Verisign Typosquatter Explorer 367
jelyon quotes Seth Finkelstein's website "I have written a program " Verisign Typosquatter Explorer" in order to examine [the Verisign] suggestions [for mistyped domains]. Future data may be analyzed as interest permits.
Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice."
With all the stuff flying in IT today (Score:3, Insightful)
Anybody else feel like you just want to start over, with only good people involved, and remake the internet? None of this patent crap, none of this copyright bullshit, just pure standards that are actual standards. Uncompromised and pure. No restrictions on data, short of the physical line speeds.
Yeah yeah, I know..."when you wish, upon a star"
Re:With all the stuff flying in IT today (Score:4, Funny)
Sitefinder link for the firewalled (Score:3, Informative)
Re:With all the stuff flying in IT today (Score:3, Insightful)
And you'd just have to do it all over again in 15-20 years, since that's exactly how the current net started.
Re:With all the stuff flying in IT today (Score:2, Funny)
Nah, it wouldn't be nearly as hard the second time around. It's like the project I worked on for a year... the day of the demo, I tripped and broke my computer, and by coincidence, all of my backups burned up in a fire because the network weenie was freebasing again. Anyway, I rewrote the whole thing in 7 minutes using nothing but Perl scripts and a bobby pin and it was ever better than before.
Re:With all the stuff flying in IT today (Score:2, Redundant)
Well, neither patents or copyright are properties of the Internet. How are you going to acomplish this? By using a disclaimer/eula? "By connecting to this network you agree to give up the rights of copyright/patents of anything that you post here". Or maybe disallowing patented or copyrighted works on the new net?
Re:With all the stuff flying in IT today (Score:2)
Do away with the physical line speeds too and you've got Internet2 [internet2.edu]...at least until it goes public one day.
Re:With all the stuff flying in IT today (Score:3, Offtopic)
Yeah.. 983 Megabits per second. You could have your computer online for approximately 7 minutes before your harddrive is completely packed with all the spam that would come in.
Re:With all the stuff flying in IT today (Score:4, Insightful)
Re:With all the stuff flying in IT today (Score:2)
Unfortunately, I doubt that Atlas is going to shrug any time soon, and the "good people" are going to be stuck with the "horribly stupid people" until we all blow ourselves up and the cats take over the planet.
I'm doing all I can to make sure our cats appreciate me so that I can (continue to) be a favored slave when it all goes down.
Re:With all the stuff flying in IT today (Score:3, Interesting)
For Atlas to shrug the creative people have to be people as greedy and self centered as Ayn Rand was.
There are a few libertarians who are involved in the forefront of Internet and Web research but not very many and I doubt that their contribution is irreplaceable.
The Web is really a piece of pe
He didn't attack capitalism (Score:2)
If the two have come into such severe conflict perhaps something really has gone wrong with capitalism "as she is spoke."
There is a difference between capitalism and commercial anarchy. One of them follows rules of law. I'll give you two guesses which one.
KFG
Out-of-sync DBs? (Score:5, Insightful)
But does it matter? What Verisign is doing is wrong. Exactly how they're wrong is irrelevant.
It's not a bug... (Score:3, Funny)
It's a feature!
They need this suggestion (Score:4, Funny)
petition (Score:5, Informative)
Re:petition (Score:5, Insightful)
I would like to see just one online petition that has carried any weight. It's the height of "slacktivism".
On-line petitions don't work (Score:4, Informative)
Petitions are pathetic per se, but e-mail/web petitions carry absolutely no weight at all.
I've worked for professional politicians. The web/e-mail opinion is irrelevant. If you want to be counted (not heard, mind you) send a letter or a fax.
Re:On-line petitions don't work (Score:2)
I've actually heard that this has changed. Apparently in the post-Anthrax congress, they would prefer you didn't send a letter. Email and fax are now listened to much more closely.
Re:On-line petitions don't work (Score:3, Insightful)
The message matters as much as the medium (Score:4, Interesting)
And it depends on the content as well as the medium. My fax was original, business-like, and carefully-argued, though partly based on stuff available online. I suspect that originality, literacy, clarity, conciseness, and focus all count well, just as obvious copying, rambling, pointless emotion, length, and lack of focus will make a communication less likely to be read or acted upon. You need to state carefully but briefly the problem, the cause, what you're asking your representative to do, and why; if you do that politely, it'd be an inconsiderate person who didn't at least reply, whatever the medium.
I suspect that the reason online petitions often don't seem to count is less that they're online, and more that they're petitions; without a direct, personal request for action, any communication will have less weight.
Re:petition (Score:2)
Re:petition (Score:5, Informative)
HTH. HAND.
(All that said, I do agree that most online petitions are nearly worthless and don't carry anywhere near the weight of individually addressed messages. If you really care, take the time to express your position in your own words and send it as a letter (send an email in addition, if you like)).
MoveOn FCC ruling? (Score:3, Interesting)
http://slashdot.org/article.pl?sid=03/09/16/192 3 25 0
It was only yesterday -- the Senate voted to roll back the FCC media consolidation ruling, based to some extent on the MoveOn petition. Check out the picture of Trent Lott standing next to 360,000 pieces of paper. One of those is mine, and it looks like it carried some weight to me.
I went to school with Eli Pariser, btw -- he's one of the guys who runs MoveOn. Check out what else they've done to see how online activism can be eff
Print out the petition when done (Score:2)
There was a success with webtv, its probably still linked at the petition site, but unless someone prints these damn things out and hands them to the politicos (like in this photo from moveon.org [moveon.org]) its a waste of bits.
Re:petition (Score:3, Interesting)
Re:petition (Score:3, Funny)
Sweet. That's an excelent term. It's tempting to write a great, big essay bemoaning slacktivism, but I can't because I am a slacktivist.
Re:petition (Score:2)
Re:petition (Score:5, Informative)
A list of contact information is here [verisign.com]. The Verisign main number is 1-877-438-8776, which gives you a long list of options. Depending on what you pick, you'll probably end up talking to a Network Solutions guy. Tell him you're distressed about the SiteFinder service, ask about what your options are, and ask if there's anyone else to talk to. They probably won't be much help, but write down everything they tell you, get their employee ID, and keep track of date/time for calls as well as time on hold (might be helpful).
After some lengthy conversation, I found out that I should be talking to the Verisign Global Registry [verisign-grs.com], but that they can't give me a phone number, because (supposedly) NSI doesn't even have a phone number. However, I did get an e-mail address -- sitefinder@verisign-grs.com [mailto], which is routed to someone's inbox (as in, a person, not a support center), which currently yields an "Out-of-office reply" that gives out a cell phone number (!). I don't think I'm going to call it, but at least I have more contact information on file now and an e-mail that will get read.
Additionally, you might want to try calling the office of Russel Lewis [verisign.com], who's the VP of the Verisign directory services. He's at the Virginia office (1-703-742-0400), but I got disconnected instead of transferred and haven't called a second time (yet). If you try this number, you'll probably get a secretary, to whom you should explain that the standard procedures for communicating with Verisign have failed, that you are "very disappointed" and that you "want to make things right". (It works better if you're actually a Verisign customer.) If you're nice about it -- knowing that the secretary probably doesn't know anything about it and can't do anything anyway -- you can probably get routed to someone in the directory services division, where you can register further complaints.
[...]
I have been unable to raise the Chicago local office by phone, and when I went to visit, the visitor center couldn't even get a hold of them. Weird.
I called their headquarters in CA a few times now. I was hung up on, randomly transferred to someone's voice mail (I'm not sure who), and finally talked to a particularly helpful representative who passed my queries to his manager. They said that SiteFinder was run by NSI, to which I responded that NSI said that SiteFinder was run by Verisign, to which I added that Verisign (as a global registry) is the only organization with the power to do something like that. He went to talk to his manager, told me that they were promised more information on SiteFinder by the end of today (9/17), and promised me a call-back in 24 hours.
Updates to follow.
Re:petition (Score:3, Informative)
I e-mailed sitefinder@verisign-grs.com [mailto].
It looks like they've caught on and the e-mails are being routed to Customer Service. I got this auto-response:
Thank you for contacting VeriSign Customer Service. We have received your email and a member of our Customer Service team will be responding to you shortly.
Best Regards,
Customer Service
VeriSign, Inc.
www.verisign.com
verisign-grs contact info (Score:3, Funny)
Administrative Contract:
VERISIGN GLOBAL REGISTRY SERVICES rcc@verisign.com
21345 Ridgetop Circle
Dulles, VA 20166
US
703-742-0400 fax: 703-421-6703
Dunno how correct it is...god forbid that Verisign should put incorrect info in the whois database.
Re:petition (Score:2, Interesting)
They are taking advantage of the fact that they run those servers and are driving traffic to their site in a monopolistic and predatory manner while breaking many relied-up
Internet != web, fool (Score:2)
You may like mistyped URIs to go to a search engine but do you like your mis-typed email addresses resulting in your mail being sent to Verisign?
In case it gets slashdotted... (Score:5, Informative)
by Seth Finkelstein
Introduction
On Monday September 15 2003, a change to
When a URL has a misspelled domain name, Verisign's changes have the effect of redirecting every single HTTP page request (technically, HTTP response code 302). There is a redirection header and page which displays:
The document has moved here [slashdot.org].
So, for example, the URL
http://verisign-is-to.net/more/evil/than/satan/
Gets redirected to:
http://sitefinder.verisign.com/lpc?url=verisign
This site suggests corrections to the typo. I have written a program " Verisign Typosquatter Explorer" in order to examine these suggestions. Future data may be analyzed as interest permits.
Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice.
Support
This project was not supported by anyone. If anyone is providing financial support for such projects, the author would dearly like to know.
Version 1.2 September 17 2003
See also: Domain Investigations
Mail comments to: Seth Finkelstein
For future information: subscribe to Seth Finkelstein's Infothought list or read the Infothought blog
See more of Seth Finkelstein 's Anticensorware Investigations
Mail addresses (Score:5, Interesting)
authenticode-support@verisign.com, billing@verisign.com, channel-partners@verisign.com, clientpki@verisign.com, consultingsolutions@verisign.com, dbms-support@verisign.com, dcpolicy@verisign.com, digitalbranding@verisign.com, dnssales@verisign.com, enterprise-pkisupport@verisign.com, enterprise-sslsupport@verisign.com, info@verisign-grs.com, internetsales@verisign.com, IR@verisign.com, jobs@verisign.com, mss@verisign.com, objectsigning-support@verisign.com, paymentsales@verisign.com, practices@verisign.com, premiersupport@networksolutions.com, press@verisign.com, privacy@networksolutions.com, renewal@verisign.com, support@verisign.com, verisales@verisign.com, vps-support@verisign.com, vts-csrgroup@verisign.com, vts-mktginfo@verisign.com, webhelp@verisign.com, websitesales@verisign.com, websitesupport@verisign.com
And I got a bunch of replies back, including *gasp* two written by actual human beings!
Remember folks, if you're going to write and complain, try and keep it civil. The porr bugger who hsa to read your complaint isn't the same person who actually took the decision to introduce sitefinder!
Re:Mail addresses (Score:3, Interesting)
Subject:
New policy of typosquatting
Body:
To whom it concerns:
I am DEEPLY disturbed with your latest decision/practice to typosquat, and I hope you will reconsider. It is extremely arrogant to think that you, as a corporation, have a right to do this. Any page sent on request for a non-existing domain should represent ALL of that TLD's registrars or NONE. As it stands, this is equivalent to all wrong numbers dialed *anywhere in the world* ge
Send Email to the CEO of ICANN (Score:3, Informative)
-Lucas
Email the CEO of Verisign! (Score:3, Informative)
-Lucas
Re:Mail addresses (open letter to above addresses) (Score:2)
Advertising (Score:2)
Advertising rotation... absolutely! They're after the ad revinue. These types of things should come as no shock.
Stewey
Re: (Score:2)
Guilty (Score:2)
Thanks!!
Esoteric words like altruistic seem to befuddle me sometimes.
Eschew Obfuscation...
Stewey
Such a waste of time... (Score:2, Interesting)
R-
Re:Such a waste of time... (Score:2)
I guess use a non-existant host in a real domain. That will still give you an NXDOMAIN response.
Re:Such a waste of time... (Score:2)
or a
--
Weird.. (Score:4, Funny)
If I make a type for "slashdot" such as salhsdtot.com [salhsdtot.com] it suggests goatse.cx [goatse.cx] as a top candidate. That's some pretty smart AI VeriSign has.
Re:Weird.. (Score:2)
-Lucas
no response (Score:2, Funny)
Either it is not responding, or our network is blocking it.
Re:no response (Score:2)
Mirror (Score:4, Informative)
where's the problem? (Score:4, Interesting)
Re:where's the problem? (Score:2, Interesting)
Re:where's the problem? (Score:2)
Re:where's the problem? (Score:2)
OTOH, at work Verisign's crap works, and we use our ISP's DNS servers, not our own, so not much I can do about it.
Squating? (Score:5, Interesting)
Re:Squating? (Score:4, Insightful)
This is unquestionably an abuse of their "right" to manage the US TLDs and they should be stripped of it.
Personally I don't see why we couldnt have a distributed DNS system which would work something like freenet. The trademark office could push entries into the system, signed with their private key, and various other governmental, commercial and non-profit/private entities could push whatever entries they wanted onto the stack too.
It would be up to ISPs and individuals to pick which groups' entries to use and in what order.
Most people (and presumably all isps) would probably place the trademark offices' lists at the top so they could find the products and companies they seek (incidentally eliminating the problems associated with others registering your trademark as a domain).
A second tier of trustworthy companies would sell domain names (with market forces setting the cost based on how many isp's subscribe to their entries and how high up the search list most isp's place them)
Finally, I could make my own top-level domains by placing my own list near the top of every computers resolve.conf equivalent which I use.
No government-granted monopolies involved except the already existing trademark system and no need for an ultra-high-availability network at the top level.
If any of this strikes you as unfeasible you probably need to read more about freenet (or conceivably I do- let me know).
Verisign's BS (Score:2, Interesting)
DNS DDoS (Score:2, Funny)
Don't forget, YOU would not have done anything but asked your ISP's DNS for info. IT will be the one
Not that I suggest you do this.
Re:DNS DDoS (Score:2)
This should be pretty damned unique amongst everyone who uses it. Imagine when the logs fill up with sites like www.4799c5892e25189b9d8a83ee3752a303.com over and over again. Each request returns about 16KB of source HTML. Millions of these running might chew up
20 lines of perl code makes a Slashdot story? (Score:4, Informative)
It prints the suggested URLs out and then what? This isn't an explorer, it's a shitty data dump.
Besides, I thought Michael hated Seth. How did this story get posted?
Re:20 lines of perl code makes a Slashdot story? (Score:3, Insightful)
It depends on the code. Remember, the DeCSS code was only 7 lines of Perl. That had fairly far reaching effects on the rights of computer users.
Re:20 lines of perl code makes a Slashdot story? (Score:2)
Uhm, lets see here. I have a stable paycheck, and don't need to rely on people paying me for retarded scripts and other things.
That "shitty data dump" was published by an EFF PIONEER AWARD WINNING CYBERSECURITY ACTIVIST.
It still sucked. Sorry if this offends you. If I wrote a script that sucked, and someone said, "Wow, that sucked." than I would be in agreeance.
I wouldn't try to make myself seem overly pretentious and, well, idiotic.
You suck. (fires gun) I rule. (fires
Re:20 lines of perl code makes a Slashdot story? (Score:2)
YHBT (Score:2)
Monetary damages (Score:5, Interesting)
What sort of monetary damages is this action by Verisign incurring for people and businesses everywhere?
Verisign's action was most probably intended for web traffic, where it's at least an annoyance. But since the DNS is an independent system from the web that's used by all sorts of services, it's undoubtedly breaking all sorts of non-web things out there that rely on knowing accurately if a domain name exists... not to mention all of the additional maintenance time. Email and spam filters are the two that seem to've been brought up a lot.
So far I've seen a lot of people getting mad and I am too, but I haven't seen anyone actually state how much they're losing due to the sudden change and breaking of standards by Verisign. Is anyone confident to put an amount on this?
Re:None - they are not forging MX records (Score:3, Informative)
Quoteth chapter & verse (RFC 2821 [faqs.org], section 5):
"If no MX records are found, but an A RR is found, the A RR is treated as if it was associated with an implicit MX RR, with a preference of 0, pointing to that host."
So, any mail to a non-existant domain will be (attempted to) be delivered to 64.94.110.10, which helpfully has "Snubby Mail Rejector Daemon" running on port 25.
Think about it. (Score:2)
Hear that? That's the sound of their redirection server being slashdotted. I wonder how much traffic they've calculated this would bring, and if they've thought it through.
(At least, I'm getting 'Cannot be displayed' errors. Whether that's because their getting flooded, or because they've already given up, or for some reason this and the example [verisign-is-to.net] in the article aren't going through them.)
Re:Think about it. (Score:3, Insightful)
How did this make it as a headline? (Score:3, Insightful)
Can we sue? (Score:5, Interesting)
On a side note...
Our mail servers are filling up with spam, and with the recent loss of SPEWS, our spam filtering system is basically useless.. save for the few other blacklist sites still out there. Spammers must be rejoicing today.
Fuck you VeriSign, Fuck you very much.
Re:Can we sue? (Score:2)
This is to announce an unofficial patch for Postfix 2.0 to black-list
domain names by their mail server (such as Verisign's mail server
for non-existent
The patch for Postfix 2.0 is based on code that was developed for
Postfix snapshot 20030917.
ftp://ftp.porcupine.org/mirrors/postfix-release/o f ficial/postfix-2.0-ns-mx-acl-patch.gz
Below the signature is a description from the
Re:Can we sue? (Score:2)
Actually WHOIS is quite bad. Using dig is slightly better, but it's best to just try to register it (or query the SRS) - the shared registry system itself has the most up-to-date information, as it's the system that has direct access to the registry's database in order to, well, perform registrations and check availability.
Terms of Service (Score:5, Interesting)
Man, did you check out their "terms of service"? That shit is hilarious!
" 14. By using the service(s) provided by VeriSign under these Terms of Use, you acknowledge that you have read and agree to be bound by all terms and conditions here in and documents incorporated by reference."
HOW THE FUCK AM I SUPPOSED TO READ AND AGREE TO BE BOUND TO TERMS, when I arrived at the site by mis-typing a domain name????
From the privacy policy:
"Under no circumstances do we collect any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, or sex life."
No? What about when I go to any political site, sex site, health site, religious site, etc, and don't type the domain name correctly?
http://www.sitefinderreallyreallysucks.com/ [sitefinder...ysucks.com]
99.99999999% of all domains now run Linux (Score:4, Funny)
To repeat the obvious... (Score:5, Insightful)
Verisign was contracted to run DNS servers for the .com and .net top-level domains; both of which are in practice "flat" address spaces, with no formalised lower-level hierarchy. If an organisation registers the domain "foo.com", implements nameservers for this domain, and then these nameservers ignore accepted practice and the way the majority of Internet applications expect the nameservice to work - then the organisation shoots only itself in the foot.
Verisign is in effect treating the entire top-level .com and .net domains as its corporate property.
If Verisign were genuinely ignorant of the effects of their move, then the company is not competent to operate TLD DNS services. If Verisgn were aware of the potential problems their decision could cause and went ahead regardless for commercial reasons then the company is not fit to operate TLD DNS services.
If ICANN cannot react to this nonsense in less than a working week, ICANN itself is not fit to direct the Internet naming service.
Apart from massed armies of geeks with pitchforks and flaming torches converging on Verisign and ICANN locations, does anyone have any constructive suggestions on how to get the parasites out of the loop?
What will Verizon do? (Score:2)
ddos, anyone? (Score:2)
* a cron entry that runs every minute or two, and hits port 80 on verisign's webserver farm.
* infrequent ping- like 1 every 30 seconds
With enough people, this would becomre more than an annoyance. But I'm looking for better ideas. Anyone? Bueller?
Fix how? (Score:3, Interesting)
Does anyone have any idea how an application (or even resolver) writer could workaround this?
All the solutions I've come up with can be defeated by having verisign rotate their IP addresses or domain (sitefinder.verisign.com)
What is BIND doing?
For UK visitors (Score:3, Interesting)
Wrote email to VeriSign (Score:4, Insightful)
I know that my $300 a year may not be the end of the world to them, but I thought it important that they know that some people will make buying decisions based on this. And the types of people that handle DNS registration issues are just the types of people to be ticked off by this.
They sent me a form letter response, that addressed both this new unregistered DNS feature as well as the "register in advance for about-to-expire domains" feature that I didn't mention at all in my email. Their response to that issue was also defensive, so I take it that they're getting an earful on that one as well.
This is definitely not a Linux program (Score:2, Funny)
There is still one domain that doesn't resolve. (Score:2)
Is this the only
Lawsuit time? (Score:2)
Any lawyers out there want to send the C&D for me?
ICANN, IAB, IETF official response (Score:5, Informative)
Essentially, they state that this change violates the RFC for DNS for several reasons. They are creating an IETF working group to recommended practices for implementing DNS, above and beyond what the RFC requires. Unfortunately, there is no mention of any action, or even censure.
Re:ICANN, IAB, IETF official response (Score:4, Insightful)
We'll just have to wait and see if ICANN comes back and slaps them down
Why is this bad? (Score:2)
Can someone provide some concrete examples of problems this causes?
Re:Why is this bad? (Score:2, Informative)
This bypasses my choice of search engine withing my browser for non existant domains (currently google).
Re:Why is this bad? (Score:2)
1. Breaks alternate MX handling if the top priority mailserver's domain is/becomes unregistered. Instead of using a secondary MX record, the mail will bounce or get queued (see #2).
2. Verisign has put a faulty SMTP listener on port 25 that attempts to send a 550 back to the mailer. But it relies on a certain sequence of commands entered and can cause mail to sit queued for days if that sequence isn't just what it expects.
3. Various DNS-based spam checks now ineffective.
4. Peop
Simple solution.. (Score:2)
fleemgoats.com has address 64.94.110.11
fleem@linux [~/dl] $ host 64.94.110.11
11.110.94.64.in-addr.arpa domain name pointer sitefinder-idn.verisign.com.
root@smoothwall~# iptables -t filter -I OUTPUT -d 64.94.110.11 -j DROP
root@smoothwall~# iptables -t filter -I FORWARD -d 64.94.110.11 -j DROP
Not a solution (Score:2)
Re:Simple solution.. (Score:2)
Patched Nameserver Database Available (Score:4, Interesting)
Oh No, Seth! (Score:2)
Could this be a sign that Verisign is about to become a slashdot editor?
PS: for some reason censorware.org and stalkedbyseth.com are not responding... the link is to google cash.
Re:Congratulations (Score:3, Funny)
I bet Michael Sims was DDOSing me.
Re:Canada (Score:2, Informative)
Re:Canada (Score:2)
Right.
And when MS started replacing the web server's 404 error response page with IE's own error page that sent the user to MSN, I didn't hear anyone complain.
Ever noticed that you don't get the default Apache error page when using IE..., ever? IE only displays an error page if it's greater than a certian size. Webmasters have to play tricks like padding the error pag
Re:Canada (Score:3, Informative)
This change is on the root servers. They serve the
Re:what am i missing here?? (Score:3, Informative)
Re:How to make their marketing fools notice (Score:3, Informative)
You have never actually worked at a company have you? You do realize that people make millions of dollars a year writing web server log analyzers and correlators for marketing research. Don't take my word for it [netiq.com] though.
Single quotes are your friend. Anyone who types \& is a dumbass.
Really, how do you propose to pass a reference to a subroutine? Oh, you mean in shell syntax? Why do single quotes when you can just escape. Escaping is a pretty handy thi
A better one: (Score:3, Interesting)
#
#Replace dumbwordlist if you like with nonsense
#that will be used to fill up Verisign's database
#with useless crap.
#To make it eviler, remove the $((RANDOM%10)) parts,
#or maybe wrap the inner loops with an outer loop that
#picks a random postfix and asks for all of the
#domains ending, with that prefix, 10 times or so.
#Since the stuff should get asked for repeatedly,
#maybe they'll get "false positives".
#
#Also note that this simulates the first request to
#the siteverifier page, which sends a redire