Slashdot Mirror
VeriSign Sued Over SiteFinder Service
dmehus writes "It was only a matter of time, the pundits said, and they were right. Popular Enterprises, LLC., an Orlando, Florida based cybersquatting so-called 'search services' company, has filed a lawsuit in Orlando federal court against VeriSign, Inc. over VeriSign's controversial SiteFinder 'service.' While PopularEnterprises has had a dodgy history of buying up thousands of expired domain names and redirecting them to its Netster.com commercial "search services" site, the lawsuit is most likely a good thing, as it provides one more avenue to pursue in getting VeriSign to terminate SiteFinder. According to the lawsuit, the company contends alleges antitrust violations, unfair competition and violations of the Deceptive and Unfair Trade Practices Act. It asks the court to order VeriSign to put a halt to the service. VeriSign spokesperson Brian O'Shaughnessy said the company has not yet seen the lawsuit and that it doesn't comment on pending litigation."
VeriSign be a bunch of land-lubbin' butt pirates, mateys!
Anti-trust was one of the very few tactics I didn't hear discussed as possible ways to stop Verisign.
Arguing that they get for free what other companies must pay for is probably one of the easier arguments for win, since it proves itself nearly by definition.
I applaud the jackass who pays to abuse typos. At least they've finally proven their worth.
--
Use Vobbo for Video Blogs
Because sometimes that "land" has been previously owned, and the rights to it expired (not always intentionally).
There's nothing wrong about cybersquatting, but it's Just Not Right(TM).
Well, the term has gotten expanded to mean pretty much "owning a domain you don't use." But originally it referred to people who would, say, buy the rights to a celebrity's name .com, and then extort them into paying lots of money to get the rights to it.
This ended once the first trademark-infringement case went to court.
However, the general term stuck around and is now (IMHO) generally way over-used.
Bush: He's Liberal in all the wrong ways.
Cybersquatting, though one of the great minor evils of the web, is damned hard to stop. I can't think of any way to regulate/legislate it without messing up the domain registration and transfer process for everyone else - though it would be nice to be able to buy domains BACK from these companies - I would imagine quie a few choice domains are in their hands. Nice to see a lawsuit taking on Verisign over this - even if it is a cybersquatter. I wonder if there's an intelligent way to reserve domain names for individuals and organizations which already have use for the name - maybe a form of 'prior branding' only better implemented...
OK guys, who had 3-5 days??
I guess people will figure that the end justifies the means, but the argument still seems a little distasteful.
The bold print giveth, and the fine print taketh away
*Confirmed*: Adelphia has blocked VeriSign's new "service."
Please reply to this and list names of fellow anti-VeriSign ISPs if your ISP has blocked this new "feature" as well.
Thanks! I will enjoy analyzing this data.
Reply or e-mail; don't vaguely moderate. Ex-O'Reilly/MIT employee, now a full-time Google employee.
At the rate things are going, in a couple weeks, no one will be able to get to their search engine site at all, whether they want to or not.
Someone probably deserves recompensation for the hassle, but it's looking like the Internet has proven resilient to even this "high level" attack.
Bush: He's Liberal in all the wrong ways.
http://www.";alert("fuckverisign");".com
- buying up random names, and hoping someone would buy it from you (aka. domain speculation)
- buying up specific company names, and charging them obnoxious amounts if they want it (which would end up in court, etc)
In this case, Verisign didn't pay for anything-- they're claiming everything that hasn't been bought. Not only that, but if someone had a domain, but didn't have a host in the domain, they're claiming that as theirs, too.[Not that I'm surprised...the first sign that things like this were going to happen was when IE started replacing webserver error messages with their own if they decided your error message wasn't big enough, and replacing 'server not found' with links to their search engine]
So well, your 40 acres comparison falls through as it's more the equivalent of someone saying 'all this is mine until someone else buys it' and then, after you buy your plot, they still claim the area that you haven't built on yet, even though you have the deed to it.
Build it, and they will come^Hplain.
My browsers - Firebird and IE both keep history for a few days. It used to be that when i accidentally typed something in and the domain could not be found that it wouldn't be in my history since it wouldn't resolve. Now - thanks to URL resolving my history is gradually starting to fill full of crap. So when im in a hurry and select something out of my history i sometimes end up getting a sitefinder page instead of what I was looking for. ARRRGH.
Verisign Sucks. They always have and always will.
-
aphex
I Steal Music!
How is it different from the pioneers getting 40 acres and a mule?
First, a history lesson. '40 Acres and a Mule' wasn't a pioneer issue. What it is true that during the western rushes, various federal lands were put up for auction or claim by pioneers. The lands were not, however, specified to be 40 acres, but varied in size based on the territory and the specific land grant. For that matter, according to one of my HS Social Studies teachers (a dozen years ago), there were still federal lands for claim in parts of Alaska. That teacher was known to embellish the truth, so I won't put any varacity statement with that.
'40 acres and a mule' were reparations for slaves in the south. They were instituted by a Northern (Union) general, during the aftermath of the civil war, and were later reveresed by an presidential executive order.
So, in short, your parellel falls a little short. If the ICANN were to pass a ruling granting johnny-come-latelies names from vast corporate pools, that would be comprable.
So, what's wrong with cybersquatting: Well, with the federal land grants, if you occupied and developed the federal lands for a specified period of time, they became yours. You could sell or otherwise use them as you wished. Here, cybersqquatters either are taking a developed item (debatably property) and using its good will and value for an interest contrary to the orginal owners. Which would be a violation of the land grants, so thats one point where your analogy fails.
The other type of cybersquatter (who speculates on names or misspellings) is also abusing the good will of the originator, but may be a valid comparison. It is, however, annoying, to get redirected away from what you wanted because of a typo, and from the other side, a squatter who is taking an otherwise useful resource and making it near-useless is neither providing a valid service or generating good will.
At what cost? Routers are working harder, code has been introduced into core servers that has no technical reason to exist, and an IP address, or possibly a sizeable range of IP addresses are now blacklisted worldwide. Those IPs won't be usable for anything anymore, or at least until we see widespread adoption of IPv6. *cough*
What the Internet doesn't need is to become even less of an end-to-end transport, less reliable. And we did it to ourselves.
Feh.
This is a classic example of hypocrisy, but maybe this'll pay off.
This sig no verb.
Note the various inaccuracies in the article. First, SiteFinder (despite its name) doesn't "search" for domain or anything; it is simply a wildcard that catches all lookups right on the COM and NET root servers. This is exceedingly simple to setup; there's no 'technology' involved.
Also, users of course do not get a 404 when a domain doesn't exist. The domain freakin' doesn't exist, so the DNS lookup itself fails (should get NXDOMAIN) and the browser reports an error in domain resolution.
But this is nice; I want to see all these leeches in the cybersquatting and "World Wide Web" enhancement business pitted against each other.
Yes, it's semi-sleazy, but they don't cybersquat.
Timeline:
1997 or so: I registered tylereaves.com, mainly for use in e-mail
2000: I let the domain lapse, not really using it, and tired of paying $40 a year or so for it (Hey, registering was expensive in '97!)
200?: Netster becomes the owner of tylereaves.com
2003: I nicely ask for it back.
2003: I get my domain back. They didn't even charge me the trasnfer fees.
TODO: Something witty here...
I sent an email to various VeriSign addresses about their abuse. Somehow one of them got routed to a Network Solutions drone.
The drone informed me in a form letter that VeriSign's practices were "well within the guidelines" established by the document Domain Name System Wildcards in Top-Level Domain Zones.
After deconstructing this, we are left with: VeriSign is within the guidelines of the document VeriSign wrote on the matter.
Uhm...
This is a good time to look at Bob Frankston's dotDNS proposal for a layer of reliable but meaningless domain names. dotDNS lookups can be made self-verifiable using public-key signatures, but without the costly chain of trust required by DNSSEC methods. The validity of a dotDNS binding can be verified easily by the querier, without relying at all on the server that provided the putative binding.
dotDNS does not solve the whole problem, since any layer that translates from humanly meaningful names to dotDNS names is still vulnerable to hijacking. But the reliable and verifiable name bindings in dotDNS will make it *much* easier to switch name-resolution services when we are dissatisfied with their policies.
dotDNS is a cheap and immediately deployable positive step toward fixing the DNS mess, requiring no approval by any central agency. It's time for a visionary sponsor to step forward and just do it.
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
Their new ad campaign with naked women went too far in my opinion. They were basically asking to be sued. Didn't they think about the children?
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
But why? There's no real market in domain names any more. Verisign tried to make one. GreatDomains used to have thousands of listings, and you'd see things like "Asked: $25,000. Bid: $20." Now Verisign only has "premium domains" on GreatDomains, ones like "record.com". There are only 66 domains for sale, and few sales.
wherein, "intercept" means the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device;
The ECPA also provides that "In a civil action under this section, appropriate relief includes--(1) such preliminary and other equitable or declaratory relief as may be appropriate;(2) damages under subsection (c); and (3) a reasonable attorney's fee and other litigation costs reasonably incurred.
Damages.--The court may assess as damages in a civil action under this section the sum of the actual damages suffered by the plaintiff and any profits made by the violator as a result of the violation, but in no case shall a person entitled to recover receive less than the sum of $1,000.
Seems like a good case can be that emails to mistyped addresses are being intercepted by Verisign. Certainly, the emails where not intended to be sent to Verisign, and they appear to be collecting some information from the email (the from address).
The enemy of your enemy is not necessarily your friend. Domain and typosquatters are the near bottom of the barrel, just a rung above spammers. Just because they are attacking another bottom-feeder does not make them heros.
--------
The fake Gzip Christ isn't not user number ~0xA6CA7
In this article on on CNET O'Shaughnessy said "the service has been embraced by end users. "We've seen nothing but very positive results from the Internet community," he said. "Usage is extraordinary. Both individual users and enterprises are giving very positive feedback."
So they are attributing a slashdotting, and a lot of media interest to people being positive about the service. I haven't seen one article, comment or anything that was even remotely positive. What are these guys on?
He also claims they are fully compliant with every RFC. I don't see how this is possible, unless they have found some loophole.
But at the same time, if you take a step back, the rapid mobillization of the response to this is VERY impressive, and the rate at which the Internet is reconfiguring itself to get rid of the trouble is quite amazing.
Remember, three days ago, people were moaning about how this would be a disaster, DNS would be broken, spam filters would be rendered impotent, etc etc.
I'm just saying that, objectively, if you look at this sort of like a body repelling a bacterial attack, the rate at which it's been countered is quite amazing, and shows how well the Internet is fundamentally put together.
Bush: He's Liberal in all the wrong ways.
If putting in
www.icarusindi.com
would list
www.icarusindie.com
as a suggested site. But it doesn't. It lists a number of domains that are off quite a few letters more than 1.
If it were at least making an intelligent attempt at getting the user where they wanted to go it could be argued that it is at least useful. Microsoft's search that comes up when you get a DNS error on some domain names is excellent about getting you where you actually wanted to go.
Verisign either gives a half assed attempt at correcting the user or deliberatly ignores domains that aren't registered through them. Despite the fact they get money regardless of who you register through.
Now we just need a credible plaintiff. Preferably a class action suit to maximize damages.
Ben
Work Safe Porn
Homesteading required that the homesteader develop and improve the property in order to receive title. You had to actually live on the land, and farm it, and build a house with a door and window, and after you had proved the land, you would receive title.
Cybersquatters do no such thing. There's a difference between registering coffee.com to build a coffee site and registering www.coffee.com to resell it later. Cybersquatters are more akin to ticket scalpers than to homesteaders.
Where have you been? Have you noticed the fact that it's important to be able to tell when a site doesn't exist? That this crap means typos can cripple most e-mail servers? That it invalidates a good section of the RFCs the Internet itself was based on???
Wake up. If you want to find a site, you use Google. If you want to go to a non-existant one, you should damn well be told there's nothing there.
So if we're really lucky, just as the guilty verdict is being read, with the upper level management of both companies present...that asteroid that everyone said was going to destroy civilization twelve years from now, will crash in down on the courthouse, ionizing not only the leadership of both companies, but several ragged hordes of killer attack lawyers as well.
Then when the press questions the astronomers on how their orbital calculations could have been so wrong, the astronomers (being the clever guys they are) will say, "but are calculations were right!" and then erupt in maniacal laughter.
I for one welcome our new...[looks up at the sky]...never mind, I didn't start to say anything. Nope, nothing at all.
Awh come on now, we can do better than that! Use the built-in distro-standard apache benchmark tool! ab -n1000 -c100 sitefinder.verisign.com/ That will send out 100 requests at once, 10 times. Might want to increase that number.... Anyway, its a good way to test your bandwidth...
First off, the idea that Verisign can appropriate unregistered domains represents a huge conflict of interest with its management of the TLDs. Nobody should be able to reassign IPs for non-registered domains. This undermines the whole system, which has facilities to address this situation.
The fact that ICANN didn't block this move is further evidence than this organization is totally useless and political.
Along the same vein, I disagree with MS's misleading implementation of the IP-not-found error page to redirect users to their proprietary search engine.
The Internet community should rally against any entity that seeks to appropriate undefined address space for their own gain.
If Verisign is allowed to do this, what we're likely to see is each major ISP and browser manufacturer follow suit and hijack undefined space to promote their own systems.
Imagine if you dialed a wrong number on the telephone and you got an advertisement for the phone company. What if local broadcasters bombarded all the unused frequency spectrum with their own promotions.
This has less to do with Verisign than it does to protect the sanctity of null space.
It makes me wonder if someone has a patent on silence yet?
The Internet Software Consortium (ICS), which makes the Berkeley Internet Name Domain (BIND) software (runs most domain name servers) has already released a patch to block "site finder":h tml
http://www.isc.org/products/BIND/delegation-only.
I just still can't believe Verisign thought they could get away with this.
They get it for free, but they also lose it any time someone wants to take it away, for any specific domain. I personally don't like it, but I don't know if this particular avenue of attack will succeed.
Companies to boycott:
SCO (need you ask?)
Verisign (screwed by em long before this)
SBC (for not blocking Verisign)
Microsoft (ya just gotta)
RIAA (You don't sue your customers. Solve the problem!)
Sun (for the abomination called Java)
Gray Davis (because he DOES suck)
Cruz Bustamante (Don't give him a CHANCE to suck)
Note to self:
Get more RAM for Notes to self
More info can be found here:
http://www.popluarenterpirses.com/
http://sitefinder.verisign.com/lpc?url=www.microso ft.com&host=www.microsoft.com
"We didn't find www.microsoft.com"
"There is no web site at this address."
Only in a perfect world...
Has anyone else noticed this? It returns a sitefinder page immediately for blahblahsucks.com, but nada for verisignsucks.com.
[Full-Disclosure Mail Link]
Verisign has hired Omniture to collect info on what people misspell. While the website may seem clean and useful, it may not be, depending on what your take on privacy is.
-- I'd say your post was about 3 monkeys, 18 minutes.
I notice at the bottom of the sitefinder service page it has a "terms of service" link. I hereby declare that I do not agree to those terms of service. Now what? Do I stop getting redirected to that page?
President ISES
(International Society for Elimination of Sigs)
Let me put it this way ... let's say the state hires you to be the caretaker of a museum (originally paid for by taxpayers!) and tells you that you can make money on the side from the gift shop. Instead, you decide to knock down a bunch of walls and turn the majority of the building into a bar for your private profit. Don't you think people might become a bit pissed off?
Full details of the lawsuit are available in this press release:p ?epi-content=GENERIC&newsId=20030918005730&newsLan g=en&beanID=478837757&viewID=news_view
home.businesswire.com/portal/site/google/index.js
Copy of lawsuit:
search.netster.com/about/lawsuit.asp
Sorry, I forgot to include these links in my submission. Post away!
Cheers,
Doug
Doug Mehus http://doug.mehus.info/
I truly thank VeriSign's lovely spam service.
.com domain or .net domain is returning an SOA record and none of these messages are being blocked.
Someone a few months ago mentioned to me that Sendmail has a feature where, upon receiving mail, it will check the domain of the sender. If the domain does not exist, it has a forged From: header and is obviously spam.
Thanks to Verisign's efforts to piss me off, every DNS query on a nonexistant
Since this "service" has been implemented, I've gone from 7-8 spams a day to 30-35.
Thanks a lot, assholes.
It has nothing to do with HTTP responses. This is DNS we're talking about, which operates on an entirely different level of importance, because it affects so much more than just the web.
Never thought it'd happen, but I'm rooting for the squatter... if there's a group worse than spammers and domain squatters, it's Verisign. Just on a whim, I typed in a non-existent domain name, and sure enough, found myself on their page. Take a look at the "Terms of Use". Sections 2 and 14 are really telling:
2. You may have accessed the VeriSign Service(s) by initiating a query to our DNS resolution service for a nonexistent domain name.
14. By using the service(s) provided by VeriSign under these Terms of Use, you acknowledge that you have read and agree to be bound by all terms and conditions here in and documents incorporated by reference.
I'm not sure how the came up with the fact that I, the end user, made a query to their DNS server. In fact, I did not. My ISP may be using their services, but I personally have no legal relationship with Verisign whatsoever. My ISP may be using their services, but that in no way establishes a relationship between myself and Verisign. IMO, unless you're querying Verisign directly, their terms of use cannot possibly apply -- which means that they apply to almost noone. I would challenge them to show any log that shows my IP address accessing their service. If they can't, then I did not in fact access their service.
And what's worse is the implication that I can bound by "Terms of Use" that I have never seen, based on the assumption that I made the query, when in fact the query mas made to a DNS server at my ISP (and again, I don't really care how my ISP handles that request as long as it sends me the requested info.
Verisign, in essence, has registered every domain and is providing DNS services for those domains. They should be forced to pay the standard registration fee to ICANN for every domain which was served during this outrage.
;-)
If I were to make it so that every unique domain on the internet went to my server, I would have to pay a Google's worth of cash (well, maybe some pun intended. But, long live Google! The best search engine and popup blocked!).
Anybody up for making a wget script to fetch a bad host with a 32 bit integer on the end until the end of time? I'm a Software Architect but feel like playing script kiddie for a day.
Actually I think the BIND solution, to mark certain zones as "delegation only" is very elegant, and should have been implemented sooner or later anyways. Even without the current abuse it makes sense, and it hardly adds any complexity to the code.
From the article:
Typically, Internet users are shown a generic "404 -- cannot be found" page when a Web address does not exist.
Sooooo, if the web server can't be found, who's sending the HTTP 404 response (which incidentally means that a file on a server doesn't exist...)?
Why didn't this info leak before VS turned on the switch? That's the most surprising thing about the whole deal to me.
The backlash against VS should have started BEFORE they went through with this decision -- and that backlash should have been OVERWHELMING, as in, every sysadmin with DNS should have been complaining, ISP's should have been filing motions for restraining orders, and ICANN should have been ready to pull the gTLD contract once and for all.
-fb Everything not expressly forbidden is now mandatory.
The only thing I can say here is that Verisign seems to be in competiton with SCO for numerous titles:
- most hated company on the internet
- most stupid business moves
- most obvious 'shoot self in foot' maneuvre
I expect that slashdot would implode if SCO sued Verisign for this maneuvre. Do you cheer because one of them will lose? Or groan because one will win?
Alexa Page Ranking, another insidious tool, lists Verisign Pagefinder as the number one Website in new Hits, up 1360 % on the week
http://www.alexa.com/site/ds/movers_shakers
At what cost? Routers are working harder, code has been introduced into core servers that has no technical reason to exist, and an IP address, or possibly a sizeable range of IP addresses are now blacklisted worldwide.
Well, not really. Just that no A records can reliably point into those blocks now, since the "quick fix" that tons of people used just blocked a few subnets owned by verisign. Of course, verisign has bunches of subnets where they can point this thing, and that quick fix is going to expire pretty quickly. The not-so-quick fix for BIND (the one that only respects NS records from the root servers) is also easily evaded by VeriSign.
What network operators need to do is track down every last IP block that verisign owns and start broadcasting NULL routes for those blocks. Forget about spotty reception of a handful of IPs, Verisign would effectively be off the Internet. We'd lose root servers 'a' and 'j', but we'd gain an Internet without verisign, and I don't think anyone would argue that that was a bad thing. Explain to companies like this "If you pull rank on us, we take our toys (and your entire revenue stream) and go home."
When Verisign was given the authority to manage DNS for these TLDs, they were given this responsibility with the public trust.. The public trusted them NOT to do things exactly like this. You should do DNS, and that's it - nothing more, nothing less. In return, Verisign was given a source of income. I think that if Verisign continues in this way, it may be time to take back this thing entrusted to them. This has become yet another disaster in "privatization", and we should maybe consider moving this service back to the "public" sector (as much as it can be...).
One comment I've seen noted about the whole SiteFinder thing is that Verisign now resolves domains which are not available for registration, so it's possible they're profiting from something that they're not allowing others to purchase.
... you can't buy single character gTLDs)
(Try www.a.com, www.b.com, etc
Don't like it, don't agree with it, but acknowledge their right to use the service they faught for and won. If you can't take it, fight the fight to give them (better) competition, instead of filing some frivolous lawsuit.
Yes, thank you Ayn Rand. And how do you give them competition? Ask them to relinquish control of their root servers and institute yours in their place? Or maybe start a whole new internet? Yeah, that's going to work.
Let's face it. Verisign broke the rules (ie: RFCs) which were designed to govern how the internet infrastructure works. Rules which they implicitly agreed to in attaining their position of power.
However, perhaps you're right. They 'fought' for their position, so anything is within their rights. Why, if they suddenly decided to randomly redirect people's existing websites to a Verisign information page, I guess that's ok. After all, one can always fight to give them better competition by creating one's own separate internet.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
Setting: Deep in the innards of Verisign's server rooms.. Characters: Mr. Barnacle: VP, Marketing, Verisign Mr. Patsy: some Admin for Versign Mr. Barnacle: "Yeah, so I was reading DNS For Dummies last night, and it said you can put this thingy called a wildcard in records.." Mr. Patsy: "Um, yeah, so?" Mr. Barnacle: "Couldn't we use this to redirect people to some other site?" Mr. Patsy: "Er, maybe...." Mr. Barnacle: "WOW.. Let's do that!" Mr. Patsy: "Ummm... I don't know..." Mr. Barnacle: "Do it!" Mr. Patsy: "Oh jeeez.. alright..."
Not quite. Owning a domain is a separate issue from DNS. Owning a domain means you have an entry in a domain registry. It does not mean you have a DNS entry. Owning a domain means you have paid your money and signed up and that you have the right to have your domain added to the DNS.
A lame delegation is something different. A lame delegation is when there are NS records that exist in the DNS, but they point to the address of a server that can't answer the queries for that domain. In contrast, if you have a domain that isn't in DNS, there is no NS record at all.
You are missing the whole reason everyone is so upset. Verisign DOESN'T HAVE the rights. They DO NOT OWN the .com or .net
domains. They have entered an agreement
with ICANN where they are the designated
people who ADMINISTER the domains.
They are being financially compensated to
provide a service related to .com and .net;
this does not mean they own them!!
Think about this distinction. If you'd like an analogy, think of mutual funds. Mutual funds are owned by shareholders; however, they pay a fund administrator to manage them. The administrator has the power to make all kinds of changes, but this does NOT mean he owns the mutual fund! If the administrator decided he was going to manipulate the direction of the mutual fund to maximize his own personal income instead of the fund's income, he'd be taken down faster than you can say "Martha Stewart".
The .uk the TLDs are run by Nominet, a not-for-profit organisation that allows anyone to register as a registrar. They manage the .uk namespace but have no commerical interest in it. Given that VeriSign have now demonstrated that they can't be trusted not to take advantage of their position for commerical gain a similar organisation to Nominet should be setup to manage the .com and ..net domains.
You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
2. NATURE OF THE VERISIGN SERVICES.
You may have accessed the VeriSign Service(s) by initiating a query to our DNS resolution service for a nonexistent domain name. We are unable to resolve such queries through the DNS resolution service.
They are, and they do. They resolve such queries to 64.94.110.11.
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
I have simply sent them an email and more importantly a 'letter' that informs Verisign that I do not accept their terms of service and that I am seeking their advice on how to stop making use of their software, considering I do not meet their terms of service.
I have informed them that if they cannot stop providing me with this service, (for which I do not accept their terms, and by which I cannot be bound) then they will have to contact me to negotiate a new set of terms to which I do agree.
I would imagine that if every user that is upset by this new 'service' was to do the same then Verisign would have to do 'something' about it.
Official Verisign Response
Free Instant Site Inclusion
I didnt see anything in the articals about this. But what if someone goes to something.mydomain.org, Will this take them to a VeriSign website, or will they recive one of my error messages? I own the domain name, it's in use, so what happens with subdomain names?
TruePunk | Games
They started to block the site somewhen on tuesday I think. Reports vary, some say that only port 80 on that one IP is blocked, others say the whole site is unreachable.
If a train station is a place where a train stops, what's a workstation?
Hi
Whenever somebody miispells my internet address, they end up going to sitefnder.veirsign.com!
This is extremely difficult on my disabled users who frequently mispell my sight name, and rely on their browsers error message to know what happened.
They also don't appreciate that the closest match for the common mispellings are an adult site!, but that is besides the point.
As my main web site makers, what can you do? I'd hate having to go with another web design ferm, I trust that you can fix this... was it an upgrade to Windows 2003 that caused this problem? I've heard some bad things about that... but Microsoft patches their stuff pretty quickly.
Fred is out for the moment, had a horrible car accident, I'm corrisponding for him. Thanks!
-Aaron Peterson
aaron_pet@hotmail.com
509 332 7697
Please use [ informative / summarizing ] SUBJECT LINES
Flame me here
Tried http://www.jflkdsjads.cx/ or http://www.jflkdsjads.nu/ lately? Other TLDs have had this for years, yet noone has complained about them. I'm all for stopping what VeriSign is doing now, but we should round up ALL the guilty parts while we're at it.
Harald
I registered a domain name last night for the girl who took our wedding photos. I paid for it, filled out the info, and now when I go there, I get ads for her competition. If that isn't an unfair business practice, I don't know what is.
666-607: 6th floor apartment of the beast
n addition to a number of already posted suggestions, I recommend that you call Verisign and file a complain:
/dev/null. But I suspect that pressure from all fronts might help. I have been told (off the record) that some people within Verisign are not happy with their wildcarding. Complaints get logged into a database that these people can review. Your complaints, in volume, might help those folks make a stronger case against top-level wildcarding.
+1 703-742-0914 (worldwide)
+1 888-642-9675 (toll free US/Canada)
When you call, select:
* 1 (purchase an product or renew an exist product)
* then 7 (all other questions)
I recommend that you be patient with the Verisign rep that answers the phone. That person may not fully understand the issue / problem, and they are unlikely to personally be responsible for the Verisign decision. Remember that you are objecting what Verisign as a company is doing. Don't yell at the rep. Be polite but firm.
Ask Verisign to stop the wildcarding now. Explain why what they are doing is wrong (such as being unable to determine of a EMail message is being sent from a bogus / non-existent domain because thisdomaindoesnotexist.com resolves to 64.94.110.11).
If you do business with Verisign now, tell them that you will switch vendors unless Verisign stops this practice in X weeks. (fill in the X)
You might want to leave your phone number and request a callback. Anonymous complaints do not go as far.
If you are in the US, you might want to contact your local member of congress and object about what Verisign is doing. Let Verisign know that you are doing this when you call.
Yes, they might flush your complaint down
chongo (was here)
you can file a complaint about Verisign to ICANN by using their:
chongo (was here)
If your on a windows machine there is an easy fix for PART of the problem. Just go into your hosts file:
I NNT\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts
or
C:\W
and add the line
0.0.0.0 sitefinder.verisign.com
Now this won't fix the DNS resolution problems but it will at least stop your browser from hitting the sitefinder page.
While I'm appalled at VeriSign's rank power grab, it's probably done me, personally, more good than harm Why you ask? Well, I took the time to get up to speed on BIND 9 and am running my office/home DNS on local machines, and uitilizing the code that blocks Verisign's hijacking attempt from affecting me.
Now I can charge my clients for setting up a DNS server on their local networks on any spare crap machine they have lying around, making their networks more resilient to ISP DNS outages and crap like this.
Now I have every excuse I might need to move all my clients name registrations to another registrar ASAP, and all the reason I need to not use VeriSign, or be plagued by their idiot customer service ever again!
Thank you Verisign, for teaching me how to laugh about love...again.
Verisign doesn't want to NXDOMAIN? Fine then we should all give Verisign what it asks for - traffic to nonexistent domains.
Y'know those "ribbon" stuff people used to put on their webpages as a sign of protest?
Well here's my suggestion, every protester should use a "broken ribbon" logo on their webpage that's pointed to a random nonexistent url e.g. random.nonexistent.site.com.
e.g. img src="http://www.jrytcmtproyncz.com/" height=1 width=1
(Leaving the angle brackets out because Slashdot's engine sucks - it's too stupid to treat plain old text as plain old text.)
You should use a random img url but it doesn't have to change much if at all.
The height and width should be set to 1 so that if some idiot tries to push an offensive image, it doesn't get seen by the person viewing your webpage.
You could in theory construct a broken ribbon logo with an html table of different 1x1 imgs (all different URLs). 16 by 16 pixel icon could be 64 requests to nonexistent domains (drawing the ribbon), and the rest point to single background 1x1 image.
Then if Verisign figures out a cheap way to deal with all the SYN packets heading their direction and still redirect users to a webpage, they'll have solved the "defend against DDOS SYN flood" problem.
Some people say there's no technical solution to this problem.
But add enough people and this might work.
Slashdot and a few other popular sites could do this too.
There's a 1x1 gif image in the sitefinder page, this is the URL that refers to it...
g nw ildcard/1/G.2-Verisign-S/s75019259531159?[AQB]&ndh =1&t=19/8/2003%2018%3A54%3A6%205%20-60&pageName=La nding%20Page&ch=landing&server=US%20East&c1=NOTHIN G&c2=NOTHING%20%2800/00%29&c3=NOTHING%20%28DYM%29& c12=No&c13=00&c14=No&c15=00&c16=Yes&c17=15&c22=NOT %20SET&g=http%3A//sitefinder.verisign.com/index.js p&s=1024x768&c=16&j=1.3&v=Y&k=Y&bw=1024&bh=614&p=R ealPlayer%28tm%29%20G2%20LiveConnect-Enabled%20Plu g-In%20%2832-bit%29%20%3BWindows%20Media%20Player% 20Plug-in%20Dynamic%20Link%20Library%3BShockwave%2 0Flash%3BShockwave%20for%20Director%3BMicrosoft%C2 %AE%20Windows%20Media%20Services%3BAdobe%20Acrobat %3BMozilla%20Default%20Plug-in%3BJava%20Plug-in%3B QuickTime%20Plug-in%206.0.2%3B&[AQE]
http://verisignwildcard.112.2o7.net/b/ss/verisi
Why would they want to know my plugins and screen size, amongst other things?
Oh well, not to difficult to get Mozilla to block that at the cookie it sets.
Heh, http://sitefinder.verisign.com/terms.jsp is an interesting read.
I had to modify the following a bit from the original. Slashdot wouldn't let me post it as it was (Lameness filter encountered. Post aborted! Reason: Don't use so many caps. It's like YELLING.)
And just how am I supposed to stop using this? It's kinda forced upon me (besides not using the net at all...).
a) Xenu's Link Sleuth is a Windows program that checks broken links
b) Xenu is an excellent worldwide free product written by Tilman Hausherr
c) Tilman fights Scientology
d) Verisign is controlled by Scientology (can't prove it, so)
e) Verisign lauch Sitefinder
f) Xenu.exe program is almost unusable
My two cents.