|
The Internet Web sites, web development, email, chat, bandwidth, the net and society |
|
Thread Tools | Display Modes |
09-25-2003, 02:33 PM | #1 |
Your Bartender
Join Date: Jan 2002
Location: Philly Burbs, PA
Posts: 7,651
|
Verisign redirection and Internet Explorer
I just had a thought. (Scary. Maybe I'm going to succumb to the temptation and start a blog. )
Most of you reading this probably have heard about Verisign redirecting non-existent domain names. If not, you can read up. My thought was, How is this different from Internet Explorer taking you to the MSN search page when you can't reach whatever web page you were trying for? How is it NOT different? |
09-25-2003, 02:50 PM | #2 |
dripping with ignorance
Join Date: Oct 2002
Location: Grand Forks ND
Posts: 642
|
Becuase it's not your browser doing the redirecting it's another company. Yeah it's ridiculous that Microsoft puts that in it's browers but at least you have a choice to use a different brower. Now it makes no difference what browers I use I automaticly go to Verisign's site. Of course that's only half the problem with this, it also creates other havoc in the Internet, but I don't understand that enough to talk about it.
__________________
After the seventh beer I generally try and stay away from the keyboard, I apologize for what happens when I fail. |
09-25-2003, 03:10 PM | #3 |
Your Bartender
Join Date: Jan 2002
Location: Philly Burbs, PA
Posts: 7,651
|
Yeah, but really. That's fine for you and me and a lot of the other folks here. But let's face it, for an overwhelming number of people on the Internet, telling them to install a new browser would be akin to asking me to replace the radiator on my car. Technically you're right, but for all practical purposes they have a captive audience that's very large.
|
09-25-2003, 03:30 PM | #4 |
dripping with ignorance
Join Date: Oct 2002
Location: Grand Forks ND
Posts: 642
|
So in reality all Verisign is doing is taking away the numerous hits Microsoft gets on it's search page every day from mistyped URL's. So that's actually a good thing IMHO. Except for the other issues it causes, which are not good things.
__________________
After the seventh beer I generally try and stay away from the keyboard, I apologize for what happens when I fail. |
09-25-2003, 04:08 PM | #5 |
The future is unwritten
Join Date: Oct 2002
Posts: 71,105
|
If you mistype your URL request in Google, you'll still get there.
__________________
The descent of man ~ Nixon, Friedman, Reagan, Trump. |
09-25-2003, 04:34 PM | #6 |
Radical Centrist
Join Date: Jan 2001
Location: Cottage of Prussia
Posts: 31,423
|
The problem with it is that it breaks the BIND protocol, which is more "infrastructure" than HTTP (which MS breaks). HTTP is only the web, BIND is the whole friggin' net and they do not get to break it on a whim in order to gain a business advantage.
|
09-25-2003, 05:19 PM | #7 |
a real smartass
Join Date: Dec 2001
Location: Kirkland, WA
Posts: 1,121
|
Well, Microsoft's IE error redirection has always pissed me off, too.
Especially when I type in "foo.org" and it sends me to the MSN search engine, asking me if I want to go to "www.foo.org". |
09-25-2003, 11:19 PM | #8 |
no one of consequence
Join Date: Jun 2001
Location: Arkansas
Posts: 2,839
|
I can't seem to get this to happen. When I mistype a url in Mozilla I get a 404 error. What exactly must I do to get this effect?
|
09-26-2003, 06:34 AM | #9 |
Radical Centrist
Join Date: Jan 2001
Location: Cottage of Prussia
Posts: 31,423
|
You won't yet; Verisign has been blocked from doing it by the organization that oversees such things, but the concern is that this organization is just a mouthpiece for people like Verisign and will let up anyway.
|
09-26-2003, 12:04 PM | #10 |
I am meaty
Join Date: Dec 2001
Location: Salt Lake City, UT
Posts: 1,119
|
Some peoples' concerns are security related. For instance, say a user tries to use a username and password to log into a fictional bank's website, but they mistype the URL (or maybe the URL is created improperly by a CGI or somethiing):
https://www.fictonalbank.com?user=someuser&password=trustno1 ...this non-existent domain would take them to Verisign's redirect page on their webserver, and consequently their server logs would contain the username and password to access that bank account, as well as a domain name that is easily correctable for a human. These logs aren't so hard to get to on some servers. A similar problem is if you mistype someone's domain in their e-mail address... the e-mail will go to Verisign. Some people don't like that. Even if Verisgn sends a "Mail could not be delivered" notice, are they deleting the e-mails? Saving the return addresses for SPAM lists? Who knows? These are only two examples, there are others. Personally, I think it's Bad Idea for them to break the way the Internet is supposed to work. It's important for web browsers, e-mail apps, ftp software, and custom apps to know when they have not reached a real domain, so they can take corrective action. Verisign's change makes that job much harder, and in some cases impossible.
__________________
Hot Pastrami! |
09-26-2003, 12:33 PM | #11 |
Your Bartender
Join Date: Jan 2002
Location: Philly Burbs, PA
Posts: 7,651
|
The security concerns are real. Don't get me wrong, we ought to all give Verisign the smackdown on this. (And by the way, it's possible that this is not even a violation of the contract under which they operate the root servers. Just because nobody imagined the put it in the contract that they can't do it.) But it just occured to me that to the average end user, there's not a lot of difference between the Verisign results and the Microsoft results when you type something in wrong. (I'll leave any comments to the effect that comparing a practice to something Microsoft does is hardly a ringing endorsement as an exercise for the class.)
It will be interesting to see how long the ISC delegation workarounds take to filter around. |
09-28-2003, 08:54 AM | #12 | |
hot
Join Date: Mar 2002
Location: Jeffersonville, IN (near Louisville)
Posts: 892
|
Quote:
If you're getting a 404 error, you're typing a non-existent page on a valid domain, which isn't the same thing. Try this: http://www.asdfinsavlinasdv.com/ And it hasn't been blocked yet, UT, at least not for me. I know BIND is planning on releasing a patch to block it, but AFAIK it hasn't yet. |
|
10-03-2003, 01:50 PM | #13 |
hot
Join Date: Mar 2002
Location: Jeffersonville, IN (near Louisville)
Posts: 892
|
Update: ICANN has issued Verisign an ultimatum: discontinue SiteFinder, or be sued.
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|