Interesting People mailing list archives
Elapsed time from hijack to fix -- under 48 hours!
From: Dave Farber <dave () farber net>
Date: Thu, 18 Sep 2003 05:38:55 -0400
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Wed, 17 Sep 2003 23:31:51 -0400 From: David Harmon <dmh () tiac net> Subject: Elapsed time from hijack to fix -- under 48 hours! To: dave () farber net >Date: Sun, 14 Sep 2003 22:31:56 -0400 >To: undisclosed-recipient:; >From: Monty Solomon <monty () roscom com> >Subject: Profits in Missed Exits on Information Highway [followed by the official announcement...]Subject: [Asrg] Verisign: All Your Misspelling Are Belong To Us Date: Tue, 16 Sep 2003 03:10:52 +0200 From: Brad Knowles <brad.knowles () skynet be>[he's forwarding...]Date: Mon, 15 Sep 2003 19:24:29 -0400 From: Matt Larson <mlarson () verisign com> Subject: Change to .com/.net behavior Today VeriSign is adding a wildcard A record to the .com and .net zones. The wildcard record in the .net zone was activated from 10:45AM EDT to 13:30PM EDT. The wildcard record in the .com zone is being added now. We have prepared a white paper describing VeriSign's[But then...]Date: Wed, 17 Sep 2003 15:58:01 +0200 From: "Remco B. Brink" <remco () rc6 org> Subject: Evil VeriSign, patch included...The Internet Software Consortium, a nonprofit that publishes BIND, the software that runs many of the Net's domain name servers, has just released an emergencypatch [2] to block VeriSign's new Site Finder service.It seems Verisign forgot that they don't actually rule the Internet! Even given the short notice, it took an independent organization, without government sponsorship (?) less than 48 hours to release a change which will (eventually) kill this uber-typosquatting stunt. This reminds me of the time back in the late 80s, when Unisys tried to make some money from having inherited a patent for an algorithm usedin GIF image files, which had become popular. Within 48 hours (again) someone had released a modified version of the GIF standard, which avoided the patent. They also provided viewers for the new standard, and utilities for rapid conversion of "legacy" files. Unisys backed down *very* fast!As a final shot, let me point out that Verisign's trick doesn't affect any existing typosquatters, such as those porn sites that try to put your browser into bondage. So, mistype an address today, get SiteFinder. Mistype the same address differently (or later, after a new batch of registrations), and get a sticky porn site. Hmmm....Dave Harmon
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Elapsed time from hijack to fix -- under 48 hours! Dave Farber (Sep 18)