Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verisign Considers Restarting Sitefinder

Posted by timothy on from the try-try-again dept.

Rosco P. Coltrane writes "The Washington Post reports that VeriSign is considering reviving its infamous search engine. 'Site Finder was not controversial with users' says VeriSign's Tom Galvin, and VeriSign 'assured ICANN that it would give 60 to 90 days' warning to resolve any remaining technological problems.' Such as leaving the DNS service alone for example?"

11 of 376 comments (clear)

  1. Re:Proof that some people never learn by xpurple · · Score: 5, Insightful

    If it is put back in place, then the backlash will no doubt force them to take it down again.

    It's just the way things go.

    --
    http://www.xpurple.com
  2. Re:And microsoft does this anyway to all windows u by ggvaidya · · Score: 5, Insightful

    And firebird^H^H^H^Hfox does it for google ... it could be argued that's even worse than Microsoft, since there you get shot off on an I'm Feeling Lucky, while microsoft gives you a list of close matches and lets you choose one. I've had too many times when I mistyped a URL, got shot off to another page entirely, and then had to go back and do a "google URL" to find what I was looking for.

    Also, M$'s way sends you back to a Microsoft page - which is expected, since MS has a search service (along with one copy of every single other web application). But Mozilla choose Google fairly arbitrarily - why not use Yahoo? Or Wikipedia? And anyone who argues "it's the #1 search option" gets a free copy of IE, the #1 browser, from your good friends at Monopolysoft ;)

  3. Re:And microsoft does this anyway to all windows u by gowen · · Score: 5, Insightful
    When you type in a wrong address at the moment which doesn't exist, you are automatically taken to either a site search engine, which is pure crap
    Thats on the Web.

    But DNS is used for more than web look ups. If DNS returns spurious results for gethostbyname(), a typo in a SSH command, or nntp request will be seriously bjorked.

    I've no problem with Firefox (or IE) sending me to a search engine when I try to connect to a typo-ed web page: this is a reasonable policy to set at the application level
    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  4. That's what we get with corporations by daem0n1x · · Score: 5, Insightful

    That's what we get by having corporations managing the Internet infraestructure instead of a public service. Some people talk about censorship, but if the corporations actually have the nerve to do something like this, whow long does it take until censorship sets in?

  5. Fine, if it's within your control by blorg · · Score: 5, Insightful

    Getting a search engine is fine, if that's within my control. That's a good *browser* feature. And with a good browser, you can configure such a feature to go where you want it to, or just to give an error message (my personal preference). The problem with Verisign's approach is that there is nothing to tell the browser that there was no DNS record, so you no longer have the choice.

  6. Re:Why is a profit-company in such a central role? by Llarian · · Score: 5, Insightful

    As has been pointed out time and time again on NANOG and other operational mailing lists, DNS hijacking is still DNS hijacking, regardless of how noble the intent is.

    From an operations standpoint, the impacts of Sitefinder are unfortunatly minimal now. Most of the major operational issues brought up when it was first released have been solved by either Verisign or by various application developers (ISC and other DNS developers) and are no longer an issue.

    While I and many other people involved in operations agree that Sitefinder is a horrible idea ethically, nobody is helping their case with histronics and ad hominem attacks on Verisign's business practices, regardless of how true they are. All that does is gives Verisign more fuel for their "technocratic elite" arguments in press releases.

    If you really want to fight this, tone down some of the passion and write to ICANN with legitimate concerns about the service and its effects. Crying foul about slimy business practices with no supporting evidence and a lot of sound and fury is a good way to make people who might be swayed agree with Verisign's claims of being attacked unjustly.

  7. Re:And microsoft does this anyway to all windows u by TEB_78 · · Score: 5, Insightful

    And as understand it some anti-spam programs does a lookup on the senders hostname to see if it's a valid hostname. If the lookup returns an error (not found) they send the mail directly to the trash.
    But with this service you will always get a hit. Which in turn renders this anti-spam program ineffective.
    Of course you could use other anti-spam tool, but this stops a lot of spam with fake hostnames.

  8. Re:You would think... by orthogonal · · Score: 5, Insightful

    ...that they would learn from past mistakes. But no, of course not.

    They have.

    What they've learned is that outrage, like everything else, is a limited quantity.

    You and I can't spend afford eight hours a day, five days a week to watch and warn against Verisign.

    We have other things to worry about: Belkin using routers to spam, New York's Livingston County Social Services Commission letting confidential data get posted on the web, Johm Ashcroft eviscerating the Bill of Rights.

    But Verisign can trigger our outrage the first time around, back down in the face of our massed complaints, and then, like a spider in its hole, wait patiently until the time is ripe to strike again.

    Just like the Department of Justice and the proposed "Patriot II" law; they withdrew it after furious opposition, wait a while, and then got key provisions passed after everyone had relaxed.

    Verisign is banking that each time around, they'll be a few less people able or willing to work up any outrage, until only a small minority objects -- a small minority that can be derided with a dismissive comment about "tin foil hats".

    This is why we need organizations like the EFF and EPIC (and the ACLU): so the we have someone in out corner who, like a Verisign employee, is paid five days a week to watch for and counter these outrages.

    --
    Opinions on the Twiddler2 hand-held keyboard?
  9. Mihh by BenBenBen · · Score: 5, Insightful
    Still, he added, it would be tough for VeriSign to win the public relations war because its opponents are highly regarded technologists.
    So, to paraphrase, it'll be hard to convince the public that SiteFinder is any good, becuase the people who say it's useless and buggers up the internet know what they're talking about.

    I *heart* corporate thinking.
    --
    The Slashdot Paradox: "100% Overrated"
  10. Interview with Stratton Sclavos, he's the devil by hqm · · Score: 5, Insightful
    There is an interview with Stratton Sclavos,CEO of Verisign, at http://news.com.com/2008-7347-5092590.html.
    SclavosThe reason Site Finder became such a lightening rod is that it goes to the question of are we going to be in a position to do innovation on this infrastructure or are we going to be locked into obsolete thinking that the DNS was never intended to do anything other than what it was originally supposed to do?

    Q:Still, a lot of people in the Internet community were quite surprised by Site Finder--and then you had complaints surfacing that it was not complying to approved standards.

    Sclavos:Let's break the argument down: The claim that Site Finder was nonstandard and that we should have informed the community we were doing something nonstandard--excuse me: Site Finder is completely standards-compliant to standards that have been out and published by the IETF (Internet Engineering Task Force) for years. That's just a misnomer. The IAB (Internet Architecture Board) in its review of Site Finder said the very same thing--that VeriSign was adhering to standards.

    His definition of "standards-compliant" is a cynical and deceptive one. Sure, the SiteFinder is complying with the standard, in that it is returning well formatted packets. However the content of those packets are lies. They are lying by saying that domains exist when they do not, in order to fool web browsers into loading the commercial content that Verisign wants to get to web surfers.

    It is analogous to saying that if I put a detour sign in the middle of the freeway to direct traffic to my shopping mall, that I am obeying the traffic sign protocols.

    The comment about "ninety-nine percent of the traffic is pure HTTP" is a shorthand way to sum up why it is not possible to communicate with Verisign's executives, and why they must be stopped and soon.

    Because it wouldn't matter if one hundred percent of the traffic on the internet were HTTP, it still is not a reason to break DNS in order to insert advertising. The "service" they claim to be providing should be provided by the browsers, giving everyone a chance to implement their own solution to the problem of mistyped domain names. Then many possible solutions to this issue can be innovated. By breaking DNS to lie about the existence of domain names, they actually prevent anybody else from providing any solution. This is the exact opposite of innovation. And they are smart people at Verisign, they clearly and obviously know all this, and yet they are lying to every one about it. And that, in a nutshell is what makes me more furious about this than any other Internet legal issue has in a long long time, maybe ever, or at least since Network Solutions took the .com database offline and made it their own private property.

    There was a story I heard once, about a company (Novell ?) which implemented their own file transfer protocol over the network. They did not use exponential backoff on retransmit, which made their protocol look much faster than TCP/IP. It would in fact hog all the bandwidth, bumping out all the more polite and well behaved protocols. This was great for them, but in fact as the network approached saturation, the system would fail catastrophically, for reasons obvious to Internet protocol designers.

    At some meta-level, this is what is happening to the Internet itself now. Verisign is itself like the bad protocol, which does not play well with others. It is taking advantage of an opportunity which gives it a short term advantage, while degrading the entire network protocol infrastructure.

  11. Re:Why is a profit-company in such a central role? by zerocool^ · · Score: 5, Insightful

    From an operations standpoint, the impacts of Sitefinder are unfortunatly minimal now. Most of the major operational issues brought up when it was first released have been solved by either Verisign or by various application developers (ISC and other DNS developers) and are no longer an issue.

    Except for things like this:

    Option 1 -
    MailServer: "OK, you sent me mail from this domain, let's reverse look it up to see if it actually exists... nslookup domain... OK, so I'm gonna go ahead and reject that spam."

    Option 2 -
    MailServer "OK, you sent me mail from this domain, let's reverse look it up to see if it actually exists... nslookup domain... OK, it exists, let's look it up by IP to make sure it actually is the domain you're from... nslookup IP... ok, I'm going to go ahead and reject this, and either stop sending spam, or configure your reverse zones".

    Option 3 -
    MailServer: "OK, you sent this, I'm going to check and see if you're valid... nslookup domain... nslookup IP... fantastic! Welcome to my humble abode, and don't worry about that mail, it's been taken care of".

    Or, with SiteFinder, Option 4 -
    MailServer: "I hate my life. Are you a valid domain? Yes? No? I don't care, I'm barely here. My existance is meaningless, my spirit is broken. I think I'm going to cat /dev/urandom to a file for a while."

    ~Will

    --
    sig?