Slashdot Mirror
ICANN Asks VeriSign To Stop DNS Wildcarding
MrClever writes "In this article over at the Sydney Morning Herald (AU), it looks as though ICANN may actually be doing something about the VeriSign changes to .com and .net TLD's. Apparently, while they have been noticably quiet, they have been reviewing community reaction and analysed data from a technical perspective. Here's hoping ICANN pull the plug on VeriSign's TLD administration rights!" And TALlama writes "RSS.com.com (dear $DIETY, will it ever stop?) is reporting that ICANN has asked VeriSign 'to voluntarily suspend the service' of wildcarding DNS, 'pending further study.' Calling it a 'service' is a little bit of a misnomer. If I punch people in the face, can I call that a service, too?"
Could somebody be kind enough to explain what "wildcarding DNS" is?
--- Sigmentation Fault - Comments Dumped
For starters, sitefinder doesn't find the slashdot site!
It isn't nearly as helpful or reliable as google (even if google is censored a bit).
It causes me to download more stuff than I would if they didn't have the diversion abusing my bandwith and data allowances that I have to pay for.
I can turn the msn search in IE off. I turned the sitefinder.verisign.com off by modifying my hosts file but that isn't easy for most of the customers I support.
-- it must be true, it's on the internet.
Honestly I don't think VeriSign will stop this "service" because of public pressure alone. I used to have my domains registered at VeriSign but I was tired of never being able to get a password for the web administrative interface.
VeriSign is a great service if you're not planning on making any changes to your domain information. A few years ago I needed to update my name. VeriSign "offered" (the free version was in small print and out of the way) the service to have my name change rushed for over $100.
I suspect ICANN is stepping in due to public pressure, not VeriSign.
If we all add this command:
;p
iptables -I INPUT -j REJECT 69.94.0.0/15
maybe that will get Verisign's attention
Afterall theres nothing they can do about people blackholing them for a good long while until they say they are sorry. As a penalty they should lower the prices of their domain registration, to something competitive.
I'm still not having this problem. If I browse to http://notarealaddressatall2323.com, my browser just says "Looking up host" and then eventually returns an error.
I've never actually seen this happen. Is it possible that my provider (Earthlink) has blocked this in their own DNS servers?
Have you seen the episode of Star Trek where they land on this planet that is so filled with people they're all outside the window shoulder to shoulder flailing. So some head guy on the planet steals some disease from the Enterprise to infect his planet so people will start dying... While suffering may not be necessary, death is absolutely necessary to stability. Even a -1 mongoloid like you should have watched the Lion King once, you fucking child.
At first I was kind of pissed about what they did, but what is it really hurting? Anything that relies on a dns failure could easily be changed to accept a failure or a response involving that ip.
Although I know they will never release any stats on the kind of hits they are getting to that ip, it would be an interesting study. I would be interested to find out what the most misspelled domain is.
Well if more companies behaved like this maybe the world would be a better place (well not for lawyers admittedly).
/. write "why didn't they just ask x to stop y". Well now somebody has.
I've lost count the number of times i've seen people in
What if SCO just asked for its code not to be used instead of sending the lawyers in?
Or Apple records asked Apple computers to stop selling music?
etc...
Of course you can sell your Punch in the Face services. Such services have traditionally gone under names such as
Now, this analogy actually does continue. You, as a sysadmin or someone writing a script that uses DNS, might not really like this service. Just like someone who is trying to take celebrity photographs might not like the Punch-in-the-Face service. But the fact is that this service is provided. And that there are a LOT of people who not only don't see this as a problem - but like it. Or at least think they do.
That is why Verisign thinks they can get away with this - the average person sees a benefit here and sees no drawbacks. The average person watching a boxing match also just sees the benefits and not the drawbacks. Until it is made clear why this isn't as good as it appears, nobody will care. Chances are, nobody will care anyway.
Have any of you read the "terms of use"? http://sitefinder.verisign.com/terms.jsp What a load of bollocks - do they seriously want us to believe that being redirected without our control to some bogus directory site is a legally binding agreement?! Go fsck yourselves Verisign!
Forget thrust, drag, lift and weight. Airplanes fly because of money.
...and hang tough.
After all, the IAB says here that "We must emphasize that, technically, this was a legitimate use of wildcard records that did not in any way violate the DNS specifications themselves."
If the decision-makers at Verisign cared about good engineering practice, they wouldn't have done what they did.
They probably regard their own actions as just "sharp business practice" and are probably patting themselves on the back for having found a loophole in the DNS specification that they can use for their own profit.
I don't think jawboning from ICANN, the IAB, or anyone else will have much effect. I don't see how anyone short of the Feds can stop them.
I mean, they have contracts with their SiteFinder advertisers. There's money at stake here.
"How to Do Nothing," kids activities, back in print!
Well, they shouldn't but .nu belongs to Niue, and so long as the proxy for the people (goverment) doesn't mind I don't have a problem with that they do. If I lived on Niue I would have a problem with it, but I belive in letter other people do stupid things. However .com and .net belong to the internet as a whole, and that means everyone needs to agree with what happens there. (Note, everyone in the wolrd, .us belongs to the USA, and those in other countries shouldn't be concerned about the stupid things .us is doing, while those in the US should)
This is the way I live my life: Don't harm anyone but yourself and I'll leave you alone. I won't agree with what you do, and speak against it, but so long as it doesn't harm others I don't care.
I have no clue how the goverment of Niue is overall, having never heard of them before. If they are "Evil", I might help those in the country to change things, but that is a completely different story and has nothing to do with domain naming.
So, what happens when Verisigns gets its website hacked again? I would think that this would be a prime target for anyone who wnats to get attention. It's just a matter of time.....
Actually they intercept any traffic that attemts to resolve .net and .com addresses against their DNS servers. This could break all sorts of things, internet search engines, FTP clients, IRC server networks and clients, some mirroring services, and the list goes on. This move by Verisign represents a major change in the basic functioning of the internet, and many of the repercussions may not be completely apparent for some time. For instance, what is the additional cost of transfering relatively big (in bytes) webpages as opposed to efficient error responses?
(Score: -1, Stupid)
I fired off a quick email to verisign.
.com domain name and was redirected to your 'Site Finder' service, I have since done a search for some background information on this and have seen that various parties have made technical objections to this service. Many of these addressed concerns that are similar to mine when I was presented with your service, but I will not add to that discussion.
For your enjoyment:
To: websitesupport@verisign.com
Subject: Site Finder Terms of Use
I do not know if this is the right address to send this message, as I was unable to find contact information on your 'Site Finder' page.
If this is not the correct address to send coresspondece on this subject, kindly forward it to the appropriate address or send me the correct address.
Today I mistyped a
My reason for contactig you are my concerns with respect to the 'Terms of Use' (http://sitefinder.verisign.com/terms.jsp) that I was presented with.
I would like clarification on the following issues:
1. Why would these apply to me when I have not entered into an agreement with you before mistyping the domain?
2. What constitutes 'commercial use' as mentioned in section 2 of your 'Terms of Use'?
3. Where can I find on the information on agreements w.r.t. commercial use of the 'Site Finder' service as mentioned in section 2?
In light of the above concerns and the terms presented in:
Section 6, which implies you can can change any part of these terms, without prior notice. (Including section 3 'COST OF THE VERISIGN SERVICES')
Section 14, which implies that use of the service implies agreement to these 'Terms of Use'
I kindly request you to provide me with information on how I should proceed to stop Verisgn from providing me with this service until the above points are clarfied and I expressly agree to be bound by these 'Terms of Use'.
Kind regards,
Anonymous
Rich