Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Tool To Help Users Avoid Typo Domains

Posted by ryuzaki0 on from the slashdot-is-not-a-typo dept.

blueZ3 writes "ZDnet is running a story on a new tool from Microsoft that aims to inform users when they reach 'typo domains'. Apparently, there's concern in Redmond that IE users are being exploited by companies running ad farms on typo domains. The tool uses an automated search routine to look for domains with particular types of typographical errors--transpositions, incorrect TLDs, missing letters--and then adds the domains to a database. The eventual goal (though this isn't clear from the article) seems to be something akin to Verisign's URL redirecting, where typo domains are blocked."

31 of 179 comments (clear)

  1. Misspelled domain data by RunFatBoy.net · · Score: 5, Insightful

    The article isn't entirely clear whether the app reports back to MS your web surfing locations. Granted, it could be useful to see what the user is commonly misspelling, but at the same time, I really have no interest in relinquishing this information.

    Jim -- http://www.runfatboy.net/ -- A workout plan that doesn't feel like homework.

    1. Re:Misspelled domain data by MyLongNickName · · Score: 4, Funny

      The article isn't entirely clear whether the app reports back to MS your web surfing locations.

      Yeah. Thank God, we can rely on Google to not do anything like that. Can you imagine what potential for misuse there would be if a company like Google recorded your web surfing habits?

      --
      See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
    2. Re:Misspelled domain data by TheLinuxSRC · · Score: 2, Insightful

      Redirecting me to the internet's most popular search engine when *no* DNS record is available is an order of magnitude different from redirecting me based on a "typo" -- how do they know it was a typo? That is before I have to worry about my browser reporting my surfing habits to MS.

      In fact, as of yet, Google still (in my book - the whole China thing has nothing to do with me and it is not my place to impose my values on another country, regardless of how I feel) hasn't done anything evil. MS, IMHO, on the other hand, hasn't done a lot that *isn't* evil.

    3. Re:Misspelled domain data by ArtStone · · Score: 2, Informative

      Moderately good chance it DID successfully install an activeX control even without your consent.

      A neighbor of mine made that typo year or two ago and her Windows98 computer quickly filled up with adware/spyware.

      Making it more obnoxious is if you have the history feature turned on, when you type go.... it will "guess" you wanted goggle com rather than google.com once you have visited the wrong site... (until you flush the history)

      Where is Elliot Spitzer when you need him?

      --
      Final 2006 "Proof of Global Warming" US Hurricane Count -> 0
  2. That sure is a good headline by Anonymous Coward · · Score: 3, Funny

    Anyone who does that job is most definitely a tool.

  3. Yes by temojen · · Score: 2, Interesting

    What if I really wanted to go to goggle.com? (don't, it tries to drive-by install something when you leave.)

    1. Re:Yes by Frumious+Wombat · · Score: 2, Interesting

      That depends; you're sitting at home and are your own tech support, then you're right. Go wherever you want.

      You're on some sort of managed network, such as a business or university system, which is networked intimately to many other systems and has administrators who will have to clean up the machine when you're done, then your browser should prevent you from going to a known malware site. Sorry, I used to have that job, and began thinking, "maybe if I make them all use Lynx and Pine for web and email, this nonsense will stop".

      Like most Microsoft innovations, this one is pitched to the home user, to build mindshare, but is really aimed at corporate environments. Don't be surprised if you work at United that if you type http://www.untied.com/, you somehow end up back at United.com. Similarly, small dot-coms might redirect F*d Company's website to wemotivate.com.

      --
      the more accurate the calculations became, the more the concepts tended to vanish into thin air. R. S. Mulliken
  4. first one up: by Lxy · · Score: 4, Funny

    "www.google.com"

    Did you mean "search.msn.com"?

    --

    There is no reasonable defense against an idiot with an agenda
    :wq
    1. Re:first one up: by ch-chuck · · Score: 4, Informative

      have you every tried www.goggle.com ?
      It's pretty bad. A popup got around firefox, automatically starts a file download gsetup.exe, etc.

      --
      try { do() || do_not(); } catch (JediException err) { yoda(err); }
    2. Re:first one up: by kabz · · Score: 2, Interesting

      Wow, it did for me and I'm using Safari on a Mac !! It waited a few seconds then I got the familiar this file contains an application message. That is scary.

      --
      -- "It's not stalking if you're married!" My Wife.
    3. Re:first one up: by stunt_penguin · · Score: 2

      'www.openoffice.org' Did you mean 'http://office.microsoft.com'?

      --
      When the posters fear their moderators, there is tyranny; when the moderators fears the posters, there is liberty.
    4. Re:first one up: by Inigo+Montoya · · Score: 2, Informative

      I've watched my wife surfing in the past, and when *anything* popped-up she clicked ok; I freaked one time as she clicked 4 pop-ups out of the way before I could cross the room. I gave her a lecture about spyware, malware, etc. and she was all open-eyed and "OMG, really?" and now she calls me whenever something pops up on her screen.

      The point is, many, many people are not computer savvy and regularly just accept the pop-up, click it to get rid of the "annoyance factor", and get on with whatever they were trying to do.

      This kind of stuff catches a lot of people, and the creators know it.

  5. Sounds great, but may be damaging to some by macklin01 · · Score: 5, Insightful

    This sounds like a great idea, but I can see some legitimate causes being harmed. For instance, Untied.com is a typo of United, which is used to protest some labor practices at United Airlines.

    I guess the question is, how is MS going to determine the legitimate misspellings from the illegitimate misspellings? Certainly United doesn't like the misspelling above, but it's not anti-consumer like misspelling a company name and winding up at a spam site, or worse yet, a phishing site. -- Paul

    --
    OpenSource.MathCancer.org: open source comp bio
    1. Re:Sounds great, but may be damaging to some by Ardx · · Score: 2, Informative

      I would the way they will deal with typos is very similar to the phishing filter in IE7. And if a site is a valid site rather than a typo and is mistakenly marked as a typo farm, you will be able to email them and have them verify your site is not a typo farm and they will remove it. A very similar thing happened to my business site. The phishing filter marked my contact page as a phishing site, I emailed them and very quickly it was no longer reing reported as a phishing site. Keep in mind, while it may be amusing to think of MS marking google.com as a typo farm, I would expect them to be very careful with the major sites because they are sure to not want the negative publicity to overshadow this nice attempt to protect users.

      --
      Whoa there dude! Check your keyboard, somebody might have slipped you a Dvorak.
  6. Swipe at Google? by dannytaggart · · Score: 4, Insightful

    Is this a strategic swipe at Google's ad revenue for parked domains?

    --
    PimpMyMazda.com - Crazy mods to a 2002 Mazda Protege DX.
  7. I'd be more concerned about phishing by jfengel · · Score: 4, Interesting

    Ending up at a link farm isn't any fun, but at least it's not dangerous. But you're told to type URLs from email rather than copy-and-paste, and then you risk being screwed by your own typo. Even going to your own bank is risky if you type without consciously typo-checking the URL.

  8. Argh! Dupe! by RobertB-DC · · Score: 3, Informative

    I thought for sure that there would be enough Subscribers send email to the DaddyPants address that this one would be yanked.

    Well, for reference, here are all the +4 and +5 comments from last week's installment of this story, so you karma whores can repost them and hope the moderators don't see through your ruse...

    Microsoft 'URL Tracer' Hunts Typosquatters

    Meanwhile, you can blame me for jinxing it.

    Ghost Article: M'soft Tool To Help Users Avoid Typo Domains

    --
    Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
  9. Oh, you mean like redirecting MikeRoweSoft.com? by Crouty · · Score: 4, Interesting

    Stupid parents to have their son's name collide with phonetics of Microsoft.

    --
    On se Internetz nobody noes your German.
  10. A shot at Google by Anonymous Coward · · Score: 5, Insightful

    It may not look like it, but this is a strategic move against Google.

    Google makes a significant amount of money of bulk domainers. Domainers are people who buy domains in bulk, expecting to make revenue off inexperienced users tying words directly into the URL bar, variations/misspellings on popular domain names etc). An example is something like http://www.bloggerforums.com/.

    By making users aware of what's going on, they'll be more likely to fix the problem themself (instead of clicking one of the sponsored links by Google), thus cutting a part of the revenue stream. (How big? Well, Google obviously isn't going to say, but it's estimated to be way into the hundred of millions.)

  11. There is a much easier way.... by wowbagger · · Score: 5, Interesting

    There is a much easier way to block 99% of the typosquatters - they have a very small number of IP addresses they park their domains on.

    Block those IP addresses, block the squatters.

    Check it out for yourself - fire up your favorite DNS query tool, and plug in some typos.

    --
    www.eFax.com are spammers
  12. pron.com by klenwell · · Score: 4, Funny

    will typing pron.com send me to porn.com? or vice-versa?

    Tom

    --
    Innovation makes enemies of all those who prospered under the old regime... -- Machiavelli
  13. Tough Calls by wuffalicious · · Score: 4, Funny

    Microsoft domain corrector has detected that you may have mis-typed your desination address.

    You were trying to access, "whitehouse.gov".
    Did you really mean, "whitehouse.com"?

  14. Re:Is there really need? by TwilightXaos · · Score: 2, Interesting
    That isn't the problem. But what if some computer naive, but otherwise intelligent, person types in their bank address as
    www.compasbank.com
    An easy mistake. Then, instead of seeing a site that installs XYZ spyware, they see a site that looks exactly like the real site
    www.compassbank.com
    So they enter their password for online banking, because the site has the little lock in the browser window meaning it is a secure connection. Now, the owners of the fake site have the banking info, including account numbers, of the person.

    I am not saying this is a good idea. But, I believe the case you describe is not what it's originators were thinking.
  15. not just typos by sloths · · Score: 2, Informative

    I really hate domain squatters. It's not just typos, but just cool domains that could be used for a legitimate site are just ads. IE the.com, yeah.com, sloths.com... Actually one time I was snooping around the directories of sloths.com looking for contact info to see if I could buy the domain when I came across a sql.txt file that told me their passwords.

    I've emailed Google several times about this awful program. I hate all forms of advertising, but it just makes me mad to see cool domains used for illegitimate purposes. People say it's just another business, but they are stupid.

    --
    really 867993
    Karma schkarma
  16. I wish they have a funky paper clip that says: by Anonymous Coward · · Score: 5, Funny
    I wish they have a funky paper clip that pops up and says:

    Hi there, I noticed you are about to visit a TLD web-site.
    The address www.apple.com/macosx appears to be a misspelling of the address of a legitimate site http://www.microsoft.com/Genuine/.
    Sites that use spelling variations of legitimate sites and companies may be used in "phishing" schemes to trick users into revealing their access accounts, credit card data, and other personal information.
    • To learn more about online "phishing" click here

    • If you understand the security implications of visiting potentially dangerous sites, and still wish to continue to www.apple.com/macosx, click here

    • If you wish to be redirected to the original site http://www.microsoft.com/Genuine/ either click here or simply wait 5 seconds.

  17. Only a band-aid by Fastolfe · · Score: 3, Interesting

    This problem exists because users seem to place an unhealthy emphasis on a DNS domain name as a web topic. Perhaps we should be looking at ways of de-emphasizing a DNS domain name's importance in identifying content and start looking for ways to let users find specific pieces of information in a reliable manner using some other tool (such as an X.500 or LDAP directory of official organization names, registered trade marks, service marks, etc.).

    Until users stop thinking that they can just add a .com to their search term and get "official" content, this will remain a problem. Determining what domain names are squatters and what domains aren't is fairly easy today, but it will only be a matter of time (and a brief amount of time at that) before these typosquatters just dress their pages up to look a little more substantial and your horribly subjective test will start to fail.

  18. I must be missing something by trawg · · Score: 2, Informative

    Aside from phishing attempts, which is a legitimate concern (but imo should be addressed by the company that is getting spoofed), what is the big deal about typo squatting?

    I enter in a lot of my URLs by hand. I frequently make typos because I was typing them too fast. I see a page that isn't what I was expecting or that is obviously a link farm, I just re-type the URL.

    Or I use bookmarks. Or I use Google.

  19. Where do you want to go today? by nurb432 · · Score: 2, Funny

    We think you are trying to type in 'www.microsoft.com', please wait while we take you there.

    --
    ---- Booth was a patriot ----
  20. "there's concern in Redmond..." by FFFish · · Score: 3, Funny

    "Apparently, there's concern in Redmond that IE users are being exploited by companies running ad farms on typo domains."

    It occurs to me that the only people dumb enough to use MSIE these days are precisely those sorts of users who would be susceptible to the advertising on linkfarms.

    I'm not sure whether to praise Microsoft for trying to protect the retards from themselves, or to curse them for defeating the net's version of Darwinian selection...

    --

    --
    Don't like it? Respond with words, not karma.
  21. Censoring the Net? by RecycledElectrons · · Score: 2, Interesting

    If you type in www.Knopper.Net, you go to www.Windows.com right?

    Nothing is going to change until we shoot the bastards.

    Andy Out!

  22. Obviously it is a fake by cgenman · · Score: 2

    Or else the application would be called gsetup_beta.exe

    --
    The ______ Agenda