00.com! or 47t4v15t4.com; registering unused domains for comerical purposes is a detriment to the world wide web, and also, forces developing groups to use awkward domain names.
  • If they did it for simple mistypes, fine, I can deal with that. But if they non existant domains, it makes network testing a hell of a lot harder. For example, say im connecting to an IRC network thats having DNS problems, I dont want it trying to connect to verisigns webservers. And why let one company have a monopoly on that anyway even if it was going ahead, yea sure the .cx and .tk TLD's have crap like that, but not for .com please
  • by Anonymous Coward on Thursday September 11, 2003 @10:09PM (#6939301)
    AT&T did this for a while with all unrecognized DNS queries on their cable modem service, about a year ago. You got some junky portal.
  • by LoneIguana ( 681297 ) on Thursday September 11, 2003 @10:12PM (#6939329)
    You all should stop complaining it's obvious versign is trying to _help_ you: "Like many registries, we're continually exploring ideas on how to enhance the user experience,"
  • They're geniuses! (Score:5, Insightful)

    by cookd ( 72933 ) <douglascook@NOSpam.juno.com> on Thursday September 11, 2003 @10:14PM (#6939341) Journal
    I can't think of a better way to exponentially increase the number of domains registered. Currently, FooBar company knows that nobody has registered any typo names, and that if anybody does, they can probably get rid of the type names through a lawsuit. Therefore, FooBar registers only foobar.com.

    If this takes effect, the story changes. FooBar knows that if any customer makes a typo, Verisign will get to show an ad for Widget.com. The only way to make this go away is to register all of the possible typo names. So FooBar registers every single possible domain name that could possibly be considered close to FooBar. Bad for FooBar. Bad for anybody who wants a domain name (now they will ALL be taken), but good for Verisign.
  • Ugh. No! (Score:5, Insightful)

    by Geekenstein ( 199041 ) on Thursday September 11, 2003 @10:17PM (#6939357)
    You know, this is just going to place a good bit more load on everyone's nameserver, not just the roots. Every request that used to be discarded from NS caches because it didn't exist will now be cached normally as a "good" request. 10-12% more data load might not be much for small DNS uses, but for companies like AOHell and other large ISPs, VeriSign is just screwing them over.

    On another note, this would have to be some form of nameserver hack, not a root file hack(correct me if I'm wrong). But not all of the root servers are controlled by Verisign. Are those independant roots going to go along with this? Why should they?
    • Re:Ugh. No! (Score:2, Interesting)

      by samj ( 115984 ) *
      Good point. A djbdns [cr.yp.to] user myself, I'm not sure how BIND handles wildcards, but presumably the independent roots would have to get behind this for it to work 100%. It wouldn't necessarily matter if they didn't have *all* the roots, but one could argue that the roots should all return the same answer for a given query.
    • This also paves the way for a new kind of denial of service attack, perpetrated by a dictionary "attack" on DNS servers with the intent of flooding resolver caches with garbage.
    • On another note, this would have to be some form of nameserver hack, not a root file hack(correct me if I'm wrong). But not all of the root servers are controlled by Verisign.

      This wouldn't be done on the root name servers. This would be done on the .com and .net name servers, i.e. gtld-servers.net, all of which VeriSign controls.
  • I made a typo of Yahoo sometime ago, and it worked:
    http://www.yahooo.com [yahooo.com]
  • by release7 ( 545012 ) on Thursday September 11, 2003 @10:18PM (#6939362) Homepage Journal
    R-r-r-r-regulation! Jesus, when are we going to wake out of the ideological stupor that holds that there's no place for government in a utopia? Despite what your Republican and Libertarian friends tell you, regulation can be a good thing.
  • by samj ( 115984 ) * <samj@samj.net> on Thursday September 11, 2003 @10:20PM (#6939373) Homepage
    On one hand, Verisign wants us to believe they are sufficiently trustworthy to extort as much as USD1595.00 [verisign.com] from us for a handful of 1's and 0's (SSL Certificates), and on the other they expect to be able to get away with the dispicable, annoying business practice of hijacking users' web requests? This is annoying enough as it is with opportunistic larrikins buying up misspelt domains, without the custodian of the database abusing its' position by returning effectively forged replies to queries for domains which do not exist. Reminds me of their recent foray into the domain 'Back-Order Domain Acquisition Service [snapnames.com] business.

    I guess with competitors closing the gap [geotrust.com] by offering virtually the same thing [geotrust.com] for a fraction of the price [rackshack.net], they must be getting desparate.
  • Ever gone to a site like jdfhawkejrhawk.museum [jdfhawkejrhawk.museum]? Same deal. Not that many people would accidentally go to www.slashdot.museum....
  • by FunkyMarcus ( 182120 ) on Thursday September 11, 2003 @10:40PM (#6939480) Homepage Journal
    This is most certainly breaking the DNS standard

    No, it's most certainly not.

    It uses DNS as the means to some questionable ends, but it doesn't break anything.

    As a matter of fact, the master file format (which is not the DNS standard as we care about it in this context anyway) explicitly provides for wildcard records.

    Watch your location (URL, address, URI, whatever) bar:

    See? [slashdot.org]
    Again? [slashdot.org]
    One more time? [slashdot.org]

    Now, what standards have we broken? What's to prevent the web server from deciding what content to give us based on the Host header field we send?

    Mark
  • Diminishing returns (Score:3, Informative)

    by indros13 ( 531405 ) * on Thursday September 11, 2003 @10:40PM (#6939488) Homepage Journal
    This will seem a little offtopic, but I think the market for misspelling is declining. After all, features like auto-complete in browsers mean that for repeated visits, it's a lot harder to end up at the wrong place.

    Unless, of course, you are like me and your incorrect spelling is saved in the auto-complete: damn http://slsahdot.org!

  • by Tumbleweed ( 3706 ) on Thursday September 11, 2003 @10:40PM (#6939490)
    Is Veirsign or Verising taken yet? :)
  • by joenobody ( 72202 ) on Thursday September 11, 2003 @10:42PM (#6939505)
    The .cx registrar domains.cx [domains.cx] already does this. Try any random thing [iojfwemaxdf.cx] ending in .cx and you'll get their signup page.
  • by SixDimensionalArray ( 604334 ) on Thursday September 11, 2003 @10:44PM (#6939517)
    .. but why would they only forward "misspelled" domain names.. why not EVERY SINGLE combination of letters and numbers that is not being used?? I mean, why not just register a bunch of domain names that might be popular and forward them to advertising pages? That's essentially what they are coming close to doing.

    Not to give them any ideas mind you, but it just screams ILLEGAL that they are trying to steal traffic from people's mistakes. That has to have some implications, if not completely violating the notion of standards.

    Remember, standards are what made the Internet in the first place, and standards are what keep it ALIVE!
    • Remember, standards are what made the Internet in the first place, and standards are what keep it ALIVE!

      Actually, what keeps it alive is funding. Standards provide a method of making sure we are all playing on the same field.

      Frankly, I think the standards process is holding back progress (among a lot of other things) by retarding the rate of change. But that's the process, not the actual standards themselves.
    • More to the point they are stealing my mistakes. My mistakes have value to me.

      Without the DNS returning an error for domain-not-found, I can't know if mis-typed. That is error correcting feedback (for me, not the computer) and I want it left on!

      This is not an empty channel; this is not an unused resource, and what verisign are proposing is theft.

      Not that that should come as a huge surpise to anyone, I suppose.

  • by GeorgeK ( 642310 ) on Thursday September 11, 2003 @10:58PM (#6939591) Homepage

    I wrote the following letter [icann.org] to ICANN when it first cropped up:

    Hello,

    We already have the example of WLS in Verisign abusing its monopoly (and ICANN not stopping this abuse -- see www.stopwls.com [stopwls.com]).

    Planning to monetize all typos by rewriting DNS error codes to instead point to itself (i.e. instead of returning error codes, it will no longer return errors, but instead bring the surfer to Verisign money-making pages) is yet another example of an abusive monopolist. See here [cbronline.com]:

    "Some organizations have shown a propensity to make technical changes happen and then ask for permission later," Afilias's Mohan said. "Given the economics of it, I think that's what will happen here."

    Given the huge technical standards that Verisign would be violating, as well as the Intellectual Property and economic issues (e.g. a typo of one letter of your domain name could send a client to a search engine listing your competitor as #1, or worse; John Zuccarini is in JAIL for his typo-squatting!), can someone in the Names Council, or the ICANN Board that has a spinal column please pre-empt this Verisign move by forbidding unilateral action of such a nature by means of a vote of some kind, through the introduction of a motion?

    From the comments at ICANNWatch [icannwatch.org] when this abuse last came up, perhaps the way to frame the motion is "gTLD Registry operators WILL return NXDOMAIN for ALL DNS queries for which where there is not a REGISTERED domain name." Period.

    Once you start tampering with things at the DNS level, as Verisign is intending to do, you threaten the security and stability of the internet, as I think Vint Cerf properly recognizes (being right at least half of the time; bad call on WLS, but the courts and the US governmet will take care of that one eventually). For a company whose slogan is "The Value of Trust", Verisign makes a mockery of the caretaker role it has been given as guardian of the com/net registries. I trust them as much as I trust John Zuccarini.

    If the US government had a problem with Microsoft embedding the Internet Explorer browser into its operating system, what will they think given Verisign has an even greater monopoly when it comes to DNS resolution? The power should belong to the users, who should have the choice (through their own software) how to resolve errors. That's why we have technical standards. Making that decision for them, by BREAKING technical standards and the applications that rely on those standards, as Verisign plans to do, and making loads of $$$$ while doing it, smacks of an abusive father-knows-best monopolist. Verisign is the father you wish you never had! Calling it a "service" adds insult to injury, as they did with WLS, especially when it's a MONOPOLY service, for which one has no choice. When you make a typo for a telephone call, does the 1-800 operator (AT&T, MCI, Neustar?) start playing paid jingles for your competitors, instead of telling you that you misdialled via a message?

    Ultimately, folks know Verisign wants to milk every last penny out of its monopolies, and doesn't care who they have to step on to do so. Take a look at Games.TV [games.tv] which shows:

    games.tv is available and can be registered immediately for $100,000.00/year

    to understand what Verisign's goals are (Verisign runs .tv). Do you think you really own your .com domains? What price would Verisign like to charge you for your domains?? Once they wipe out some registrars through WLS, and other monopoly abuses, who will be left to stop them?

    If Verisign is permitted to g

  • by Krellan ( 107440 ) <`krellan' `at' `krellan.com'> on Thursday September 11, 2003 @11:22PM (#6939688) Homepage Journal
    From the client side, Microsoft is already collecting every mistyped URL and substituting their own search engine!

    In MSIE, a hostname that is not found will be sent to Microsoft. A page will be auto-generated, containing links to similar hostnames, and the Microsoft MSN search engine.

    Microsoft is already receiving this information. I'm sure that there is a high commercial value in knowing the exact data on which domains are mistyped the most often! I would be surprised if Microsoft doesn't use this information internally, or resell it to the highest bidder.

    Since MSIE is 90% of the installed browser base, I would be very surprised if server-side information on mistyped domains (as Verisign is logging) is very different from client-side information. The client-side information might even be more accurate, due to intermediary DNS servers doing caching of negative results!

    Does anybody know for sure what Microsoft is doing with their large database of mistyped domains?
  • Kick 'em hard (Score:4, Insightful)

    by Door-opening Fascist ( 534466 ) <skylar@cs.earlham.edu> on Friday September 12, 2003 @12:14AM (#6939935) Homepage
    I say if they go ahead with this, ICANN [icann.org] should yank their registrar status. This is in blatant disregard of Internet standard (RFC, good practice, etc.) and should not be tolerated in any way.
  • But, (Score:2, Funny)

    by Niet3sche ( 534663 )
    Hasn't this been going on for a LONG time now? Example: oogle.com and friends. Typically I've seen them go to that god-awful mp3search or whoever that throws up about 20 popups. >|-[ Makes me mad.
  • This is already done with any given .tk Domain. www.alkksjdflksjf [alkksjdflksjf.tk]. So what? We know that VeriSign is evil, but they are not the only one doing this sh*t.
  • how to defeat this (Score:5, Interesting)

    by wotevah ( 620758 ) on Friday September 12, 2003 @12:51AM (#6940062) Journal
    I am sure we will find a way to defeat this "improvement". Possible options include (with the caveat that they might find another way to do this):

    • Have the browser (or proxy, for unfriendly browsers) pair a "www.domain.com A" lookup with a "domain.com NS" (expecting the NS query to return NXDOMAIN)
      • If the NS query does not fail and returns something, we can check that the domain nameserver's address is NOT owned by a Verisign or affiliated company (using black lists if we must, since this is not the kind of setup that is easy to change). I am expecting them to use a different set of nameservers for this than the roots (because the roots are critical infrastructure and the others are not, and also because these fake nameservers will be a different type of setup, database, management and all), so it should be fairly easy to catch. This might also cause the temporary domain pages to become unreachable, I am sure no one will miss them. I don't know how we would handle people who use redirects with them though.
      • If the NS record looks suspicious (such as if it has the same TTL as the www record, or some other indicator that suggests it has been returned and cached from the previous www.domain.com query) force a direct query to the root servers to make sure. This might cause unnecessary load on them but hey they are asking for it.
      • Variations of the above such as trying to query the SOA and MX records on the domain and check them against the www record.
    • Do whois on the domain (slow).
    • Do not use Verisign's root servers. The zone files for .com and .net are available. (requires significant resources, but I am sure someone out there, such as larger ISPs will do this)
    • Use bayesian filtering on the web pages to make the browser learn of the pages you do not want to see and the ones you do. This can probably work for a lot of other things too. Distribute a pre-taught package that is able to discriminate the verisign and other annoying content. Even better, have proxy modules for squid and the like that can enable the proxy to participate in the filtering.

    I'm sure there are a lot more possibilities. Oooh let them try and do this.

  • Easy work-around (Score:2, Insightful)

    by ozzee ( 612196 )

    I'd be willing to help add a patch to Bind 9 to check for DNS responses that are "from verisign's redirection" and respond with an empty response.

    This is REALLY quite annoying for a 3 pinky typist like me !

  • Isn't this collusion (with the website who gets the hit) to initiate a deceptive business practice?

    I mean, if the user doesn't realise he's hit CompanyZZZ instead of CompanyZZ, isn't this the same as selling someone a box of Fruit Loops instead of saying you're out of Cap'n Crunch?

  • .nu (Score:3, Insightful)

    by fred_nd ( 174737 ) on Friday September 12, 2003 @01:37AM (#6940214) Homepage
    .nu does this already, try www.gfrgdfg.nu [gfrgdfg.nu]

    /Fred
  • I am under the impression that the TLD servers are public services, at least they originally were. It seems inappropriate to co-opt unregistered domains by any party.

    I've heard reports from friends that some of the domain registration services are analyzing the whois requests by people and in some cases, preemptively registering domains that people seem to be searching for.

    However, Microsoft seems to be already capitalizing on hostname mistakes by customizing the browser error pages and redirecting them t
  • It seems to me that roughly half of URLS containing a mistyped or otherwise invalid domain/host already result in a redirection to a name registrar's advertisement.
  • Strikes me that they're walking right into the teeth of the trademark lawsuit from hell.
  • by swordgeek ( 112599 ) on Friday September 12, 2003 @10:33AM (#6942879) Journal
    Offensive corporate behaviour is the easiest thing in the world to stop. Don't support them. If Ford is buying ads from VeriSign on mistyped Toyota domains and you feel that it's wrong, then don't buy from Ford! People toss around the word boycott as if it's a special act, but unless it's done as an organised, concerted effort, then boycotting is just personal choice in action.

    Every time we spend money (or not), we are making a choice. When we buy something, we are buying a product based on our needs, wants, perceptions, and beliefs. When you buy something from a company, you are supporting that company and their actions. When you decide against buying something from a company which you would like to have, you are making a statement that you will NOT support them, based on...whatever you're not supporting, be it sleazy advertising (spam, or the Ford example), bad corporate behaviour (Microsoft, the major RIAA members), or unethical products (Tobacco companies).

    PERSONAL ACTION is an easy easy easy easy easy way to prevent most corporate excess. Unfortunately, it's also nearly impossible, because not enough people are willing to implement it. "Yeah, I've heard about the problems with the RIAA, but I want the new (x) album." Even such things as, "my old stereo is fantastic, but this year's model is NEWER (with less features, poorer specs, etc.)" defeat a big chunk of personal action.

    Can you imagine what would happen to companies like VeriSign if EVERYONE actually made all of their decisions consciously, and let the companies know about it? Why, we might have corporate responsibility.

"I've finally learned what `upward compatible' means. It means we get to keep all our old mistakes." -- Dennie van Tassel

Working...