Applications and devices like cell phones, email, search engines, and automated programs handle the error messages differently; it would be naive for VeriSign to think only humans with browsers rely on DNS. When a user enters a non-exist domain name on their cell phone the DNS error message would prevent downloading. Now cell phones download VeriSign's SiteFinder webpage and Service Providers bill the cell phone user for that extra usage. SPAM prevention programs also rely on this error message to check to see if the domain is real. more
Yet another DNS blacklist has been taken down out of fear of the DDoS attacks that took down Osirusoft, Monkeys.com, and the OpenRBL. Blackholes.compu.net suffered a Joe-Job (A Joe-Job is essentially spam designed to look like it's coming from someone else.) earlier this week. Apparently the Joe-Jobing was enough to convince some extremely ignorant mail administrators that Compu.net is spamming and blocked mail from compu.net. Compu.net has also seen the effects of DDoS attacks on other DNS blacklist maintainers. They've decided that the risk to their actual business is too great and they are pulling the plug on their DNS blacklist before they come under the gun by spammers. more
On September 3, 2003, United States federal law enforcement officers arrested the notorious John Zuccarini accused of allegedly creating misleading domain names to deceive children and direct them to pornographic websites. Zuccarini's arrest is the first to be made under the Truth in Domain Names Act, which took effect earlier this year prohibiting people from creating misleading domain names as a means to deceive children into viewing content that's harmful to minors, or tricking adults into clicking on obscene websites. What follows is a collection of commentaries made by experts in response to this event...
more
It is openly admitted , in the same Implementation PDF file, that all accesses to the Site Finder service are monitored and archived. A further worry for users is the privacy policy and terms of service posted on the Site Finder service. Not only does the simple act of mistyping a URL implicitly cause you, the end user, to accept VeriSign's Terms of Service and Privacy Policy without the chance to review and accept or decline either, but critical information as described above is not disclosed in either policy (as of this writing). The Privacy Policy clearly states... more
A harmful, highly unilateral and capricious action. Tons of software out there depended on the ability to tell the difference between a domain name which exists and does not. They use that to give a meaningful, locally defined error to the user, or to identify if an E-mail address will work or not before sending the mail. Many used it as a way to tag spam (which came from domains that did not exist). It is the local software that best knows how to deal with the error. more
I wrote a guest column for ZDNet last month on the importance of IPV6. I fear that the Internet has been devolving into a recreation of the old smart networks with a lot of perverse complexity in the infrastructure. The latest calls for protection from all that bad stuff only adds to my concern since the problems attributed to the "Internet" will encourage people to seek more meddling. Unfettered connectivity has been a necessary precondition for allowing innovation to thrive on the Internet. It worked because the same openness allowed those at the edges to protect themselves against the errors whether malicious or just problematic. In fact, the so-called Internet revolution was triggered by the key concept of the browser -- treating other systems with suspicion but leaving it to the end points to decide how much to trust each other. more
A recent study by researchers at the Cooperative Association for Internet Data Analysis (CAIDA) at the San Diego Super Computer Center (SDSC) revealed that a staggering 98% of the global Internet queries to one of the main root servers, at the heart of the Internet, were unnecessary. This analysis was conducted on data collected October 4, 2002 from the 'F' root server located in Palo Alto, California.
The findings of the study were originally presented to the North American Network Operators' Group (NANOG) on October 2002 and later discussed with Richard A. Clarke, chairman of the President's Critical Infrastructure Protection Board and Special Advisor to the U.S. President for Cyber Space Security. more
Register.com has not taken a position for or against WLS. If and when the registry launches this service, Register.com will consider whether to offer it based on the price and conditions attached to the service. We are committed to delivering to our customers the best in class services available. Therefore, the registry's price will be an important factor. Moreover, we are concerned about some of the conditions currently being considered by ICANN - primarily, the "black out period." This is a period of time prior to the final deletion of a name, during which a registrar would be prohibited from selling a WLS subscription on a domain name that it sponsors. We consider this a condition that could confuse consumers and dampen domain name competition. more
Some individual appears to have hijacked more than a 1,000 home computers starting in late June or early July and has been installing a new Trojan Horse program on them. The Trojan allows this person to run a number of small websites on the hijacked home computers. These websites consists of only a few web pages and apparently produce income by directing sign-ups to for-pay porn websites through affiliate programs. Spam emails messages get visitors to come to the small websites.
To make it more difficult for these websites to be shut down, a single home computer is used for only 10 minutes to host a site. After 10 minutes, the IP address of the website is changed to a different home computer... more
Two controversial issues which were on the agenda of the Montreal ICANN meetings creating some irritation: the way of planning to create a country code support organization (ccNSO), and the discussions around the purpose and operation of WHOIS – the database of registrants of domains. Without going into the history of the ccTLDs withdrawing from their former role within the DNSO and moving towards a self organized structure, there is an obvious conflict revolving around the term... more
John Banks is a loan officer in New York. John's supervisor recently warned John about the potential number of bad loans he may be carrying as part of his portfolio. To dump some of the bad loans he might be carrying, John came up with a scheme. He pointed his web browser to www.whois.org and entered terms denoting disease or poor health such as 'cancer' and 'illness'. This query on the Internet's WHOIS database reported results of names and addresses of domain name owners who had developed websites devoted to providing information on certain serious illnesses. John compared these names and addresses with those in his portfolio of loans. For the matches, he canceled the loans and required immediate payment-in-full. more
Various people whose judgment I value [M. Mueller, B. Fausett] have suggested that ICANN/IANA may finally get to the issue of privacy.
The ICANN Board is establishing a "President's Standing Committee on Privacy" (why the committee is possessed by ICANN's "president" and not the Board is something we can deal with at another time and another place.)
Privacy is a hard question. It is a matter that pervades all aspects of information handling. It would be entirely inappropriate, and ultimately futile, to try to deal with privacy as an after-the-fact adjustment to the existing DNS Whois system. It is necessary to examine the most fundamental questions -- such as what reasons, if any, justify there being a Whois database at all. more
The Whois Task Force of the Domain Name Supporting Organization (DNSO) has been consulting with registrars over the past few months on the Whois accuracy issue for law enforcement. The Task Force has enumerated three primary areas of interest: accuracy, uniformity, and better searching capabilities. When the registrars met with the Task Force in Shanghai, a fourth area of interest was also brought forward and advocated by many of the registrars at the meeting as paramount to the other three areas. This fourth area of interest was privacy. more
In the beginning there was silence; then, silence begat communication, and communication begat more communication and, ultimately, group communication formed and begat a primordial "network" of communication that gradually and inevitably increased in effectiveness and complexity: there were only signal fires at first but, then, there were cave drawings, carrier pigeons, shouting from hill-tops, smoke from fire, lines of cannon fire, the telegraph, Alexander Graham Bell, and, finally, the network of networks known as the Internet. But, is that it? Is there not something more impressive in its impact upon communication than the Internet? What more might one desire than the dynamic wonders of the Internet, you ask? Well, what about ENUM? "E-What!?" more
Has your organization recently received an email claiming to be from NABP's Internet Drug Outlet Identification Program (IDOI)? If so, it is possible that someone is trying to trick you. The NABP IDOI team's email account has recently been illegally "spoofed" by unaffiliated persons or organizations. Email spoofing involves the forgery of an email header so that the email appears to have originated from someone other than the actual source. more