Slashdot Mirror
Microsoft 'URL Tracer' Hunts Typosquatters
TonioSop writes "Microsoft Research has released a new tool to help pinpoint large-scale typosquatters that are known to be gaming pay-per-click domain parking services. The lightweight prototype, called Strider URL Tracer, builds on the work within Microsoft's Cybersecurity and Systems Management group to keep tabs on a sophisticated typosquatting scheme that uses multilayer URL redirection to make money from Google's AdSense for domains program. "
Geez editors this is a dupe I was reading this same article at slashdt.org earlier *sigh* :)
GeekServ Unix Consulting Services (http://www.geekserv.com)
But would MS really like it being used to help fix Google's troubles?
Now I have a new buzzword to gratuitously throw out there...typosquatting. Sweet.
At my old company we used to keep an eye on these guys. If they looked externally they could solve this problem for a fraction of what this program will cost...
You are in a maze of twisted little posts, all alike.
How much you want to bet this is folded into IE7 with their Anti-phishing "technology".
Fantasy remains a human right; we make in our measure and in our derivative mode... -- JRR Tolkien
And here we have the Typosquatter, a theropod dinosaur, roughly between the early punchcards and their ultimate culmination in the Domain-Squatting dinosaurs. It lived between 1 to 13 years ago, in the Windows Ages.
Of the early Internet period, though one unknown species is from the very late Typewriter period. The various Typosquatter species are bulky omnivores, ranging from approximately 2 to 3 metres (5-8 feet) in height, and averaging about 235 pounds in weight.
Its most distinctive feature was the uncanny ability to take on the likeness of other domains, likely used for trapping its fumbling prey and for phishing scams. It was recently hunted to extinction by Tyrannus Microsoftus using its most effective method of capture, the 'URL Tracer.'
He who knows best knows how little he knows. - Thomas Jefferson
...if there are more than 1000 participants, Microsoft will pay them each $1000.
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
Squatting on domains is one thing, but having them resolve to some default "search" page is just bs - the fact that some of those screens show disneychanel.com mis-spelled going to porn sites makes me sick - kids are going to be misspelling (!) that...fuckers. Then, here's a site that allows you to "park" yr domain to make money on people misspelling (!) URLS:
"Sedo's new Domain Parking Program lets you earn money from your domain names without needing to develop your own site. Even better, Sedo's statistics show that domains parked with Sedo are 5 times more likely to be sold!"
http://sedoparking.com/
fak3r.com
The lightweight prototype, called Strider URL Tracer, builds on the work within Microsoft's Cybersecurity and Systems Management group to keep tabs on a sophisticated typosquatting scheme that uses multilayer URL redirection to make money from Google's AdSense for domains program.
And then... Build a spider that hits every single one of those URLs driving Hoodia merchants into debt.
That... would actually be pretty cool.
The article sure made a big to-do about how typosquatters target kids, implying that the Bad Guys want to get 11-year-olds to steal their parents' credit cards so that they can visit neopetsporn.com or something.
So, what, I'm supposed to install this on my PC instead of teaching my kids how to hit the "esc" key and then hit "back"? As a parent, I've always figured it was *my* job, not Bill's, to teach my kids to surf safely. Heck, I even gave the rest of my family detailed instructions on how to respond if they accidentally visited the porn squatter at the dot-com next door to my family's domain name.
Of course, I guess if you're using Internet Explorer, you probably need some sort of blocker for the sites that send you to Popup Hell or otherwise highjack your browser. Strange how I never have this problem myself (coughcoughcough).
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
Next Story: New Line Cinema sues Microsoft for copyright infringment, related to the 'Strider URL Tracer'. /grin
Windows has detected an undetectable error.
So once you catch one of these typosquatters what do you do with them. Is it illegal ?
If you have a domain you can also 'park' it here to earn revenue..
http://www.fabulous.com/
If you don't have one they'll sell you one and have it earn revenue. Are these the sites that just pollute the hell outta search engines so when you search for "mp3 downloads" you get 100s of these results? Is this how they generate revenue?
Plus a URL that I want is hosted there, I thought it might be there's but I suspect it's just someone who bought it through them and is hosting it there !?!? Thanks jacka55e5
fak3r.com
Nahhhh. What was i thinking?
...when this all goes tits up (as most MS stuff does) we will have BSOG - Blue Screen Of Google.
Don't google have terms and conditions for serving adverts? I guess they would make money from them also so conflict of interest perhaps?
Stop DDOS-ing root name servers and start DDOS-ing some of these shyte sites.
Windows has more viruses because linux has more virus coders.
If it weren't for dupes, some of us wouldn't see everything. A few of us work for a living, you insensitive clods!
.005ms faster and only requires a week to compile
--
But this is toadilly failed because:
1) Microsoft is evil, through and through
2) Apple innovated this in 1956 and it was more lickable
3) Gentoo's version runs
4) This is the final straw that killed BSD
5) Sun Microsystems was just looking for the latest thing to flip-flop about
6) I have to pee
7) News for Turds, Stuff that Splatters
right? right? am eye riiiight?
do() || do_not();
A child's curiosity will always trump the laid down law. Unless of course you beat them on a regular basis.
According to TFA: Doesn't sound like a tool for general release.More to the point, with enough information and the proper lobbying we can probably expect to see some legislation addressing this. If not legislation, then at least some lawsuits.
I think this will lead to a crackdown on the #!@#%...ahem...typosquatters and some good(?) PR for M$.
but what makes it cool is it was made in a place with "Research" in its title! Headline news.
THANK YOU!!!
/.ers... to try out Opera... just try it out... INMO, it kicks FireFox's ass ANY day.
A person that also uses Opera!
This is a GREAT piece of software... Kudos to the Opera team... and I suggest to fellow
Thanks.
re: One such misspelling, neoppets.com, is currently serving ads promising naked photos of Britney Spears or other adult images.
/. pointed to that article resulted in neoppets' daily revenue increasing by several orders of magnitude today?
Let me guess:
I can see it now: a million slashdotters thinking "Oooh, naked pics of Britney. I gotta see it!"
You went there. Admit it. You know you did.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Well I guess I wouldn't expect pornographer-typo-domain-squatters to have a lot of morals. But are 8 year olds really interested in naked photos? And would a 13 year old be looking at neopets? I suppose it must be working, or they wouldn't do it. That's a shame.
Google's DomainPark (http://www.google.com/domainpark/) which is what typo-squatters use is a source of a large chunk of Google revenue. This could be the beginning of Microsoft's stab at Google's soft (and sleazy) underbelly.
FTFA:
He said the group [...] found more then 7,000 typo-domains.
Priceless.
Registering accounts later than some other chrisb since 1997
Opera rocks! Down with stinky putrid IE.
"In a world that exists without walls and fences, who needs Windows and Gates?"
Google is profiting from this. Systematically. It's called DomainPark.
Proud member of the Weirdo-American community.
5. What is the minimum amount of traffic I need to sign up for a AdSense for domains account?
Your network of sites should generate 750,000 page views per month to be eligible for the AdSense for domains service.
I didn't know Google was into the same dodgy business.
I guess that means it isn't evil...
[Fuck Beta]
o0t!
Nice set of instructions. To force quit on a mac (well, at least os x), press [command*][option**]{power button]
*the key with the apple
**also labelled alt
Apologies to those who feel this is off topic.
"Never 'clear the air'. Instead, investigate all the subtle nuances of the word 'fester'." - R. Candappa
Oh, I can see it now... .. *clippy appears* ... "I think you meant www.microsoft.com, redirecting" :)
www.mozilla.org
Maybe all that technology will be able detect the traffic going to mortage.com, which just sold for $242,000. Yep. So many people miss the "g" that the traffic to the domain is worth a quarter million dollars. Go figure.
RichM
Data Center Knowledge
I thought this would be an article about the new microsoft word spell check wizard. It could have even been a discussion of all those who sit there reading posts just to reply about spelling. "yeah well at least i can spell, turn spell check on loser"
But then, what do you expect from a company who believes they have the right own the common word "windows"?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I guess my fingers are just habituated, but I have learned NEVER to type ANY domain name starting with the letters "goat....."
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
Even Microsoft, don't forget...
Microsoft is a 'big' company, and even as much as we can dislike MS as a whole or things they do or have done, it is easy to forget that a LOT of strong minded tech people work there.
So when MS releases something of benefit it is a bit hard to stomach for a lot of people, but easy once we step back and remember that MS as a whole is comprised of many bright tech people that USE technology on a daily basis, and not even all the people at Microsoft are 'Windows' only people.
MS research is one area that is the most evident of tech minded people without the corporate controls, but good developers exists throughout MS so we can't expect everything they do to be wrong or evil. Look at it from a statistical view if nothing else.
So sure MS will put out selfless tools that help customers and computer users from time to time.
Having been a person that has watched MS for a long time, I remember days when they seemed to care about the little person and companies, and a shift in the mid 90s where that focus was lost. I remember when MS technologies were made and distributed for many OSes, not just Windows. From Media Player to IE, etc. These were free technologies that didn't fit the 'Windows' business model that Ballmer has made the central focus of the company, unfortunately.
The potential for this concept of business to return is there. Ballmer is a business person, not a true tech person, nor an innovative mind when it comes to technology. He is the face of the evil side of MS, and Bill G. giving control to him is the biggest mistake of MS history.
If I was going to paint the evil face of MS it would be Ballmer and his followers. I don't think Gates understands business enough to realize this, nor do I think he is inherently a business only person. His parents were very charitable and pushed for making peoples lives better. His failure is in not recognizing the evil aspects of business and the greed that is can create and is embodied in Ballmer.
So offtopic a bit, but the foundation of my views on this technology. Not everything at MS is evil and there still exist people there with the original 'empowering' concepts that flourished pre-Ballmer mindset and control. Gates use to wrangle him in, and for whatever reason stopped, and MS became the company they fought against for years at Ballmers control and advice.
So it is nice to see from time to time evidence that the non-Ballmer business model still does exist within MS, who knows, maybe there is hope for them to figure out the Ballmer and his followers mistakes and go back to a company that gives a crap.
So let me get this straight: MS helps Google out?
Next you'll tell me Microsoft is going to start running Linux to test interoperation.
After that, I expect to hear they're abandoning ntkernel and moving everything over to NetBSD. They expect to ship sooner, and with fewer bugs that way.
I remember that years ago Bill Gates got together with Disney to make an email-tracing program. It's great to hear they're working on something similar again, because the people who took part in the beta testing for the email tracing program were supposed to be really handsomely rewarded. I think they got, like, $10,000 for every person they forwarded it to, or something.
I wonder where I can sign up to test this program?
Can anyone tell me how to set my sig on Slashdot?
But the first "g" is more pronounced than the "t". Why don't people spell it "morgage"?
I'd rather have Google doing this, than have a bunch of Russian Crackers doing it. At least Google won't through 60 or 70 popups, browser hijackers, trojans, etc on every single advertisment domain.
Created: 2003-11-22 Expires: 2006-11-22
Nameservers:
THIS-DOMAIN-FOR-SALE.COM NS.BUYDOMAINS.COM
If you want news from today, you have to come back tomorrow.
After seeing your comment, I tried to look and got nothing. A blank page. It would appear that slashdot has crippled at least part of the squatter's domain parking service. (http://landing.domainsponsor.com/index.mas?epl=XV cGBX8MXVAuXg4KVgBIUA5ZQF8GTV4VXFpTXh5QXghUXQxWWAhW CQ9VDRNIABJAT1cJWkVUaAgFCAw, if you're curious)
Note that there seems to be some javascript on that page that would try to reset your home page when you close the page, but it appears to have been deliberately disabled.
*heehee* ... Good one!
So does this mean typing http//www.google.com won't redirect me to Microsoft anymore?
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife