Verisign Implementing SiteFinder On .cc

An anonymous reader writes "Community outrage forced VeriSign to kill SiteFinder, but they vowed to bring it back. Looks like SiteFinder is alive and well in the .cc TLD. Just enter your own favorite unregistered name to check it out."

Misleading? No, just wrong.

[AllMightyPaul]

The headline for this article is incredibly wrong and misleading. Verisign does not control the .cc domain and thus did not implement this "sitefinder", not to mention it's not even a "sitefinder".

It's run by eNIC Corporation, which apparently handles the root for .cc and all it does is ask you if you want to register that domain. It doesn't advertise any other site, and it doesn't advertise its own services or other services.

Is it a bad precedent? Yes, but it's not sitefinder and it's not verisign.

Re:Misleading? No, just wrong.

[base3]

Yes, but it's not sitefinder and it's not verisign.

I suppose that's why the words "A Verisign company" appear under the eNIC logo?

Re:Misleading? No, just wrong.

eNIC is a Verisign company. It says so right on the page.

Re:Misleading? No, just wrong.

[__aafkqj3628]

A subsidiary of a company is not the actual company itself, it's just a peon with which to attribute blame.

Re:Misleading? No, just wrong.

[Uberdog]

A subsidiary of a company is not the actual company itself, it's just a [front the company can use to make the public think it's] a peon with which to attribute blame.

Re:Misleading? No, just wrong.

Thin end of the wedge, dude. Thin end of the wedge.

Re:Misleading? No, just wrong.

[kimba]

Well, you are right that it is not Sitefinder, but it is VeriSign. All the VeriSign staff treat it as their own, and it is operated by VGRS staff (the division inside VeriSign that runs .net and .com too)

Why the article is completely stupid is this domain has had a wildcard for years. This is nothing new or noteworthy.

Spyware

[l1nuxpunk]

Isn't this the equivalent of what any spyware would do to someone's computer? How does this kind of advertisement differ at all?

Re:Spyware

[Geoffreyerffoeg]

It doesn't differ, but we don't like spyware either.

Re:Spyware

[PurpleFloyd]

It differs in four ways:

• You can't not get it. Spyware usually isn't installed willingly, but there are steps you can take to prevent getting spyware on your system. This is located on Verislime's servers and can't be avoided.
• You can't remove it. Spyware, once installed, can usually be removed and the system put back to the way it was. While it can be difficult, it's usually possible for you to put your computer back to the way it was before you were infected. With this, the only way to remove it is to convince Verislime that it's in their best interest to get rid of it.
• It represents abuse of what's supposed to be a public resource. This is like a utility company with a government monopoly selling your name to mailing lists: they've been granted power, and they're abusing it for profit.
• Finally, and most importantly, it breaks DNS. The ability to check for a valid domain is an important spam-detection tool. With this, any query to DNS for a nonexistent .cc domain will return as if it were valid. Sitefinder breaks this, just so Verislime can get a few extra bucks of profit.

Re:Spyware

[Lehk228]

simple, ban mail from *.cc

Re:Spyware

[Ayaress]

Spyware you can avoid (Don't use IE, turn off the features that it uses to install, run Spybot or Adaware regularly, etc), and when you get it, you can get rid of it. Sitefinder is just *there*. You get it. Period. You can't get rid of it. And furthurmore, I've never had spyware that prevents me from getting otherwise useful error pages.

erm....

[moosesocks]

so how long before someone throws up a goatse mirror at http://an-unregistered-name.cc/

Re:erm....

If someone's willing to pay $30 for the privilege, more power to them. Lately, they've been gobbling up the free .info domains being pushed by some registrars, but it looks like their supply of those has been cut off.

huh?

[theCoder]

Maybe it doesn't work anymore, or my ISP blocks it, but I'm not getting any site-finder like results in the .cc TLD:

$ host an-unregistered-name.cc
Host an-unregistered-name.cc not found: 3(NXDOMAIN)
$ host alskdfjsldkafjdsalkjskld.cc
Host alskdfjsldkafjdsalkjskld.cc not found: 3(NXDOMAIN)

Re:huh?

[Geoffreyerffoeg]

It's your ISP, thankfully still implementing SiteFinder blocks. Cox Internet gives:

ibook:~ geoffrey$ host an-unregistered-name.cc
an-unregistered-name.cc has address 206.253.214.102
ibook:~ geoffrey$ host alskdfjsldkafjdsalkjskld.cc
alskdfjsldkafjdsalkjs kld.cc has address 206.253.214.102

Anyway, the results are not SiteFinder, just "buy this domain or e-mail the registrant". Besides, .cc isn't an autoresolution or even a relatively common domain, which was the problem with SiteFinder.

Incidentally, http://206.253.214.102/ is a notable example of not checking your input string (in this case, the HTTP Host field) before parsing it.

Re:huh?

[Steamhead]

dan$ host asdjahfljkahfkasdhflsd.cc
asdjahfljkahfkasdhflsd. cc has address 206.253.214.102

*sigh* I if .cc becomes a problem, I guess it will become like .biz and be blacklisted on my mail client.

Re:huh?

[numbski]

I run an ISP, and I use Bind.

Anyone have a good link on how to implement these blocks? I'll pass it around to my colleagues at the other local ISP's here in St. Louis...

Re:huh?

[Piquan]

Look at the NANOG archives from around the time of the original SiteFinder debacle. There's a patch. Paul doesn't like it, but he wrote it anyway.

Re:huh?

[spiff42]

How about .nu ?

http://what-is-wrong-with-you-guys.nu/ . The .nu TLD have been using this for a couple of years now. It really screws things up a lot when you do not get a proper NXDOMAIN, but actually get a valig reply that dosn't run whatever service you were trying to connect to.

But the fact is that a lot of domains do this, just not on TLD. Is this less bad??

/Spiff

Re:huh?

[brunes69]

Anyway, the results are not SiteFinder, just "buy this domain or e-mail the registrant". Besides, .cc isn't an autoresolution or even a relatively common domain, which was the problem with SiteFinder.

No, the problem with sitefinder is that it returns bogus, corrupted DNS information, which breaks a hell of a lot of 3rd party software that follows the RFCs.

Re:huh?

So once Verisign has spread this around enough smaller TLDs, they'll come back with "proof" that people like the service and demand that they're entitled to put it on .com too, and anyone who tries to stop them from using their government-granted monopoly is destroying their ability to do business.

Re:huh?

[realdpk]

Ha. Yes. They don't even look for 's. Unfortunately I couldn't figure out a way to encode a / in to the URL, else we'd have an example of an XSS vuln.

Re:huh?

[bedessen]

http://www.isc.org/index.pl?/sw/bind/delegation-on ly.php

Basically you can define certain zones to be delegation-only, or you can tell it that they should all be treated that way, except for the specified list.

No, no, no! This is acceptable!

[Geoffreyerffoeg]

Though run by a Verisign subsidiary, this is NOT SiteFinder. SiteFinder is a search engine meant to hijack the type in location-bar -> autocomplete .com process. This is an advertisement for a dot-cc domain, which you couldn't reach accidentally anyway.

Besides, dot WS, dot TK, etc. have this service. Where's the outcry?

Re:No, no, no! This is acceptable!

Appreciable spam isn't coming from dot WS or dot TK yet. As soon as it does, and spam filters relying on hostname lookup start failing, you'll see an outcry.

Dear Slashdot,

[jeffy124]

YABT. YHL. HAND.

CTFL = MOD DOWN

[CustomFort]

Moderators, at least CTFL (click the fscking links), even if you don't RTFA. eNIC is a VeriSign Corporation (see http://www.enic.cc/).

As far as I can tell, they are justing grabbing free business off of this service, and deserve to be shamed. How is this different from SiteFinder?

OK, yeah...

[AllMightyPaul]

So eNIC is owned by Verisign. I got that wrong. But it's still not Sitefinder.

SiteFinder is alive and well in the .cc TLD

[ForestGrump]

Oh god! it hurts to look at goat.cc

Re:SiteFinder is alive and well in the .cc TLD

You're looking for a wife from goat.cc?

They don't escape addresses! http://Random HTML.cc

[It's+People!]

http://.cc/ works! They must not bother to escape things at all!

Dollar sign?

I though the dollar sign was invalid in domain names...

http://VeriSignAreA$$Holes.cc/ goes to their little page with the $s intact.
Slashdot seems to remove $s from URLs even when they are intentional.

Good for a laugh

[aztektum]

I typed in sitefinderislame.cc and it gives me a page that says "Welcome to your new home on the web!"

Re:Good for a laugh

[iezhy]

is the .cc domain is so popular or this sitefinder thingy just doesnt work right?

iezhy.cc is not available.
iamiezhy.cc is not available.
curseyouverisign.cc is not available.
blahblah.cc is not available.
dsded.cc is not available.
asdqwrdsa.cc is not available.
sadsdasdemocdza.cc is not available.
sad3234swaqdvere.cc is not available.
hihakiliekia.cc is not available.

lol?

buffer overflow

[kmanq]

well you could have a serious problem as it seems that anything goes and pulls up the .cc page, html works fine as posted and tested...could this lead to verisign themselves being vulnerable being as this is a subsidiary of them??

Re:buffer overflow

[kmanq]

try this one: <del>.cc

Re:buffer overflow

[TheOnlyCoolTim]

http://.cc

I don't think there's much of a way they're vulnerable through this, but there's probably a way to do a goatse redirect or something - it's just that I haven't been able to get a slash or equals sign through so it's a bit hard.

Tim

Re:buffer overflow

[TheOnlyCoolTim]

Just go to http://.cc

Tim

It's Not New

[Jeagoss]

Over the past few years, I have helped clients register .cc domains by typing in domain.cc and if that page came up, I knew it wasn't registered. ENIC has been using this blank page service for a while. The page has been changed a few times, but, it has always been pretty much the same "Welcome to Your Future Home", or "Buy this unredistered domain" pitch. Why is it that someone just now noticed? Then, just because by change ENIC happens to be a subsidiary (or however you spell it) of Verisign, this service is automatically dubbed "SiteFinder". I find this very sad.

(Get out the fire extinguishers, tin foil hats, and flame throwers. This one might catch on fire and explode in contempt.)

Re:It's Not New

[Jeagoss]

just by chance** Sorry, my fingers got excited

Repeat after me ....

[complete+loony]

Stop Returning Wildcards

Old news

[mnordstr]

The cc TLD has had that service running for as long as I can remember. It's just a way to buy an unregistered name, not a search engine like SiteFinder. Even though I highly dislike these kinds of unstandard solutions, it's much better than SiteFinder was.

Hmm

[Fweeky]

Why is my 'zone "cc" { type delegation-only; };' not doing it's job?

Sitefounder A record - not found.

[gd23ka]

One quick way around this is to treat the sitefinder A records the same as if no results were found.

Yeah, but who receives mail from .cc?

[jonadab]

You can't block .com, because there are too many valid domains there, but .cc?
Nothing legitimately worthwhile has ever been hosted there; if the spammers
or whoever abuse this, you just instruct your software that all .cc domains
are invalid, and your dad is Robert's brother. It's an ugly hack, but it
would work; no such thing is possible for .com

I'm not saying that it's right for nameservers to return wildcard results for
unregistered domains, but this isn't nearly the problem in .cc that it would
be in a major TLD such as .com or .net or .org or .edu or .us or cetera.

3 Ways to stop this

[pdcryan]

I wrote a paper on this last year... basically there are 3 interesting (legal) theories that could be used to enjoin VeriSign from continuing sitefinder (it's also working on .tv - BTW). Here is the ultra condensed version.

1. The Lanham Act - specifically the Anti-Cybersqatting Consumer Protection Act (ACPA). VeriSign is essentially registering and profiting off of the protected trademarks of others.
2. Antitrust. Verisign could be guilty of violating the Sherman Act - most interestingly as the controller of the DNS "essential facility." Similar actions caused AT&T (back when it controlled the local phone switches) to allow long distance competitors access to the local switches - so they could effectively compete. If the DNS registry is an essential facility - Verisign cannot use it to block out downstream competition (other registrars, web portals, etc.).
3. State Action - Takings violation. This one is a little wacky - but interesting none the less. Network Solutions (when they ran the DNS) was always let off the hook for AntiTrust via the Parker doctrine - which permits companies who are closely tied to the government (and the government itself) to be excused from antitrust laws - because of their close tie to the Federal Government. The same close ties could result in a "state action" under either a government function (not often used by the courts) or a symbiotic relationship test (rarely used by courts). Essentially - the private company acts like the government - and should be treated as such, which means having to follow the rigors of the Constitution. Specifically, when the capture the intellectual property of others (the names of the unregistered domain names that are now pointing to verisign's page), they are violating the "takings clause" - which requires compensation.

BTW - IANAL - but, I think the points are quite interesting. I really didn't do them justice by quickly summarizing them here, but what the heck - that's what slashdot is for.