Verisign backlash gathers force

All your Web typos aren't belong to us

  • alert
  • submit to reddit

Security for virtualized datacentres

The backlash against Verisign's controversial decision to direct users who get lost on the Web to a search engine site run by the company is gaining momentum.

Net users have set up an online petition to protest the move, which critics say is an abuse of Verisign's role as steward of the .com and .net top level domains and a violation of established technical procedures.

The signatories to the petition are calling on Net governing body ICANN to put pressure on Verisign to drop the practice which breaks technical standards affecting email services, and other Internet systems. In particular, there's concern the move will make it harder to identify spam that originates from non-existent domains. So Verisign is (inadvertently) assisting spammers bypass some filtering techniques.

(There were 12,360 signatories to the petition early this afternoon but this figure has since been reset, amid security concerns email address on the petition v1.0 were been harvested by ne'er do wells.)

Breaking standards, hijacking users

Protestors also believe Versign's move is anti-competitive. As does Florida-based 'search services' company Popular Enterprises which has filed a law suit which seeks to compel Verisign to drop its controversial Site Finder service, Reuters reports. Popular Enterprises has a history of purchasing expired domain names and directing them to its Netster search site, a practice not dissimilar to what it is complaining about.

Still the law suit has been broadly welcomed in the Net community as another means to bring pressure to bear on Verisign.

The controversy kicked off on Monday, when Verisign added wildcard DNS records to all .com and .net domains - redirecting surfers who get lost on the Net to a search page, called Site Finder, run by the company. Those who type in non-existent addresses will also be served up Site Finder, instead of an error message. Verisign isn't saying how much it expects to make from selling advertising on this site. According to Verisign, 20 million users a day mistype the name of the domain they wish to visit - so the commercial potential of Site Finder is considerable.

Techies BIND Verisign up

In response to Verisign's audacious land grab, the developer of the technology used to direct most surfers on the Web has released a workaround designed to stop users who mistype URLs ending up at Verisign's new search site.

The Internet Software Consortium, the non-profit body that develops the ubiquitous BIND domain name server, has adapted its software so that those users who enter mistyped domain names are served up with old-style error messages instead of Site Finder.

The patch (BIND 9.2.3rc2), which limits .com and .net zones to be "delegation-only" (i.e. wildcard entries a la Verisign will not resolve to anything), is explained here. ®

Related stories

All your Web typos are belong to us
Verisign DNS change broke my HP printer (letters)
BIND developer blocks Verisign Net grab move
Verisign's SiteFinder finds privacy hullabaloo

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.