Slashdot Mirror
Verisign Considers Restarting Sitefinder
Rosco P. Coltrane writes "The Washington Post reports that VeriSign is considering reviving its infamous search engine. 'Site Finder was not controversial with users' says VeriSign's Tom Galvin, and VeriSign 'assured ICANN that it would give 60 to 90 days' warning to resolve any remaining technological problems.' Such as leaving the DNS service alone for example?"
You think we might be able to outsource VeriSign to India?
This is .org and .com! When does Verisign's lease expire? Can ICANN turn over the license to someone else?
When you type in a wrong address at the moment which doesn't exist, you are automatically taken to either a site search engine, which is pure crap.. or to the microsoft auto search.. (talking for users on School networks, with Windows terminals) which offers the option to use the great Hotmail (Spam Central), Shopping (at ridiculous prices, from the company which could afford to give us all we want free) etc.
tim
If it is put back in place, then the backlash will no doubt force them to take it down again.
It's just the way things go.
http://www.xpurple.com
'Site Finder was not controversial with users'
It wasn't controversial at all. Everybody agree it was a bad idea.
This space left intentionally blank.
Fast mirror here. Enjoy the Net exploatation !
Carefully crafted sig.
There's a difference. Microsoft only do it at the application layer, with a particular browser that they provide. If you don't like it (and I can't see why anyone would), you can always switch to one of the many alternatives. Verisign's site finder operates at the DNS level. It's not as if you can choose to not use DNS, or switch to another name service.
"The invisible and the non-existent look very much alike." -- Delos B. McKown
they take .com and .net out of verisign's hands the better. Its just unfortunate that this will misinform new people AND generate more needless traffic because of the returned page. Did the search page ever have preferences to certain websites? or was it truly independent? If i typed in server software would it bring up xxx penis extensions because some idiot put in metatags or would it bring up true results?
We played dungeons and dragons for 3 hours.....then i was slain by an elf
And firebird^H^H^H^Hfox does it for google ... it could be argued that's even worse than Microsoft, since there you get shot off on an I'm Feeling Lucky, while microsoft gives you a list of close matches and lets you choose one. I've had too many times when I mistyped a URL, got shot off to another page entirely, and then had to go back and do a "google URL" to find what I was looking for.
;)
Also, M$'s way sends you back to a Microsoft page - which is expected, since MS has a search service (along with one copy of every single other web application). But Mozilla choose Google fairly arbitrarily - why not use Yahoo? Or Wikipedia? And anyone who argues "it's the #1 search option" gets a free copy of IE, the #1 browser, from your good friends at Monopolysoft
And in other news, the US forces were crushed in Iraq, Mars Beagle did not go missing and has been transmitting pictures for many days, and these aren't the droids you're looking for.
But DNS is used for more than web look ups. If DNS returns spurious results for gethostbyname(), a typo in a SSH command, or nntp request will be seriously bjorked.
I've no problem with Firefox (or IE) sending me to a search engine when I try to connect to a typo-ed web page: this is a reasonable policy to set at the application level
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
That's what we get by having corporations managing the Internet infraestructure instead of a public service. Some people talk about censorship, but if the corporations actually have the nerve to do something like this, whow long does it take until censorship sets in?
can someone be blamed for doing a denial of service
to a site that Does Not Exist ?
how about some scripts to pump out requests to a fairly
limited set of known to be Non-Existent domains...
could this possibly cause an interesting burden on Verishit's servers?
would the name lookups themselves affect DNS too badly to
cause innocent collateral damage? i'd hope caching of a limited
set of non-existent names would avoid much dns load.
just curious, academic musing and all that...
Remember the times when microsoft and SCO had to change their web address to side step being attacked by DDOS for various worms?
If site finder goes up.. All falied DDOS going to old domain names will end up taking those attacks. Guess verisign will be the official decoy for outdated worms. =)
All slashdotters, espeically people that were seriously affected by sitefinder, please complain NOW. Let them know how controversial it is!
found here
You can change the url to anything you like.
Just do a about:config and change the keyword.URL setting.
I set mine to http://www.google.com/search?btnG=Google+Search&q= which is a regular Google search.
Many sites cannot be reached by their IP address alone. Ever heard of shared hosting ("name based virtual hosting")?
Getting a search engine is fine, if that's within my control. That's a good *browser* feature. And with a good browser, you can configure such a feature to go where you want it to, or just to give an error message (my personal preference). The problem with Verisign's approach is that there is nothing to tell the browser that there was no DNS record, so you no longer have the choice.
And as understand it some anti-spam programs does a lookup on the senders hostname to see if it's a valid hostname. If the lookup returns an error (not found) they send the mail directly to the trash.
But with this service you will always get a hit. Which in turn renders this anti-spam program ineffective.
Of course you could use other anti-spam tool, but this stops a lot of spam with fake hostnames.
DNS is used by a variety of applications, not just the web. By returning bogus data instead of "NXDOMAIN" (non-existant domain) to applications, applications are unable to easily detect legitimate errors.
Many/most web-browsers already allow you to configure them to go to a search engine in the event of a problem. People actually complain about IE doing it, and IE is the most installed/used webbrowser on the planet, so at most maybe 5% of people, who use browsers other than IE, whose browsers do not support searching for bad domains, would find this "hack" useful.
Additionally, a web browser knows basic information such as what language you speak. SiteFinder didn't. The impact of SiteFinder is such that it replaces an error message everyone can read with a page that many people cannot.
It's bad, and redundant, for web browsers. And it breaks everything else. What's the up-side?
You are not alone. This is not normal. None of this is normal.
I have to think you're trolling, but I"ll bite anyway. You're falling into the common trap of only thinking of DNS as affecting Web traffic. What about email? If you fat-finger your friend's email address, don't you *want* that email to come back, rather than dissappearing into the void that is Verisign? The wildcard they're putting into the DNS isn't just about web traffic. It's *all* DNS queries...that's going to affect email, ssh, nntp, everything. Once of the basic spam filters, for instance, is a check to see if the sender's domain exists. With the wildcard, *all* domains exist, causing you to get more spam.
SiteFinder the search service is fine. The DNS wildcard to *force* you to SiteFinder is what makes people angry.
...that they would learn from past mistakes. But no, of course not.
They have.
What they've learned is that outrage, like everything else, is a limited quantity.
You and I can't spend afford eight hours a day, five days a week to watch and warn against Verisign.
We have other things to worry about: Belkin using routers to spam, New York's Livingston County Social Services Commission letting confidential data get posted on the web, Johm Ashcroft eviscerating the Bill of Rights.
But Verisign can trigger our outrage the first time around, back down in the face of our massed complaints, and then, like a spider in its hole, wait patiently until the time is ripe to strike again.
Just like the Department of Justice and the proposed "Patriot II" law; they withdrew it after furious opposition, wait a while, and then got key provisions passed after everyone had relaxed.
Verisign is banking that each time around, they'll be a few less people able or willing to work up any outrage, until only a small minority objects -- a small minority that can be derided with a dismissive comment about "tin foil hats".
This is why we need organizations like the EFF and EPIC (and the ACLU): so the we have someone in out corner who, like a Verisign employee, is paid five days a week to watch for and counter these outrages.
Opinions on the Twiddler2 hand-held keyboard?
I *heart* corporate thinking.
The Slashdot Paradox: "100% Overrated"
It is analogous to saying that if I put a detour sign in the middle of the freeway to direct traffic to my shopping mall, that I am obeying the traffic sign protocols.
The comment about "ninety-nine percent of the traffic is pure HTTP" is a shorthand way to sum up why it is not possible to communicate with Verisign's executives, and why they must be stopped and soon.
Because it wouldn't matter if one hundred percent of the traffic on the internet were HTTP, it still is not a reason to break DNS in order to insert advertising. The "service" they claim to be providing should be provided by the browsers, giving everyone a chance to implement their own solution to the problem of mistyped domain names. Then many possible solutions to this issue can be innovated. By breaking DNS to lie about the existence of domain names, they actually prevent anybody else from providing any solution. This is the exact opposite of innovation. And they are smart people at Verisign, they clearly and obviously know all this, and yet they are lying to every one about it. And that, in a nutshell is what makes me more furious about this than any other Internet legal issue has in a long long time, maybe ever, or at least since Network Solutions took the .com database
offline and made it their own private property.
There was a story I heard once, about a company (Novell ?) which implemented their own file transfer protocol over the network. They did not use exponential backoff on retransmit, which made their protocol look much faster than TCP/IP. It would in fact hog all the bandwidth, bumping out all the more polite and well behaved protocols. This was great for them, but in fact as the network approached saturation, the system would fail catastrophically, for reasons obvious to Internet protocol designers.
At some meta-level, this is what is happening to the Internet itself now. Verisign is itself like the bad protocol, which does not play well with others. It is taking advantage of an opportunity which gives it a short term advantage, while degrading the entire network protocol infrastructure.