VeriSign Looks At Earning Money on Domain Typos 288
Harald Paulsen writes "In a recent article Computer Business Review uncovers how VeriSign Inc is testing a service that would return a webpage if a user mistypes an URL. Basically all nonexistant domain queries could return an IP address and if the user was trying to access a page with a webbrowser they could get redirected to a search-engine, or worse: a page asking them to buy a domain. This is most certainly breaking the DNS standard and could be compared to cybersquatting (Hey Ford, want to have a banner ad whenever someone mistypes Toyota?). This is interesting in relation to an earlier story about register.com and holding-pages."
Typical Verisign/Network Solutions crap... (Score:5, Interesting)
Code and Other Laws of Cyberspace [amazon.com]
Re:Typical Verisign/Network Solutions crap... (Score:5, Interesting)
Re:Typical Verisign/Network Solutions crap... (Score:3, Interesting)
Re:Typical Verisign/Network Solutions crap... (Score:2, Interesting)
Even if such a flag exists, I'm not sure I trust them to honour it once a scheme like this starts generating revenue for them. They could morph their business from service provider to internet censors overnight. That'd be a popular movce i
Re:Typical Verisign/Network Solutions crap... (Score:2, Interesting)
Re:Typical Verisign/Network Solutions crap... (Score:3, Funny)
This is also done with domain suffixes. (Score:5, Insightful)
I'm confused (Score:5, Funny)
Flame Design Group (Score:5, Funny)
(San Dimas Operations...)
Re:Flame Design Group (Score:2)
Re:Flame Design Group (Score:2)
But yeah, Bill & Ted were great. "Ted my friend, strange things are afoot at the circle-K."
Re:I'm confused (Score:3, Informative)
Corporations* are always evil to some degree or another. (Yes, that includes you, IBM--and you too, Redhat (et. al.).) Your mistake was in seeing things as a contest in which you root for some team to win. They're all evil. The only way that we win is to have the really, really evil ones take each other out (if we're very lucky), and try to somehow prevent the other ones from becoming as bad as the most evil ones. It pays to be cynical.
* echo Corporations | sed -e s/pora/rup/ and you will see why.
Oh
Re:I'm confused (Score:4, Funny)
If they wanted to be heroes... (Score:5, Interesting)
Re:If they wanted to be heroes... (Score:5, Insightful)
But that's the problem with modern business thinkers. It's not about providing a service and seeing if you can get paid for it. It's about controlling channels and leveraging that control.
Seriously, I don't even suggest for a moment to anyone I know that they consider using Verisign for anything. They're the antitheses of trust.
Re:If they wanted to be heroes... (Score:2)
> thinkers. It's not about providing a service and
> seeing if you can get paid for it.
Wasn't this the type of thinking that prompted the entire dotcom bubble?
Re:If they wanted to be heroes... (Score:3, Interesting)
Re:If they wanted to be heroes... (Score:2)
Comment removed (Score:4, Interesting)
URL typo's (Score:3, Interesting)
Statistics on mistyping of "slashdot " (Score:5, Interesting)
Re:Statistics on mistyping of "slashdot " (Score:2, Funny)
Re:Statistics on mistyping of "slashdot " (Score:2)
Re:Statistics on mistyping of "slashdot " (Score:2)
Maybe that's just how CmdrTaco most frequently misspells Slashdot...
Re:Statistics on mistyping of "slashdot " (Score:5, Funny)
hmmmmm...
salsadot.org
Now, I just need to invent a few recipes for hot sauce with caffeine.
It is an abuse (Score:5, Insightful)
They should maintain the registry from a technical perspective, period.
Re:It is an abuse (Score:2, Funny)
Inverted Typos (Score:3, Funny)
Re:Inverted Typos (Score:2)
Dirty sluts will bend over backwards for you in a New Beetle! (Of course, they have to, or they can't possibly fit.)
Re:Inverted Typos (Score:2)
And if you visit our site before September 30, they'll put an iPod up their {{xx||{{{x[x||{
NO CARRIER
And people trust Verisign? (Score:5, Interesting)
Bullshit. He's lying or clueless, or both. It's not like DNS requests have a flag saying "I'm sending this query for a web page!" My take? They're lying to hide the side-effects of this blatant violation of internet standards from the general public.
Re:And people trust Verisign? (Score:4, Informative)
Re:And people trust Verisign? (Score:5, Insightful)
That's another misuse of standards though. The "www" prefix is just a 'common' way of setting up websites. It's not required. It's no different from any other zone, for that matter.
If Verisign is going to only do these for 'www.' prefixed records, it may be a bit less of a problem, but it's still a problem. Among the things I can think up off the top of my head (I'm sure other people have mentioned these, and there are many more)
- Proxies would be caching extra data
- Web applications (or non-web) that validate user input by checking for existance of a domain are going to break
- For sites that don't have a www prefix, it could confuse users, since they'll see a (different) browser specific error message.
- Obviously, lockin to a certain vendor - suddenly verisign decides who you use for searches, and what happens when you make a typo, instead of your browser settings.
this is just YASTAPTDE (yet another solution to a problem that doesn't exist)Re:And people trust Verisign? (Score:2)
Re:And people trust Verisign? (Score:2)
Because the Internet is not just 'The Web' (Score:5, Insightful)
Oh, I already DID configure it to do that. So I don't need this alleged 'service', thankyouverymuch.
Re:Because the Internet is not just 'The Web' (Score:2)
For you, I'll arrange a refund of all money paid for this service.
Has nobody noticed other TLD's have been doing this for ages....
Re:Because the Internet is not just 'The Web' (Score:3, Informative)
Sum summarum (Score:2)
when you let corporations
run everything.
I for one Hail our new capitalist Overlords!
Re:And people trust Verisign? (Score:2)
In other words, email@www.somesite.com will still go to a bogus IP, ftp to www.somesite.com will still go to a bogus IP, and misspellings of slashdot.org will never be caught.
So... the speaker is still lying or clueless, or both, and trying to mislead people as to the side effects of this system.
I hate it when I'm wrong, but I hate it more when I'm right.
I've said it before (Score:4, Interesting)
Anyone else have the dream whereby us computer people create a new internet and leave this heap of crap behind for corporate and marketing types to die in?
And whilst we are at it, lets do away with the ISP's and telcos so information doesn't cost anything anymore. Surely we can work something out?
Re:I've said it before (Score:3, Funny)
Weena! Don't touch that nice man's machine!
Re:I've said it before (Score:2)
Networking geeks build networks at layer 2-4, not layer 7 like some of the other crap out there.
Re:I've said it before (Score:2)
Re:I've said it before (Score:2)
What we need is to break away from the infrastructure we use now so that anyone can acess the internet, for free, whereever they are in the world. Maybe some time of universal wireless connection. Dreaming sure, but we can do these things.
This is already done (Score:5, Interesting)
I've always hated that, especially because it lets MS log every single incorrect URL typed.
Re:This is already done (Score:5, Informative)
Re:This is already done (Score:2, Informative)
Now I'll get a ping from some verisign server?
There's more to the internet than the web.
Precedent? (Score:5, Interesting)
If it's legal to pop up competing websites without consent, then surely it's legal to redirect to a competing website when there is indirect consent (e.g. the user types in the erronous address).
Not that it's a desireable thing, just based on past precedent it seems the direction the legal system is heading.
I just thank my lucky stars I don't get redirected to some obscure/spyware infested search engine when I misspell slashdot- just a simple page informing me I've misspelled it, with a convenient number of how many others are afflicted with the same travesty.
Anyone tried variations of Slashdot (.org)? (Score:3, Interesting)
Interestingly enough... (Score:4, Interesting)
Re:Interestingly enough... (Score:2)
Registrant:
Alvaro Collazo (SLASHODT-ORG-DOM)
Manuel Oribe 2028
Tarariras, Colonia 70000
R.O.U.
+1.7029778198
info@alvarocollazo. c om
Domain Name: SLASHODT.ORG
Administrative Contact:
Alvaro Collazo info@alvarocollazo.com
Manuel Oribe 2028
Tarariras, Colonia 70000
R.O.U.
Technical Contact, Zone Contact:
Alvaro Collazo info@alvarocollazo.com
Manuel Oribe 2028
Tarariras, Colonia 70000
R.O.U.
Record last updated on 23-Jul-2003.
Record expire
Re:Interestingly enough... (Score:2)
$ whois -h whois.directnic.com slashdto.org
Registrant:
Joaquin Navarro
Plaza Lizana 6
Huesca, Huesca 45000
ES
0034963527520
Domain Name: SLASHDTO.ORG
Did you expect anything less... (Score:5, Informative)
Re:Did you expect anything less... (Score:2)
"Requested items: One Mark V ECM unit, 1000 km of fullerene cable, one low yield nuclear warhead. Stated purpose: birthday party for foreign dignitary."
--Argosy Special Operations Service requisition form, CY 9512
I think it sums up my general views of
more IPs, less domains... (Score:5, Interesting)
Re:more IPs, less domains... (Score:5, Funny)
Ha ha! Ah ha ha! Ha!
*wipes tear*
Thanks dude, I needed that.
Now here's why thats stupid.... (Score:2, Insightful)
AT&T cable -- they already did this (Score:4, Informative)
Don't you see (Score:4, Funny)
They're geniuses! (Score:5, Insightful)
If this takes effect, the story changes. FooBar knows that if any customer makes a typo, Verisign will get to show an ad for Widget.com. The only way to make this go away is to register all of the possible typo names. So FooBar registers every single possible domain name that could possibly be considered close to FooBar. Bad for FooBar. Bad for anybody who wants a domain name (now they will ALL be taken), but good for Verisign.
Re:They're geniuses! (Score:2)
Mod the above up, this is exactly what they're doing, this will undoubtedly cause a run on variations of existing domain names.
Ugh. No! (Score:5, Insightful)
On another note, this would have to be some form of nameserver hack, not a root file hack(correct me if I'm wrong). But not all of the root servers are controlled by Verisign. Are those independant roots going to go along with this? Why should they?
Re:Ugh. No! (Score:2, Interesting)
Re:Ugh. No! (Score:3, Insightful)
Re:Ugh. No! (Score:2)
This wouldn't be done on the root name servers. This would be done on the
Re:This is not Wildcard in the Root, only com and (Score:2)
If you accidentally send email to a non-existant
Yahooo! (Score:2)
http://www.yahooo.com [yahooo.com]
Another reason the "R" word? (Score:5, Insightful)
More Verisign Shenanigans and Tomfoolery (Score:5, Insightful)
I guess with competitors closing the gap [geotrust.com] by offering virtually the same thing [geotrust.com] for a fraction of the price [rackshack.net], they must be getting desparate.
It's already being done (Score:2)
It breaks no standard (Score:5, Informative)
No, it's most certainly not.
It uses DNS as the means to some questionable ends, but it doesn't break anything.
As a matter of fact, the master file format (which is not the DNS standard as we care about it in this context anyway) explicitly provides for wildcard records.
Watch your location (URL, address, URI, whatever) bar:
See? [slashdot.org]
Again? [slashdot.org]
One more time? [slashdot.org]
Now, what standards have we broken? What's to prevent the web server from deciding what content to give us based on the Host header field we send?
Mark
Re:It breaks no standard (Score:4, Insightful)
Who ordered a sub? (Score:5, Interesting)
From the perspective of a DNS server or client, what's the difference between a subdomain and a domain? Isn't "slashdot.org" a subdomain of "org"?
These are subdomains: sub 1 [subway.com] sub 2 [quiznos.com] sub 3 [blimpie.com]
Diminishing returns (Score:3, Informative)
Unless, of course, you are like me and your incorrect spelling is saved in the auto-complete: damn http://slsahdot.org!
hmmm...I wonder (Score:4, Funny)
VeriSign is "Innovating" (Score:3, Informative)
This may be a stupid question.. (Score:3, Interesting)
Not to give them any ideas mind you, but it just screams ILLEGAL that they are trying to steal traffic from people's mistakes. That has to have some implications, if not completely violating the notion of standards.
Remember, standards are what made the Internet in the first place, and standards are what keep it ALIVE!
Re:This may be a stupid question.. (Score:2)
Actually, what keeps it alive is funding. Standards provide a method of making sure we are all playing on the same field.
Frankly, I think the standards process is holding back progress (among a lot of other things) by retarding the rate of change. But that's the process, not the actual standards themselves.
Re:This may be a stupid question.. (Score:3, Insightful)
Without the DNS returning an error for domain-not-found, I can't know if mis-typed. That is error correcting feedback (for me, not the computer) and I want it left on!
This is not an empty channel; this is not an unused resource, and what verisign are proposing is theft.
Not that that should come as a huge surpise to anyone, I suppose.
Verisign abusing its com/net monopoly again (Score:5, Insightful)
I wrote the following letter [icann.org] to ICANN when it first cropped up:
Hello,
We already have the example of WLS in Verisign abusing its monopoly (and ICANN not stopping this abuse -- see www.stopwls.com [stopwls.com]).
Planning to monetize all typos by rewriting DNS error codes to instead point to itself (i.e. instead of returning error codes, it will no longer return errors, but instead bring the surfer to Verisign money-making pages) is yet another example of an abusive monopolist. See here [cbronline.com]:
Given the huge technical standards that Verisign would be violating, as well as the Intellectual Property and economic issues (e.g. a typo of one letter of your domain name could send a client to a search engine listing your competitor as #1, or worse; John Zuccarini is in JAIL for his typo-squatting!), can someone in the Names Council, or the ICANN Board that has a spinal column please pre-empt this Verisign move by forbidding unilateral action of such a nature by means of a vote of some kind, through the introduction of a motion?
From the comments at ICANNWatch [icannwatch.org] when this abuse last came up, perhaps the way to frame the motion is "gTLD Registry operators WILL return NXDOMAIN for ALL DNS queries for which where there is not a REGISTERED domain name." Period.
Once you start tampering with things at the DNS level, as Verisign is intending to do, you threaten the security and stability of the internet, as I think Vint Cerf properly recognizes (being right at least half of the time; bad call on WLS, but the courts and the US governmet will take care of that one eventually). For a company whose slogan is "The Value of Trust", Verisign makes a mockery of the caretaker role it has been given as guardian of the com/net registries. I trust them as much as I trust John Zuccarini.
If the US government had a problem with Microsoft embedding the Internet Explorer browser into its operating system, what will they think given Verisign has an even greater monopoly when it comes to DNS resolution? The power should belong to the users, who should have the choice (through their own software) how to resolve errors. That's why we have technical standards. Making that decision for them, by BREAKING technical standards and the applications that rely on those standards, as Verisign plans to do, and making loads of $$$$ while doing it, smacks of an abusive father-knows-best monopolist. Verisign is the father you wish you never had! Calling it a "service" adds insult to injury, as they did with WLS, especially when it's a MONOPOLY service, for which one has no choice. When you make a typo for a telephone call, does the 1-800 operator (AT&T, MCI, Neustar?) start playing paid jingles for your competitors, instead of telling you that you misdialled via a message?
Ultimately, folks know Verisign wants to milk every last penny out of its monopolies, and doesn't care who they have to step on to do so. Take a look at Games.TV [games.tv] which shows:
to understand what Verisign's goals are (Verisign runs .tv). Do you think you really own your .com domains? What price would Verisign like to charge you for your domains?? Once they wipe out some registrars through WLS, and other monopoly abuses, who will be left to stop them?
If Verisign is permitted to g
Microsoft could do this already (Score:5, Interesting)
In MSIE, a hostname that is not found will be sent to Microsoft. A page will be auto-generated, containing links to similar hostnames, and the Microsoft MSN search engine.
Microsoft is already receiving this information. I'm sure that there is a high commercial value in knowing the exact data on which domains are mistyped the most often! I would be surprised if Microsoft doesn't use this information internally, or resell it to the highest bidder.
Since MSIE is 90% of the installed browser base, I would be very surprised if server-side information on mistyped domains (as Verisign is logging) is very different from client-side information. The client-side information might even be more accurate, due to intermediary DNS servers doing caching of negative results!
Does anybody know for sure what Microsoft is doing with their large database of mistyped domains?
Kick 'em hard (Score:4, Insightful)
But, (Score:2, Funny)
Old News (Score:2)
how to defeat this (Score:5, Interesting)
I'm sure there are a lot more possibilities. Oooh let them try and do this.
Easy work-around (Score:2, Insightful)
I'd be willing to help add a patch to Bind 9 to check for DNS responses that are "from verisign's redirection" and respond with an empty response.
This is REALLY quite annoying for a 3 pinky typist like me !
Isn't this collusion/deceptive business practice? (Score:2)
I mean, if the user doesn't realise he's hit CompanyZZZ instead of CompanyZZ, isn't this the same as selling someone a box of Fruit Loops instead of saying you're out of Cap'n Crunch?
.nu (Score:3, Insightful)
TLDs are public (Score:2)
I've heard reports from friends that some of the domain registration services are analyzing the whois requests by people and in some cases, preemptively registering domains that people seem to be searching for.
However, Microsoft seems to be already capitalizing on hostname mistakes by customizing the browser error pages and redirecting them t
This sort of thing is widespread already (Score:2)
Trademark lawsuit (Score:2)
Easy to stop--and impossible too. (Score:3, Insightful)
Every time we spend money (or not), we are making a choice. When we buy something, we are buying a product based on our needs, wants, perceptions, and beliefs. When you buy something from a company, you are supporting that company and their actions. When you decide against buying something from a company which you would like to have, you are making a statement that you will NOT support them, based on...whatever you're not supporting, be it sleazy advertising (spam, or the Ford example), bad corporate behaviour (Microsoft, the major RIAA members), or unethical products (Tobacco companies).
PERSONAL ACTION is an easy easy easy easy easy way to prevent most corporate excess. Unfortunately, it's also nearly impossible, because not enough people are willing to implement it. "Yeah, I've heard about the problems with the RIAA, but I want the new (x) album." Even such things as, "my old stereo is fantastic, but this year's model is NEWER (with less features, poorer specs, etc.)" defeat a big chunk of personal action.
Can you imagine what would happen to companies like VeriSign if EVERYONE actually made all of their decisions consciously, and let the companies know about it? Why, we might have corporate responsibility.
Re:You can't cybersquat.... (Score:5, Interesting)
Re:You can't cybersquat.... (Score:2)
Re:You can't cybersquat.... (Score:3, Insightful)
As soon as someone registers the page and points it somewhere, the DNS listing for that address would take over from the typo-redirection.
Re:You can't cybersquat.... (Score:5, Insightful)
At least it's better than that frightening site that was/is (I'm not looking) at anazon.com. They had bestiality pictures on the main page!
Re:You can't cybersquat.... (Score:5, Funny)
Re:Aren't they already doing this? (Score:2, Interesting)
Whenever I setup a machine at home, I always set the domain name to home.net (or, in this case, option domain-name "home.net"; in dhcpd.conf) but I forgot to make the local dns server authoritative for the home.net domain. So what happens when windows can't find a
Re:Slahdot. (Score:2)