NSI Registers Every Domain Checked

An anonymous reader writes "In a developing story, registrar Network Solutions has been caught front-running domain names. Any domain names searched via NSI's whois are being immediately purchased by the registrar, thereby preventing a registrant from purchasing the domain at any other registrar. There are multiple reports of this practice over at DomainState.com." Update: 01/09 01:58 GMT by KD : shashib writes to let us know that NSI has issued a response to the accusations of front running.

Re:Make it cost them ...

[anotherone]

RTFA. If the user doesn't buy in a few days, they delete the domain- doesn't cost them anything.

Re:Any way to...

[ergo98]

Make them bankrupt themselves purchasing bogus domains?

I doubt they're making any financial commitment "purchasing" these domains. They're simply putting in a database record, and then removing it within the 5-day grace period (thus removing any liability to any other registrars).

Re:Can't be ALL of them.

[WindBourne]

Now try to purchase one of those at a different registrar.

Re:Can't be ALL of them.

[Schraegstrichpunkt]

1. Go to networksolutions.com and check the availability of a random domain
2. Go to some other registrar (domainsatcost.ca worked for me) and try the same thing.

Mysteriously, the domain is suddenly unavailable.

Re:Any way to...

[Hawke]

Er, no. Verisign owns the .com, .net registries. Verisign used to own Network Solutions, but they were spun out several years ago.

Re:Any way to...

[djtack]

Here ya go... One thing, I noticed NSI stops registering domains after about 50 or so.

#!/usr/bin/perl

$count = $ARGV[0] || 8;
@charlist = (A .. Z, a .. z, 0 .. 9);

while (1) {
my $domain = "";
foreach $i (1 .. $count) {

$word = `dd bs=1 count=4 if=/dev/random 2> /dev/null`;

$number = unpack I1, $word;
$number = $number / 2**32;
$number *= scalar @charlist;
$number = int $number;

$domain .= $charlist[$number];
}

print `whois -h whois.networksolutions.com $domain.com`;
sleep 2;
}

Re:Can't be ALL of them.

[BaldingByMicrosoft]

Criminy, this is bad.

1. Went to godaddy.com and searched for {obscurewords}.com. It's available.
2. Went to networksolutions.com and searched for the same. It's available.
3. Went back to godaddy.com and searched for the same, again. NOT available!

NS is rotten to the core.

Re:Any way to...

[Serious+Callers+Only]

Or if you prefer Ruby...

#!/usr/bin/env ruby -w
require 'rubygems'
require "mechanize"
 
search_form = WWW::Mechanize.new.get("http://www.networksolutions.com/").forms.first
search_field = search_form.fields.name("domainNames").first
1.upto 10 do |i|
  puts search_field.value = "netsol-sucks-#{'x'*i}.com"
  search_form.submit
end

PR response from NSI

[vmxeo]

Domain Name Wire has posted a response from NSI's PR department. Here's the relevent quote from NSI:

I just got off the phone with Susan Wade, who heads PR for Network Solutions. "This is a customer protection measure to protect customers from frontrunners," said Wade. "After four days, we release the domain." According to Wade, Network Solutions instituted this program as a test over the past few weeks. I asked if Network Solutions is actually acting as a frontrunner by doing this and she said there's a distinction. First, they are not monetizing the domains. Second, they have no intention of keeping the domains. All domains are released after the four day period.

Translation: So if anyone else does it, it's bad, because they're domain front-running. But when we do it's it's ok, because, uh, we say so. No, really!

Re:Any way to...

[drgould]

This Domain is Available - Get it Now!

Re:Any way to...

Just tried 3 domain names. The 1st and 3rd domain name, I used their website search feature. They snagged those 2 up quick. The second domain I searched, I did a "whois -h whois.networksolutions.com ..." and they did not snatch up that domain name. Apparently, they are only snatching searched made through their website interface.

Network Solutions' Response

[linumax]

Found it here.

"This is a customer protection measure to protect customers from frontrunners," said Wade. "After four days, we release the domain." According to Wade, Network Solutions instituted this program as a test over the past few weeks. I asked if Network Solutions is actually acting as a frontrunner by doing this and she said there's a distinction. First, they are not monetizing the domains. Second, they have no intention of keeping the domains. All domains are released after the four day period.

IMHO, bullshit.

Re:Any way to...

[wdr1]

You both missed a very key point: they're not paying these domains.

The simply reserve them using a registrar's 5 day grace period & if nobody buys the domain from Network Solution for 5 days, they simply release the reserve. I.e., it's available again to the general public.

It's something a registrar can do, that you & I can't. Basically, a loophole that a few trusted companies in the system are exploiting for profit.

This came up a big back when a registrar would "try" domains, to see if the type-in traffic made more than the cost of registering. (E.g., by using Google's DomainPark for Domain Squatters.)

The President of GoDaddy wrote about it a little over a year ago:

http://www.bobparsons.com/DomainKiting.html.

One registrar in particular, DirectNIC, "registered" 8.4 million domains but only permanently registered -- i.e. paid for -- 51,400.

Overall, I'm with you in spirit of screwing bastards like this over, but it seems the only way to do so is close the loophole in the system.

-Bill

Re:At 4:24 PM (EDT-US)

[Ewan]

It's not a hold tag, they do actually register it - it's called domain tasting. You can register a domain and keep it for 5 days before you need to either pay for it or release it.

What NSI are doing is registering the domain for the 5 day period after anyone does a search for the name, making anyone who wants the domain only buy it through them for the 5 days. If after 5 days noone wants it, then NSI can simply release the domain name and not pay a penny.

ICANN SSAC looking for input on front running

[vmxeo]

Just found this in the ICANN Front-running paper. Note the contact email at the end...

For each instance of suspected domain name front running, the type of information that would be most useful in studying the case includes but is not limited to:

Method used to check domain name availability (e.g., web browser, application).

Local access ISP.

Provider or operator of the availability checking service.

Dates and times when domain name availability checks were performed.

Copy of the information returned (e.g., WHOIS query response) in the response to the availability check.

Whether the domain name was reported as previously registered or never before registered in the response returned from the availability check.

Copy of the information returned (e.g., WHOIS query response) indicating the name had been registered.

Copies of any correspondence sent to or received from the registrant perceived to be a front runner.

Correspondence with the registrar or availability checking service.

Any information indicating a potential relationship between the availability checking service and the registrant that grabbed the name.

Please submit incidents to the SSAC Fellow at SSAC-DNFR@ICANN.org.