Verisign Typosquatter Explorer

jelyon quotes Seth Finkelstein's website "I have written a program " Verisign Typosquatter Explorer" in order to examine [the Verisign] suggestions [for mistyped domains]. Future data may be analyzed as interest permits. Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice."

With all the stuff flying in IT today

[grasshoppa]

it's amazing anybody is able to accomplish anything.

Anybody else feel like you just want to start over, with only good people involved, and remake the internet? None of this patent crap, none of this copyright bullshit, just pure standards that are actual standards. Uncompromised and pure. No restrictions on data, short of the physical line speeds.

Yeah yeah, I know..."when you wish, upon a star"

Re:With all the stuff flying in IT today

[keester]

Yeah, let's do it. We'll start with a biological attack on the whole planet ... wait ... who's that ... is that you, NSA? Oh shit!

Re:With all the stuff flying in IT today

[Osty]

Anybody else feel like you just want to start over, with only good people involved, and remake the internet? None of this patent crap, none of this copyright bullshit, just pure standards that are actual standards. Uncompromised and pure. No restrictions on data, short of the physical line speeds.

And you'd just have to do it all over again in 15-20 years, since that's exactly how the current net started.

Re:With all the stuff flying in IT today

[mumblestheclown]

I'd like to start over and remake the internet. With people who RESPECT copyrights, for an atmosphere where intellectual work is treated equitably, so that we can build real empires of information, education, and entertainment, rather than play lowest common denominator games of today. I'd like an internet where a small software development shop can compete against large shops and make a fair profit without today's reality that any software that becomes popular gets pirated en masse, ultimately benefitting only the established names. I'd like a world where a musician can sell their songs for a fair price on the internet without middlemen knowing that their monetay success will be a linear product of the number of fans the quality of their music attracts. I'd like an internet without the "geektelligencia" going 180 degrees the wrong way and bitching and whining about copyrights, when they should be the first one to see their value and fight vigorously to protect them.

Out-of-sync DBs?

[Lord+Grey]

The phenomena could be easily explained as out-of-sync databases. Assuming that Verisign is using multiple database systems, that is.

But does it matter? What Verisign is doing is wrong. Exactly how they're wrong is irrelevant.

It's not a bug...

[ArmedLemming]

"I don't believe it's an advertising rotation..."

It's a feature!

They need this suggestion

[doggkruse]

Everyone goto http://verisignneedstogetaclue.com

petition

Don't forget to sign the petition on Verisign's abuse of the DNS system.

Re:petition

[grub]

I would like to see just one online petition that has carried any weight. It's the height of "slacktivism".

Re:petition

[ChaosDiscord]

I would like to see just one online petition that has carried any weight. It's the height of "slacktivism".

Here you go. Apparently MoveOn.org's online petition was considered significant enough to warrant a press conference with two senators featuring boxes of printed out petitions.

HTH. HAND.

(All that said, I do agree that most online petitions are nearly worthless and don't carry anywhere near the weight of individually addressed messages. If you really care, take the time to express your position in your own words and send it as a letter (send an email in addition, if you like)).

Re:petition

[delta407]

If you really want to make sure Verisign hears you, try some of my suggestions from other posts, duplicated below.

A list of contact information is here. The Verisign main number is 1-877-438-8776, which gives you a long list of options. Depending on what you pick, you'll probably end up talking to a Network Solutions guy. Tell him you're distressed about the SiteFinder service, ask about what your options are, and ask if there's anyone else to talk to. They probably won't be much help, but write down everything they tell you, get their employee ID, and keep track of date/time for calls as well as time on hold (might be helpful).

After some lengthy conversation, I found out that I should be talking to the Verisign Global Registry, but that they can't give me a phone number, because (supposedly) NSI doesn't even have a phone number. However, I did get an e-mail address -- sitefinder@verisign-grs.com, which is routed to someone's inbox (as in, a person, not a support center), which currently yields an "Out-of-office reply" that gives out a cell phone number (!). I don't think I'm going to call it, but at least I have more contact information on file now and an e-mail that will get read.

Additionally, you might want to try calling the office of Russel Lewis, who's the VP of the Verisign directory services. He's at the Virginia office (1-703-742-0400), but I got disconnected instead of transferred and haven't called a second time (yet). If you try this number, you'll probably get a secretary, to whom you should explain that the standard procedures for communicating with Verisign have failed, that you are "very disappointed" and that you "want to make things right". (It works better if you're actually a Verisign customer.) If you're nice about it -- knowing that the secretary probably doesn't know anything about it and can't do anything anyway -- you can probably get routed to someone in the directory services division, where you can register further complaints.

[...]

I have been unable to raise the Chicago local office by phone, and when I went to visit, the visitor center couldn't even get a hold of them. Weird.

I called their headquarters in CA a few times now. I was hung up on, randomly transferred to someone's voice mail (I'm not sure who), and finally talked to a particularly helpful representative who passed my queries to his manager. They said that SiteFinder was run by NSI, to which I responded that NSI said that SiteFinder was run by Verisign, to which I added that Verisign (as a global registry) is the only organization with the power to do something like that. He went to talk to his manager, told me that they were promised more information on SiteFinder by the end of today (9/17), and promised me a call-back in 24 hours.

Updates to follow.

In case it gets slashdotted...

[skank]

Verisign Typosquatter Explorer
by Seth Finkelstein
Introduction

On Monday September 15 2003, a change to .com/.net behavior was announced. In sum, every mistyped domain name, one that had not been registered, would be redirected to a new site controlled by the company which runs a major part of the domain name system, Verisign.

When a URL has a misspelled domain name, Verisign's changes have the effect of redirecting every single HTTP page request (technically, HTTP response code 302). There is a redirection header and page which displays:

The document has moved here.

So, for example, the URL

http://verisign-is-to.net/more/evil/than/satan/h im self.html

Gets redirected to:

http://sitefinder.verisign.com/lpc?url=verisign- is -to.net/more/evil/than/satan/himself.html&host=ver isign-is-to.net

This site suggests corrections to the typo. I have written a program " Verisign Typosquatter Explorer" in order to examine these suggestions. Future data may be analyzed as interest permits.

Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice.
Support

This project was not supported by anyone. If anyone is providing financial support for such projects, the author would dearly like to know.

Version 1.2 September 17 2003

See also: Domain Investigations
Mail comments to: Seth Finkelstein

For future information: subscribe to Seth Finkelstein's Infothought list or read the Infothought blog

See more of Seth Finkelstein 's Anticensorware Investigations

Mail addresses

[Ratface]

I mailed this little lot earlier today:

authenticode-support@verisign.com, billing@verisign.com, channel-partners@verisign.com, clientpki@verisign.com, consultingsolutions@verisign.com, dbms-support@verisign.com, dcpolicy@verisign.com, digitalbranding@verisign.com, dnssales@verisign.com, enterprise-pkisupport@verisign.com, enterprise-sslsupport@verisign.com, info@verisign-grs.com, internetsales@verisign.com, IR@verisign.com, jobs@verisign.com, mss@verisign.com, objectsigning-support@verisign.com, paymentsales@verisign.com, practices@verisign.com, premiersupport@networksolutions.com, press@verisign.com, privacy@networksolutions.com, renewal@verisign.com, support@verisign.com, verisales@verisign.com, vps-support@verisign.com, vts-csrgroup@verisign.com, vts-mktginfo@verisign.com, webhelp@verisign.com, websitesales@verisign.com, websitesupport@verisign.com

And I got a bunch of replies back, including *gasp* two written by actual human beings!

Remember folks, if you're going to write and complain, try and keep it civil. The porr bugger who hsa to read your complaint isn't the same person who actually took the decision to introduce sitefinder!

Weird..

[grub]

If I make a type for "slashdot" such as salhsdtot.com it suggests goatse.cx as a top candidate. That's some pretty smart AI VeriSign has.

Mirror

[imadcow1]

Here is a mirror of the site in case it goes down: http://www.madcowworld.com/sethf.com/domains/veris quat/

where's the problem?

[erikdotla]

Hey, I'm outraged and mad too, like all of you.. but, I'm not seeing this. Maybe my ISPs have taken a stand with their DNS, but both my work and home ISPs? Unlikely. Why aren't I seeing this?

Re:Congratulations

[Seth+Finklestein]

I'll be back, motherfuckers.

I bet Michael Sims was DDOSing me.

Squating?

[toupsie]

How is this any different from me buying mispelled domains to profit off other company's trademarks? I know the Federal Government just tossed a guy in jail for doing the same thing. There is something that stinks to high heaven about this. It looks like they are abusing their right to manage the USA TLDs along with violating RFCs.

Re:Squating?

[slithytove]

The only difference I can think of is that Verisign didn't even have to buy the mispelled domains, which just makes it even more infuriating.
This is unquestionably an abuse of their "right" to manage the US TLDs and they should be stripped of it.
Personally I don't see why we couldnt have a distributed DNS system which would work something like freenet. The trademark office could push entries into the system, signed with their private key, and various other governmental, commercial and non-profit/private entities could push whatever entries they wanted onto the stack too.
It would be up to ISPs and individuals to pick which groups' entries to use and in what order.
Most people (and presumably all isps) would probably place the trademark offices' lists at the top so they could find the products and companies they seek (incidentally eliminating the problems associated with others registering your trademark as a domain).
A second tier of trustworthy companies would sell domain names (with market forces setting the cost based on how many isp's subscribe to their entries and how high up the search list most isp's place them)
Finally, I could make my own top-level domains by placing my own list near the top of every computers resolve.conf equivalent which I use.
No government-granted monopolies involved except the already existing trademark system and no need for an ultra-high-availability network at the top level.
If any of this strikes you as unfeasible you probably need to read more about freenet (or conceivably I do- let me know).

20 lines of perl code makes a Slashdot story?

[Xerithane]

What is news worthy about this? This doesn't provide any statistics by itself. There is no wrapper scripts to actually match anything. All this does is parse the response page to display suggested hits. It's not even written that well.

It prints the suggested URLs out and then what? This isn't an explorer, it's a shitty data dump.

Besides, I thought Michael hated Seth. How did this story get posted?

On-line petitions don't work

[Eric+Ass+Raymond]

Indeed.

Petitions are pathetic per se, but e-mail/web petitions carry absolutely no weight at all.

I've worked for professional politicians. The web/e-mail opinion is irrelevant. If you want to be counted (not heard, mind you) send a letter or a fax.

Monetary damages

[jesterzog]

What sort of monetary damages is this action by Verisign incurring for people and businesses everywhere?

Verisign's action was most probably intended for web traffic, where it's at least an annoyance. But since the DNS is an independent system from the web that's used by all sorts of services, it's undoubtedly breaking all sorts of non-web things out there that rely on knowing accurately if a domain name exists... not to mention all of the additional maintenance time. Email and spam filters are the two that seem to've been brought up a lot.

So far I've seen a lot of people getting mad and I am too, but I haven't seen anyone actually state how much they're losing due to the sudden change and breaking of standards by Verisign. Is anyone confident to put an amount on this?

Can we sue?

[xchino]

Seriously, would it be possible for ISP's to file a class action suit? I have spent ALL day (so far) dealing with the repurcussions of this blatant misuse of authority. I know others out there are dealing with the same. I also had two customers get .ws websites rather than AVAILABLE .com sites because they use the method of putting the name in the browser and seeing if a site comes up. They figured verisign was squatting on the domain, and thought they would have to pay verisign for the use of the domain.

On a side note...

Our mail servers are filling up with spam, and with the recent loss of SPEWS, our spam filtering system is basically useless.. save for the few other blacklist sites still out there. Spammers must be rejoicing today.

Fuck you VeriSign, Fuck you very much.

Terms of Service

[Tom7]

Well, this is finally working for me now!

Man, did you check out their "terms of service"? That shit is hilarious!

" 14. By using the service(s) provided by VeriSign under these Terms of Use, you acknowledge that you have read and agree to be bound by all terms and conditions here in and documents incorporated by reference."

HOW THE FUCK AM I SUPPOSED TO READ AND AGREE TO BE BOUND TO TERMS, when I arrived at the site by mis-typing a domain name????

From the privacy policy:

"Under no circumstances do we collect any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, or sex life."

No? What about when I go to any political site, sex site, health site, religious site, etc, and don't type the domain name correctly?

http://www.sitefinderreallyreallysucks.com/

99.99999999% of all domains now run Linux

Because sitefinder-idn.verisign.com runs Linux, and now 99.99999999% of all domains now point to it, almost 100% of the Internet is now running Linux!

To repeat the obvious...

...and preach to the choir.

Verisign was contracted to run DNS servers for the .com and .net top-level domains; both of which are in practice "flat" address spaces, with no formalised lower-level hierarchy. If an organisation registers the domain "foo.com", implements nameservers for this domain, and then these nameservers ignore accepted practice and the way the majority of Internet applications expect the nameservice to work - then the organisation shoots only itself in the foot.

Verisign is in effect treating the entire top-level .com and .net domains as its corporate property.

If Verisign were genuinely ignorant of the effects of their move, then the company is not competent to operate TLD DNS services. If Verisgn were aware of the potential problems their decision could cause and went ahead regardless for commercial reasons then the company is not fit to operate TLD DNS services.

If ICANN cannot react to this nonsense in less than a working week, ICANN itself is not fit to direct the Internet naming service.

Apart from massed armies of geeks with pitchforks and flaming torches converging on Verisign and ICANN locations, does anyone have any constructive suggestions on how to get the parasites out of the loop?

For UK visitors

[slayer99]

Please help with keeping pressure on Verisign - instructions here.

Wrote email to VeriSign

[SuperDry]

I wrote an email today to NetSol/VeriSign to voice my displeasure. As I have 5 or so domains up for renewal in October, along with various web and email hosting features that go along with them that are currently with NetSol. I told them that I would be moving everything to another registrar should they not have rescinded their change by my renewal date.

I know that my $300 a year may not be the end of the world to them, but I thought it important that they know that some people will make buying decisions based on this. And the types of people that handle DNS registration issues are just the types of people to be ticked off by this.

They sent me a form letter response, that addressed both this new unregistered DNS feature as well as the "register in advance for about-to-expire domains" feature that I didn't mention at all in my email. Their response to that issue was also defensive, so I take it that they're getting an earful on that one as well.

ICANN, IAB, IETF official response

[MobyDisk]

Official response is here

Essentially, they state that this change violates the RFC for DNS for several reasons. They are creating an IETF working group to recommended practices for implementing DNS, above and beyond what the RFC requires. Unfortunately, there is no mention of any action, or even censure.

Re:ICANN, IAB, IETF official response

[zjbs14]

Check that date. It's ancient history and was a recommendation that Verisign not do what they just did.

We'll just have to wait and see if ICANN comes back and slaps them down

Patched Nameserver Database Available

[fo0bar]

Somewhat off-topic, but relevant to the whole Verisign DNS idiocy... I have thrown up a database of patched nameservers here (don't worry about arouse.net, it's not a porn site), which currently allows you to check to see if a nameserver has been patched to block return of 'A' results for non-existent domains, and allows you to add to the database if it is a patched server.

The message matters as much as the medium

[gidds]

Of course, it depends on where you are. I'm in the UK, and when I faxed my MP last year (from the FaxYourMP web site), about the proposed amendment to the RIP bill, he responded with a letter (on 'House of Commons' headed paper) almost immediately, and another a month later when the amendment was withdrawn. (I don't like the man personally, and I don't agree with some of his politics, but as a constituency MP he does a good job.)

And it depends on the content as well as the medium. My fax was original, business-like, and carefully-argued, though partly based on stuff available online. I suspect that originality, literacy, clarity, conciseness, and focus all count well, just as obvious copying, rambling, pointless emotion, length, and lack of focus will make a communication less likely to be read or acted upon. You need to state carefully but briefly the problem, the cause, what you're asking your representative to do, and why; if you do that politely, it'd be an inconsiderate person who didn't at least reply, whatever the medium.

I suspect that the reason online petitions often don't seem to count is less that they're online, and more that they're petitions; without a direct, personal request for action, any communication will have less weight.