Slashdot Mirror

← Back to Stories (view on slashdot.org)

VeriSign Sued Over SiteFinder Service

Posted by CowboyNeal on from the to-all-good-things dept.

dmehus writes "It was only a matter of time, the pundits said, and they were right. Popular Enterprises, LLC., an Orlando, Florida based cybersquatting so-called 'search services' company, has filed a lawsuit in Orlando federal court against VeriSign, Inc. over VeriSign's controversial SiteFinder 'service.' While PopularEnterprises has had a dodgy history of buying up thousands of expired domain names and redirecting them to its Netster.com commercial "search services" site, the lawsuit is most likely a good thing, as it provides one more avenue to pursue in getting VeriSign to terminate SiteFinder. According to the lawsuit, the company contends alleges antitrust violations, unfair competition and violations of the Deceptive and Unfair Trade Practices Act. It asks the court to order VeriSign to put a halt to the service. VeriSign spokesperson Brian O'Shaughnessy said the company has not yet seen the lawsuit and that it doesn't comment on pending litigation."

6 of 403 comments (clear)

  1. Nice tactic. by NightSpots · · Score: 5, Informative

    Anti-trust was one of the very few tactics I didn't hear discussed as possible ways to stop Verisign.

    Arguing that they get for free what other companies must pay for is probably one of the easier arguments for win, since it proves itself nearly by definition.

    I applaud the jackass who pays to abuse typos. At least they've finally proven their worth.

    --

    --
    Use Vobbo for Video Blogs
    1. Re:Nice tactic. by nocomment · · Score: 5, Informative

      Don't forget the petition!!! Go sign it.

      http://www.petitiononline.com/icanndns/

      --
      /* oops I accidentally made a comment, sorry */
      /* http://allyourbasearebelongto.us */
  2. and the IEFT now has an Internet-Draft by shostiru · · Score: 5, Informative
    which I just found, draft-main-typo-wcard-02. Worth a look, as is the IETF mailing list archive. They're definitely aware of the problem. I particularly like following paragraph from the Internet-Draft:
    An error response that only works correctly in one situation would be as bad as an SMTP server that ignored its input and always produced a fixed sequence of responses: it would work in the one situation it was designed to expect, but cause chaos whenever presented with any other situation.
    sounds like the Snubby Mail Rejector, hmm?
  3. Don't badmouth Netster too bad by Tyler+Eaves · · Score: 5, Informative

    Yes, it's semi-sleazy, but they don't cybersquat.

    Timeline:

    1997 or so: I registered tylereaves.com, mainly for use in e-mail

    2000: I let the domain lapse, not really using it, and tired of paying $40 a year or so for it (Hey, registering was expensive in '97!)

    200?: Netster becomes the owner of tylereaves.com

    2003: I nicely ask for it back.
    2003: I get my domain back. They didn't even charge me the trasnfer fees.

    --
    TODO: Something witty here...
  4. Technical defense against hijacked domains by ODBOL · · Score: 5, Informative

    This is a good time to look at Bob Frankston's dotDNS proposal for a layer of reliable but meaningless domain names. dotDNS lookups can be made self-verifiable using public-key signatures, but without the costly chain of trust required by DNSSEC methods. The validity of a dotDNS binding can be verified easily by the querier, without relying at all on the server that provided the putative binding.

    dotDNS does not solve the whole problem, since any layer that translates from humanly meaningful names to dotDNS names is still vulnerable to hijacking. But the reliable and verifiable name bindings in dotDNS will make it *much* easier to switch name-resolution services when we are dissatisfied with their policies.

    dotDNS is a cheap and immediately deployable positive step toward fixing the DNS mess, requiring no approval by any central agency. It's time for a visionary sponsor to step forward and just do it.

    --
    Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
  5. Re:Most ISPs have blocked it by shostiru · · Score: 5, Informative
    We (mid-sized midwestern ISP) had our main nameservers (tinydns and djbdns) patched by 2AM the night this mess started, using the patches we found here. By a few hours later, I'd kludged the BIND source myself on a couple of other machines to return NXDOMAIN for anything in all three of the /24 netblocks in AS30060 (it worked fine, at least until the ISC patch was released). AFAIK our customers never even noticed the wildcarding.

    If you work in an ISP or other network infrastructure company, you know first-hand the degree of astonishment and rage that Verisign's move elicited; the fallout (spam filtration, security, network monitoring, etc.) goes far beyond HTTP. I don't think any of us slept much that night ... it only took a few hours to restore normal DNS behaviour, the remaining ten or so I spent in shock with my jaw scraping the floor.

    I've dealt with Verisign before (try getting decent documentation on the cybercash application library!) and knew they were greedy and stupid, but I wasn't counting on raw, unfettered eeeeeevil.