couldn't Verisign work round this, by delegating x.com (where x is any unregistered domain) to a different nameserver (of their own), which would then return A records pointing to their advert server?
They would have to do this for every unregistered domain, which would be impractical. The problem with the wildcard is that it catches all unreg domains under the given TLD by default.
Why hard-code the IP address, when Verisign could easily change it (the A records have a TTL of 15 min)?
Instead, keep the A records for *.net and *.com in the local cache, refreshing them when their TTL expires, and return NXDOMAIN for any A record with a matching IP address.
In fact, what I would do is compare just the A record for the appropriate TLD being queried.
Slashdot Mirror
Why hard-code the IP address, when Verisign could easily change it (the A records have a TTL of 15 min)? Instead, keep the A records for *.net and *.com in the local cache, refreshing them when their TTL expires, and return NXDOMAIN for any A record with a matching IP address. In fact, what I would do is compare just the A record for the appropriate TLD being queried.