Forgot your password?
typodupeerror

Microsoft 'URL Tracer' Hunts Typosquatters 124

Posted by CmdrTaco
from the i-always-kinda-find-it-flattering dept.
TonioSop writes "Microsoft Research has released a new tool to help pinpoint large-scale typosquatters that are known to be gaming pay-per-click domain parking services. The lightweight prototype, called Strider URL Tracer, builds on the work within Microsoft's Cybersecurity and Systems Management group to keep tabs on a sophisticated typosquatting scheme that uses multilayer URL redirection to make money from Google's AdSense for domains program. "
This discussion has been archived. No new comments can be posted.

Microsoft 'URL Tracer' Hunts Typosquatters

Comments Filter:
  • Dupe (Score:5, Funny)

    by liliafan (454080) * on Friday April 07, 2006 @03:39PM (#15087080) Homepage
    Geez editors this is a dupe I was reading this same article at slashdt.org [slashdt.org] earlier *sigh* :)
  • Yay? (Score:4, Insightful)

    by GrumblyStuff (870046) on Friday April 07, 2006 @03:39PM (#15087084)
    But would MS really like it being used to help fix Google's troubles?
    • Re:Yay? (Score:5, Insightful)

      by larry bagina (561269) on Friday April 07, 2006 @03:48PM (#15087165) Journal
      Well, this is from Microsoft Research, which is reminiscent of what Bell Labs used to be like. Anyhow, it helps google, but it also throws egg on their face... like when 3rd parties release IE bug fixes before MS does.
    • Re:Yay? (Score:2, Interesting)

      by sjwest (948274)

      "Stealing Brand Traffic" ? - thats on page 2 of the article if you have not read it - Good heavens you better send these 'terrorists' to Cuba at the same time.

      While I cannot spell shakespears-globe.org and always end up at some typosquatter i feel this is my fault not a trademark 'ip theft' - or put another way amzon should have registered that too along with amazon

      Looks like standard ms 'fud' here. - Im still blaming my english teachers and 1960's teaching methods. - if these guys had there way billg

    • Re:Yay? (Score:4, Interesting)

      by SpaceCadetTrav (641261) on Friday April 07, 2006 @05:15PM (#15087912) Homepage
      Google owns oingo.com, one of the largest "parked domain" companies out there.
  • Great news. (Score:3, Funny)

    by gregarican (694358) on Friday April 07, 2006 @03:40PM (#15087088) Homepage
    Now I have a new buzzword to gratuitously throw out there...typosquatting. Sweet.
    • I don't know if it's that new. Cybersquatting's been a term for quite a while, and this is just a type of cybersquatting that's based on typos. Which has also been around for quite a long time; basically as long as people have realized that with web ads, more traffic = more money.
      • I have been caught red handed, cybersquatting on the information superhighway. I should be e-rrested immediately.
      • Re:Great news. (Score:3, Insightful)

        by arivanov (12034)
        There are people who are using specialised software for this and it is a well developed industry.

        For example:

        Most UK Nildram customers with a static IP have a hostname in the form username.gotadsl.co.uk. Nildram has minimal restrictions on services which you can run (only SMTP is subject to relay check, everything else is fare game). It is also an old business ISP so most people on static IPs are actually running something on these addresses.

        So as a result some enterprising individual is running a dedicated
    • by dr_dank (472072) on Friday April 07, 2006 @03:58PM (#15087247) Homepage Journal
      Typosquatting sounds like it was coined by the grammar nazis. Observe its use in such a sentence:

      After Tad posted that illiterate post on Slashdot, the grammar nazis typosquatted down and took a big dump all over it.
      • Maybe motivational speaker Matt Foley should let them have it and stress to them that if they keep up the typo/cyberquatting they will find out later on in life they won't amount to... JACK SQUAT!!
    • What's up with people's aversion to buzzwords? Without these new words, we'd still be driving 'iron-horses-that-don't-shit' and wanking it to 'talking-pictures-of-people-having-sex'.
      • There's a difference between a descriptive noun/acronym and a buzzword [reference.com]. Maybe you should try to leverage the robustness of your vocabulary by purchasing a reference guide from a click and mortar e-commerce site.
        • Look behind you... I think the point just flew over your head. The parent is categorizing 'typosquatting' as a buzzword, but is it really? There is no adequate term to describe the situation with brevity. It defines squatting on misspelled domain names. What would the poster rather have the article use to describe the phenomenon, 'squatting-on-misspelled-domain-names'? Maybe you should leverage your idiocy/elitism by commenting on digg.

          The lightweight prototype, called Strider URL Tracer, builds on

          • squatting-on-domain-names scheme

            I think you mean a squatting-on-domain-names-by-making-use-of-typogra phical-user-errors scheme.

            Though it occurs to me that German speakers might actually construct the term that way, only they'd leave out the hyphens and tack on the word scheme as well.

            (Incidentally, it looks like /. is inserting a space in the middle of "typographical." Under the circumstances, that seems oddly appropriate.)
        • To sum up: Buzzwords are often jargon, but not all jargon terms are buzzwords.
    • If only we could find a way to typosquat using Ruby on Rails and AJAX, then we would be able to develop a legitimate Web 2.0 application.
    • Domain Name: TYPOSQUATTER.COM

      Created: 2003-11-22 Expires: 2006-11-22

      Nameservers:

      THIS-DOMAIN-FOR-SALE.COM NS.BUYDOMAINS.COM

  • How much you want to bet this is folded into IE7 with their Anti-phishing "technology".
  • by digitaldc (879047) * on Friday April 07, 2006 @03:45PM (#15087131)
    And here we have the Typosquatter, a theropod dinosaur, roughly between the early punchcards and their ultimate culmination in the Domain-Squatting dinosaurs. It lived between 1 to 13 years ago, in the Windows Ages.
    Of the early Internet period, though one unknown species is from the very late Typewriter period. The various Typosquatter species are bulky omnivores, ranging from approximately 2 to 3 metres (5-8 feet) in height, and averaging about 235 pounds in weight.
    Its most distinctive feature was the uncanny ability to take on the likeness of other domains, likely used for trapping its fumbling prey and for phishing scams. It was recently hunted to extinction by Tyrannus Microsoftus using its most effective method of capture, the 'URL Tracer.'
  • by blincoln (592401) on Friday April 07, 2006 @03:46PM (#15087146) Homepage Journal
    ...if there are more than 1000 participants, Microsoft will pay them each $1000 [snopes.com].
  • by fak3r (917687) on Friday April 07, 2006 @03:49PM (#15087167) Homepage
    Squatting on domains is one thing, but having them resolve to some default "search" page is just bs - the fact that some of those screens show disneychanel.com mis-spelled going to porn sites makes me sick - kids are going to be misspelling (!) that...fuckers. Then, here's a site that allows you to "park" yr domain to make money on people misspelling (!) URLS:

    "Sedo's new Domain Parking Program lets you earn money from your domain names without needing to develop your own site. Even better, Sedo's statistics show that domains parked with Sedo are 5 times more likely to be sold!"

    http://sedoparking.com/ [sedoparking.com]
  • The lightweight prototype, called Strider URL Tracer, builds on the work within Microsoft's Cybersecurity and Systems Management group to keep tabs on a sophisticated typosquatting scheme that uses multilayer URL redirection to make money from Google's AdSense for domains program.

    And then... Build a spider that hits every single one of those URLs driving Hoodia merchants into debt.

    That... would actually be pretty cool.
  • by RobertB-DC (622190) * on Friday April 07, 2006 @03:50PM (#15087181) Homepage Journal
    The article sure made a big to-do about how typosquatters target kids, implying that the Bad Guys want to get 11-year-olds to steal their parents' credit cards so that they can visit neopetsporn.com or something.

    So, what, I'm supposed to install this on my PC instead of teaching my kids how to hit the "esc" key and then hit "back"? As a parent, I've always figured it was *my* job, not Bill's, to teach my kids to surf safely. Heck, I even gave the rest of my family detailed instructions [magicnumbers.org] on how to respond if they accidentally visited the porn squatter at the dot-com next door to my family's domain name.

    Of course, I guess if you're using Internet Explorer, you probably need some sort of blocker for the sites that send you to Popup Hell or otherwise highjack your browser. Strange how I never have this problem myself (coughcough [opera.com]cough).
    • by SlyW (966913)

      A child's curiosity will always trump the laid down law. Unless of course you beat them on a regular basis.

      According to TFA:

      The Typo-Patrol scanner built into the tool currently consists of a network of 17 machines, each running a daemon process that monitors its own input-request queue residing in a folder on a central management machine. According to Wang, when a list of typo-domains is dropped into the queue, the daemon fetches the list and launches virtual machines to visit each domain.
      The daemon c

    • Good instructions, they make a lot of sence; and I'll be printing a couple of copies off for my young cousins and their parents. However I see you finally got hold of the .com address (yes, as soon as you wrote that no adult with half a brain would visit, I typed it into Firefox's address bar)
    • Opera... (Score:1, Informative)

      by turtleAJ (910000)
      THANK YOU!!!

      A person that also uses Opera!

      This is a GREAT piece of software... Kudos to the Opera team... and I suggest to fellow /.ers... to try out Opera... just try it out... INMO, it kicks FireFox's ass ANY day.

      Thanks.
    • Opera rocks! Down with stinky putrid IE.
    • Nice set of instructions.
      Don't hit the power, just press Ctrl-Alt-Delete and select the "Shut Down" option. This assumes you are running Windows -- I don't know how to do this on a Mac.
      To force quit on a mac (well, at least os x), press
      *the key with the apple
      **also labelled alt
      • Damned slashcode mangled my post.

        Nice set of instructions.

        Don't hit the power, just press Ctrl-Alt-Delete and select the "Shut Down" option. This assumes you are running Windows -- I don't know how to do this on a Mac.

        To force quit on a mac (well, at least os x), press [command*][option**]{power button]
        *the key with the apple
        **also labelled alt
        Apologies to those who feel this is off topic.
        /me hits preview button

        • So apple-option-power is the Mac equivalent of ctl-alt-del? I'll have to remember that.

          I wasn't too terribly worried, though... while some browser exploits are cross-platform, I figured the Mac-based browsers were at least as hijack-proof as Opera. The chances of needing to do a reboot would be pretty slim. Besides, my target audience consisted of my parents, and they don't own a Mac.
          • Roughly speaking it is, but with a bit more 'grunt' behind it - it shuts the whole system down, quickly.
            I've had to use it exactly zero times myself, as whatever scheduling alg os x uses (don't know, and haven't found out) will let other processes run with some sort of normality, even when one (eg. Safari is tanking), so it's not too difficult to fire up the activity monitor (/applications/utilities) and kill offending processes from there.
            In saying that it's a lot easier to remember the key combo than th
          • So apple-option-power is the Mac equivalent

            Is it me, but does that just sound like a catchphrase uttered by some saturday morning kids anime healthy-eating superhero?
        • "Command - Option - Esc" actually.
    • I think the tool itself is intended less for end-users and more for researchers, who could then send their data to:

      • Someone's abuse department (if something like click fraud is involved)
      • Someone's lawyers (with regard to trademark infringement cease-and-desist letters)
      • Legal authorities (in the event that the offending domain is doing something illegal)
      • Someone's purchasing or corporate takeover department (in the event that the typosquatter can be bought out)
      • Tony Soprano (in the event that other methods
  • Is it illegal? (Score:3, Interesting)

    by Camel Pilot (78781) on Friday April 07, 2006 @03:55PM (#15087220) Homepage Journal
    So once you catch one of these typosquatters what do you do with them. Is it illegal ?
  • Another example (Score:3, Informative)

    by fak3r (917687) on Friday April 07, 2006 @03:55PM (#15087223) Homepage
    If you have a domain you can also 'park' it here to earn revenue..

    http://www.fabulous.com/ [fabulous.com]

    If you don't have one they'll sell you one and have it earn revenue. Are these the sites that just pollute the hell outta search engines so when you search for "mp3 downloads" you get 100s of these results? Is this how they generate revenue?

    Plus a URL that I want is hosted there, I thought it might be there's but I suspect it's just someone who bought it through them and is hosting it there !?!? Thanks jacka55e5
    • ah, and I checked, I can get the following URLS there:

      squattingwebsite.com domain name available
      squattingwebsite.net domain name available
      squattingwebsite.org domain name available
  • If M$ is doing this, although the report talks about how it detects "gaming" of pay-per-click behavior, is this a way to determine how to corrupt the monitoring that Google is doing and thus cast doubt upon their revenue model?

    Nahhhh. What was i thinking?

  • Don't google have terms and conditions for serving adverts? I guess they would make money from them also so conflict of interest perhaps?
  • Maybe some of the people who create viruses designed to attack average users should instead write the viruses designed to attack more annoying net presences...

    Stop DDOS-ing root name servers and start DDOS-ing some of these shyte sites.

  • by devphaeton (695736)
    If it weren't for dupes, some of us wouldn't see everything. A few of us work for a living, you insensitive clods!

    --

    But this is toadilly failed because:

    1) Microsoft is evil, through and through
    2) Apple innovated this in 1956 and it was more lickable
    3) Gentoo's version runs .005ms faster and only requires a week to compile
    4) This is the final straw that killed BSD
    5) Sun Microsystems was just looking for the latest thing to flip-flop about
    6) I have to pee
    7) News for Turds, Stuff that Splatters

    right? right? a
  • re: One such misspelling, neoppets.com, is currently serving ads promising naked photos of Britney Spears or other adult images.

    Let me guess: /. pointed to that article resulted in neoppets' daily revenue increasing by several orders of magnitude today?

    I can see it now: a million slashdotters thinking "Oooh, naked pics of Britney. I gotta see it!"

    You went there. Admit it. You know you did.
  • Well I guess I wouldn't expect pornographer-typo-domain-squatters to have a lot of morals. But are 8 year olds really interested in naked photos? And would a 13 year old be looking at neopets? I suppose it must be working, or they wouldn't do it. That's a shame.
  • Jab at Google (Score:4, Interesting)

    by Coward Anonymous (110649) on Friday April 07, 2006 @04:35PM (#15087579)
    Google's DomainPark (http://www.google.com/domainpark/ [google.com]) which is what typo-squatters use is a source of a large chunk of Google revenue. This could be the beginning of Microsoft's stab at Google's soft (and sleazy) underbelly.
    • Wow (Score:4, Informative)

      by TubeSteak (669689) on Friday April 07, 2006 @05:11PM (#15087873) Journal
      AdSense for domains allows domain name registrars and large domain name holders to unlock the value in their parked page inventory. AdSense for domains delivers targeted, conceptually related keywords and advertisements to parked domain name pages by using Google's semantic technology to "understand" the meaning of each domain name. Powering over 3 million domain names, AdSense for domains is the industry's leading parked page service.
      From the FAQ [google.com]
      5. What is the minimum amount of traffic I need to sign up for a AdSense for domains account?

      Your network of sites should generate 750,000 page views per month to be eligible for the AdSense for domains service.

      I didn't know Google was into the same dodgy business.
      I guess that means it isn't evil...
  • by chrisbtoo (41029) on Friday April 07, 2006 @04:42PM (#15087633) Homepage Journal
    FTFA:

    He said the group [...] found more then 7,000 typo-domains.


    Priceless.
  • Google is profiting [appliedsemantics.com] from this. Systematically. It's called DomainPark.
    • I'd rather have Google doing this, than have a bunch of Russian Crackers doing it. At least Google won't through 60 or 70 popups, browser hijackers, trojans, etc on every single advertisment domain.
  • Maybe all that technology will be able detect the traffic going to mortage.com, which just sold for $242,000 [dnjournal.com]. Yep. So many people miss the "g" that the traffic to the domain is worth a quarter million dollars. Go figure.
    • Maybe I just don't get it, but mortage.com is a completely different word than mortgage.com. Neither word is a trademark.

      How is it illegal to buy and use mortage.com? Perhaps an argument could be made if the page was serving pornography without warning, but otherwise I see nothing necessarily wrong with this. What if the guy's name is John Mortage, and he bought the domain to use for his family's email? Is it awful if he puts ads on the web site he doesn't use for his domain?

      At the same time, I think Mi
    • But the first "g" is more pronounced than the "t". Why don't people spell it "morgage"?
  • I thought this would be an article about the new microsoft word spell check wizard. It could have even been a discussion of all those who sit there reading posts just to reply about spelling. "yeah well at least i can spell, turn spell check on loser"
  • by TheNetAvenger (624455) on Friday April 07, 2006 @06:51PM (#15088474)
    Even Microsoft, don't forget...

    Microsoft is a 'big' company, and even as much as we can dislike MS as a whole or things they do or have done, it is easy to forget that a LOT of strong minded tech people work there.

    So when MS releases something of benefit it is a bit hard to stomach for a lot of people, but easy once we step back and remember that MS as a whole is comprised of many bright tech people that USE technology on a daily basis, and not even all the people at Microsoft are 'Windows' only people.

    MS research is one area that is the most evident of tech minded people without the corporate controls, but good developers exists throughout MS so we can't expect everything they do to be wrong or evil. Look at it from a statistical view if nothing else.

    So sure MS will put out selfless tools that help customers and computer users from time to time.

    Having been a person that has watched MS for a long time, I remember days when they seemed to care about the little person and companies, and a shift in the mid 90s where that focus was lost. I remember when MS technologies were made and distributed for many OSes, not just Windows. From Media Player to IE, etc. These were free technologies that didn't fit the 'Windows' business model that Ballmer has made the central focus of the company, unfortunately.

    The potential for this concept of business to return is there. Ballmer is a business person, not a true tech person, nor an innovative mind when it comes to technology. He is the face of the evil side of MS, and Bill G. giving control to him is the biggest mistake of MS history.

    If I was going to paint the evil face of MS it would be Ballmer and his followers. I don't think Gates understands business enough to realize this, nor do I think he is inherently a business only person. His parents were very charitable and pushed for making peoples lives better. His failure is in not recognizing the evil aspects of business and the greed that is can create and is embodied in Ballmer.

    So offtopic a bit, but the foundation of my views on this technology. Not everything at MS is evil and there still exist people there with the original 'empowering' concepts that flourished pre-Ballmer mindset and control. Gates use to wrangle him in, and for whatever reason stopped, and MS became the company they fought against for years at Ballmers control and advice.

    So it is nice to see from time to time evidence that the non-Ballmer business model still does exist within MS, who knows, maybe there is hope for them to figure out the Ballmer and his followers mistakes and go back to a company that gives a crap.
  • So let me get this straight: MS helps Google out?

    Next you'll tell me Microsoft is going to start running Linux to test interoperation.

    After that, I expect to hear they're abandoning ntkernel and moving everything over to NetBSD. They expect to ship sooner, and with fewer bugs that way.
  • by Phat_Tony (661117) on Friday April 07, 2006 @07:22PM (#15088628)
    It's no surprise Microsoft is doing this, because they have some history with making tracing programs.

    I remember that years ago Bill Gates got together with Disney to make an email-tracing program. It's great to hear they're working on something similar again, because the people who took part in the beta testing for the email tracing program were supposed to be really handsomely rewarded. I think they got, like, $10,000 for every person they forwarded it to, or something.

    I wonder where I can sign up to test this program?

  • So does this mean typing http//www.google.com won't redirect me to Microsoft anymore?

ASHes to ASHes, DOS to DOS.

Working...