Slashdot Mirror
VeriSign Looks At Earning Money on Domain Typos
Harald Paulsen writes "In a recent article Computer Business Review uncovers how VeriSign Inc is testing a service that would return a webpage if a user mistypes an URL. Basically all nonexistant domain queries could return an IP address and if the user was trying to access a page with a webbrowser they could get redirected to a search-engine, or worse: a page asking them to buy a domain. This is most certainly breaking the DNS standard and could be compared to cybersquatting (Hey Ford, want to have a banner ad whenever someone mistypes Toyota?). This is interesting in relation to an earlier story about register.com and holding-pages."
So not only do they spam us, reserve weird rights to our domain names, and cybersquat, but now they are doing this. It is really too bad there is not some kind of ICANN policy against this type of thing... Then again, ICANN is made up of a bunch of organizations like them anyway, so the whole thing is corrupt.
Code and Other Laws of Cyberspace
This is also done when .org, .net, .com, .ca, etc. are confused. For example, Gnome and Gnome
VeriSign is evil... Microsoft is evil... AOL is evil... WHO DO I ROOT FOR? I don't know what to say... Um... um... Uh, San Dimas Open Source ROCKS!
Bush: He's Liberal in all the wrong ways.
...they'd create a service that sends you to the page you wanted when you mistype the name. Instead, they're out for a fast buck that annoys us. Feh.
"A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
Comment removed based on user account deletion
Hasn't that happened already? A while ago, I could've sworn http://www.gogle.com pointed to one of those all-in-one search pages usually in place for dot-com busts.
Robert Bindler
A Computer Science student's views on technology.
http://slsahdot.org
of a position of trust.
They should maintain the registry from a technical perspective, period.
Hm, how much would it be to make Versisign redirect typos of volkswagen.com on my porn site?
The issue is that all unused domains to come to a versign ad basically. What about the other registrars that you could register through. This seems like a mis-use of power.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.
EXACTLY!
As soon as someone registers the page and points it somewhere, the DNS listing for that address would take over from the typo-redirection.
Dark Nexus
"Sanity is calming, but madness is more interesting."
"Paxfire's Sullivan said his company's service is set up so that only web traffic returns an IP address. Domain queries for non-web applications such as email or FTP are dropped or return error messages, he said."
Bullshit. He's lying or clueless, or both. It's not like DNS requests have a flag saying "I'm sending this query for a web page!" My take? They're lying to hide the side-effects of this blatant violation of internet standards from the general public.
and I'll say it again, 'this internet is stuffed'.
Anyone else have the dream whereby us computer people create a new internet and leave this heap of crap behind for corporate and marketing types to die in?
And whilst we are at it, lets do away with the ISP's and telcos so information doesn't cost anything anymore. Surely we can work something out?
I've always hated that, especially because it lets MS log every single incorrect URL typed.
If precedent is already set as per online advertising through a competitor (think Gator, where it was deemed legal to show pop-ups of a competing company when visiting certain sites, or sites with certain keywords), how would something like this hold up, where it is the user's fault for mis-spelling the intended domain?
If it's legal to pop up competing websites without consent, then surely it's legal to redirect to a competing website when there is indirect consent (e.g. the user types in the erronous address).
Not that it's a desireable thing, just based on past precedent it seems the direction the legal system is heading.
I just thank my lucky stars I don't get redirected to some obscure/spyware infested search engine when I misspell slashdot- just a simple page informing me I've misspelled it, with a convenient number of how many others are afflicted with the same travesty.
see where it went?
You also have http://www.salshdot.org which is a kind redirect to good ole' /.
My english is sow-sow. Sowhat?
At least it's better than that frightening site that was/is (I'm not looking) at anazon.com. They had bestiality pictures on the main page!
What I'm listening to now on Pandora...
What is really interesting is the fact that between the months of March and April, the number of errors increase at least ten fold, for only one moment. Maybe this page was linked to before? http://cricket.asimov.net/index.cgi?target=%2Fslas hdot-misspellers%2Fslsahdot-org;ranges=y
I've tried a couple of variations like slashdto.org and slashodt.org - seems to go to just the types of pages the article is describing.
From the same company that not all to long ago tried a scam to steal away domain names from their initial registrars, and is now being sued class-action style and being investigated by the FTC?
Request: ECM unit, 1000 km fullerene cable, 1 tactical nuclear weapon. Reason: Birthday party for foreign dignitary.
With IPv6 on the verge of being implemented, how will this affect domain names? There will be a plethora of IPs but less and less usable domain names to bind to. Unless of course people want to start using stuff like y4h00.com! or 47t4v15t4.com; registering unused domains for comerical purposes is a detriment to the world wide web, and also, forces developing groups to use awkward domain names.
-illumina+us "I put on my robe and wizard hat..."
If they did it for simple mistypes, fine, I can deal with that. But if they non existant domains, it makes network testing a hell of a lot harder. For example, say im connecting to an IRC network thats having DNS problems, I dont want it trying to connect to verisigns webservers. And why let one company have a monopoly on that anyway even if it was going ahead, yea sure the .cx and .tk TLD's have crap like that, but not for .com please
Gnome wasnt built in a day.
Hm, great example of what happens when you use GUAGE instead of COUNTER.
Speak before you think
Root for companies that no one has heard of; it makes you sound cool.
(San Dimas Operations...)
You can't judge a book by the way it wears its hair.
Someone I knew accidentally typoed "linc.sourgeforge.net" instead of "linc.sourceforge.net" ...OMG, it rivaled Goatse! Please...Let the Net work as it's supposed to... If there is no site, ERROR OUT!
-uso.
What you hear in the ear, preach from the rooftop Matthew 10.27b
AT&T did this for a while with all unrecognized DNS queries on their cable modem service, about a year ago. You got some junky portal.
You all should stop complaining it's obvious versign is trying to _help_ you: "Like many registries, we're continually exploring ideas on how to enhance the user experience,"
arseholes that sent me an expiry notice on a domain that I had just renewed for 2 years with my original registrar and had never had it listed with them in the first place. Fortunately my false and misleading notice came in the US Mail so the postmaster was quite happy to take up their fraudulent use of the mail.
Oh, I already DID configure it to do that. So I don't need this alleged 'service', thankyouverymuch.
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
I can't think of a better way to exponentially increase the number of domains registered. Currently, FooBar company knows that nobody has registered any typo names, and that if anybody does, they can probably get rid of the type names through a lawsuit. Therefore, FooBar registers only foobar.com.
If this takes effect, the story changes. FooBar knows that if any customer makes a typo, Verisign will get to show an ad for Widget.com. The only way to make this go away is to register all of the possible typo names. So FooBar registers every single possible domain name that could possibly be considered close to FooBar. Bad for FooBar. Bad for anybody who wants a domain name (now they will ALL be taken), but good for Verisign.
Time flies like an arrow. Fruit flies like a banana.
You know, this is just going to place a good bit more load on everyone's nameserver, not just the roots. Every request that used to be discarded from NS caches because it didn't exist will now be cached normally as a "good" request. 10-12% more data load might not be much for small DNS uses, but for companies like AOHell and other large ISPs, VeriSign is just screwing them over.
On another note, this would have to be some form of nameserver hack, not a root file hack(correct me if I'm wrong). But not all of the root servers are controlled by Verisign. Are those independant roots going to go along with this? Why should they?
I made a typo of Yahoo sometime ago, and it worked:
http://www.yahooo.com
R-r-r-r-regulation! Jesus, when are we going to wake out of the ideological stupor that holds that there's no place for government in a utopia? Despite what your Republican and Libertarian friends tell you, regulation can be a good thing.
<a href="http://www.joblessjimmy.com">Work is dumb and so is Jobless Jimmy.</a>
Maybe that's just how CmdrTaco most frequently misspells Slashdot...
20 January 2017: the End of an Error.
on how gain a monopoly on the known internet.... and at cut rate prices now they can buy up all remaining domain names... and sell them to their competitors... This domain by up was brought to by Micro$oft your chapter 11... our passion....
On one hand, Verisign wants us to believe they are sufficiently trustworthy to extort as much as USD1595.00 from us for a handful of 1's and 0's (SSL Certificates), and on the other they expect to be able to get away with the dispicable, annoying business practice of hijacking users' web requests? This is annoying enough as it is with opportunistic larrikins buying up misspelt domains, without the custodian of the database abusing its' position by returning effectively forged replies to queries for domains which do not exist. Reminds me of their recent foray into the domain 'Back-Order Domain Acquisition Service business.
I guess with competitors closing the gap by offering virtually the same thing for a fraction of the price, they must be getting desparate.
Ever gone to a site like jdfhawkejrhawk.museum? Same deal. Not that many people would accidentally go to www.slashdot.museum....
The opinions stated herein do not necessarily represent those of anybody at all. Deal with it.
strange that at anazon.com (I looked) now lurks an anti-Verisign website.
Doesn't that sort of thing violate laws about enticing children to view pornography?
Homestar probably gets a ton of hits from children, and children are most likely to mistype urls.
If they're not trying to get kids, who are they trying to get?
"Think I'll watch some Homestar toons. Oh, wait, porno!"
--
the strongest word is still the word "free"
How many times do I have to say this? Posters, please verify your links before including them in your posts. I was promised bestiality--Instead, I go a link to a "Verisign is a bad company" protest site. At least it's on topic.
I wonder what applications will fall over in a screaming heap if this is implemented? One would have a strong argument against this should it break something important - statistics perhaps?
hmmmmm...
salsadot.org
Now, I just need to invent a few recipes for hot sauce with caffeine.
134340: I am not a number. I am a free planet!
This is most certainly breaking the DNS standard
No, it's most certainly not.
It uses DNS as the means to some questionable ends, but it doesn't break anything.
As a matter of fact, the master file format (which is not the DNS standard as we care about it in this context anyway) explicitly provides for wildcard records.
Watch your location (URL, address, URI, whatever) bar:
See?
Again?
One more time?
Now, what standards have we broken? What's to prevent the web server from deciding what content to give us based on the Host header field we send?
Mark
Unless, of course, you are like me and your incorrect spelling is saved in the auto-complete: damn http://slsahdot.org!
Under capitalism man exploits man. Under communism it's the other way around.
Whenever I mistype something with IE, I end up on a page that says 'SEARCH! Info, Jobs, Games, Music....E V E R Y T H I N G !!!'. I was all ready to blame by rat bastard ISP, but I tried ilikekittens.com with konqueror and just got an unknown host error. Fantastic, I guess I have some evil spyware on my win box. On linux, nslookup/dig gives nothing, but on win, nslookup gives 67.96.63.112 for the ilikekittens/rat-bastard-search-page ip. Anyone know what spyware might have done this? If you want to look at it, turn off pop-ups or javascript first, or use lynx or wget.
Best mac commercial ever(mirror)
Is Veirsign or Verising taken yet? :)
Phonetically:
Uniform: u = yu (soft beginning)
Unlicensed: u = u (hard beginning)
At least that's how it's pronounced in SoCal.
The .cx registrar domains.cx already does this. Try any random thing ending in .cx and you'll get their signup page.
Date: Sat, 2 Mar 1996 21:30:59 -0800 (PST)
From: "Clay M. Bond" (bondc@indiana.edu)
On Fri, 1 Mar 1996, M K Rippberger wrote:
> Use "an" when the following word begins with a vowel SOUND:
> a university
> a United Nations proclamation
> an anonymous letter
Let me add to that a quotation from the Chicago Manual of Style, 6.49:
Such forms as "an historical study" or "an union"
are not idiomatic in American English. Before a
pronounced *h*, long *u* (or *eu*), and such a
word as *one*, the indefinite article should be *a*:
a hotel
a euphonious word
a historical study
such a one
*but*: an honor, an heir
a union
---
Clay Bond, Team OS/2
CELT Writing Coordinator, Computer Administrator
bondc@indiana.edu
http://copper.ucs.indiana.edu/~bondc/
.. but why would they only forward "misspelled" domain names.. why not EVERY SINGLE combination of letters and numbers that is not being used?? I mean, why not just register a bunch of domain names that might be popular and forward them to advertising pages? That's essentially what they are coming close to doing.
Not to give them any ideas mind you, but it just screams ILLEGAL that they are trying to steal traffic from people's mistakes. That has to have some implications, if not completely violating the notion of standards.
Remember, standards are what made the Internet in the first place, and standards are what keep it ALIVE!
I wrote the following letter to ICANN when it first cropped up:
Hello,
We already have the example of WLS in Verisign abusing its monopoly (and ICANN not stopping this abuse -- see www.stopwls.com).
Planning to monetize all typos by rewriting DNS error codes to instead point to itself (i.e. instead of returning error codes, it will no longer return errors, but instead bring the surfer to Verisign money-making pages) is yet another example of an abusive monopolist. See here:
Given the huge technical standards that Verisign would be violating, as well as the Intellectual Property and economic issues (e.g. a typo of one letter of your domain name could send a client to a search engine listing your competitor as #1, or worse; John Zuccarini is in JAIL for his typo-squatting!), can someone in the Names Council, or the ICANN Board that has a spinal column please pre-empt this Verisign move by forbidding unilateral action of such a nature by means of a vote of some kind, through the introduction of a motion?
From the comments at ICANNWatch when this abuse last came up, perhaps the way to frame the motion is "gTLD Registry operators WILL return NXDOMAIN for ALL DNS queries for which where there is not a REGISTERED domain name." Period.
Once you start tampering with things at the DNS level, as Verisign is intending to do, you threaten the security and stability of the internet, as I think Vint Cerf properly recognizes (being right at least half of the time; bad call on WLS, but the courts and the US governmet will take care of that one eventually). For a company whose slogan is "The Value of Trust", Verisign makes a mockery of the caretaker role it has been given as guardian of the com/net registries. I trust them as much as I trust John Zuccarini.
If the US government had a problem with Microsoft embedding the Internet Explorer browser into its operating system, what will they think given Verisign has an even greater monopoly when it comes to DNS resolution? The power should belong to the users, who should have the choice (through their own software) how to resolve errors. That's why we have technical standards. Making that decision for them, by BREAKING technical standards and the applications that rely on those standards, as Verisign plans to do, and making loads of $$$$ while doing it, smacks of an abusive father-knows-best monopolist. Verisign is the father you wish you never had! Calling it a "service" adds insult to injury, as they did with WLS, especially when it's a MONOPOLY service, for which one has no choice. When you make a typo for a telephone call, does the 1-800 operator (AT&T, MCI, Neustar?) start playing paid jingles for your competitors, instead of telling you that you misdialled via a message?
Ultimately, folks know Verisign wants to milk every last penny out of its monopolies, and doesn't care who they have to step on to do so. Take a look at Games.TV which shows:
to understand what Verisign's goals are (Verisign runs .tv). Do you think you really own your .com domains? What price would Verisign like to charge you for your domains?? Once they wipe out some registrars through WLS, and other monopoly abuses, who will be left to stop them?
If Verisign is permitted to g
I went there and click on "cricket graph" but its not working.... I think we slashdotted slsahdot!
"the fax machine is nothing but a waffle iron with a phone attached to it." - Grandpa Simpson
This sounds very similar to when MCI bought the common missdials of 1800callatt and directed those numbers to 1800collect. Brillant.
... neither misspelling seems to be actually registered (no WHOIS information), yet both do indeed resolve. Curiously enough, the first resolves to a Sprint netblock (which in turn is subdevided) and the second to a Verio netblock. What's more is they both resolve consistantly over multiple name lookups. Kinda interesting, if this is an unknown wildcard redirect, that different typos would end up different places. Perhaps this is part of the strategy?
From the client side, Microsoft is already collecting every mistyped URL and substituting their own search engine!
In MSIE, a hostname that is not found will be sent to Microsoft. A page will be auto-generated, containing links to similar hostnames, and the Microsoft MSN search engine.
Microsoft is already receiving this information. I'm sure that there is a high commercial value in knowing the exact data on which domains are mistyped the most often! I would be surprised if Microsoft doesn't use this information internally, or resell it to the highest bidder.
Since MSIE is 90% of the installed browser base, I would be very surprised if server-side information on mistyped domains (as Verisign is logging) is very different from client-side information. The client-side information might even be more accurate, due to intermediary DNS servers doing caching of negative results!
Does anybody know for sure what Microsoft is doing with their large database of mistyped domains?
Dr. Demento On The 'Net!
If you go to mysearchnow.com (don't go there), there's a toolbar that can be installed, and somehow they tricked my parents or one of their younger children into installing it, so now IE has an affiliate-stealing random popup-displaying toolbar always enabled. The toolbar's name in the context menu is always a different random string of letters, so I can't just find it in the registry and delete the file off the hard drive. Ad-Aware did not get rid of it.
Does anybody know how to get rid of the MySearchNow.com toolbar? My parents won't let me reinstall Windows on their computer.
A solution to the problem with music today
correct wite with their affiliate code included. *Typo detected, redirecting Superfreaker to goatse....* *collecting 10 cent hit from goatse...* There, everyone is happy.
Learn something new.
Ok, they want to redirect sleshdot.org to their seach page. What about goobledegook.slashdot.org (assuming that slashdot didn't have *.slashdot.org in the DNS tables).
Would they redirect that?
Could they rightly do so?
From the perspective of a DNS server or client, what's the difference between a subdomain and a domain? Isn't "slashdot.org" a subdomain of "org"?
These are subdomains: sub 1 sub 2 sub 3
Will I retire or break 10K?
I say if they go ahead with this, ICANN should yank their registrar status. This is in blatant disregard of Internet standard (RFC, good practice, etc.) and should not be tolerated in any way.
Hasn't this been going on for a LONG time now? Example: oogle.com and friends. Typically I've seen them go to that god-awful mp3search or whoever that throws up about 20 popups. >|-[ Makes me mad.
This is already done with any given .tk Domain. www.alkksjdflksjf. So what? We know that VeriSign is evil, but they are not the only one doing this sh*t.
I'm sure there are a lot more possibilities. Oooh let them try and do this.
I'd be willing to help add a patch to Bind 9 to check for DNS responses that are "from verisign's redirection" and respond with an empty response.
This is REALLY quite annoying for a 3 pinky typist like me !
Sounds sort of like what .museum does. Try this or even this.
Isn't this collusion (with the website who gets the hit) to initiate a deceptive business practice?
I mean, if the user doesn't realise he's hit CompanyZZZ instead of CompanyZZ, isn't this the same as selling someone a box of Fruit Loops instead of saying you're out of Cap'n Crunch?
- I am made of meat.
http://slsahdot.org
Great! You just made me and some 500 other people to test the URL and ruin the statistics.
.museum have had a wildcard all along, and it hasn't broken a darn thing.
.museum domain, it will sit in the mail queue for the queue lifetime, instead of bouncing immediately like it should.
If you accidentally send email to a non-existant
.nu does this already, try www.gfrgdfg.nu
/Fred
Hehehe.... ALL YOUR... what was that again?
Thats if you are being compliant with standards, but not everyone follows the standards on the internet.
Can I get an eye poke?
Dog House Forum
This is done at the application level. So, for instance, if you use another (non-WWW) network enabled app, it isn't affected by any funnies Verisign might try.
This is actually a pretty important point. The server pointed to by any name that happens to have a "www" prefix may well offer many other services, accessed by apps other than a web browser. What Verisign would do in that case, is point such apps to a different but existing server, if the server name was somehow misconfigured in the apps. That could completely confuse the app or the user. What Microsoft does with IE just affects the web, only if one uses IE and at least, in a way which does not (normally) confuse the end user.
/MC
This is what you get
when you let corporations
run everything.
I for one Hail our new capitalist Overlords!
http://www.debunkingskeptics.com/
I know its bad form to reply to your own posts but I was trying to make a joke (a bad one I admit) about mistyped URLs. Maybe my post deserved to be modded as flamebait.....
Sounds like lots of law suites aimed directly at Verisign.
.. usual hell of downed production systems.
:P )
Scenario:
1. An application is written which contains an undetected bug: when it starts it first tries to bind to some non-existent hostname (i.e. somehostname.com). It's default behaviour in name lookup failure is to log a warning and bind to 0.0.0.0.
Obviously this application could easily slip through testing and go into production.
2. Verisign implements changes, and suddenly somehostname.com come resolves. Application is restarted (perhaps scheduled restart) and fails to start with an error as the app cannot bind to the external ip address returned by verisign.
System is now down and
==
This scenario is not all _that_ unlikely. There is a lot of applications out there... after all, how likely are typos?
==
If Verisign goes through with this, it is a complete and utter abuse of their position.
-Hugh
(and no I didn't write an application like this.. except perhaps _your_ airport traffic control / banking system
What worries me - it may be tinfoil hat time again - is that the logical extension of this this would give Verisign the ability to block out unfriendly domains. I don't just mean typo porn sites but sites perhaps critical to big companies registered with Verisign. For example, suppose Best Buy had a problem with a Best Buy protest site called www.bestsucks.com. It might be possible to, instead of going to court to get the domain given back to Best Buy (and, I suspect failing), to just have the site redirect to Best Buy's official site.
I'm surprised the article failed to mention that typos in the .tv domain have been "hijacked" by Verisign almost since it began.
For example, try this non-existent domain and see what I mean. I never liked this, especially since it comes up with a price for the mis-typed domain right away and offers it for sale to you...
I am under the impression that the TLD servers are public services, at least they originally were. It seems inappropriate to co-opt unregistered domains by any party.
I've heard reports from friends that some of the domain registration services are analyzing the whois requests by people and in some cases, preemptively registering domains that people seem to be searching for.
However, Microsoft seems to be already capitalizing on hostname mistakes by customizing the browser error pages and redirecting them to their proprietary search engine.
Aside from that, I applaud NSI/Verisign! I continue to think that this company has reached the pinnacle of sleaziness but nooo, they've only just begun.
No no no no no! This is computers we're talking about. They're supposed to be GIGO-compliant, or I'll get all confused.
Imagine I want to send a confidential e-mail to starlawyer@lawfirm.com. However, I mistype it as starlawyer@lwafirm.com. Right now, unless someone has registered lwafirm.com, the message will bounce immediately. However, under Verisigns proposed system it will be delivered by default to anyone who wants to pay for this. This is scary.
And now don't tell me that you shouldn't send confidential e-mails unencrypted. It happens. All the time. IMHO, it is a big difference whether someone malicious intercepts the message or if the message is delivered to the wrong recipient by default.
And this exactly why they will get whacked with an antitrust suit by half of the registrars on the planet if they try it. So no real reason to fret about it. Yet...
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Paxfire's Sullivan said his company's service is set up so that only web traffic returns an IP address. Domain queries for non-web applications such as email or FTP are dropped or return error messages, he said.
How on earth can they distinguish between a DNS request originating from my browser, and one originating from my email client? Is there any technical basis for this?? I thought I unnderstood DNS...
You cant make anything foolproof, they'll only invent better fools.
It seems to me that roughly half of URLS containing a mistyped or otherwise invalid domain/host already result in a redirection to a name registrar's advertisement.
Look at it this way - the said cybersquatter no longer needs to type WHOIS insert-domain-here or they can save a little bandwidth if they scripted the whois.
All they need to do is type (or script it) the web address or do a DNS lookup and see where it points too. It will usually point to a certain block unless they were to spread the load out and use a setup similar to Akamai.
It still opens a huge can of worms though. (what about other registrars who use the same TLDs?)
Strikes me that they're walking right into the teeth of the trademark lawsuit from hell.
God help 'em if people started creating pages that genereted a few hundred thousand bad links...
Side note: I have a friend inside VeriSign who reports that people in the the non-NSI part of the company don't think very highly of the NSI part. (If this were Fark, I'd put an [OBVIOUS] tag on that.)
And then you have http://slahsdot.org/ which is *clearly* some scumbucket squatter page.
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
Until they start forcing major TCP/IP stacks to put my hosts file lower in the heierarchy than their DNS servers, what do I care?
Hell, I could rig verisign.com to point to goatse.cx if I wanted to. What are they going to do, sue me?
(Don't answer that.)
Yes, let's have a hyperfast internet where everything is free, free, free...I'm sure we can work something out. We only need two things:
Some government to print 80 bajillion currency units (if it's free, we can't tax anyone to build it)
A bunch of /.ers willing to spend the next three to five years of their lives working for free (if the service is free, we can't pay the people who are building it, after all)
My apologies to the above poster is this is sounding churlish...it's too early in the morning for me to be reading yet another such wishful posting.
TANSTAAFL
Or, for that matter:
http://slashdor.org.
Support a Europe-related section on Slashdot!
obviously this is just another way to generate revenue for verisign. perhaps they are kinda hurting lately, and need to modify their business model a bit. the worst part is that they don't really seem to be thinking about the implications...
Can't any name server do this?
For example, couldn't my ISP return its web page instead of a broken link (since my nameserver is assigned to theirs via DHCP)?
Maybe this is good --- maybe we will choose our nameserver based on who does the most useful thing with mistypes. For example, I'll bet Google could do something very useful with a mistype, and figure out a way to make money without pissing me off.
Of course, if Verisign is returning bogus entries, a nameserver has an additional, but mostly trivial (probably as simple as IP address filtering), job of filtering BS Verisign links to identify mistyped urls.
Half of the search engine/Porn redirects that you get when you misspell a domain. Take Linuxgames.net for example. Linuxgames.com is the actual domain but someone has linuxgame.net going to a search engine.
Make sure you look at the timestamp of the parent, and then look at the graph at that page.
--
$tar -xvf
The company which runs the Christmas Island country-code domain (cx) has been doing this for a while now. Any unregistered domain within the cx top-level domain will resolve to 219.88.106.80, which then redirects to their site for buying the domain.
Of course, if you put, say, mail.dfjhkhkjdhfgdfgfg.cx into your email client as your POP3 server, you'll end up connecting to 219.88.106.80 on port 110, which thankfully doesn't have anything on the other end of it.
A quick survey reveals that it's also being done for .nu, .tv and .cc. Note that .tv is run by VeriSign, so they've already been trying this - I guess they observed that it worked quite well for getting people to register and have decided to try it for the international domains.
It annoys me that external companies have managed to grab hold of country codes for countries whose ISO codes happen to spell something "cool" in English and started selling them off to organisations in English-speaking countries. It's just plain wrong, damnit.
Have you watched relatively non-computer savy people use the web? Give them Google as their start page, and they'll never use their address bar again. My wife only ever uses google, and when I point out that it takes two steps to get to where she wants to go instead of one, she doesn't care, because Google always gets her to where she wants to go.
I wouldn't be surprised if in two or three browser revisions that the address bar isn't show by default, but a google search field is always available in the toolbar. It's getting close to that now, with both Safari and IE having Google Search fields available in the browser control area (IE requires that you install the Google Search Bar, but who doesn't have that?).
Donald Roeber
Generating 2048 Bits of Randomness...
Has anyone been to slahsdot.org recently??
If VeriSign actually did start doing something so ridiculous, I would modify my nameserver to substitute the known result from *.com for NXDOMAIN.
Then, as long as I'm using my nameserver or another with similar modifications, I don't even realized that VeriSign has done anything. I'm sure that if VeriSign carries through with their idea that in not too long there will be a plethora of name servers that do exactly that.
Some people are commenting on how Microsoft already does this. That is true, but you can easily opt out by not using Internet Explorer. To opt out of VeriSign's system, a custom nameserver that isn't exactly "right" is required.
Here's to hoping the world stays less insane.
Gray area?
Gamingmuseum.com: Give your 3D accelerator a rest.
Companies that advertise on pages that make a living of getting traffic from typos are in my book in the same category as spammers and seeing them on a "typo" page would lower my opinion of them if I had one and if I didn't, I would see them as a company to avoid.
Domain name squatter are the scum of the earth. Really. They're worse than spammers.
I do see the "Funny", but this kind of stuff bugs me as much as spammers. It pisses me off when someone has a porn site with a typo-domain. I think it hurts the credibility of folks online for not wanting an .xxx domain. If you have to trick folks to find your page, maybe there is a reason for folks disliking your product.
Norris/Palin 2012
Fact: We deserve leaders who can kick your ass and field dress your carcass.
The NIC for .cx has been doing this for some time already.
Example 1
Example 2
Heh.
If this becomes commonplace, I can finally see paying "Only $50 usd to leverage your site through our search engine submission program. Submit your site to...." Then just list a bunch of amusingly wrong links on the page, bingo poisoned searches. Mind you, google gets my exemption, but the new MS search engine effort...
Offensive corporate behaviour is the easiest thing in the world to stop. Don't support them. If Ford is buying ads from VeriSign on mistyped Toyota domains and you feel that it's wrong, then don't buy from Ford! People toss around the word boycott as if it's a special act, but unless it's done as an organised, concerted effort, then boycotting is just personal choice in action.
Every time we spend money (or not), we are making a choice. When we buy something, we are buying a product based on our needs, wants, perceptions, and beliefs. When you buy something from a company, you are supporting that company and their actions. When you decide against buying something from a company which you would like to have, you are making a statement that you will NOT support them, based on...whatever you're not supporting, be it sleazy advertising (spam, or the Ford example), bad corporate behaviour (Microsoft, the major RIAA members), or unethical products (Tobacco companies).
PERSONAL ACTION is an easy easy easy easy easy way to prevent most corporate excess. Unfortunately, it's also nearly impossible, because not enough people are willing to implement it. "Yeah, I've heard about the problems with the RIAA, but I want the new (x) album." Even such things as, "my old stereo is fantastic, but this year's model is NEWER (with less features, poorer specs, etc.)" defeat a big chunk of personal action.
Can you imagine what would happen to companies like VeriSign if EVERYONE actually made all of their decisions consciously, and let the companies know about it? Why, we might have corporate responsibility.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
I'm surprisied nobody else has noted that they already see behaviour like this. I certainly do. Every time I mistype a domain I get a web page from "buydomains.com". This is true even from virtuous open source software like curl, so it isn't a software thing. I'm on a Mac so it is unlikely to be spyware. I can only presume it is my ISP that has sold me out... If many ISPs are moving in this direction then it is actually quite understandable why verisign wants a piece of the action. The end-user is going to be screwed either way, so why shouldn't they use their monopoly to screw the middle men? The user isn't any more screwed by getting a versign page rather than a buydomains page.
From one of the VeriSign drones: "Like many registries, we're continually exploring ideas on how to enhance the user experience,"
No, I doubt folks would stop registering typo-domains. I would wish folks would realize how scummy they are if they require lying (or at a bare minimum misdirecting) someone just to get a hit on their page.
Norris/Palin 2012
Fact: We deserve leaders who can kick your ass and field dress your carcass.
Wait until IBM has their own squad of cute cheerleaders, I'll root for 'em then. They've got a few legal tackles going already, and SCO is fumbling the ball right now...
The browsers catch DNS erros and redirect to a search page, NOT the DNS servers. In that case all DNS queries would resolve to something. Doing it from DNS would break other software. What if a mail client was going to a bad address and instead of reporting that there is no such address it would report that there is a problem with the server? It a stupid idea. Its the job of DNS to give me an address for a valid query and give me an error for an invalid query. Nothing more, nothing less.