Attn sysadmins: Verisign claims all unused COM and NET TLDs

Discussion in 'Computers' started by Ryan Spaight, Sep 16, 2003.

  1. Ryan Spaight

    Ryan Spaight Supporting Actor

    Joined:
    Jun 30, 1997
    Messages:
    676
    Likes Received:
    0
    Sometime yesterday, Verisign added a wildcard A record to the COM and NET root nameservers, which resolves to 64.94.110.11, or sitefinder.verisign.com -- a big fat Verisign page. *Any* invalid hostname ending in COM or NET will now return this address. (Try it with nslookup. Scary.)

    This is similar to what Microsoft did in IE, where a bad hostname would take you to MSN search. The difference is that while you can turn that behavior off in IE, what Verisign has done affects the whole damn Internet, and there's no way to disable it.

    This has the effect of breaking spam filters and making many basic troubleshooting operations much more difficult. More discussion here:

    http://slashdot.org/articles/03/09/1...&tid=98&tid=99

    I don't think it's an overstatement to say this is the single biggest change in how the Internet DNS system works ever, and entirely for the worse. Whoever at Verisign thought this up should be shot.

    Ryan
     
  2. Josh Lowe

    Josh Lowe Screenwriter

    Joined:
    Jun 19, 2002
    Messages:
    1,063
    Likes Received:
    0
    Some blown dry marketing fuck, no doubt.
     
  3. DonRoeber

    DonRoeber Screenwriter

    Joined:
    Feb 11, 2001
    Messages:
    1,849
    Likes Received:
    0
    Yeah, this really sucks. However, the argument for spam filtering isn't very good. Instead of checking to see if a domain is valid by if it resolves or not, now we just need to see if it resolves to sitefinder.verisign.com. It doesn't cost any more in system resources, you're still doing a DNS lookup.

    It's just a big pain in the ass for end users, who will now be more confused than ever. Although I posted something regarding this on Slashdot when it was still in the discussion phase at Verisign. In a few years, I'm betting that the Address Bar in your browser will be replaced by a Google powered search bar. Have you watched the average computer user's behavior recently? If you set their home page to Google, your browser will usually shift keyboard focus to the search box when it loads the page. So just type in what you want, at hit enter. Google gets you the page that you want, and then you click on it to go to that site. Yeah, it's one more click than just typing something in the address bar (unless you count changing the cursor focus to the address bar, then it's even), but you get reliable information from Google. Never have to worry about mistyping the website address again.

    Seriously, watch non-computer-savvy user behavior. It's fascinating, but I really think that in a few years, everything will be bookmarks and Google (or whatever search engine is ruling the world then). Who really wants to remember URLs anyway?
     
  4. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
    Well, they're abusing their authority. I don't imagine this is going to last.
     
  5. Tony-B

    Tony-B Producer

    Joined:
    Jun 30, 2002
    Messages:
    3,768
    Likes Received:
    0
    That is just stupid. Major [​IMG] to Verisign!
     
  6. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
  7. DonRoeber

    DonRoeber Screenwriter

    Joined:
    Feb 11, 2001
    Messages:
    1,849
    Likes Received:
    0
    Wow. And that's a pretty big 'someone' too.
     
  8. Ryan Spaight

    Ryan Spaight Supporting Actor

    Joined:
    Jun 30, 1997
    Messages:
    676
    Likes Received:
    0
     
  9. Joshua Clinard

    Joshua Clinard Screenwriter

    Joined:
    Aug 25, 2000
    Messages:
    1,821
    Likes Received:
    69
    Location:
    Abilene, TX
    Real Name:
    Joshua Clinard
    I agree, this is a horrible practice. They should never have done this. It just shows you how they will do ANYTHING to get ahead. They also sent non-Verisign domain owners unsolicited mail trying to get them to switch last year. Anyone who owns a domain through them should switch to DirectNic or some other cheaper alternative. A search company has submitted a lawsuit against them, and I hope they win!
     
  10. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
    Now ICANN and IAB have asked them to cut it out as well, though not for reasons I would have preferred.
     
  11. Francois Caron

    Francois Caron Cinematographer

    Joined:
    Jul 31, 1997
    Messages:
    2,143
    Likes Received:
    0
    Real Name:
    Francois Caron
    There is a way to work around this problem on your own machine. Do note that this fix will probably work only at the Web browser level. E-mail delivery is usually handled by your ISP, not by your machine.

    Find a file called "hosts" located in the "c:windowssystem32driversetc" directory. Open the file with a text editor such as Notepad. You should see the following line at the end of the file.

    127.0.0.1 localhost

    Add the following line after it.

    127.0.0.1 sitefinder.verisign.com

    Now save the file.

    Before your computer asks your ISP's name server to locate the Website you requested, it first checks the "Hosts" file to see if there's already a local TCP/IP address set up for the site. But now, when you're redirected to the Verisign Web site, your computer will be misled into believing the site is located on your own machine! Since you don't have that site set up on your computer, your browser will instead display the traditional 404 error message.

    There may be more Verisign sites that need to be included in the Hosts file. Verisign collects information on the misspelled Web sites including some of your personal information and what you might have been looking for. Verisign is most likely selling this information to the highest bidder.
     
  12. Wayne Bundrick

    Wayne Bundrick Cinematographer

    Joined:
    May 17, 1999
    Messages:
    2,358
    Likes Received:
    0
    Verisign should be forced to give up control of the .com and .net directories to another company who can act more responsibly.
     
  13. Wayne Bundrick

    Wayne Bundrick Cinematographer

    Joined:
    May 17, 1999
    Messages:
    2,358
    Likes Received:
    0
    Today ICANN issued a stern ultimatum to Verisign to shut down Sitefinder by 6pm PDT, and Verisign has said they will comply. I think they already have. Check your favorite news source for details.
     
  14. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
    Nope, they still haven't.
     
  15. Wayne Bundrick

    Wayne Bundrick Cinematographer

    Joined:
    May 17, 1999
    Messages:
    2,358
    Likes Received:
    0
    Either you were a victim of DNS caching or my ISP had already patched their DNS to return a proper "domain does not exist" error instead of Sitefinder, because we tried several nonexistent domain names and got the proper error at the time I made the post.
     
  16. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0

Share This Page