VeriSign Broke The Internet


Home > Misc > Random Thoughts > VeriSign Broke The Internet

Below is the random thought titled "VeriSign Broke The Internet". Be aware that these thoughts may be based on opinion, and my opinion might not agree with yours. Also, the thought below may be based on mood, time of day, or any number of other factors. Please keep this in mind.


VeriSign Broke The Internet
Tuesday, September 30, 2003

About 3 weeks ago, VeriSign changed the .COM and .NET top level domains to include wildcards which now resolve all unregistered .COM and .NET domains to a VeriSign run service called "SiteFinder". The intent is to redirect users who misspell a domain name to a website (run by VeriSign) that will help them find what you need. It provides a list of domains close to what the user was looking for, as well as sponsored links and a search engine. For example, if you try to go to www.doesntexistmistakedomain.com, it will now to go SiteFinder instead of coming back with the "DNS entry not found" error. This is a very, bad thing. Why?

Well, for one thing, VeriSign has made these changes without asking anyone, and refuses to undo them. This "service" changes the fundamental way the Internet works, and is breaking alot of things.

Instead of a nonexistent domain coming back with a proper "not found in DNS" message, it now resolves to VeriSigns servers. This has been breaking antispam services, which rely on proper error messages to find non-existent domains. It has been seen to break HP network printers, and is even causing serious problems with Windows networking (incorrect error messages when trying to browse for a machine that doesn't exist, networking locking up, etc.). The Internet operates on a system of standards, and when one of these standards suddenly and without warning changes, then you can imagine the problems. Programmers rely on proper error messages when writing their software, and when those are removed, all manner of weirdness can occur.

This can also have a far reaching effect on email. If you try to send an email to "bob@doesntexistbaddomain.com", you would expect to get an error from your mailserver pointing out your mistake. Not any more. Your mailserver will happily resolve that domain and contact the SMTP server that VeriSign has so thoughtfully set up. Now, your message will be delivered to their fake server and you will get a "user unknown" message instead of a "server not found" message. Oh, and did I mention that this error is only produced by VeriSign's server after it has received the body of the message? That's right, VeriSign is intercepting your email. Perhaps they are also logging the addressees to sell to spammers?

But the privacy problems don't end there. The domain that was misspelled (when accessing a Web page) is also sent to VeriSign's advertisers in the URL used to retrieve their ad banner. This means that if that URL contained private information, it will be not only logged by VeriSign, but also sent to several advertisers! URLs often include information that is benign, like what colour scheme you picked, where you are navigating on a website, etc. But they can and do contain private information. Depending on how the programmer of the website you are surfing set things up, the URL can contain usernames, passwords, form information, session IDs, etc. If that developer makes a mistake in the submission address of one of his/her forms, then users and their info can be accidentally directed to VeriSign! And if it goes to VeriSign, it goes to their advertisers.

Perhaps the worst part is that VeriSign has refused to turn off the "service". After being pressured by ICANN (the company in charge of regulating the Internet in the US), they still have not relented. This is a blatant abuse of their power, and with all the other scandals and bonehead maneuvers by VeriSign lately, we must wonder if their time has passed. Indeed, when you are sued by GoDaddy, then you know your company is in trouble.

We can only wait and see how this plays out, and hope that someone, somewhere, forces VeriSign to shut down this troublesome "feature".


Comments From Others

anonymous
VeriSign Broke The Internet
Wednesday, November 04, 2009
Interesting. I just stumbled upon this old article and didn't believe it until i researched it. Apparently it's true. en.wikipedia.org/wiki/Site_Finder I love the title "VeriSign Broke The Internet". Haha, that's great. Anyway on a different note, your website looks like it was designed in like 1999. My eyeballs hurt to look at it. I happen to be a web programmer/designer if you ever are looking for a redesign send me an email I'll give you a cheap price.

(Editor's notes: My site is simple, fast, not graphically heavy and works in every browser since Mosaic was in beta. Many ISPs now seem to be redirecting failed DNS queries to search pages. It's sickening. It tends to break my customers VPNs and then when I call the ISP about the issue, I have to talk to someone in Bangalore that doesn't know what "DNS" stands for.)

sexonthebitch
VeriSign Broke The
Monday, December 05, 2005
the vatican and some noodles makes the emperor of russia a very horny boy

(Editor's note: Included because it's just plain odd...)

corbin
VeriSign Broke The Internet
Wednesday, October 15, 2003
hmmmmm. wondr who threatnd to sue......(shifty eyes).....
BEatonNo1
VeriSign Broke The Internet
Monday, October 06, 2003
Yeah they took it offline after being threatended to be sued
Epsilon!
VeriSign Broke The Internet
Friday, October 03, 2003
a nother pathetic attempt to advertise, what else. they wouldnt waste bandwidth if it was really only supposed to help people, which it isnt.
BEatonNo1
VeriSign Broke The Internet
Wednesday, October 01, 2003
Im shure that it won't take long before everyone forces them to return to the old method....
However, this sounds alot like MONOPOLY....maybe someone should bust em up
corbin
VeriSign Broke The Internet
Tuesday, September 30, 2003
yanow, that kind of shit just pisss me off. wat givs visign the right do do that? nothing. who askd thm . no one. someone please hack them and take that out plese!!!

Do you agree? Disagree? Feel free to leave a comment by filling out the form at the bottom of the page. All comments are sent to me for approval, so hostile and pointless comments will be discarded. I will not discard comments that disagree with me, and I will certainly not edit comments. The only reason I am screening them is to keep the goof-balls under control. Email addresses will be hidden. If you wish to remain anonymous, simply enter "anonymous" for both your email and name.

Name:
Email:
Subject:
Comments:
RECAPTCHA:
Type the words you see in the image into the box below. This helps prevent spam.

Privacy Policy

Back To Thoughts Page | Mail Me | Search