Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

47 comments

Misleading? No, just wrong. (0)

AllMightyPaul (553038) | more than 9 years ago | (#10435631)

The headline for this article is incredibly wrong and misleading. Verisign does not control the .cc domain and thus did not implement this "sitefinder", not to mention it's not even a "sitefinder".

It's run by eNIC Corporation, which apparently handles the root for .cc and all it does is ask you if you want to register that domain. It doesn't advertise any other site, and it doesn't advertise its own services or other services.

Is it a bad precedent? Yes, but it's not sitefinder and it's not verisign.

Re:Misleading? No, just wrong. (4, Informative)

base3 (539820) | more than 9 years ago | (#10435675)

Yes, but it's not sitefinder and it's not verisign.

I suppose that's why the words "A Verisign company" appear under the eNIC logo?

Re:Misleading? No, just wrong. (1)

PhlegmMaster (596165) | more than 9 years ago | (#10436438)

A subsidiary of a company is not the actual company itself, it's just a peon with which to attribute blame.

Re:Misleading? No, just wrong. (4, Insightful)

Uberdog (73274) | more than 9 years ago | (#10436880)

A subsidiary of a company is not the actual company itself, it's just a [front the company can use to make the public think it's] a peon with which to attribute blame.

CTFL = MOD DOWN (3, Informative)

CustomFort (643959) | more than 9 years ago | (#10435784)

Moderators, at least CTFL (click the fscking links), even if you don't RTFA. eNIC is a VeriSign Corporation (see http://www.enic.cc/ [www.enic.cc] ).

As far as I can tell, they are justing grabbing free business off of this service, and deserve to be shamed. How is this different from SiteFinder?

Re:Misleading? No, just wrong. (0)

Anonymous Coward | more than 9 years ago | (#10435810)

eNIC is a Verisign company. It says so right on the page.

Re:Misleading? No, just wrong. (0)

Anonymous Coward | more than 9 years ago | (#10437474)

Thin end of the wedge, dude. Thin end of the wedge.

Re:Misleading? No, just wrong. (1)

kimba (12893) | more than 9 years ago | (#10437606)

Well, you are right that it is not Sitefinder, but it is VeriSign. All the VeriSign staff treat it as their own, and it is operated by VGRS staff (the division inside VeriSign that runs .net and .com too)

Why the article is completely stupid is this domain has had a wildcard for years. This is nothing new or noteworthy.

Spyware (1)

l1nuxpunk (738263) | more than 9 years ago | (#10435679)

Isn't this the equivalent of what any spyware would do to someone's computer? How does this kind of advertisement differ at all?

Re:Spyware (1)

Geoffreyerffoeg (729040) | more than 9 years ago | (#10435741)

It doesn't differ, but we don't like spyware either.

Re:Spyware (2, Insightful)

PurpleFloyd (149812) | more than 9 years ago | (#10435995)

It differs in four ways:
  • You can't not get it. Spyware usually isn't installed willingly, but there are steps you can take to prevent getting spyware on your system. This is located on Verislime's servers and can't be avoided.
  • You can't remove it. Spyware, once installed, can usually be removed and the system put back to the way it was. While it can be difficult, it's usually possible for you to put your computer back to the way it was before you were infected. With this, the only way to remove it is to convince Verislime that it's in their best interest to get rid of it.
  • It represents abuse of what's supposed to be a public resource. This is like a utility company with a government monopoly selling your name to mailing lists: they've been granted power, and they're abusing it for profit.
  • Finally, and most importantly, it breaks DNS. The ability to check for a valid domain is an important spam-detection tool. With this, any query to DNS for a nonexistent .cc domain will return as if it were valid. Sitefinder breaks this, just so Verislime can get a few extra bucks of profit.

Re:Spyware (1)

Lehk228 (705449) | more than 9 years ago | (#10436105)

simple, ban mail from *.cc

Re:Spyware (1)

Ayaress (662020) | more than 9 years ago | (#10439485)

Spyware you can avoid (Don't use IE, turn off the features that it uses to install, run Spybot or Adaware regularly, etc), and when you get it, you can get rid of it. Sitefinder is just *there*. You get it. Period. You can't get rid of it. And furthurmore, I've never had spyware that prevents me from getting otherwise useful error pages.

erm.... (1, Funny)

moosesocks (264553) | more than 9 years ago | (#10435709)

so how long before someone throws up a goatse mirror at http://an-unregistered-name.cc/

Re:erm.... (0)

Anonymous Coward | more than 9 years ago | (#10435757)

If someone's willing to pay $30 for the privilege, more power to them. Lately, they've been gobbling up the free .info domains being pushed by some registrars, but it looks like their supply of those has been cut off.

huh? (3, Informative)

theCoder (23772) | more than 9 years ago | (#10435715)

Maybe it doesn't work anymore, or my ISP blocks it, but I'm not getting any site-finder like results in the .cc TLD:

$ host an-unregistered-name.cc
Host an-unregistered-name.cc not found: 3(NXDOMAIN)
$ host alskdfjsldkafjdsalkjskld.cc
Host alskdfjsldkafjdsalkjskld.cc not found: 3(NXDOMAIN)

Re:huh? (3, Informative)

Geoffreyerffoeg (729040) | more than 9 years ago | (#10435892)

It's your ISP, thankfully still implementing SiteFinder blocks. Cox Internet gives:
ibook:~ geoffrey$ host an-unregistered-name.cc
an-unregistered-name.cc has address 206.253.214.102
ibook:~ geoffrey$ host alskdfjsldkafjdsalkjskld.cc
alskdfjsldkafjdsalkjs kld.cc has address 206.253.214.102
Anyway, the results are not SiteFinder, just "buy this domain or e-mail the registrant". Besides, .cc isn't an autoresolution or even a relatively common domain, which was the problem with SiteFinder.

Incidentally, http://206.253.214.102/ [206.253.214.102] is a notable example of not checking your input string (in this case, the HTTP Host field) before parsing it.

Re:huh? (2, Insightful)

brunes69 (86786) | more than 9 years ago | (#10437844)

Anyway, the results are not SiteFinder, just "buy this domain or e-mail the registrant". Besides, .cc isn't an autoresolution or even a relatively common domain, which was the problem with SiteFinder.

No, the problem with sitefinder is that it returns bogus, corrupted DNS information, which breaks a hell of a lot of 3rd party software that follows the RFCs.

Re:huh? (1)

realdpk (116490) | more than 9 years ago | (#10441020)

Ha. Yes. They don't even look for 's. Unfortunately I couldn't figure out a way to encode a / in to the URL, else we'd have an example of an XSS vuln.

Re:huh? (2, Interesting)

Steamhead (714353) | more than 9 years ago | (#10435893)

dan$ host asdjahfljkahfkasdhflsd.cc
asdjahfljkahfkasdhflsd. cc has address 206.253.214.102

*sigh* I if .cc becomes a problem, I guess it will become like .biz and be blacklisted on my mail client.

Re:huh? (1)

numbski (515011) | more than 9 years ago | (#10436297)

I run an ISP, and I use Bind.

Anyone have a good link on how to implement these blocks? I'll pass it around to my colleagues at the other local ISP's here in St. Louis...

Re:huh? (2, Interesting)

Piquan (49943) | more than 9 years ago | (#10436733)

Look at the NANOG archives from around the time of the original SiteFinder debacle. There's a patch. Paul doesn't like it, but he wrote it anyway.

Re:huh? (1)

spiff42 (718678) | more than 9 years ago | (#10437430)

How about .nu ?

http://what-is-wrong-with-you-guys.nu/ [what-is-wr...ou-guys.nu] . The .nu TLD have been using this for a couple of years now. It really screws things up a lot when you do not get a proper NXDOMAIN, but actually get a valig reply that dosn't run whatever service you were trying to connect to.

But the fact is that a lot of domains do this, just not on TLD. Is this less bad??

/Spiff

Re:huh? (0)

Anonymous Coward | more than 9 years ago | (#10440615)

So once Verisign has spread this around enough smaller TLDs, they'll come back with "proof" that people like the service and demand that they're entitled to put it on .com too, and anyone who tries to stop them from using their government-granted monopoly is destroying their ability to do business.

No, no, no! This is acceptable! (1)

Geoffreyerffoeg (729040) | more than 9 years ago | (#10435725)

Though run by a Verisign subsidiary, this is NOT SiteFinder. SiteFinder is a search engine meant to hijack the type in location-bar -> autocomplete .com process. This is an advertisement for a dot-cc domain, which you couldn't reach accidentally anyway.

Besides, dot WS [even-at.ws] , dot TK [here-too.tk] , etc. have this service. Where's the outcry?

Re:No, no, no! This is acceptable! (0)

Anonymous Coward | more than 9 years ago | (#10436869)

Appreciable spam isn't coming from dot WS or dot TK yet. As soon as it does, and spam filters relying on hostname lookup start failing, you'll see an outcry.

Dear Slashdot, (2, Funny)

jeffy124 (453342) | more than 9 years ago | (#10435767)

YABT. YHL. HAND.

OK, yeah... (1)

AllMightyPaul (553038) | more than 9 years ago | (#10435827)

So eNIC is owned by Verisign. I got that wrong. But it's still not Sitefinder.

SiteFinder is alive and well in the .cc TLD (1)

ForestGrump (644805) | more than 9 years ago | (#10435884)

Oh god! it hurts to look at goat.cc

Re:SiteFinder is alive and well in the .cc TLD (0)

Anonymous Coward | more than 9 years ago | (#10437524)

You're looking for a wife from goat.cc?

They don't escape addresses! http://Random HTML.cc (1)

It's People! (819150) | more than 9 years ago | (#10436021)

http://<b>.cc/ works! They must not bother to escape things at all!

Dollar sign? (1, Interesting)

Anonymous Coward | more than 9 years ago | (#10436095)

I though the dollar sign was invalid in domain names...

http://VeriSignAreA$$Holes.cc/ [verisignareaholes.cc] goes to their little page with the $s intact.
Slashdot seems to remove $s from URLs even when they are intentional.

Good for a laugh (2, Informative)

aztektum (170569) | more than 9 years ago | (#10436138)

I typed in sitefinderislame.cc and it gives me a page that says "Welcome to your new home on the web!"

Re:Good for a laugh (1)

iezhy (623955) | more than 9 years ago | (#10448784)

is the .cc domain is so popular or this sitefinder thingy just doesnt work right?

iezhy.cc is not available.
iamiezhy.cc is not available.
curseyouverisign.cc is not available.
blahblah.cc is not available.
dsded.cc is not available.
asdqwrdsa.cc is not available.
sadsdasdemocdza.cc is not available.
sad3234swaqdvere.cc is not available.
hihakiliekia.cc is not available.

lol?

buffer overflow (1)

kmanq (818756) | more than 9 years ago | (#10436496)

well you could have a serious problem as it seems that anything goes and pulls up the .cc page, html works fine as posted and tested...could this lead to verisign themselves being vulnerable being as this is a subsidiary of them??

Re:buffer overflow (1)

kmanq (818756) | more than 9 years ago | (#10436504)

try this one: <del>.cc

Re:buffer overflow (1)

TheOnlyCoolTim (264997) | more than 9 years ago | (#10436831)

http://.cc

I don't think there's much of a way they're vulnerable through this, but there's probably a way to do a goatse redirect or something - it's just that I haven't been able to get a slash or equals sign through so it's a bit hard.

Tim

Re:buffer overflow (2, Interesting)

TheOnlyCoolTim (264997) | more than 9 years ago | (#10436837)

Just go to http://<marquee>.cc

Tim

It's Not New (3, Informative)

Jeagoss (661909) | more than 9 years ago | (#10436585)

Over the past few years, I have helped clients register .cc domains by typing in domain.cc and if that page came up, I knew it wasn't registered. ENIC has been using this blank page service for a while. The page has been changed a few times, but, it has always been pretty much the same "Welcome to Your Future Home", or "Buy this unredistered domain" pitch. Why is it that someone just now noticed? Then, just because by change ENIC happens to be a subsidiary (or however you spell it) of Verisign, this service is automatically dubbed "SiteFinder". I find this very sad.

(Get out the fire extinguishers, tin foil hats, and flame throwers. This one might catch on fire and explode in contempt.)

Re:It's Not New (1)

Jeagoss (661909) | more than 9 years ago | (#10436599)

just by chance** Sorry, my fingers got excited

Old news (1)

mnordstr (472213) | more than 9 years ago | (#10437489)

The cc TLD has had that service running for as long as I can remember. It's just a way to buy an unregistered name, not a search engine like SiteFinder. Even though I highly dislike these kinds of unstandard solutions, it's much better than SiteFinder was.

Hmm (1)

Fweeky (41046) | more than 9 years ago | (#10437517)

Why is my 'zone "cc" { type delegation-only; };' not doing it's job?

Sitefounder A record - not found. (1)

gd23ka (324741) | more than 9 years ago | (#10437786)

One quick way around this is to treat the sitefinder A records the same as if no results were found.

Yeah, but who receives mail from .cc? (1)

jonadab (583620) | more than 9 years ago | (#10437817)

You can't block .com, because there are too many valid domains there, but .cc?
Nothing legitimately worthwhile has ever been hosted there; if the spammers
or whoever abuse this, you just instruct your software that all .cc domains
are invalid, and your dad is Robert's brother. It's an ugly hack, but it
would work; no such thing is possible for .com

I'm not saying that it's right for nameservers to return wildcard results for
unregistered domains, but this isn't nearly the problem in .cc that it would
be in a major TLD such as .com or .net or .org or .edu or .us or cetera.

3 Ways to stop this (1)

pdcryan (748847) | more than 9 years ago | (#10447061)

I wrote a paper on this last year... basically there are 3 interesting (legal) theories that could be used to enjoin VeriSign from continuing sitefinder (it's also working on .tv - BTW). Here is the ultra condensed version.

1. The Lanham Act - specifically the Anti-Cybersqatting Consumer Protection Act (ACPA). VeriSign is essentially registering and profiting off of the protected trademarks of others.
2. Antitrust. Verisign could be guilty of violating the Sherman Act - most interestingly as the controller of the DNS "essential facility." Similar actions caused AT&T (back when it controlled the local phone switches) to allow long distance competitors access to the local switches - so they could effectively compete. If the DNS registry is an essential facility - Verisign cannot use it to block out downstream competition (other registrars, web portals, etc.).
3. State Action - Takings violation. This one is a little wacky - but interesting none the less. Network Solutions (when they ran the DNS) was always let off the hook for AntiTrust via the Parker doctrine - which permits companies who are closely tied to the government (and the government itself) to be excused from antitrust laws - because of their close tie to the Federal Government. The same close ties could result in a "state action" under either a government function (not often used by the courts) or a symbiotic relationship test (rarely used by courts). Essentially - the private company acts like the government - and should be treated as such, which means having to follow the rigors of the Constitution. Specifically, when the capture the intellectual property of others (the names of the unregistered domain names that are now pointing to verisign's page), they are violating the "takings clause" - which requires compensation.

BTW - IANAL - but, I think the points are quite interesting. I really didn't do them justice by quickly summarizing them here, but what the heck - that's what slashdot is for.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...