Yesterday, VeriSign resorted to more anti-competitive, monopolistic tactics. They’ve placed a wildcard in global DNS records for .com and .net top-level domains, essentially hijacking all unregistered domains, and those with invalid DNS entries. In place of the traditional error page most browsers used to display, any user who enters an unregistered domain ending in .com or .net (including misspellings) now gets redirected to VeriSign’s Site Finder service, which displays a page entirely controlled by VeriSign, supposedly providing links to the possible intended destination.
Unsuspecting news organizations are reporting this as a (ahem) helpful service which “provide some clues to help you find the sites you were looking for”. But ultimately, this appears to be nothing more than another land-grabbing, money-making scam. The page to which all unregistered domains redirect also provides a search form and a short list of categories pointing to results. Many of the first few results are all paid, sponsored links apparently coming from Overture. VeriSign themselves have estimated that .com and .net domains get mistyped approximately 20 million times per day. You can imagine the traffic VeriSign is suddenly forcing their way as a result of this change.
See Site Finder yourself by trying any non-existent domain, like blipvip.com or veribadsign.com.
Understandably, network administrators and web geeks everywhere are furious about all kinds of concerns this raises: privacy, failed anti-spam measures, and others which go beyond my understanding. What I find interesting, is that many ISPs and backbone providers are fighting back by blocking the IP address(es) associated with VeriSign’s Site Finder. The nonprofit Internet Software Consortium is already writing an urgent patch for BIND, a service used by many ISPs to help resolve domain names to the IP addresses of the servers which host each site. The patch will allow ISPs and other DNS admins “to restore control by identifying and then ignoring data from Site Finder”.
With so many people, companies, and organizations upset at VeriSign for such an unethical move, we’ll see how long this scam lasts. Stay up-to-date on the issue by checking Google News or following the huge Slashdot thread on the subject.
Update: Wired News posted the Associated Press version of the story: VeriSign Takes Sting out of Typos, and Declan McCullagh just wrote a good piece for News.com: VeriSign redirects error pages.
Update 2: Since writing this entry, someone snatched up the domain veribadsign.com, so the link above no longer redirects to Site Finder.
Posted in Technology, Web
20 comments (Comments closed)
Gawd. They even have the gall to add a terms of service agreement to that Site Finder page.
I don’t get the Site Finder page, but yes, this is bad.
Depending on who you use to access the web, some ISPs have already implemented blocks or nulled any data coming from the Site Finder-associated IP address. Because of the action taken by network admins and ISPs, some may not be able to access VeriSign’s service by typing a bad domain anymore. Thank goodness for swift veto powers like this. But everyone needs to become aware of the issues at hand, so that Site Finder gets blocked everywhere.
Wow, thanks for the heads up, Doug! This really creeps me out. I noticed that some of the domains I tried are not working, so yes, the ISPs are working fast. Thank God. I switched my domain from Network Solutions (owned by VeriSign) over to Hostway and I’m never switching back for sure after this.
Although I’m no fan of this monopoly, it’s good to see network solutions aquired. Maybe they’ll improve customer service. Heckm Mike won’t ever use ‘em again, why should I? ;) I can’t stand Network Solutions…
But the monopoly is frightening…
looks like earthlink blocked it already. i got it when i tried it at work on an SBC controlled T1, but my earthlink at home still goes to the standard MSN search (another monopolistic tactic that drives me nuts)
Also, when you type in an invalid address, IE now saves it in your address bar drop box, as it registers it as a real address. With invalid addresses it used to ignore it.
So its always there. Looking at you. Pointing out your mistake.
Not a major concern, but I know the irritation will grow on me.
ISP blocking can only do so much….if VeriSign decides to Akamize the Site Finder site, then the site’s hosting will be effectively unblockable.
I would have thought a move like this would be quite illegal in some way, but as it stands apparantely not?
I tried this yesterday and got the VeriSign page, but today all I get is a blank page with “this does not exist.” I’m using Road Runner.
“this appears to be nothing more than another land-grabbing, money-making scam”
Would that be the same kind as every other one since the beginning of recorded human history?
Wow, imagine that.
Either I missed it, or they’re surprisingly not taking advantage of the opportunity to sell that unregistered domain to you. They’ve already diverted a bunch of traffic to themselves, why not go ahead and try to hijack some of the other registrars’ business while they’re at it? Maybe it’s in the works, or maybe this is one of the most half-assed evil plots I’ve seen.
And the lame thing is, now it takes forever to find out that, no, that domain you just typed didn’t work. At least for me it keeps thinking and thinking and thinking…
Sitefinder applies to all the applicable regulations - but guess who wrote the regulations?
Looks like someone bought veribadsign.com!
Rob: Yes, according to WHOIS, looks like it was purchased two days after I wrote this entry (registered on 18 Sept) and made up the domain (and thus, the entry title). I was suprised it was available, given how many people dislike said company, and how obvious the name seemed.
Funny thing is, the placeholder page from the hosting company is already showing up in Google results for “veribadsign”, merely because I (and a few others) linked to a formerly non-existent domain.
Since I added:
127.0.0.1 sitefinder.verisign.com
into my hosts file, no issue anymore
Verisign is now being sued for a hundred million dollars.
What can be done to block these DNS replies redirecting to sitefinder.com ?
I’m not surprised someone bought veribadsign.com.. when I read that domain name here I almost choked up my lungs. Excellent one :-)
Comments no longer open for this entry.