Verisign Considers Restarting Sitefinder

Rosco P. Coltrane writes "The Washington Post reports that VeriSign is considering reviving its infamous search engine. 'Site Finder was not controversial with users' says VeriSign's Tom Galvin, and VeriSign 'assured ICANN that it would give 60 to 90 days' warning to resolve any remaining technological problems.' Such as leaving the DNS service alone for example?"

Why is a profit-company in such a central role?

[ggvaidya]

This is .org and .com! When does Verisign's lease expire? Can ICANN turn over the license to someone else?

Re:Why is a profit-company in such a central role?

[BiggerIsBetter]

If they go ahead with this, I suspect we will find out...

On a similar note, how about an industry wide boycott of all Verisign certificates. The next round of certificate-extortion goes through someone else, and uninstall their root certs too - I'd hardly call them "trusted" after pulling this junk again.

You would think...

[TehHustler]

...that they would learn from past mistakes. But no, of course not.

The problem is, are ICANN going to back down this time and let it slide, or are they going to continue to give Verisign hell over this, and pressure them, as they should definitely do?

Are we likely to see another backlash from users and network admins?

And will there be the same sort of media coverage that basically gave Verisign quite a bad bit of PR for 2 weeks.

It seems like they have sneaked this out again with the minimal amount of fanfare in an attempt to try and stifle the opposition, but when you have so many people mistyping domains everyday, you cant really expect it to go unnoticed and not to piss people off.

the sooner

[narkotix]

they take .com and .net out of verisign's hands the better. Its just unfortunate that this will misinform new people AND generate more needless traffic because of the returned page. Did the search page ever have preferences to certain websites? or was it truly independent? If i typed in server software would it bring up xxx penis extensions because some idiot put in metatags or would it bring up true results?

when is DDOS not a DDOS ?

[mr_walrus]

can someone be blamed for doing a denial of service
to a site that Does Not Exist ?

how about some scripts to pump out requests to a fairly
limited set of known to be Non-Existent domains...

could this possibly cause an interesting burden on Verishit's servers?

would the name lookups themselves affect DNS too badly to
cause innocent collateral damage? i'd hope caching of a limited
set of non-existent names would avoid much dns load.

just curious, academic musing and all that...

It very well might be.

[demonic-halo]

Remember the times when microsoft and SCO had to change their web address to side step being attacked by DDOS for various worms?

If site finder goes up.. All falied DDOS going to old domain names will end up taking those attacks. Guess verisign will be the official decoy for outdated worms. =)

Re:It very well might be.

[irc.goatse.cx+troll]

I had a similar idea... I'd like to see a worm just start hitting random domains, just a GET request to http://akljfhaksjdfhaskldh.net, maybe 2 every 10 seconds or other such interval. Not only would you hammer sitefinder, you'd fill isp caches causing them to take notice and block the sitefinder trash. ..not that I'm conding anything like this..

Re:That is pure evil.

[twistedcubic]

Indeed, it's evil, but if Verisign makes it trivial to DoS the entire internet, then SiteFinder is probably not a good idea.

it's not a lie if there is a grain of truth to it

[Tom]

"Site Finder was not controversial with users"

Hm, let's see:

a) Right. It just was extremely controversial with those who didn't use it (i.e. everyone else, like 99% of the Internet users)

b) Right, it wasn't controversial. Everyone agreed that it's a bloody fucking stupid thing.

c) Right, it wasn't the Sitefinder page itself that we all hated, it was Verisigns "bend over, here we come" attitude of forcing it on everyone, whether they wanted to or not.

Now that's three ways how he's saying the truth. Can't really argue with that, can you?

Sitefinder breach of contract with ICANN?

[blorg]

Verisign only operate .com and .net under contract from ICANN. Surely they can be prevented from relaunching Sitefinder under purely contractual grounds - previously ICANN was much against Sitefinder and threatened to sue, quoting breach of contract:

"The contractual inconsistencies include, violation of the Code of Conduct and equal access obligations agreed to by VeriSign, failure to comply with the obligation to act as a neutral registry service provider, failure to comply with the Registry-Registrar Protocol, failure to comply with domain registration limitations, and provision of an unauthorized Registry Service."

Let them.

[Stormbringer]

The annoyance factor and the outrage will be big pushes for the OpenDNS idea, especially once the cc people wise up and get on board to stop the extortion.

Maybe ICANN won't notice as everybody migrates away from their little empire of root servers until everybody's already used to the idea; that will eliminate the 'single point of political failure'.

Verisign is busy proving all over again that FLOSS has been demonstrating: when it comes to the Internet, the only people you can trust are everybody.

Re:Proof that some people never learn

[AKnightCowboy]

If it is put back in place, then the backlash will no doubt force them to take it down again.

Wow, and I was just starting to forget about how much I vehemently hated Verisign. It's always good when a company reminds you every once in awhile why you believe they're completely evil.

Just a reminder to the DNS admins:

zone "com" {
type delegation-only;
};

zone "net" {
type delegation-only;
};

Re:Proof that some people never learn

[lspd]

Speaking of backlash, it's hard to imagine a more interesting target for the next MyDoom type worm. Could a worm that tries to get the index page off random domains bring down VeriSign?

Not that I'm suggesting anything.