Google DNS Glitch Caused Outage

An anonymous reader writes "Google suffered a pretty long outage saturday evening, due to some DNS glitches, according to company spokesperson. All Google services were down for a while, including Gmail and Google AdSense. There seems to be a DNS hijack, as some screen grabs show that Google.com was redirecting to another site, SoGoSearch.com. "

Whois Entries Not Indicative of a Hack

[LogicX]

Everyone keeps freaking out because when they run a whois query they get this:

GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.C OM
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGI NE .THAN.SECZY.COM
GOOGLE.COM

This is NOT at ALL indicative of a hack.

All this means is that gulli.com chose to register a DNS server with their registrar called 'GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.CO M' instead of ns1.gulli.com -- to do EXACTLY what they just did -- got your attention.

Simmer down everyone. If you whois ANY major site you'll see similar things. (Just try Microsoft.com)

Re:Whois Entries Not Indicative of a Hack

You're not very good at explaining things. I understand what's going on, but:

"GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENG IN E .THAN.SECZY.COM
GOOGLE.COM

This is NOT at ALL indicative of a hack."

followed by

"All this means is that gulli.com chose to register a DNS server with their registrar called 'GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.CO M' instead of ns1.gulli.com"

are two facts which don't have any logical connection. You should point out how gulli registering this appeared when people did a whois on Google.

Re:Whois Entries Not Indicative of a Hack

[LogicX]

not only that -- but upon thinking about it -- if my logic is correctly about how its listed there -- then why aren't ns1->ns4.google.com listed there also?
why doesn't any domain have its dns servers listed when such a search is performed? (Does whois filter out dns servers listed within the domain itself?)

ala, google.com uses ns1->ns4.google.com, so it doesn't list them?

Re:Whois Entries Not Indicative of a Hack

[A+beautiful+mind]

Also the Screenshots are just about BROWSER GUESSES. The screenshots show http://www.google.com.net!

You know, it's what happens when the browser can't find the given domain name (dns servers are down), that it tries www.google.com.com, then www.google.com.net and it happened to be already taken by the site in the screenshots.

Re:Whois Entries Not Indicative of a Hack

[Megane]

Wow, I thought that trick stopped working like four years or so ago. I even had one of those kind of entries, but took it out when the search stopped showing them.

Looks like these clowns aren't just limiting themselves to Google...

AOL.COM.IS.N0T.AS.1337.AS.GULLI.COM
AOL.COM.IS.0WNED.BY.SUB7.NET
AOL.COM.CANDICE-CHAMBERLAIN.COM
AOL.COM.AINT.GOT.AS.MUCH.FREE.PORN.AS.SECZ.COM
AOL.COM

Re:Whois Entries Not Indicative of a Hack

[AndroidCat]

Because, by default, whois does a search match on the entire record rather than just the name. Since the names of a domain's DNS servers are part of that record, some smartasses with spare domains load up the DNS server names with useless extra strings that will match lookups against popular domains like google.

This only confuses humans, and has nothing to do with Google's outage and overly helpful browser code.

Re:Whois Entries Not Indicative of a Hack

[cortana]

Can this behaviour be disabled in Mozilla?

Re:Whois Entries Not Indicative of a Hack

[AndroidCat]

It probably depends on whose whois server that you're querying and the default command used by whatever program you're using.

Re:Whois Entries Not Indicative of a Hack

[Looke]

Wow, I thought that trick stopped working like four years or so ago. I even had one of those kind of entries, but took it out when the search stopped showing them

Four years ago, I remember this worked in Debian's whois, but not in Red Hat's or SuSE's. The output from whois depends on how the searching is done. Given the large number of people "discovering" this today, it looks like Debian's whois variant is more widespread now.

Re:Whois Entries Not Indicative of a Hack

i would be a happy man i could disable the "wonderful" guessing functionality in mozilla/firefox. for example, a lot of times i just type "goo" in the address bar. the auto-completion finds www.google.com and i hit enter. now i have done it so often that i do it automatically. sometimes, i hit enter too soon -- or the auto-complete takes longer than normal -- and i get some stupid site www.goo.com. please, please, please don't go to a URL i did not type (or auto-complete). try to resolve "goo" and tell me it doesn't match anything.

Re:Whois Entries Not Indicative of a Hack

[AndroidCat]

There's a whois *program*? Damn, I've just been using telnet whois.internic.net 43 all these years!

Re:Whois Entries Not Indicative of a Hack

ebay.com
amazon.com
are highjacked as well

Re:Whois Entries Not Indicative of a Hack

[thedustbustr]

AndroidCat (229562) says:
It probably depends on whose whois server that you're querying and the default command used by whatever program you're using.

AndroidCat (229562) says:
There's a whois *program*? Damn, I've just been using telnet whois.internic.net 43 all these years!

...

Re:Whois Entries Not Indicative of a Hack

[Wieland]

Mozilla Suite: Edit -> Preferences -> Navigator -> Smart Browsing -> Domain Guessing

Firefox: Go to about:config and set user_pref("browser.fixup.alternate.enabled", false);

Re:Whois Entries Not Indicative of a Hack

[AndroidCat]

Busted! :^P (And I use my own program rather than telnet usually.)

Re:Whois Entries Not Indicative of a Hack

[cortana]

Many thanks. This should really be off by default.

Or even better, add a 'this domain name was not found. did you mean: x, y, z' section to the XUL error page (once they get XUL error pages working well enough to be enabled by default).

Re:Whois Entries Not Indicative of a Hack

[thsths]

Yes, you can append a . to the name. http://www.google.com./ will only ever get you google, or nothing at all.

This "trick" is a lot older than mozilla, it applies to all DNS lookups. It also prevents the name from matching a machine on the local network. Mozilla also seems to recognise the dot, and it avoids the "guessing" step.

Re:Whois Entries Not Indicative of a Hack

[LogicX]

Please provide empirical evidence of such.

Re:Whois Entries Not Indicative of a Hack

[Jherico]

No, the problem with that theory is that I pings to www.google.com were being redirected to www.google.com.net as well. Ping just does resolution, not guessing.

Jhercio

Re:Whois Entries Not Indicative of a Hack

[Bananenrepublik]

Another problem is that "http://www.google.com.net" would show up in the location bar, not "http://www.google.com". Try it: enter "google", once you hit return and the page loads, it gets completed and "http://www.google.com" is shown.

Re:Whois Entries Not Indicative of a Hack

[thedustbustr]

Mod me with balls, you fucking pussy.

Re:Whois Entries Not Indicative of a Hack

[A+beautiful+mind]

This is a Safari bug...

As far as the pings go, its not possible, host name lookups were not redirected.

Re:Whois Entries Not Indicative of a Hack

why not use the fucking search box?

Re:Whois Entries Not Indicative of a Hack

Uh, use whois and see for yourself.

Re:Whois Entries Not Indicative of a Hack

[Wieland]

Because this problem isn't restricted to Google, and it can be very annoying indeed. For example, if you're trying to connect to a server on your local network (say, http://somehost/) that doesn't resolve for some reason, Mozilla/FF will take you to www.somehost.com instead.

Re:Whois Entries Not Indicative of a Hack

test

fp

homosexual negroes

Whoa!

[beatdown]

Results 1 - 10 of about 246,000,000 for google. (620.8 seconds)

aha!

I wonder how many people (including myself) figured it was an ISP or local (AKA their network) problem..

Re:aha!

[bhtooefr]

I thought it was browser specific. Around 3:00PM GMT-5, I couldn't get on Google with Opera 7.54 (not my system), but could with Firefox 1.0.1 and (via telnetting into freeshell, because I hadn't tried Firefox yet, and thought it was Earthlink's problem) Links.

I almost wrote a JE about this...

For my searching needs, I simply used Earthlink's search during the outage. It uses Google's database, so same results...

Laugh!

[stabChmo]

So go search Google!

Google ruined me (not a troll, please read)

As a record store owner, my business faces ruin. CD sales have dropped through the floor. People aren't buying half as many CDs as they did just a year ago. Revenue is down and costs are up. My store has survived for years, but I now face the prospect of bankruptcy. Every day I ask myself why this is happening.

I bought the store about 12 years ago. It was one of those boutique record stores that sell obscure, independent releases that no-one listens to, not even the people that buy them. I decided that to grow the business I'd need to aim for a different demographic, the family market. My store specialised in family music - stuff that the whole family could listen to. I don't sell sick stuff like Marilyn Manson or cop-killer rap, and I'm proud to have one of the most extensive Christian rock sections that I know of.

The business strategy worked. People flocked to my store, knowing that they (and their children) could safely purchase records without profanity or violent lyrics. Over the years I expanded the business and took on more clean-cut and friendly employees. It took hard work and long hours but I had achieved my dream - owning a profitable business that I had built with my own hands, from the ground up. But now, this dream is turning into a nightmare.

Every day, fewer and fewer customers enter my store to buy fewer and fewer CDs. Why is no one buying CDs? Are people not interested in music? Do people prefer to watch TV, see films, read books? I don't know. But there is one, inescapable truth - Internet piracy is mostly to blame. The statistics speak for themselves - one in three discs world wide is a pirate. On The Internet, you can find and download hundreds of dollars worth of music in just minutes. It has the potential to destroy the music industry, from artists, to record companies to stores like my own. Before you point to the supposed "economic downturn", I'll note that the book store just across from my store is doing great business. Unlike CDs, it's harder to copy books over The Internet.

A week ago, an unpleasant experience with pirates gave me an idea. In my store, I overheard a teenage patron talking to his friend.

"Dude, I'm going to put this CD on the Internet right away."

"Yeah, dude, that's really lete [sic], you'll get lots of respect."

I was fuming. So they were out to destroy the record industry from right under my nose? Fat chance. When they came to the counter to make their purchase, I grabbed the little shit by his shirt. "So...you're going to copy this to your friends over The Internet, punk?" I asked him in my best Clint Eastwood/Dirty Harry voice.

"Uh y-yeh." He mumbled, shocked.

"That's it. What's your name? You're blacklisted. Now take yourself and your little bitch friend out of my store - and don't come back." I barked. Cravenly, they complied and scampered off.

So that's my idea - a national blacklist of pirates. If somebody cannot obey the basic rules of society, then they should be excluded from society. If pirates want to steal from the music industry, then the music industry should exclude them. It's that simple. One strike, and you're out - no reputable record store will allow you to buy another CD. If the pirates can't buy the CDS to begin with, then they won't be able to copy them over The Internet, will they? It's no different to doctors blacklisting drug dealers from buying prescription medicine.

I have just written a letter to the RIAA outlining my proposal. Suing pirates one by one isn't going far enough. Not to mention pirates use the fact that they're being sued to unfairly portray themselves as victims. A national register of pirates would make the problem far easier to deal with. People would be encouraged to give the names of suspected pirates to a hotline, similar to TIPS. Once we know the size of the problem, the police and other law enforcement agencies will be forced to take piracy seriously. They have fought the War on Drugs with skill, so why not the War on Piracy?

Thi

Re:Google ruined me (not a troll, please read)

Even if it's not a troll, fortunately Slashdot has another moderation category for this sort of post.

Re:Google ruined me (not a troll, please read)

I remember a time...

A time not too long ago

Where trolls in the hallowed halls of trolltalk were original

And the greatest trolls

With the most offensive inflamatory opinions

Would turn up on adequacy.

Alas, these days, people simply copy from adequacy.

And don't even choose any of the good ones.

Re:Google ruined me (not a troll, please read)

[LogicX]

How very christian-like of you.
I'm sure all of your customers applaud your methods; and will flock to your business upon hearing that you're harassing children.

If you're living this close to a month-by-month that you're personally hurting because of a sudden change in your business profits, perhaps your business was not quite as successful as you thought (for 12 years) and you should've been looking into other ways to make money.

If this is not a sudden change, then perhaps it would've been prudent to come up with another source of income, or way to make a direct change to YOUR store many years ago.

You're welcome to propose ideas such as this, but don't fool yourself into thinking you'll see a change tomorrow. You'll be on the street for many years before we start the sex offender equivilant of a Copyright Offenders List (Especially considering copyright law is CIVIL and not CRIMINAL)

Re:Google ruined me (not a troll, please read)

Your store is going bankrupt because it is based on an old system... you sell CDs full of songs people don't want. The new system is to sell per song. I want a song, I buy it, and I pay only for that.

Don't blame pirates for your mistake of being slow at evolving with times!!!

Re:Google ruined me (not a troll, please read)

CD sales are up. You're just selling the wrong stuff. Religion is collapsing and you're concentrating on christian rock - is it really any suprise?

Your blacklist idea is flawed in several critical ways - the major one is you want to stop your customers buying music. Everyone breaks the laws in some way simply because even doing something like copying the cd onto tape to listen to in your car is "piracy". Add them to the black list. Friends come over and listen to the cd when you play it on your machine? Add you and your friends who heard it to the black list too. Tape a show off of TV? black list. Record something off of the radio? blacklist. Buy a second hand cd. Blacklist. Copy your new cd to cdr so you dont damage the original? Blacklist. Try to play the cd in your computer at all? blacklist. How many people are going to shop in stores where you are asked for ID on the way in? Who is going to pay for the system? Who is going to pay to access the system?

Good idea idiot.

Re:Google ruined me (not a troll, please read)

"Dude, I'm going to put this CD on the Internet right away."

"Yeah, dude, that's really lete [sic], you'll get lots of respect."

I think the kids in my old Health book talked like this.

"Dude, I'm going to smoke the drugs right away."

"Yeah, dude, that's groovy. You'll achieve a higher social status among our peers."

Re:Google ruined me (not a troll, please read)

[LibertarianWackJob]

I for one wecome our new CD Store Owner Overlords.
This blacklist idea is the best! We could just put a bit on our new Federal ID cards to show who is blacklisted. We could keep them from buying or selling anything! Food, Gas, ... Why stop at just music? While we are at it we could even use this opportunity to round up thier guns or forcibly steralize them so they can't reproduce!!!

Wow, this is great!

/sarcasm

Re:Google ruined me (not a troll, please read)

Fuck off and die, please.

Re:Google ruined me (not a troll, please read)

[NemosomeN]

Dude, if you're trying to find music on Google, you're a fucktard. Why don't you just go buy some v1agra there or something?

Re:Google ruined me (not a troll, please read)

[thedustbustr]

and of course, it was modded funny, offtopic, and troll. not a flamebait in sight. lovely

Re:Google ruined me (not a troll, please read)

[daperdan]

Join the millions of people who choose to fight technology instead of enbracing it.

Laziness killed your business. The digital revolution is powered by hundreds of new products that you could have sold in your record store. Memory, MP3 players, Home audio distribution centers are just some of the products that audiophiles are looking for.

Millions of used CDs are sold on Amazon, Half and Ebay daily. Have you modified your sales tactics to take advantage of this? I'm sure the answer is no.

You also fail to put your customer first. Blacklisting customer!?!? What the fuck ever happenned to making the customer #1. Your tactics will fail in any business.

This evening, my daughters asked me. "Why do the other kids laugh at us?"

I wanted to tell them the truth - it's because they wear old clothes and have cheap haircuts. I can't afford anything better for them right now.


Tell them the truth. You have crappy hair cuts because You're too stupid to adapt.

You're here preaching to a technical crowd who has seen their jobs shipped over-seas daily. People in the tech industry have to re-invent their careers every three years in order to stay employed. It's extremely rare to find a techie that has been doing the same thing for 12 years. Why the fuck do you think you'd find any sympathy on this board.

Google didn't ruin you. Take some accountability and get off your ass and do something about it. Or keep preaching your sob story and get in the un-employment line!

Re:Google ruined me (not a troll, please read)

[burdalane]

So that's my idea - a national blacklist of pirates. If somebody cannot obey the basic rules of society, then they should be excluded from society. If pirates want to steal from the music industry, then the music industry should exclude them. It's that simple. One strike, and you're out - no reputable record store will allow you to buy another CD.

Who needs CDs anyway? I hardly listen to any music at all, and I get by fine. Even if pirates were banned from buying CDs, the Internet already has enough music that I don't need the new stuff. And what does Google have to do with your problem, anyway? People don't use Google to find MP3s.

Google Web Accelerator

[Message+Board]

Last night, Google Web Accelerator was accelerating just fine... except for the fact that when I tried to make it proxy google.com it told me that the web site wasn't available, and to try search Google for the site. Needless to say, that didn't work either.

Re:Google Web Accelerator

Dont try to set the proxy to 127.0.0.1:9100. Use the proxy autoconfiguration script that GWA installs (http://localhost:9100/proxy.pac)

Slashdot and Google

[brokencomputer]

Yeah and Slashdot was down with a 503 error yesterday for quite a while. But seriously, Google shouldn't allow this to happen.

Re:Slashdot and Google

[antiphoton]

It's a free service, they don't owe you anything. If anything you should realise from the downtime how much you rely on Google, and you should appreciate it more.. Cause one day, Good Google(TM) won't be around :(

Re:Slashdot and Google

Ohhhhhh I see google SHOULDN'T allow this to happen. You see the problems was we thought we SHOULD allow it to happen. Just a minor glitch in marketing. We'll get that corrected soon. But as long as you're helping could you tell us if we should or shouldn't allow gmail to crash on occation?

Re:Slashdot and Google

[JustOK]

Why shouldn't Google allow Slashdot to be down with a 503 error error?

Re:Slashdot and Google

[Chess_the_cat]

They don't owe you anything.

I wonder if Google's shareholders feel the same way or if they understand that they do owe their customers? They're a business; they owe me whatever it is I feel like asking for or I'll go elsewhere.

Re:Slashdot and Google

[Aenox]

You pay in privacy.

Re:Slashdot and Google

Do you want to do it the good way, or the microsoft way?

Re:Slashdot and Google

[jdgeorge]

I wonder if Google's shareholders feel the same way or if they understand that they do owe their customers? They're a business; they owe me whatever it is I feel like asking for or I'll go elsewhere.

Are you an advertiser on Google? If not, it sounds as if you are confusing what Google owes shareholders (return on investment) and their customers (advertisers) with what Google owes the user, (technically, nothing).

It is true that Google tries to provide a good experience for users, and that helps provide value to the advertisers and return on investment the shareholders are owed.

If, on the other hand, you are an advertiser, you should realize that Google's first obligation is to its shareholders, not its customers or its users.

(Okay, I realize that Google has other customers than advertisers, e.g. those who purchase Google's search services, users of Google Answers, etc., but my impression is that advertising generates the bulk of Google's revenue.)

Re:Slashdot and Google

[Donny+Smith]

> It's a free service, they don't owe you anything.

No it's not a free service.

I pay those bozos to show my ads and by not being online they're fucking me up.

> If anything you should realise from the downtime how much you rely on Google, and you should appreciate it more.

Yeah, and perhaps in light of the excessive reliance I should diversify my advertising providers.

Re:Slashdot and Google

Don't use that attitude on me, pal. Without people using Google, advertisers don't get ads seen, and Google doesn't get money. It depends on the end user.

There's a lot of competition in the search engine market. I hope you don't run a businssines with that bad attitude of yours. It won't be around long.

Re:Slashdot and Google

Because it's a crime against nature !!

Re:Slashdot and Google

[Aeiri]

my impression is that advertising generates the bulk of Google's revenue

Yeah but that revenue would go down the pooper can if it didn't have any users.

Re:Slashdot and Google

[gbulmash]

they owe me whatever it is I feel like asking for or I'll go elsewhere.

And where, praytell, will you go?

If you know of a site that is as good as or better than Google, please share. If not, then the question becomes who suffers more when you go elsewhere, you or Google?

- G

Re:Slashdot and Google

[kjcdude]

Idiot. There a company with billions and billions of dollars invested in them. Look at there god dam shares.

Lost Revenue

I wonder how much revenue they lost due to ads being down...

SoGoSearch

[Dachannien]

I think it's far more likely that there are quite a few people out there with some sort of malware redirecting their failed DNS lookups to this site, as opposed to Google's DNS entry being hacked.

Re:SoGoSearch

[Dachannien]

Never mind. See posts below indicating that these schmucks registered the .com.net domain and have a host named "google" in that domain, hence google.com.net.

Re:SoGoSearch

[A+beautiful+mind]

You know, a few minutes ago when i've first seen the grandparent while the parent was there already, it wasn't moderated interesting yet. So this leads to the conclusion that someone didn't even bother to check the context of the GP post to determine that parent basically negated his own post.

I'm not usually talking about these things, but this is nice moderation...

Re:SoGoSearch

[legirons]

"I think it's far more likely that there are quite a few people out there with some sort of malware redirecting their failed DNS lookups to this site"

If there was, then the malware was working on a fully-patched and firewalled Ubuntu machine last night, which would be fairly unusual.

Perhaps something at the ISP level would be more likely, as it would affect large groups of people at a time and it's not like poisoning ISPs' DNS is unthinkable (most of the people I saw mentioning the outage were from the UK, from a couple of ISPs)

Or perhaps there's a real explanation, as yours and mine are really just guesses.

Re:SoGoSearch

[AndroidCat]

Google's DNS was down, browsers did something that most people don't expect. Nothing to see, move along.

Re:SoGoSearch

Except the fact that browsers did something that most people don't expect is quite something to see! This is breaking one of the golden rules of UI design.

Re:SoGoSearch

[AndroidCat]

I never got a pony either.

Pre-FP

[LogicX]

Ironically people have been freaking out about this, even before slashdot posted the story; leaving comments in other articles

Re:Pre-FP

[Potor]

How is this ironic? Interesting perhaps, but ironic?

Re:Pre-FP

[LogicX]

Worded poorly.
Ironic perhaps because they felt slashdot was somehow creating a conspiracy by not posting about it -- and now it is infact posted.

Re:Pre-FP

[Fjornir]

You keep using that word. I do not think it means what you think it means.

Re:Pre-FP

[LogicX]

Although I question my usage based on what I read at dictionary.com under 'ironic':

"Usage Note: The words ironic, irony, and ironically are sometimes used of events and circumstances that might better be described as simply "coincidental" or "improbable," in that they suggest no particular lessons about human vanity or folly. Thus 78 percent of the Usage Panel rejects the use of ironically in the sentence In 1969 Susie moved from Ithaca to California where she met her husband-to-be, who, ironically, also came from upstate New York. Some Panelists noted that this particular usage might be acceptable if Susie had in fact moved to California in order to find a husband, in which case the story could be taken as exemplifying the folly of supposing that we can know what fate has in store for us. By contrast, 73 percent accepted the sentence Ironically, even as the government was fulminating against American policy, American jeans and videocassettes were the hottest items in the stalls of the market, where the incongruity can be seen as an example of human inconsistency."

This definition of irony seems to apply:
2a "Incongruity between what might be expected and what actually occurs: "Hyde noted the irony of Ireland's copying the nation she most hated" (Richard Kain)."

So I'm saying its ironic that although Slashdotters felt there was a 'coverup' as to why Slashdot had yet to cover the story -- it was in fact covered.

Their expectation of a coverup being 'incongruent' with the truth -- that the story wasn't covered up, and that it was posted.

By that 2a definition this seems to hold the characteristics required of 'irony' --
which should lend itself to the the word 'ironic'.

I'm not an English major, I'm only working with what I read in the dictionary. Please help me to understand it better if my logic isn't following correctly.

Perhaps what I thought in my head I didn't explain well in my post as to why I felt it was ironic.

Re:Pre-FP

[NanoGator]

"Perhaps what I thought in my head I didn't explain well in my post as to why I felt it was ironic."

Don't you hate it when people needlessly nitpick you until you're forced to write a long post explaining yourself?

Been there, man.

SoGoSearch didn't hijack

SoGoSearch didn't hijack Google's DNS. They registered a domain name google.com.net. Because the browser couldn't find google.com it tried as google.com.net. It has nothing to do with them hijacking any DNS.

I do think it is unethical to register a domain such as google.com.net if you are not Google, but that is a different thing.

Re:SoGoSearch didn't hijack

[houseofzeus]

Exactly, I'm not even sure that all browsers go to that as one of their options. All the shots I have seen were using Safari.

Re:SoGoSearch didn't hijack

[ryanjensen]

Thing is, they didn't register "google.com.net" - they registered "com.net". The "google" part is called a wildcard, and any "*.com.net" would go to SoGoSearch. (See this report about yahoo.sex.com).

The real problem lies in web browsers that append ".net" to a domain name when the .com version cannot be accessed.

Re:SoGoSearch didn't hijack

[Gollum]

In fact, I think they registered com.net, and simply created a wildcard DNS result for anything under that, which points to their search page.

As the parent says, it is common behaviour for browsers to try appending common TLD's to the end of an URL that is not found verbatim. When Google went away, the browser appended .net to google.com, and ended up at *.com.net.

A bug that people seem to be ignoring is that whatever browser is shown in the screenshot did not show the correct URL after the .net was appended, but left the original URL in the location bar.

Re:SoGoSearch didn't hijack

[Kristoffer+Lunden]

A bug that people seem to be ignoring is that whatever browser is shown in the screenshot did not show the correct URL after the .net was appended, but left the original URL in the location bar.

Looks like Safari. And you're right, that's the real problem here, the redirect should be shown at the very least by changing the URL in the location bar.

Re:SoGoSearch didn't hijack

[AndroidCat]

Wasn't there a top-level domain added recently where Google already owned the .COM domain that browsers would redirect to? (whatever.tld would get you tld.com) Living and dying by swords and all that.

Re:SoGoSearch didn't hijack

[capicu]

they seem to be paying the price for trying to feed off google's fame now. it appears that they've been /.ed

Re:SoGoSearch didn't hijack

[oreaq]

The "google" part is called a wildcard, and any "*.com.net" would go to SoGoSearch.

No, it's not a wildcard. See http://www.foo.com.net/ for an example. I tried a few names and only http://www.google.com.net/ and http://www.com.net/ seem to work.

Re:SoGoSearch didn't hijack

[jmaslak]

Uh, no, this is not a browser bug.

Yes, IE does do some bizare stuff on its own, but this is a RESOLVER issue.

Let's say you have a domain called "example.com". Let's say you have a host called "foo.example.com". What happens, with the common configuration, when you telnet to "foo.example.com" from a machine called "bar.example.com"? Well, if your resolve.conf contains search example.com, it will try to look up foo.example.com, then foo.example.com.example.com, then foo.example.com.com. The relevant section from resolv.conf (5) on my RH9 box:

Most resolver queries will be attempted using each component of the search path in turn until a match is found.

IE has a different broken component, but that doesn't come into effect until AFTER the resolver does its thing - it appends a bunch of TLDs to the name, not just ones in your search path. But IE does show you the proper URL when *it* (instead of the resolver) does this.

Yes, this all is very dangerous behavior and some systems have learned "Only append the primary domain, not each subdomain". I think Windows is one of these systems actually. That's why if you are quux.baz.example.com, a Window's machine can't telnet to foo.example.com by simply typing in "telnet foo". This was a departure from the Unix resolver rules for security reasons - a good idea IMHO. (if a user typed "secureexampleintrant", you wouldn't want a phisher out there to have set up secureexampleintrant.com so your user unknowingly goes there instead of secureexampleintranet.example.com). Of course I am of the opinion that these "DNS shortcuts" are bad in general and the search kewyord in BIND needs to go away. Let people type the whole URL.

A little DNS knowledge is a dangerous thing indeed, though, as there is all sorts of FUD with this. This is DEFINATELY not a browser problem.

Re:SoGoSearch didn't hijack

They registered www.com.net and therefore control anything *.com.net. Because there isn't a foo.com.net just means that they havn't added it to their A records.

Re:SoGoSearch didn't hijack

[John+Hasler]

com.net, net.com, etc should be reserved.

Re:SoGoSearch didn't hijack

[Dun+Malg]

com.net, net.com, etc should be reserved.

A better idea is to not have such brain-dead DWIM "features" in the browser. What kind of stupidity is it to blindly append a TLD to a URL that already ends in a valid TLD?

Re:SoGoSearch didn't hijack

[autocracy]

It's definitely a browser problem. The resolver doesn't do that... the browser makes the other requests after being told NXDOMAIN by the resolver. So, while the issue comes from getting the wrong DNS response, it's because the browser asked the wrong questions thereafter. This also doesn't have to do with search directives. I'm sure there's something you're saying that I'm calling differently than you mean, but it's still an issue of the browser in this case.

Re:SoGoSearch didn't hijack

[Karma+Farmer]

No. You're confusing the "resolver library" code used by the program, and "resolving name servers" network services. He's describing the built in search feature that many resolver libraries use, you're describing the part of the network protocol that library uses to communicate with the network service.

It's worth asking if Mozilla and Firefox use the "default" resolver of the host operating system, or if the developers took the "path of greatest suprise" by including one of their own.

Re:SoGoSearch didn't hijack

[Karma+Farmer]

I've searched nearly every slashdot post, and you are the only person who said "resolver." And, you're only modded a "2", while the guy who responded incorrectly got a "4".

Slashdot is like Saturday Night Live, I guess. It sucks, it always sucks, and it will always suck forever. But everyone remembers a time when it didn't suck as hard as it does right now.

Re:SoGoSearch didn't hijack

[Laebshade]

A better idea is to not have such brain-dead DWIM "features" in the browser.
Isn't IE the only browser that does this?

Re:SoGoSearch didn't hijack

[autocracy]

If it were a system resolver library issue, then simple services such as ping and telnet should also be affected, right? Or any other higher level application... e-mail, ftp, etc. No, I think it's a browser code selection that doesn't default. Not to say I'm certain... but I consider it a more likely possibility.

Re:SoGoSearch didn't hijack

[jmaslak]

RTFM!

This has been default resolver behavior on Unix (including Mac OS X and Linux, IIRC) since early versions of the resolver libraries.

I am NOT talking about the DNS server itself, rather the client libraries.

On a Linux machine (at least RH9), look at
"man 3 resolver".

Note the "RES_DNSRCH" option:

"If set, res_search() will search for host names in the current domain and in parent domains. This option is used by gethostbyname(3). [Enabled by default]."

Note also that it is enabled unless someone turns it off in the code of the calling application.

Note that "gethostbyname" is the common way in Unix C programming to find out the IP address of a DNS name. And gethostbyname() *is* using this option.

If someone wants to disagree with this, I'm going to say "read the source" and then post that source to disprove this.

In this case, when google.com returned NXDOMAIN, the resolver (accessed by gethostbyname on OS X and Linux) then looks up google.com.localdomain.tld. It then looks up google.com.tld. So, if your local domain was "example.net", it would try google.com.example.net followed by google.com.net - exactly the behavior we saw yesterday. It also explains why some people got "page not found" instead (there is no "google.com.com" - no DNS wildcard under com.com)

Re:SoGoSearch didn't hijack

[initialE]

Tell that to CNet. They own com.com and keep sending people there.

Re:SoGoSearch didn't hijack

[WGR]

Yes, it is not a wildcard entry, just a single entry for www.google.com.net. A wildcard is a DNS entry of form

*.google.com.net. 45772 IN A 206.125.101.12

not

# dig www.google.com.net A
www.google.com.net. 45772 IN A 206.125.101.12

which is a single DNS entry.

Re:SoGoSearch didn't hijack

[jacksonj04]

Firefox also does this, and afaik Netscape, Mozilla and Safari do.

Look at browser.fixup.alternate.enabled in your about:config to turn it on/off.

Re:SoGoSearch didn't hijack

[Laebshade]

Ah. A late reply, but one nonetheless. Perhaps it would've been more accurate to state that IE is the only one that does it by default. Because, who else would enable such a bone-headed option by default except for Microsoft?

Re:SoGoSearch didn't hijack

[jacksonj04]

Mozilla - Firefox does it by default ;)

BENEDICT ARNOLDS OF THE OPEN SOURCE MOVEMENT

• Marc Andreessen made 100s of millions of dollars shortly after graduating from UIUC. Today's graduates of the same university face moving back in with their parents. "Fuck that, I got mine!"
• Brian Behlendorf decided he'd rather go to India to recruit software engineers than help out the graduating classes of 2001-2004 here in the US.
• Robert Malda stood idly by and said NOTHING while his company offshored its flagship product.

Miguel de Icaza, Bruce Perens, Eric Raymond, and Linus Torvalds all got rich off the Open Source Movement. What do you have to look forward to?

OSDN == Offshore Software Development NOW!!! Read how OSDN is helping to offshore American High-Tech to the Third World!

Not a hijack

[Kip]

They were just taking advantage of browser behavior.

www.google.com.net leads to sogosearch.com

When a browser fails to resolve an address, they will try adding .net and .com to the end of the address on the assumption maybe the user forgot to add it.

Re:Not a hijack

[Ta+Pere+*]

It would be interesting to see some statistics as to what people used instead of google during the outage. MSN? Yahoo? Maybe netcraft can confirm it...

Re:Not a hijack

How would a user forget to add .net or .com at the end if the address ends with ".com"? These is obviously a missing if-clause in the code before the browser starts appending shit to a url.

Re:Not a hijack

[omb]

Yes, and every time we add 'tard' support to our
code we add another potential _exploit_.

Re:Not a hijack

[GutBomb]

domain.com.au perhaps? it doesnp;t just try com and net, it tries all of them until something works.

Fedora Google

The Fedora Core Blog gives a review of the features we can expect from Firefox 1.1. Many uses have been running the latest trunk builds and seeing dramatic improvements in page rendering, managing many tabs quickly, and the much-anticipated fix for the /. layout bug. From the article: 'One major new feature in Firefox 1.1 is the "Sanitize" feature. This enables secure browsing with much more ease. Select the "Sanitize" option in the preferences and Firefox will scrub your profile of sensitive information (which you select in the preferences).'"

Therefore Google sucks ass.

Has it gotten to this point yet?

[fwice]

Are people really this dependant on google that when there is an outage, people really flip out?

I mean, there are other search engines.
Other email services.
Other mapping things.

Seriously, what were people doing a couple years ago? If your life is that in tuned to google, maybe its time to 'log off' (and pardon the cliche).

Re:Has it gotten to this point yet?

[TummyX]

Other email services.


I agree with your sentiment but WTF?! "Other email services" doesn't make much difference if your primary email is delivered to gmail.

Re:Has it gotten to this point yet?

[ssummer]

Yeah there are other email services but just like any other significant form of interpersonal communication, people have to have a certain level of dependence on it as it is not a trivial matter to change/redirect your emails in situations like this.

It is completely reasonable to "flip out" if your voice, your cell phone, your IM, or in this case, your email doesn't work for several hours and you have no idea how long it's going to take for it to come back.

Of course maybe if you are a complete loser then noone would really care that you keep changing email addresses every time your server goes down...

Re:Has it gotten to this point yet?

Yeah I'm bad for that. During the outage I tried to Google for another search engine but...

Re:Has it gotten to this point yet?

I agree with your sentiment but WTF?! "Other email services" doesn't make much difference if your primary email is delivered to gmail.

What's stopping you from using another web-based e-mail account, or using your ISP's e-mail service?

Re:Has it gotten to this point yet?

[Cyn+Dragon]

Some of us have a shrine in a closet with a picture of all the google servers. Google is God, Google is life, Google is the all knowing. I guess you need to
"log on" more, there is a religion called Googlelism. We hold meetings every sunday morning and have meetings on Wednesday. /me prays to his God, Google.
"Save me from the false gods!"

Re:Has it gotten to this point yet?

[Poeir]

Google offers search results via SMS (text message 46645 with your query). It also has Google local, which means you can search for telephone numbers. I don't know of another search service with this functionality, and I attempted an out of state lookup during the outage without knowing about it. I actually did get results much later, but they weren't useful then.

A couple of years ago, I wouldn't have looked up the number at all, but I also wouldn't have been used to being able to look it up at any time.

Re:Has it gotten to this point yet?

[telstar]

"What's stopping you from using another web-based e-mail account, or using your ISP's e-mail service?

You mean, other than that not solving any problem? If the email service you use goes down, and you don't retain a local copy of that email, you immediately lose access to a wealth of information. Doesn't matter if it's GMail, Yahoo!, Hotmail, or whatever. I don't see how your suggestion solves the problem.

Re:Has it gotten to this point yet?

[TummyX]

WTF?

That doesn't exactly help if all your contacts are sending important email to you gmail account.

Re:Has it gotten to this point yet?

Yes, there are other services, but if the DNS resolution to gmail fails, then that means a lot of mail could not get delivered, and affects probably thousands of people's email during that time period.

Re:Has it gotten to this point yet?

[jmaslak]

I'm sorry, but "important" email being sent to a free email account?

If you get important email, I suggest paying for an account that provides support as part of the price. "Free" doesn't typically mean "great support", not even in the case of Google.

Re:Has it gotten to this point yet?

I mean, there are other search engines.

I wonder whatever happened to all the old search engines like Altavista or Dogpile or Hotbot. People used to rave about those, now they're pretty obscure.

Re:Has it gotten to this point yet?

[sydb]

Googlelism

This makes me very uncomfortable. Try "Googlism".

cf absolute -> absolutism, not absolute -> absolutelism.

Re:Has it gotten to this point yet?

[mbaciarello]

Well, I can't say I panicked, but I did feel weird, if not lost, for some minutes.

I chose to rely on Google for several reasons, and it's now part of my usage of the Web. I know total reliance can be bad, and I haven't forgotten about the existence of other search engines. Still, Google is my favorite one, and I don't feel the need to perform seaches on multiple engines (yet.) A tendency to use one tool amongst others, is quite natural, as long as you don't completely forget the alternatives.

The moment Google was "gone," I felt like I had to "readjust" the way I browse the WWW. For one, I tried to go to MSN Search but instinctively typed "msn search" into Firefox's location bar!

(for those who don't use Firefox, when you type something that's not a well-formed URL in FF's URL bar, it runs a Google search for that string and redirects you to the first result - a quick way to go to "big" sites without typing the whole address.)

Re:Has it gotten to this point yet?

If anybody got worried by the parent post: Don't be. Mail keeps trying if the server is down and not responding which includes DNS changes. The mail will make it eventually. That's what the irksome status: delayed messages mean when you get them after sending mail.

Re:Has it gotten to this point yet?

[phukraut]

It also has Google local, which means you can search for telephone numbers. I don't know of another search service with this functionality

Wouldn't a phone book be good for this?

Re:Has it gotten to this point yet?

[alpha264]

> Other email services

Of course there are other E-mail services, but if you use gmail, you're mail is on Gmail. You can't just say, "Oh, well, Gmail's down, I'll use Yahoo! or Hotmail". Maybe if they thought about it ahead of time and used Gmail to forward their mail to another service, but I doubt many people were planning on a Google outage.

Re:Has it gotten to this point yet?

[Poeir]

As I said, this was an out of state lookup. Before the Internet got going, I went to a library to look up such a phone number, and they did have phone books for most major cities, but this is impractical in contrast to a text message. Additionally, at the time I was unaware of Google's issues, so I had no reason not to use the usual method.

Re:Has it gotten to this point yet?

[TummyX]

I'm sorry, but "important" email being sent to a free email account?


Are you retarded? What do you suggest people use their gmail accounts for? Giving to spammers? Giving it to people you don't care to reply to? Not using it for anything except for sending gmail invites?

All email that isn't spam or mailing lists is important in some way or another. What if it was an email from your g/f? What if it was from an ebay sale or purchase?

Think about the people who would use free email services....just about everyone and for personal use. The email you get may not be about life or death or the next business deal but it's still important.


"Free" doesn't typically mean "great support", not even in the case of Google.


Duh. Noone implied otherwise. Free or not, people come to rely on their email address and saying that people can simply switch to another provider in the same way as they could simply switch search engines is simply ridiculous. It's like losing your phone (and phonebook) and having to somehow notify everyone of your new phone number.

Re:Has it gotten to this point yet?

Seriously, what were people doing a couple years ago? If your life is that in tuned to google, maybe its time to 'log off' (and pardon the cliche).

A couple of years ago, a similar Yahoo! outage would have been a big deal. Either way, people use what's relaible, whether it's Google or not, and when a reliable service goes unreliable for a day or so, it's news.

Re:Has it gotten to this point yet?

Duh. Noone implied otherwise. Free or not, people come to rely on their email address and saying that people can simply switch to another provider in the same way as they could simply switch search engines is simply ridiculous. It's like losing your phone (and phonebook) and having to somehow notify everyone of your new phone number.

Notifying everyone is a simple matter of an email to them with your new address info. If you don't have a backup of your addressbook that you can access in case your web email provider goes down, you are a moron and deserve what you get.

Re:Has it gotten to this point yet?

[SirTalon42]

So your going to switch to some other thing, notify everyone, then when it comes back up, switch back and notify everyone *again*?

Re:Has it gotten to this point yet?

I mean, there are other search engines.

Well, how am I supposed to find these other search engines, Mr. Smartypants?

Re:Has it gotten to this point yet?

[brxndxn]

With how much spam there is now, there is no such thing as important email. Think of email like a postcard.. sometimes it just gets tossed before ever being looked at.

Re:Has it gotten to this point yet?

Indeed. I was blissfully unaffected by the outage, using Yahoo and
Ask Jeeves.

I find it sad that people seem to think that Google is the only
worthwhile search engine.

Re:Has it gotten to this point yet?

AltaVista's still around. It is owned by Yahoo. It still works, just
not as well as Yahoo or Google.

Babelfish still seems to have some mindshare.

Re:Has it gotten to this point yet?

[NanoGator]

"Seriously, what were people doing a couple years ago? If your life is that in tuned to google, maybe its time to 'log off' (and pardon the cliche)."

So let me see if I understand your point: The problem isn't that Google is a good service with a well earned reputation, but rather that people are weird. Thanks for the 'insight'. You act like Google's rise through the ranks was an anomoly. Oops, I praised Google. Even though it's helped me do some good stuff, I better 'log off'!

Re:Has it gotten to this point yet?

[frakir]

Um... when you call 411 you can specify area code, even foreign country/city. Works for me every time.

Re:Has it gotten to this point yet?

[michaelhood]

How about those of us that make a living on Google one way or another? Yes, eggs all in one basket. Diversify. Blah blah blah. We still have a right to kick and scream, whine and cry. Enough people like complaining or hearing us complain for it to get posted to Slashdot. If you don't fit into those groups, don't click on the stories.

Re:Has it gotten to this point yet?

[SwervingVector]

Frankly, Google gives me more stable service than my ISP can... Which is kinda dodgy.

All but one

[spray_john]

In fact, google.sg was still up. Don't ask me why.

Just a DNS glitch

[Eric(b0mb)Dennis]

Lots of rumor of DNS getting poison and/or google site getting hacked. The reason benig is people thought google.com was going to SoGoSearch.com..

But apparently it was just their browser's not finding google.com and trying to go to Google.com.net

Stop flipping out!

You've got to learn WHY things work

Spock Reliant's prefix number is one-six-three-zero-nine.
Saavik I don't understand -
Kirk You have got to learn WHY things work on a Starship.
Spock Each ship has its own combination code...
Kirk ... to prevent an enemy to do what we're attempting; using our console to order Reliant to lower her shields...
Spock (at the weapons console) Assuming he hasn't changed the combination. He's quite intelligent...

Just noticed

[vivekg]

Thought gmail was slow and Adsens was not working but google.co.in was up and running :)

However I noticed http://www.google.com/intl/xx-hacker/ don't know what the hell it is... or just one of those google own funny stuff :-?

Re:Just noticed

[Skater]

Yep, just like Klingon and the Swedish Chef tranlations they offer. It's been there for years.

--RJ

Re:Just noticed

[petermgreen]

www.google.com/intl// gives you google in that language

they use xx- for the ones that don't have standard language codes ;)

xx-hacker is l33t sp34k
xx-bork is bork bork bork (whatever thats supposed to be)
xx-elmer is elmer fudd
xx-klingon is klingon

there may be others to that i haven't spotted ;)

Re:Just noticed

[BlueUnderwear]

Thought gmail was slow and Adsens was not working but google.co.in was up and running :)

Adsense is still not working fully. On many sites ( example), clicks on ads only work roughly one time out of three.

Re:Just noticed

[Eric(b0mb)Dennis]

What kind of fucking jerk are you? Taking Wikipedia's article, making a new domain, and adding adsense for a word which garners $50 a click, yeah

Take advantage of hurting people some more, you fucking jerk

Re:Just noticed

[SirTalon42]

Weird... Guild Wars also has 'Bork Bork Bork' as one of the languages...

Re:Just noticed

[SirTalon42]

He also set it up so you can't post. Too bad...

Re:Just noticed

[Bender+Unit+22]

May I suggest using Google for it and you might come up with this: http://en.wikipedia.org/wiki/Swedish_Chef :)

Re:Just noticed

adding adsense for a word which garners $50 a click, yeah

50$ a click? More like 50 cents. You can't directly apply Overture bid prices to Adsense. Adsense pays significantly less. And nowadays, even Overture bids are much less than 50 bucks.

Re:Just noticed

[Kristoffer+Lunden]

Bork Bork Bork ;-)

And some more info from Answers.com...

Re:Just noticed

hehe. i clicked your ads just because that was clever. lol. mesothelioma clicks are worth $10+.. way to game slashdot. post back and tell us what kind of results you got. im curious. -regular posting a/c for obvious reasons.

Re:Just noticed

Financially, it was not worth the while. These clicks are now only worth 65 cents on average, not 10 dollars (or 50, as some think), unfortunately...

Got 377 visits, of which 20 clicked, netting me a meager $13.18... With these amounts, it's nothing to get rich, it's more for the phun/excitment.

However, from what I understand, end of last year (November?) prices for these keywords were indeed 50$ and more, so just imagine if I had known about adsense and pulled this stunt back then...

Re:Just noticed

[Synchronizm]

I know I'm probably way late to the party, but my favorite stupid IT trick today was entering "google hacked" in the search box and clicking "I'm Feeling Lucky". It must be fun to have your hand on the PageRank(tm) dial.

Best explanation I've seen was on BroadbandReports

koitsu posted there:

[some content removed to get past the lameness filter, see original post]

Looks to me like Google broke their own DNS zones. Querying their nameservers DIRECTLY for e.l.google.com works -- I get an A record back -- but going through normal means, I don't.

So, my guess is that someone forgot to increase the serial number when changing zones, the hostmaster updated the zones but forgot to toss in an A record for e.l.google.com initially (then later updated the zones, but haven't been updated in peoples' DNS cache tables because the queries for e.l.google.com failing are already cached and wont de-cache until the expiry is reached), or there's something majorly screwed with their DNS setup entirely.

In English: all of the above basically says that 1 out of 4 DNS requests will fail, until DNS caches everywhere are flushed, or newer records are pulled down from Google's nameservers.

So the DNS was down...

[Karakth]

Just 216.239.57.99 it.

Re:So the DNS was down...

[srblackbird]

I have 2 DNS bookmarks for Google.com, and other website I visit frequently
In case there is an attack at the DNS-servers.

http://216.239.39.99/ and http://216.239.57.104/

Re:So the DNS was down...

[justforaday]

Seriously. When it was down and I needed to do a search I just used nslookup to find their IPs. Punched that number into the browser and everything was working fine. I didn't try getting to gmail or anything, but I'm sure this would've worked there too for the five or ten minutes google wasn't resolving...

Re:So the DNS was down...

[amembleton]

For some reason I cannot get the IP address to visit Google UK, like that. They must be using the same IP address as the US servers and just generating the UK page for google.co.uk searches.

Re:So the DNS was down...

[roman_mir]

as long as it is not 216.239.57.69 it, I am ok with it!

Re:So the DNS was down...

[sydb]

Just curious, if everyone else's DNS cache entry for google had expired, then why hadn't yours? If you could nslookup the IP, why couldn't your browser resolve it?

Re:So the DNS was down...

[justforaday]

Y'know, after I posted that I began wondering the same thing...After hitting google via IP address, I tried using the domain name, and it still wouldn't come up. Anybody with more in-depth knowledge of DNS propagation have an explanation?

Re:So the DNS was down...

When using the hostname, Google appeared to redirect me to another host, and that lookup failed. Google.com was still resolving, and there was no redirect when I used the IP.

It's time to end our dependence on google

[91degrees]

People of Slashdot! We unite, righteously, against the forces of Microsoft.

Why do we do this? Because Microsoft is evil. Microsoft is a monopoly. We need to escape our dependence on Microsoft.

Yet we all use Google. Google with it's 85% market share. Google with its total control of the web search market. Google with its effective ownership of the web advertising business. Google the monopoly.

Why the hypocrisy? Why do we support one monopoly while rejecting another? Should we not avoid google, even if not to punish them, because we need to be indepenedent of our suppliers. Don't give Google control over the internet. Use the alternatives!

Re:It's time to end our dependence on google

[EllF]

...or perhaps we reject Microsoft because we disagree with its corporate goals, and find its products to be substandard, while agreeing with Google's, and find its offering to be exactly what we want?

Re:It's time to end our dependence on google

MS attempts to push people into a corner with 'pay to play' defacto proprietary standards.

For example, some companies require correspondence to be in the form of MS's .doc format, yet there is no way to reliably produce these formats without buying something from MS.

Google has a product that costs nothing and does a good job. Sure, google owns the index, but is kind of stuck in that should they become onerous to deal with enough people who own the indexed content will be quite happy to move it elsewhere

Re:It's time to end our dependence on google

Having a monopoly is not illegal. Abusing that monopoly is.

Re:It's time to end our dependence on google

[mattkinabrewmindspri]

Because Google doesn't suck. There really isn't anything that seems to compare.

And if there is, please, show us. I'm interested.

Monopolies aren't inherently evil. Monopolies that use their position to hurt consumers are evil, but I don't know of Google doing that.

Re:It's time to end our dependence on google

[datadriven]

And yet they still let you submit a site for free, imagine that.

Re:It's time to end our dependence on google

[omb]

The reason is simple:

Primum Non Nocere,

M$ is a Monopoly, and both evil and arrogant

Google is less of a monopoly and has yet, in my
experience, to abuse its position.

Re:It's time to end our dependence on google

[Barryke]

True, Google ~ search monopoly.
But dont compare it with Microsoft's monopoly to much;

Its hard to seperate from Windows or Office because of the compatibility issues.
Not using Google is easyer than not using Microsoft.

(i'm assuming a democratic future)

Everything with a beginning has an ending.
Also Google, Earth, Bananas, Microsoft, and Democratics

So, what will come after democratics?
There will be a new system.
I think it's google's.

I also think i'm paranoid.

Re:It's time to end our dependence on google

[dfjghsk]

Google with it's 85% market share. Google with its total control of the web search market.

Except, its market share is only 35%.. which is far from a monopoly. (For comparison, yahoo is at 32%)

Only here on slashdot does everyone think google completely controls the web search market.

Re:It's time to end our dependence on google

[91degrees]

Microsoft let me develop software for Windows for free. They even offer online help. Come to think of it, I'm sure they would have no ibjection to me giving them software for free as well.

Of course Google let you submit a site for free. Their whole business model depends on it.

Re:It's time to end our dependence on google

[91degrees]

Uhhmmm... Your point would be?

Giving a single company a monopoly is a bad idea. It prevents competition just through being a monopoly. Legality has nothing to do with it.

Re:It's time to end our dependence on google

[91degrees]

It's "MS". You see, the 'S' is used as an abbreviation for "Soft", which is, in turn, a contraction of "Software". The '$' symbol is typically used to refer to currency, although is often used in other areas, especially programming languages.

Hope this helps.

Re:It's time to end our dependence on google

[91degrees]

Yes.. because Wired is well known for its accuracy and precision. What is the source for that figure and how is it calculated? Number of people who use it? Number of searches? Total gross income from the search sector?

Re:It's time to end our dependence on google

[FidelCatsro]

It may have as many bugs(hyperbole) as MS products , but They are a hell of alot cheaper.

Re:It's time to end our dependence on google

Google is a bad old habbit, not the ultimate search engine.

I created a freshmeat entry May 2:nd and did a relevant search the 7:th. Google didn't even show freshmeat... just one mirror. Same search in msn search turned up freshmeat, three mirrors AND my project homepage!

Linux is my OS, but I use a plethora of search engines.

Mvh
Mats Johannesson

Re:It's time to end our dependence on google

Monopolies that use their position to hurt consumers are evil, but I don't know of Google doing that.

Because Google, unlike every other normal commercial organisation, is inherently Benevolent(TM).
Thou shalt not question the monopoly of a Benevolent corporation.

Goddamn fanboys.

Re:It's time to end our dependence on google

Sorry, that came out potentially confusing. The entire first paragraph was a quote, but the italics-tag ended up in the wrong place. Damn touchpad.

Slow Down Cowboy!

Slashdot requires you to wait 2 minutes between each successful posting of a comment to allow everyone a fair chance at posting a comment.

It's been 1 minute since you last successfully posted a comment

Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator.

Re:It's time to end our dependence on google

[Barlo_Mung_42]

Random people on /. are not known for accuracy or precision either. What is the source of your figure?

Re:It's time to end our dependence on google

[Barlo_Mung_42]

It's also used here by 1337 poser types as a jab at Microsoft.

Re:It's time to end our dependence on google

[91degrees]

From an outdated discussion. Onestat.com puts the figure at closer to 55%. So do most independent rating systems. God only knows where wired got their figures from.

Re:It's time to end our dependence on google

a quick trip to search engine watch shows that google was holding at about 50% share this quarter. Media Metrix showed 48%, Hitwise says 42%, Nielsen 47.3%

sf

Re:It's time to end our dependence on google

[dfjghsk]

a quick trip to search engine watch ... Media Metrix showed 48%,

i went over to search engine watch, and found this chart:

comScore Media Metrix Search Engine Ratings

Which shows google at 35%, yahoo at 32%, msn at 16%..

Re:It's time to end our dependence on google

[RedWizzard]

That 35% number comes from comScore Media Metrix's December 2004 survey. They include all the Yahoo owned sites (Altavista, AllTheWeb, Overture, etc) in the Yahoo 32%, but they still separate out the sites that are Google powered, but not Google owned (AOL, Excite). If you include those sites Google is providing results for their share is around 48% of queries, which is still a long way from the 85% guess of the GP.

It's also interesting to compare that data to the Nielsen NetRatings data. That data, from March 2005 shows Google (not including AOL and Excite) as having 47% of the searchs, and Yahoo having only 21% (not including Altavista et al). Again Google is far from a monoploy, but it is about twice the size of it's nearest competitor, and stable for the year. That's a significantly different result compared to the comScore data. The point is to be wary with the data from surveys.

Re:It's time to end our dependence on google

My point would be that monopolies can be gained by legal and moral business practices, and it's only when that monopoly is being abused that people should start boycotting the products of that monopoly.

Microsoft has been guilty of those abuses throughout the time that it has been in a monopoly position, while (as far as I'm aware) Google's actions have not been as damaging. (Their latest 'local web proxy' is a little scary, but people using Windows, or any other closed-source operating system, have no guarantee of privacy anyway.)

Re:It's time to end our dependence on google

[irc.goatse.cx+troll]

monopolies that havn't yet abused their power and are trying to take down the big evil are good. Like microsoft back in the late 80's taking down IBM.

Google might be good now*, but so was microsoft. so was IBM. so was apple. so was amazon, yahoo, ebay. They all turn eventually, and it will be a sad day when something as useful as google goes down the drain.

*(Debatable if you're a developer, what with their attempting to shoehorn you into a bad SOAP interface without near as many features as you could get parsing).

Re:It's time to end our dependence on google

[91degrees]

But I urged a boycott to be independent of a monopoly. Not as a form of punishment.

DO NOT FEED THE TROLLS! Sheesh...

I'd have thought that someone with a low /. ID would eventually have figured out that this was a troll. Guess not; did you purchase the account on eBay?

The message isn't even really to do with Google per se. It might have been Cut and Pasted from a genuine source, and your answer may have been relevant there; but here it's a troll.

Re:DO NOT FEED THE TROLLS! Sheesh...

It was cut and pasted from Troll site Adequacy, from several years ago. Looks like the record shop owner is still in business.

Re:DO NOT FEED THE TROLLS! Sheesh...

[LogicX]

that'll teach me ;)

I didn't realize there were such relevant generic troll texts out there -- I normally ignore, but it was an early post that seemed to have atleat semi relevant content, and although my initial thought was 'wtf does this have to do with google', I got involved in the semantics of text's ideas.

And no -- I didn't purchase this account on ebay (nor was I even aware they were sold on ebay) -- I'm just an old-school slashdot user.

Most useful IP!

[Poromenos1]

I bet you're glad you memorised Google's IP now, aren't you!

Mod parent up NT

No text

My test

During the outage, I noticed www.google.com wouldn't resolve at all, but I tried google.com (without www.) and that resolved, but the server redirected to www.google.com, so my proxy failed to connect anyway.

Tinfoil hats on!

Overheard at the Redmond headquarters:

I have you now.

How to avoid it

Go to about:config and change browser.fixup.alternate.enabled to false.

Re:How to avoid it

And they say GUI-based software isn't easy to use!

That's still trademark infringement

[ShatteredDream]

They're trying to associate google.com.net with them in an effort to confuse customers. Thus they are guilty of a trademark violation and Google can sue them.

Re:That's still trademark infringement

[ryanjensen]

Yahoo tried to do just that with sex.com. Didn't work for Yahoo, won't work for Google.

.tld.tld silliness

[chrysalis]

When the Google name servers didn't work, web browsers tried to add ".com" and ".net" to the URL. And http://www.google.com.net/ is Sogosearch, because the "com.net" domain exists and it is owned by Sogosearch.

Just like the "net.com" domain that is also registered by another company.

Culprits are:
- registrar who allows registration of .tld.tld domain names,
- web browsers that are trying to add suffixes even though the domain name of the URL already has a known suffix.

Of course the TLD namespace is a moving target, but that rule could at least be enforced with .com/.net/.org/.biz/.edu/.mil.

Re:.tld.tld silliness

Tell that to ZDnet, news.com.com is one of the nets biggest sites...

Re:.tld.tld silliness

Let's not forget the asshats who registered com.net. They have betrayed peoples trust and deserve a good kicking.

Re:.tld.tld silliness

Culprits are:
- registrar who allows registration of .tld.tld domain names,

I think not. Would you advocate removal, for
example, of ca.us.

The problem is dumb browser behavior.

Appending a .tld is bad enough, but not even
showing that change in the location are of the
browser is really bad.

Heh, with my browsers, I don't have those problems.

http://xps9tffd.com/ -->
www.xps9tffd.com could not be found. Please check the name and try again.
Alert!: Unable to connect to remote host.

Lots of coverage on this . . .

[Jsutton1027w]

. . . here. Notice this slashdot article is the first referenced. ;)

Re:Lots of coverage on this . . .

Google goes down. Logical course of action: search Google for information.

Microsoft vs Google - round 1

[mkw87]

for the avid readers i'm sure you will remember this article http://it.slashdot.org/article.pl?sid=05/05/04/230 206&tid=109&tid=217&tid=218/ Gates on Google. Well this is most likely gates new plan of attack for google. He figures if they wont sell out, and he cannot create a search engine of equal (or greater) power, well why not resort to school yard tricks. I hope google is watching their back....

Re:Microsoft vs Google - round 1

[Crashmaster007]

Microsoft may be evil but I do not think they would do something like that. It would be bad for business if found out and I'm sure that it's probably illegal. Then again you could just be joking around, sarcasm is hard to detect on the internet.

Re:Microsoft vs Google - round 1

[khoury.brazil]

That has to be the dumbest most unbased in reality comment I have ever read. I hope you are joking.

Re:Microsoft vs Google - round 1

[mkw87]

yes, i was being sarcastic......no need to worry

Re:Microsoft vs Google - round 1

[khoury.brazil]

Okeydokey. That's what I thought. Sometimes the lines between sarcasm and madness bleed around here..

Google didn't cash 400,000 US$ during that time

[astrab]

According to gigaom.com, Google acknowledges having suffered a 'DNS blackout' for two hours (aprox) this past Saturday, and users couldn't access the search engine.

During Q1 2005, Google cashed $657 million by showing sponsored links on search results. This means 300,000 US$ per hour. Taking into account that this issue happened on Saturday (less users), we can estimate the 'non-revenue' figure in 400,000 US$ aprox, without considering other non-working services like Google AdSense, which probably suffered problems during this time.

http://google-blog.dirson.com/post.new/0260/

Re:Google didn't cash 400,000 US$ during that time

[ArsenneLupin]

Taking into account that this issue happened on Saturday (less users), we can estimate the 'non-revenue' figure in 400,000 US$ aprox, without considering other non-working services like Google AdSense, which probably suffered problems during this time.

Adsense still doesn't work correctly, even now. But apparently, it is very dependant on the page. On some pages, the ad links work 99% percent of the time, but on some others 90% of the clicks fail (i.e. the visitor is directed to a google "sorry for the inconvenience" page, rather than to the advertiser). Wierd.

I think it's the carbuerator?

No, no, it's the spark, there's no spark.

Dumbshit, you're just outa gas!

NEWS? NEWS?
This is news in the sense that the Weekly World News is news.

M'rons speculatin bout DNS resolution when they don't have a klew how it werks.

are you ...

an utter moron?

Outage

[gunpowda]

I read the title as 'Google Search Causes Outrage'. And it probably did :)

This hit Microsoft as well

[Nichotin]

Didn't anyone notice?

Re:This hit Microsoft as well

[Nichotin]

Seriously, it was not meant as a joke.

Re:This hit Microsoft as well

[Jesus_666]

But the "didn't anyone notice?" part was unintentionally funny.

Re:This hit Microsoft as well

[Nichotin]

A late reply, noone will ever care, but here goes:

whois microsoft.com: canonix:~ nichotin$ whois microsoft.com Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net/ for detailed information. MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET MICROSOFT.COM.WILL.LIVE.FOREVER.BECOUSE.UNIXSUCKS. COM MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BL UE.VEINED.SPANNER.NET MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM MICROSOFT.COM.WANADOODOO.COM MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.RULEZ.AND.DIOX YTECH.NET.DELETED.GANDI.NET MICROSOFT.COM.SMELLS.SIMPLECODES.COM MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.CO M MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA MICROSOFT.COM.OHMYGODITBURNS.COM MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM MICROSOFT.COM.IS.NOT.AS.COOL.AS.SIMPLECODES.COM MICROSOFT.COM.IS.IN.BED.WITH.CURTYV.COM MICROSOFT.COM.IS.GOD.BECOUSE.UNIXSUCKS.COM MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.FUCKING-BULLSH IT.NET MICROSOFT.COM.HAS.ITS.OWN.CRACKLAB.COM MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISS ILES.COM MICROSOFT.COM.FLINGS.POO.AT.MONKEYCORE.COM MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET MICROSOFT.COM.CAN.GO.FUCK.ITSELF.AT.SECZY.COM MICROSOFT.COM.ARE.GODDAMN.PIGFUCKERS.NET.NS-NOT-IN -SERVICE.COM MICROSOFT.COM.AND.MINDSUCK.BOTH.SUCK.HUGE.ONES.AT. EXEGETE.NET MICROSOFT.COM To single out one record, look it up with "xxx", where xxx is one of the of the records displayed above. If the records are the same, look them up with "=xxx" to receive a full display for each record. >>> Last update of whois database: Sun, 8 May 2005 20:21:41 EDT NOTICE: The expiration date displayed in this record is the date the registrar's sponsorship of the domain name registration in the registry is currently set to expire. This date does not necessarily reflect the expiration date of the domain name registrant's agreement with the sponsoring registrar. Users may consult the sponsoring registrar's Whois database to view the registrar's reported date of expiration for this registration. TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations; the Data in VeriSign Global Registry Services' ("VeriSign") Whois database is provided by VeriSign for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. VeriSign does not guarantee its accuracy. By submitting a Whois query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to VeriSign (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of VeriSign. You agree not to use electronic processes that are automated and high-volume to access or query the Whois database except as reasonably necessary to register domain names or modify existing registrations. VeriSign reserves the right to restrict your access to the Whois database in its sole discretion to ensure operational stability. VeriSign may restrict or terminate your access to the Whois database for failure to abide by these terms of use. VeriSign reserves the right to modify these terms at any time. The Registry database contains ONLY .COM, .NET, .EDU domains and Registrars. canonix:~ nichotin$

Those schmucks were first

[AndroidCat]

com.net: Record created on 28-Sep-1994

google.com: Created on..............: 1997-Sep-15.

Find the humor in this....

[telstar]

You just know that someone, somewhere, had just installed some new software on their PC ... then went to search for something on Google and BAM! No Google, no GMail, no Google Maps ... nothing. I bet that software is on its way back to CompUSA right now.

Re:Find the humor in this....

Hopefully the whole computer is going back. They failed the test for their Internet licence.

Re:Find the humor in this....

[FreyarHunter]

One more dangerous internet surfer off the waves! Good job! Google is doing thier part to keep the net safe, why not YOU!

Re:Find the humor in this....

Fooled me for a while - I thought my DSL was having problems till i realised was only testing my connection using www.google.com

SoGoSearch FAQ is weird

It syas things like we didn't install that malware on your coomputer but you should turn off cookies when visiting our site anyway just to be safe

For Microsoft...

[frostman]

I just tried Microsoft. Hilarious.

frost@louddrunk ~
$ whois microsoft.com|grep MICROSOFT
Server Name: MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM
Server Name: MICROSOFT.COM.WANADOODOO.COM
Server Name: MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.RULEZ.AND.DIOX YTECH.NET.DELETED.GANDI.NET
Server Name: MICROSOFT.COM.SMELLS.SIMPLECODES.COM
Server Name: MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.CO M
Server Name: MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
Server Name: MICROSOFT.COM.OHMYGODITBURNS.COM
Server Name: MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM
Server Name: MICROSOFT.COM.IS.NOT.AS.COOL.AS.SIMPLECODES.COM
Server Name: MICROSOFT.COM.IS.IN.BED.WITH.CURTYV.COM
Server Name: MICROSOFT.COM.IS.GOD.BECOUSE.UNIXSUCKS.COM
Server Name: MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.FUCKING-BULLSH IT.NET
Server Name: MICROSOFT.COM.HAS.ITS.OWN.CRACKLAB.COM
Server Name: MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISS ILES.COM
Server Name: MICROSOFT.COM.FLINGS.POO.AT.MONKEYCORE.COM
Server Name: MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET
Server Name: MICROSOFT.COM.CAN.GO.FUCK.ITSELF.AT.SECZY.COM
Server Name: MICROSOFT.COM.ARE.GODDAMN.PIGFUCKERS.NET.NS-NOT-IN -SERVICE.COM
Server Name: MICROSOFT.COM.AND.MINDSUCK.BOTH.SUCK.HUGE.ONES.AT. EXEGETE.NET
Domain Name: MICROSOFT.COM
Domain name: MICROSOFT.COM

It's time to end our dependence on nitrogen

People of Slashdot! We unite, righteously, against the forces of Microsoft.

Why do we do this? Because Microsoft is evil. Microsoft is a monopoly. We need to escape our dependence on Microsoft.

Yet we all use nitrogen. Nitrogen with it's 80% air share. Nitrogen with its total control of the industrious cooling market. Nitrogen with its effective ownership of the car boosting business. Nitrogen the monopoly.

Why the hypocrisy? Why do we support one monopoly while rejecting another? Should we not avoid nitrogen, even if not to punish them, because we need to be indepenedent of our suppliers. Don't give nitrogen control over the air. Use the alternatives!

This brought to you by the H2S breathing aliens.

Point is : the market share is not important in itself. What is important is, if it's deserved or if it's achieved through illegal means.

Re:It's time to end our dependence on nitrogen

[91degrees]

I'm not sure what you're talking about. You're comparing millions of years of evolution and neccesity to a web services company and/or a software company.

And Microsoft acheived its monopoly through legal means.

Re:It's time to end our dependence on nitrogen

I think they have been accused of forcing IE to consummers through Windows.
That's why they have to release a non-IE bundled Windows in Europe, plus a huge fine and some source code to release.

I don't remember of any wrongdoing in the OS part of their monopoly though. Maybe someone with good knowledge of the US trial versus MSFT can confirm or infirm that.

Re:It's time to end our dependence on nitrogen

They abused their monopoly once they had it. They achieved it legally (probably).

Re:It's time to end our dependence on nitrogen

Different between illegal and not caught.

Re:It's time to end our dependence on nitrogen

[91degrees]

In that case, Google gained their dominance of the search engine market through murder and racketeering. It's got as much validity as the argument that MS achieved their monopoly through illegal means.

Re:It's time to end our dependence on nitrogen

[m50d]

The monopoly itself is important. Nitrogen is far more stable than any company, which is an advantage, because you can much more safely depend on it. You should, however, make sure you have the source for any gases you use, because you never know when your current supplier will go under.

Re:Best explanation I've seen was on BroadbandRepo

[Professor_UNIX]

Not quite. Other DNS servers don't care about the serial number, only secondary DNS servers of that domain use it to determine if they should do a zone transfer. Other DNS servers relay on the time to live settings in the SOA header to determine if their information is outdated or not, if so it will try to query for fresh info, if not it should still serve from its own cache.

With google down..

[kun]

With google down who's going to raise my children!?

Re:With google down..

[g-san]

In america I think the government, television, and the schools do.

Re:With google down..

who's going to raise my children!?

The guy in the gas station? The video rental attendant? The janitor? Who is their father, anyhow?

This happened to me a week ago.

[xh3g]

This very same thing happened to me a week ago. I documented the screenshots here and here (uploaded on May 1).

I had just installed Tiger 2 days prior, so I suspected a hole the operating system, as you can see by the title of the screenshots. That also prompted me to post a question (along with everything I had learned about what was happening) to Mac Rumors, to see if anyone had known anything at all about this at the time.

Again, this was in the morning Sunday, May 1. Everything I'm reading late last night and this morning seems to indicate that this is the first time anyone is seeing this happen. It's not.

I dare Google to sue them

[Donny+Smith]

> They're trying to associate google.com.net with them in an effort to confuse customers.

Hah! I dare Google to sue them and I wish they win.

Then Google will get their ass sued to death by misc. companies whose trademarks Google associates with competitors' ads at a rate of 1000's impressions per minute (if not more).

Get over it

Google was done for 1 hour or whatever in the past 5 or 6 years. Quit crying.

Re:Get over it

[FreyarHunter]

This is effectively what will happen if Microsoft's site went down only on a smaller scale. Just because it was down for only for an hour in such a long span of time doesn't mean that it's extremely unusual. Yes every site has it's hiccups, but Google is one that has been running for years and has been very successfull. Imagine the amount of money they must have lost from advertising.

Handicapped

[Tweak232]

I was doing a bit of technical research at the time, and when google went out, I just felt so handicaped. It got to the point where I almost consitered going outside! omg! J/k But I did seriousely feel handicapped when it was down.

Re:Handicapped

[cpghost]

Didn't you consider using the alternatives? Competition^WRedundancy can be quite useful in cases like these.

Seriously: that was a good opportunity to test the quality of Yahoo!s results yesterday. Not that bad, and certainly much better than no search engine at all!

Hosts file wins again!

[cfalcon]

I have Comcast, which occasionally has DNS issues (when it goes into "does not work" for a couple hours, that's often their DNSes going down).

Anyway, I plugged Googles IP into my hosts file, thus allowing me to get nifty things (like alternative DNSes and how to make my machine use them, along with possible fixes to future problems) from the Gcache.

The fact that they've basically backed up the Internet is, uh, interesting.

Another weird Google glitch

[Peter+Cooper]

This search for cache::memcached (a Perl module) always fails. I reported it to Google several days ago. Other searches, such as for io::socket do not fail similarly.

Got any other searches which always fail with a server error?

Re:Another weird Google glitch

[Cyan-Z]

So does a search for cache:[anything], where [anything] is anything that isn't a URL.

Re:Another weird Google glitch

[Peter+Cooper]

Aha! I think you've nailed it. Silly me :) Putting that part of the query in quotation marks seems to solve the problem and get expected results.

Google's worldwide...

[Leviathant]

When I couldn't connect to google.com, I just loaded up google.co.uk (...and news.google.co.uk) - I guess some of you junkies don't need the fix as bad as I do.

Yet Another Google glitch [domain search operator]

Google Negative Domain Search Glitch

• "+site:TLD" works as advertised
• "-site:TLD" doesn't sometimes

Anybody else with the same experience?

I read NANOG list on Gmail, so I couldn't read it

[billstewart]

The North American Network Operators Group mailing list, which is mainly for discussions between ISP people, had a good bit of discussion about this. Unfortunately, I get my NANOG subscriptions at my Gmail account, so I couldn't read about it there until it was over :-)

The set of valid TLDs changes

[tepples]

What kind of stupidity is it to blindly append a TLD to a URL that already ends in a valid TLD?

When ".museum" was first added, how would existing browsers know that it is a valid TLD?

Re:The set of valid TLDs changes

[Dun+Malg]

What kind of stupidity is it to blindly append a TLD to a URL that already ends in a valid TLD?

When ".museum" was first added, how would existing browsers know that it is a valid TLD?

They wouldn't, at least not until the next software update. But while turning "baddomain.museum" into "baddomain.museum.com" might be excusable, turning "baddomain.net" into "baddomain.net.com", when the .net TLD predates the creation of web browsers themselves, is just brain-dead programming.

Re:The set of valid TLDs changes

[m50d]

Which makes it impossible to not append on *known* tlds how?

Re:The set of valid TLDs changes

[grolschie]

Appending anything to a domain name that you typed is plain stupid, even if server cannot be found. It's annoying when you mis-type a domain and that auto-guessing feature is invoked. I'd rather have "page cannot be displayed" error.

Re:The set of valid TLDs changes

[Dun+Malg]

Appending anything to a domain name that you typed is plain stupid, even if server cannot be found. It's annoying when you mis-type a domain and that auto-guessing feature is invoked. I'd rather have "page cannot be displayed" error.

That's my thought as well, although I do have Google's "search from toolbar" installed on my "dodo machine*", and it seems to work adequately.

* Dodo machine: simple laptop with wireless in my living room for visitors to use when they say "can I [look something up | check my yahoo mail | accidentally install the latest dialer.exe] on teh intarweb?" No way in hell are they going to touch my production machine or my work laptop.

Perfect example of panic.

[Inoshiro]

I've had my Gmail account open continously throughout this, and Google.ca resolved constantly. Why? I use intelligent caching DNS, and my browsers won't try to magically autocomplete if there is a problem (DNS is handled by Privoxy).

Yet still yesterday I kept seeing people panic about, "google being hacked". ...

Obviously these people need to learn a little about computers, and run their own caching DNS servers. Hopefully ones like djbdns, so they aren't vulnerable to cache poisoning attacks.

Toggle a single bit in one database

And Google would be wiped out overnight.

People ask for Google by saying its name. If people stop saying its name, it's gone. Poof. A billion dollars of valuation disappear. People learn to use some other search engine pretty easily, at little expense.

A 16 year old can wipe Google off the map.

I can't imagine why anyone would put money in them.

Good example of why SPF's security holes

All this means is that gulli.com chose to register a DNS server with their registrar called

No, there was a real (major) DNS hijacking that occurred.

This is a good example of why SPF does not provide solid authentication, and why its promoters are real jackasses for pushing the illusion of security instead of real security. The same people that hijacked Google could have successfully authenticated themselves as anyone to every SPF-using system in the world.

DNS is not, and was never intended to be, a secure system strong against attacks. *No* system that purports to provide authentication (the entire point of SPF) should ever, as a fundamental component of its operation, rely on DNS to be a trusted system. Which SPF does.

If you want an a trusted system that you can use as the core of an authentication system, use PGP/GPG -- not DNS.

Re:Good example of why SPF's security holes

[LogicX]

What does SPF have anything to do with this?

If your domain is high-jacked due to a fault with the security of your domain registrar, then yes, you have bigger problems than any anti-spam solution.

This is not the purpose of SPF

If you read spf.pobox.com You can learn that SPF is merely designed to be a system which can eliminate domains being spoofed in the from field of spam messages.

If someone is using one of my domains (logicx.net) to send spam; I can reduce the affect of such a joe-job attack by having a published SPF record; such that receiving systems can verify if the email came from a logicx.net mail server, and reject it appropriately.

SPF and PGP have entirely different authentication approaches. I'd go so far as to say that PGP is more integrity checking.

SPF is a verification that mail for a particular domain came from an appropriate server -- with the goal of disposing false emails (spam, spoofs, etc.)
This is not at all a system to verify users on that particular email system.
This is where PGP steps in -- It is used to verify the integrity of the email -- that it came from a particular user, and came unaltered.

Finally, where has it been verified that their was a breach of their DNS system?

All of the screenshots have now been confirmed to be a firefox situation where when DNS failed it resolved www.google.com.net -- which resolved to the people who own com.net

Just think how this affected ISP help desks

[IronChefMorimoto]

Imagine all the people who have Google.com set as their homepage when they start up a web browser. I can't imagine what happened to ISP help desk lines when Joe Bob Family Man hopped onto his computer Saturday night to check a golf score only to find a 404 error or some "page not found" error when he fired up MSIE.

Think about it -- Google just doesn't go down. Not like some websites. It's so simply designed, and in some people's minds, that means it can't fail.

Hell -- I stupidly went into my Linksys router interface after FireFox gave me a startup error to see if my ISP had dropped my connection. I didn't think to look at CNN.com or another website (which were working fine, so NOT an outage). Why?

Google just doesn't go down. Reliance is a real bitch sometimes, no?

IronChefMorimoto

Solutions...

[evilviper]

I noticed that google wouldn't resolve. I have 6 upstream DNS servers that feed my own caching DNS server. I checked each one, and found that half of them had the address for google, and half didn't. Simple solution, re-order my DNS servers so the ones with Google's address were searched first, and restart DNS server. Problem solved.

I assumed it was just a case of cache poisoning for those specific servers, and not that Google was dead to the world.

This brings up a very interesting subject, though. If more people used MaraDNS, or added it's features to other DNS servers, nobody would have had this problem. If a DNS lookup fails, it serves the last-known good record, even if it has expired, allowing you to continue to visit many common sites even if the entire DNS system dies (due to DoS or whatnot). It's a shame nobody else has added this feature, it seems like an obvious enough idea to me.

In the short-term, putting a few entries in your hosts file for the important sites you visit will do the trick:

216.239.37.99 google.com www.google.com
64.233.161.107 gmail.com www.gmail.com

Re:Solutions...

If more people used MaraDNS, or added it's features to other DNS servers, nobody would have had this problem. If a DNS lookup fails, it serves the last-known good record, even if it has expired, allowing you to continue to visit many common sites even if the entire DNS system dies

Because you don't always want that "feature" you may want to be able to stop traffic. Post that questions/statement/assertion to some of the dns oriented news groups and you will get a variety of scenarios where that is not a good thing.

Hackable DNS

[The+Mighty+One]

I don't know how many people knew this, but about 5 years ago there was an exploit for Internic where you could actually change the DNS entry via their web interface without being the owner of that domain.

The only catch at all was that once you'd changed the domain servers, the domain owner had an email letting them know. If they didn't spot this within 24 hours you could fully transfer ANY domain on the web.

Sadly I was just a dumb 16 year old when I figured this out, so didn't use it wisely, but I took over a bunch of domains (won't name names because I probably caused a lot of lost business) and pointed them at my own little site for about a month before anyone found me. I tried Microsoft.com too, but they saw the transfer going through, blocked it, and chased me up with some very threatening calls.

The funny thing is this exploit was so easy, but I've never heard of anyone else doing it. Was this ever known publicly?

Don't worry...

[Jesus_666]

...it happens to a lot of people.

All but two?

[Jesus_666]

I had no problems accessing google.de. What's strange is that some other people couldn't connect at all.

Djdns to the rescue?

[bad_outlook]

I've said it before, and I'll say it again, why isn't everyone using Djdns? I've set it up on my home network server running FreeBSD to provide dnscache for all my boxes within 192* and thus far it's working perfectly. From Djdns' security page, it says that it's impervious to DNS poisoning (an perhaps the hack that took down google?): "dnscache does not cache (or pass along) records outside the server's bailiwick; those records could be poisoned. Records for foo.dom, for example, are accepted only from the root servers, the dom servers, and the foo.dom servers." "dnscache is immune to cache poisoning." Djbdns While I don't think I'm in the clear because of this, I feel better protected from the (unwashed ;)) internet. Anyone care to comment, please do, as I've just started using this and want to know how effective it is. bo

Re:Djdns to the rescue?

DNS is carried on UDP. What happens if someone spoofs the root servers IP on an answer packet? Does it say, "Okay! I'll put this in my cache!" or does it say, "Hmm, I have no outstanding queries for this domain, this could be poisoned, I'll dump it." And what if the spoofed packet manages to get in between when the requesting nameserver makes a query and when the answer arrives from the authorized answerer? It's not that hard to figure out when a nameserver's entry for say, microsoft.com is due to expire, thus cluing a black hat into when the nameserver is likely to make a new valid query for that domain name.

Re:Djdns to the rescue?

djbdns uses random ports and random query ids to attempt to make it more difficult to spoof. Someone did an analysis of the random number generation used by various dns servers and djb's was the least guess-able and most other dns server only randomize the query id not the port, so spoofing is something he put quite a bit of thought into.

Re:Djdns to the rescue?

[Iamnoone]

bind 8,9 and djbdns
original
update
You might want to check out some of his other stuff, too - http://lcamtuf.coredump.cx/

Dear Sir or Madam

[Jesus_666]

I find your ideas intriguing, and wish to subscribe to your newsletter.

Free == Great Support

[mangu]

I suggest paying for an account that provides support as part of the price.

Sigh, there we go again. Where I work, we used to have all our databases in Oracle. Today we keep old stuff in Oracle, but new applications are created in Postgres. Why? Because we get better *free* support for Postgres than we get for our paid-for Oracle databases. Why can't we apply the same logic for email?

Nitrogen is shit

Have you ever checked the price of nitrogen? Cheaper than beer (or milk, BTW). That's because nitrogen is almost useless. Nitrogen is obtained as a sub-product of oxygen. Oxygen is important because it cuts steel. When you heat steel to almost the melting point with an oxy-acetylen flame and then turn on the oxygen, the steel literally burns, the oxydation of steel under a pure oxygen flow generates enough heat to keep the steel molten. That's how steel plate is cut. But, to get oxygen, you must extract it from air, which is almost 80% nitrogen, so for each pound of oxygen you get four pounds of almost useless nitrogen. FUCK NITROGEN!

none of the regional googles

[DJCF]

Actully, none of the regional googles were affected -- google.co.uk, google.co.th, etc.

I for one,

[Aeron65432]

Welcome our Google-slaying overlords.

Re:NOT A BROWSER PROBLEM

[dtungsten]

The root cause was definitely NOT a browser problem as it affected other services like telnet and ping. Or are you going to try to tell me that ping is a browser? However, as others have noted, the browsers did incorrectly list the page being viewed as 'http://www.google.com/' instead of 'http://www.google.com.net/'. This happened with several different browsers on several different platforms. Interestingly enough, ping and telnet reported the correct address (www.google.com.net). Depending on when you tried it, and how the entry was cached on your system, you could work around it by typing 'www.google.com.'.

This is NOT correct

[mr+i+want+to+go+home]

This is simply not correct. The screen shots are from Safari. Safari doesn't do auto-resolution of domains.

Also, you would not get auto-resolution of "Google.com.net" from "Google.com". You'd get "Google.net".

No one's flipping out, but a DNS attack on Google (if that's what it is) is pretty big 'News for Nerds'.

Google DNS Glitch Caused Outage

[caluml]

Google DNS Glitch Caused Outage

I knew that . Where is the full detailed breakdown?

It was Magneto and Microsoft

They were attacking the RIM

Re:NOT A BROWSER PROBLEM

[Karma+Farmer]

I believe that most versions of PING will do a reverse DNS lookup by default -- first they'll ask the DNS server for the address to match the name, then they'll ask the DNS server for the name to match the address.

I can't say as much for telnet -- many don't report any host name at all. I wouldn't be suprised if many also did reverse DNS lookups, or reported CNAMEs, or other similar setups.

Happened to me a month ago

[ndvaughan]

This actually happened to me a month ago for about 2 hours. I believed at the time that it was because of my ISP (Knology.net), because I didn't hear anyone else complaining about it. However, it happened again yesterday to me. Weird.

yeah it was unavailable

[MegaFur]

On Saturday, at about the time they describe, I was trying to access Google (in Kansas) and it was unavailable, but I never got sent to some other site, I was just getting the "unkown host" message--in Firefox and from ping.

I got hit by it

[LoveTheIRS]

Yeah, so I got hit by it. First, it was only gmail.google.com that went down for me. All of the other parts of google worked fine. That was because my dnsclient on XP had cached the ip of the gmail server that I was using, while the my machine went to the google.com dns server to find gmail. I was on an undependable wireless connection at the time...so I thought it was some funky blocking scheme that my wireless isp was doing. I go back home to my hardwired connection, and it is still not working. I then started making a slashdot article and began doing a little more research because the rest of google seemed to work fine(funnily) ...with a "ipconfig /flushdns" ...it all seemed to start working again, I just thought the servers that cached in my dns had been taken offline and my dnsclient was being crap. So I canceled the article, the problem was resolved.

It.Slashdot.Org Glitch Caused Blindness

Here is the cure:

http://shit.slashdot.org/article.pl?sid=05/05/08/1 33225

I sent this tip in last night but it was rejected

[bloglogic]

Hmmm, oh well

user error

[rhaig]

looked to me like someone left a '.' off the end of a line after editing a bind config.

www.google.com which is usually a CNAME to www.l.google.com. was temporarially a CNAME to www.l.google.com.l.google.com.

go figure

Can we hear from someone at google?

I'd love to hear about what happened when the searches-per-second meter started dropping like a rock towards zero... The simultaneous WTF?!? emanating from their monitoring centers must have been priceless.

I wonder if running the dns data file through some "lint" utilities prior to roll out will become part of the SOP.