Slashdot Mirror
The Typo Millionaires
theodp writes "Slate's Paul Boutin reports on the sordid history of the oldest scam on the Internet. For almost as long as the Web has existed, there's been a thriving economy of sites, services, and software vying to grab you as soon as your mistype a URL. Studies estimate that 10-20% of all hand-entered URLs are mistyped, adding up to at least 20 million wrong numbers per day, helping to enrich the likes of porn purveyors, ISP's, Paxfire, Microsoft and VeriSign."
Interested in joining an anonymous, underground internet?
http://meta.fshell.org/
Get your own free personal location tracker
As are 75% of all hand-entered /. submissions.
It's a shame that the people who are probably more likely to mis-type a URL and not notice/tell the difference are probably beginner users of the internet. These people are also perhaps more likely to fall for scams such as downloading trojans etc. I work as an IT trainer teaching older people how to use computers, and many of them are unable to tell the difference between typing something into a search engine, and typing something into an address box. They are definately the people that don't know that mis-typing a URL actually makes much of a difference, and I have seen many of them attempt to install malware, just because the install box has popped up, and they have no idea what to do with it.
I remember the time several years back when I read about people registering misspelled web addresses. So I thought I'd take a look, and tried the first spelling mistake I thought of, www.hotmale.com.
I've been very careful since about what I type.
I recall once typing in slashdot.org, (incorrectly) and ended up at a site displaying nice frequency/time graphs of how often that occured. (A lot)
I wish I could remember what it was - I think salshdot.org - (now just a black page with an automatic redirect)
One of those milk through the nose moments.
It's hard typing correctly all the time with only one hand free. ;)
This goes way beyond typos. There is a whole cottage industry of people registering domain names that unwary site owners allow to expire. I've heard several stories of church groups who accidentally let their domain expire and within a matter of days it had teen porn on it.
I'm a big tall mofo.
Shoe shoppers who mistype www.zappos.com as wwwzappos.com get pictures of women who are wearing shoes but not much else.
Unfortunately, though Slate's servers are well hardened against DOS attacks such as what slashdot inflicts, since every slashdotter who will read that quote will instantly type in wwwzappos.com into his URL bar, the servers of that site will fall under the weight of the 80% of slashdotters who get that URL correct.
I work for a company that exploits mistyped URLs.
From our business, we found that a dial up user does an average of 4 bad requests a month and a broadband user an average of 10.
Iraq: war to save the U
www.whitehouse.gov: Current President's home www.whitehouse.com: Former President Clinton's home ;)
"Nature bats last..."
Mine is localhost.com
Those guys must be making a killing from people hitting ctrl-enter by mistake.
Chip H.
slsahdot.org
Is most of this really a scam though? It seems to me there are two levels to this type of behavior - the true scam, whereby a user is led to believe the site they are looking at really is the site they intended to go to, and therefore handing over personal details / card numbers etc.
However, most of what is described appears to be people capitalising on poor typing skills - a "lesser" scam if you will. I suspect the majority of these miss-spelt domain names don't claim to be the site you're looking for.
A scam is, after all, to defraud somebody. Mis-spelt domain names is akin to reading a map incorrectly, and ending up somewhere you didn't expect.
Of course, the fact that many of these sites will then go on to install malicious software etc, and that they generally intend to catch traffic from other sites probably works against this argument.
...many of them are unable to tell the difference between typing something into a search engine, and typing something into an address box.
Both boxes look pretty much the same.
What you're highlighting is the imlicit expectation among software designers that users will come to understand the how the Internet works. That is, that users will understand what a URL is, how DNS works, what a search engine is, and ehat happens when you enter a search phrase versus entering a URL.
Those are unwarranted expectations. An analogy would be cars designed on the assumption that drivers understand how internal combustion engines work. Few of us would be able to drive safely if that was a prerequisite.
The most effective way to protect users from crooks and abusers on the net is to design software that does the protecting and is not based on unreasonable assumptions about user knowledge.
-- Slashdot: When Public Access TV Says "No"
Wow, 20%, huh?
People really have to stop typing with one hand.
AT&T had a national collect-calling campaign telling people to "Dial 1-800-Operator."
A competitor, MCI IIRC, quickly snatched up the number 1-800-Operater and got lots of the business from the campaign.
So it's not just URL's that get the typo business.
This isn't a fat finger mistake but a funny story. This lady that I worked with was Internet illiterate. She wanted to set up an e-mail address so she could send junk home that was personal in nature. She had trouble with her ISP e-mail and no one at work wanted to volunteer to intercede and help out. I told here to just go to hotmail.com and set up an account for free. She went to hotmale.com and started screaming !! She thought she would be fired on the spot...I had to get the President, John, to help calm her down...hell she was almost 66 years old. Never saw anything like that I guess. /snicker
...The Typo Milionaires? ;-)
Try www.466453.com
This is Google spelled out on a touch tone phone.
-William
God is everything science has yet to explain.
... it might not be a good idea to spew venom and arrogance from almost every sentence.
... only the types bearing strong resemblance to Jimmy Fallon's IT guy character from Saturday Night Live ...
However, if you're happy with things currently, go back to your pap-fed, TV-induced brain-numbing stupor, and smile at the nice pretty pictures, the short snappy soundbites, and cower in fear at the Fox news alerts, and feel free not to engage.
(The instructions are deliberately vague. A sort of aptitude test, if you will.)
After reading crap like that, I can't imagine any normal person joining this
If it's not one thing it's your mother.
Yes, but that are all point to point connections. I have got that set up already with my friends. Problem is that you won't get any routing, and you must trust each friend. It's a pain on your firewall and sockets setup as well.
What I need - and I think more people are interested in this - is something that established a virtual LAN. Now, VLAN is already another technology, so we might need another acronym. I would consider Open Virtual Private Lan, or OpenVPL for short (see below).
The biggest issues are probably the routing - e.g. broadcast packages - and management. You would also want to set it up as a LAN adapter as well (which requires insight in device driver development). You would probably want to start off with something like OpenVPN and add routing and management on top of it.
As you can see, I did a little thinking beforehand. Currently my private developments are all in Java unfortunately, so programming the TCP/IP stack in Linux is a bit too remote for me. This IS an interesting idea though, most of you will probably agree.