Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 09-26-2003, 10:24 AM   #1 (permalink)
Stop. Think. Question.
 
rubicon's Avatar
 
Location: Redondo Beach, CA
Does VeriSign's Site Finder hijack IE?

I have IE6 configured to use Yahoo as a search engine. If I type in a search term into the IE address bar it will give me Yahoo results.

When I type in a misspelled domain name, IE is now displaying a page from VeriSign saying there is "no web site at that address" with suggestions for the correct URL.

Why and how am I being redirected to VeriSign during the name resolution process? It's not configured in my IE. If I type in a completely non-existent domain name it'll just give me the IE error page.

The site I'm trying to reach isn't even hosted with VeriSign.

Any thoughts?
__________________
How you do anything is how you do everything.
rubicon is offline  
Old 09-26-2003, 11:42 AM   #2 (permalink)
Human
 
SecretMethod70's Avatar
 
Administrator
Location: Chicago
http://slashdot.org/article.pl?sid=0...tid=187&tid=95

Quote:
<a href="mailto:harald@paulsen.no">Harald Paulsen</a> writes "In a recent article <a href="http://www.cbronline.com/">Computer Business Review</a> uncovers how <a href="http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b">VeriSign Inc is testing a service</a> that would return a webpage if a user mistypes an URL. Basically all nonexistant domain queries could return an IP address and if the user was trying to access a page with a webbrowser they could get redirected to a search-engine, or worse: a page asking them to buy a domain. This is most certainly breaking the DNS standard and could be compared to cybersquatting (Hey Ford, want to have a banner ad whenever someone mistypes Toyota?). This is interesting in relation to <a href="http://slashdot.org/article.pl?sid=03/09/10/0142259&tid=123">an earlier story</a> about register.com and holding-pages."

Some other appropriate links:

http://slashdot.org/article.pl?sid=0...&tid=98&tid=99
http://slashdot.org/article.pl?sid=0...tid=126&tid=95
http://slashdot.org/article.pl?sid=0...&tid=95&tid=99
http://slashdot.org/article.pl?sid=0...&tid=95&tid=99
http://yro.slashdot.org/article.pl?s...tid=126&tid=95
http://slashdot.org/article.pl?sid=0...&tid=95&tid=99
http://yro.slashdot.org/article.pl?s...&tid=98&tid=99
__________________
Le temps détruit tout

"Musicians are the carriers and communicators of spirit in the most immediate sense." - Kurt Elling

Last edited by SecretMethod70; 09-26-2003 at 11:47 AM..
SecretMethod70 is offline  
Old 09-26-2003, 01:46 PM   #3 (permalink)
Crazy
 
Location: Vincennes, IN
I thought when I installed some software it changed some settings to do that.

Their "service" as they call it pretty annoying. And I hope that the $100 Million lawsuit against them will get them to remove that "service."

And thank you for the links SecretMethod70
__________________
Sorry, you can not add yourself to your own list.
Zello is offline  
Old 09-26-2003, 02:07 PM   #4 (permalink)
Human
 
SecretMethod70's Avatar
 
Administrator
Location: Chicago
hmmm...what the hell. I'm at school so I don't know what our ISP is, but I never used to get the sitefinder thing when I got 404 errors and now today I have started. Anyone know of a way to get rid of this or at least figure out why it JUST started with me?
__________________
Le temps détruit tout

"Musicians are the carriers and communicators of spirit in the most immediate sense." - Kurt Elling
SecretMethod70 is offline  
Old 09-26-2003, 03:04 PM   #5 (permalink)
Stop. Think. Question.
 
rubicon's Avatar
 
Location: Redondo Beach, CA
I read an article as well but didn't realize it was going to be so pervasive.

We're going to be bombarded everywhere by advertising! Man, I long for the old days...
__________________
How you do anything is how you do everything.
rubicon is offline  
Old 09-26-2003, 06:31 PM   #6 (permalink)
God-Hating Liberal
 
Location: Silicon Valley, CA
Yes, there is a way to circumvent site-finder. It requires that you run your own nameserver instead of using your ISP's.

Download the latest version of bind9 and install. Add this to your named.conf:

zone "com" { type delegation-only; };
zone "net" { type delegation-only; };

... If you do not have a UNIX machine on your network that can perform this function, I urge you to pressure your ISP to apply the wildcard-blocking patch to BIND. What VeriSign has done is irresponsible, greedy and damaging to the Internet community. It is only by applying pressure in the right places that we can make them reverse their decision. Don't wait for someone else to do it.
__________________
Nizzle
Nizzle is offline  
Old 09-27-2003, 01:36 AM   #7 (permalink)
Insane
 
Location: In a huge maze just trying to find my cheese
I hated this same problem. Istalled the new version of Tweak XP and found something lovely. They have a pop-up blocker and an ad-blocker that basically hides all third-party marketing on webpages. Not only is it nifty but it speeds up browsing...
Great Scott is offline  
Old 09-27-2003, 11:30 AM   #8 (permalink)
Stop. Think. Question.
 
rubicon's Avatar
 
Location: Redondo Beach, CA
Thanks for the suggestions about BIND - I'll check into it.
__________________
How you do anything is how you do everything.
rubicon is offline  
Old 09-28-2003, 06:32 AM   #9 (permalink)
Metal and Rock 4 Life
 
Destrox's Avatar
 
Location: Phoenix
the company i buy my domain name through is currently sueing verisign about this.

got a email like a week ago, luckily i've never been affected by thier evil ways yet.

PHP Code:
Dear Valued Go Daddy Customer,

Have you ever needed to ask for directions while you were driving
Let's say you stopped to ask a trusted authority, like a police officer.
You'
d expect that officer to be honestrightWouldn't you expect him or 
her to provide you a safe, direct route to where you needed to go? I sure would.

But what if that officer instead misdirected you to a shopping mall?
A shopping mall, it turns out, that actually paid the officer for every sale that resulted?

That would be an abuse of the police officer'
s authority
It would be capitalizing on your misfortune.

We believe that's what VeriSign is doing with its "Site Finder" marketing scheme. 
We believe that it is once again abusing the power to oversee all .com and .net domains 
it was granted by the U.S. government.

Go Daddy is now suing in federal court to stop them.

Here'
s how VeriSign's scheme can affect you: 
It will misdirect you from your intended destination and even mislead you about its status. 
If you type any .com or .net address into your browser that isn'
t already registered
VeriSign hijacks you — and sends you to an advertising page that they ownThis can occur 
even when you type in a site that is registered
but is not displaying temporarily.

Used to be, if you made a mistake in typing an address – which is the usual reason for not
finding a site – you would see either a 
"404" error page, or a help page that your browser 
would generate
Now thoughVeriSign has hijacked this entire process and puts up a paid-advertising 
page
the so-called Site Finder.

It will cost you moneyAdvertisers pay VeriSign to position links to their services 
that look similar to the misspelled address
. And that means you may well find your way 
to a competitor
rather than to your intended destinationSimply navigating on the Internet 
will be more frustrating 
and more expensive for consumersCompanies will be forced to purchase 
every imaginable misspelling of their names to prevent their customers from being hijacked 
by Site Finder
, and the cost will be passed on to youTo VeriSignof coursethese forced
domain registrations just mean more revenue
.

It will mean more spam headed for your inboxInternet Service Providers (ISPsacross 
the globe have committed valuable time 
and resources to developing systems that prevent 
spam from reaching your mailbox
One of the more successful methods checks to see whether 
the domain name of the inbound email resolves to an actual Web site
. If it doesn't, that
means the domain is fake, so your ISP doesn'
t let it throughNowthoughspammers can 
use any phony domains they wantbecause all fake domains will "resolve" to the Site Finder page!

We're asking a Federal judge to issue a preliminary injunction that will halt this. 
If you feel, as we do, that VeriSign is once again inappropriately capitalizing on its 
position of authority, we urge you to email VeriSign and ICANN and let them know 
Ignore the odd highlighting of words, i chosed to use PHP and not CODE, since they changed the way [ code ] looks , it takes up waaay much room. its also pretty hard to read.
__________________
You bore me.... next.

Last edited by Destrox; 09-28-2003 at 06:38 AM..
Destrox is offline  
 

Tags
finder, hijack, site, verisign


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 03:19 PM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76