Slashdot Mirror
The Sex.Com Story Continues
wherley writes "This story at news.com tells the tale of the lucrative sex.com domain, the incompetent Verisign transfer per forged request, and the $65 million dollars in damages hanging in the breeze."
← Back to Stories (view on slashdot.org)
Just kidding. This case is out of hand.
One note though, a lot of people see nothing wrong with someone "stealing" a porn website, because they think porn is wrong, and stealing is wrong. But pornography is legal, stealing is illegal. I'm sure that this is one huge reason this case hasn't been settled yet.
Moderation: Put your hand inside the puppet head!
You know, I hope someone steals the domain for goatse.cx so it points somewhere far more harmless.
My eyes have been permanently wounded by trolls posting that link here.
Try to hack my 31337 firewall!
Or perhaps a floodgate of lawsuits where Verisign royally screwed up and did nothing to try to rectify the situation.
There is a difference from being down for a little while, and giving someone a domain that you paid for and registered. Then saying, "ooopps...well here is your registration fee back."
Fight Spammers!
"This case is out of hand."
It's not like they had both hands available to hold it down.
"Derp de derp."
I'd think that they can be held liable - not for $65 mill, perhaps, but let's face it: if not for their crummy system, and for really dropping the ball as far as security and verification are concerned, this never would have happened.
I've worked in banks for years, and I know if someone comes in claiming to be Ms. Smith, then steals all of the real Ms. Smith's money/safety deposit box items/etc, the bank is held accountable for fucking up. I don't see a big difference here.
Verisign should pay a fair and equitable amount for their mistake, improve the system (if they haven't already) so it never happens again, and go on.
52 Weeks, 52 Religions with John Hummel
Once you have payed for your domain name from dotster.com, they want you to buy the NameSafe service for an extra $10 per year, to "prevent any unauthorized changes from being made to your domain." Should I need to buy insurance, or should they guarantee their product?
As much as I do not like Verisign, I cannot see how Verisign can be held responsible for the transfer. After all, this was a forged transfer.
I can see how they could be held responsible for negligence in correcting the matter in a non-expeditious manner....
Anyway, there is a potential for a world of hurt, especially if a DNS server is considered to be a legitimate and unerring source of information linking a domain name with owner information. The liability would be incredible, as would the potential for mega-lawsuits!
It took them almost 4 weeks and 7-8 calls their CS to configure my .ms domain to point to my own DNS servers. Their CSRs are clueless drones and you absolutely, positively cannot talk to somebody higher than a CS supervisor. Normally, I would use a different registrar (domaindiscover.com is decent) but there aren't many that can do .ms domains.
For what I care, they can be slapped with the 65mil damages, that will make my day...
Just my $0.02...
If con is the opposite of pro, is Congress the opposite of progress?
You're KIDDING!! Verisign? Incompetent? The hell you say! Who could possibly have guessed? Why, I've had nothing but an easy time with them, and their procedures have been nothing but pleasurable to conform to. And I have *not* abandoned them for other registrars.
-brennan
When I was much younger (and I'm 20 now.. :) I did the security for a certain porn sites, and learnt a lot about how they work.
In the end it worked out more profitable to them to just redirect their traffic to the bigger porn sites than to try to deal with the customers themselves.
For every customer you get to do the $5 trial, we would get $20!
When spamming, we would get a hit rate of around 1 in 1000 - so basically if we sent 10k emails, we would get $200.
I only dealt with the security side, and didn't work there for long btw.
Net domains and real property have more in common than difference:
1. Both are fixed - only one entity may occupy a particular "parcel" at a time.
2. There is a fixed supply of each (excluding adding stupid TLDs, and Hawaii)
3. Whether you "own" either is really just a description of what you own, stored in a central database which can be verified by a third party.
4. In general, any changes you make or sites you build are just superficial - they may add or detract from the value, but the basis of the value is more dependent on the site (location, location, location). Once you relinquicsh your license/deed, the next owner may keep or remove your additions, but the space hasn't really changed.
Of course, there are exceptions, however...
Owning real estate is just ownership of a document which has the force of law allowing you limited use within a prescribed boundary. Nearly identical to a namespace.
Is it just my observation, or are there way too many stupid people in the world?
Let me create an analogy for a minute. Let's say I'm some prankster, and I call up the Local Telco here (Verizon) and say I want to foward the number of IBM to my home phone instead. Now, if Verizon were as stupid as Verisign, all I'd have to do is fax them a change order on IBM stationery, and it would go through and all of IBM's business would come to my home phone. Don't you think IBM would hold the phone company responsible if it took them a long time to resolve the situation (or even let it happen in the first place!)
Point is -- Verisign still thinks it's the wild west out here on the net, and they don't provide customer service of any kind. Furthermore, they are completely incapable of providing the services they offer. Criminal negligence is prosecutable. The fact that it's easier to change IBM's domian than it is to change IBM's phone number shows the maturity of the phone company -- they've already had to deal with pranks like that for decades.
And the fact that Verisign has no provision for knowing how to deal with these situations, and furthermore doesn't follow standard business practices (such as those provided by a phone company) makes them responsible for both "letting it happen in the first place" and "dragging their heels to fix the problem once it became clear what happened".
Just my 2 cents.
If telephones are outlawed, then only outlaws will have telephones.
What are you talking about, most people don't read the articles? You have it exactly backwards. Most people I mention Slashdot to read the articles, but never post, or even look at the comments. This explains why the top story on the front page can have "0 of 1 comment" comments and already be Slashdotted - most people are just clicking on the article link.
Please subscribe to see the more insightful version of th
Oh man, I know it's a joke, but it's very close to the real thing. I work for a domain reseller/hosting company and we currently get our domains through opensrs at reseller prices. Before opensrs we were using verisign, they charged us the typical $35 a year, and they ache every time we transfer a domain. They first called us and asked us pretty please to stop transfering domains. We basically laughed at them and told them we'd transfer back as soon as they could offer a cheaper price. I mean, it's a pretty simple service. Then came the shirts. They sent us a t-shirt for most of our domains that hadn't been transfered. We got some hemp ones, ones we didn't know or care we had. I'd much rather have a verisign shirt I can jog in and thrash instead of e-xxxcentral.com or whatever russian bride domain we might have registered over the years. And then the other day I call from Verisign *VIP* services. And the person reading the script said that we were valuble to the company. I tried to get them to voicemail because my boss didn't want to talk to them.
I would say that VeriSign should not be held in strict liability, where everything that goes wrong is their fault. However, I do think they should be liable for negligence. They should be held up to standards the same way that banks or real estate escrow companies are.
As it is now, you have almost no recourse, and they have little incentive to perform. I had a heck of a time getting a domain moved to a new host last year. Their system wasn't working for me and there was no other way to contact them. They were ignoring faxes and they don't have a customer service phone number.
Don't moderate flamebait as Troll. Know the difference or you will be Meta-moderated.
They say that "a domain name isn't tangible property."
Uh huh. Tell that to people who wind up on the wrong end of 'cybersquatter' lawsuits, like this guy.
If a domain name isn't tangible property, then doesn't this ruling somehow negate or diminish the concept of a trademark, which is also in most cases just a name?
If a big corporation can sue for alleged misuse of their name or dilution of their trademark, then I would say that a name certainly can be tangible property and that the ruling that stated it isn't is flawed as all hell. Or is this just another case of monied corporations having rights that citizens don't?
~Philly
Does anyone else find it slightly ironic that VeriSign (you know, the company that markets itself as the electronic ID validator) is now responsible for damages resulting from a forged letter? I realize it was Network Solutions at the time, but this can't be good for their image....
Then again, they could always spin it and say, "See? See why you need to pay our monopoly^W company $xxx.95 for a VeriSign-certified PGP key?"
moto411.com
Let's get one thing straight here... morally Verisign is completely in the clear, and this joker hiding in Mexico is completely to blame. Verisign received a forged letter, which they acted upon. They had no intent to harm the legitimate owner.
The question is, does Verisign have any legal responsibility. Ideally, no one would ever forge a letter to Verisign (or my bank), and it wouldn't be an issue. Since it's well known that seedy elements do exist in society, organizations have some obligations to guard against fraud. So what exactly should they have to do to guard against fraud?
Of course, in the end, it will come down to a judges interpretation of existing laws, and how they apply to domain names. For the purposes of this discussion though, I'd argue that they probably did enough and should not be held liable, certainly not for anything near the full 65 million dollar amount. It sounds like this occurred early in the development of the internet, at a time when procedures and practices surrounding domain names was just being thought out. Obviously now that movies about websites are being made (fear.com), the thought of turning over a domain without contacting the owner for independent verification seems negligent. And of course, they don't do that now. If someone told you about this in 1995 though, I doubt it would have seemed nearly so clear cut.
That still leaves open the question of why it took five years to get back the domain name. If Verisign was just lazy, well, that's another story, which we don't seem to have many details on. For now, I'll assume Verisign acted reasonably here (perhaps not a good assumption based on other comments about Verisign posted here...).
In short, it's an unfortunate situation (kind of... it is sex.com after all), but Verisign shouldn't have to pay.
"There's no hole that needs to be plugged," he said.
something isn't right...
You can't take the sky from me...