Politech mailing list archives

Previous By Date Next
Previous By Thread Next

Reply to column on VeriSign: Don't ask for government intervention

From: Declan McCullagh <declan () well com>
Date: Wed, 24 Sep 2003 16:58:47 -0400
[I suspect Henrik is right about the lethargy of governments and the desirability of caution and forbearance. But it is incorrect to say that it's just a "commercial message" that's at issue here. The Internet is more than port 80. Verisign's move has caused a lot of problems for non-web services (like email) that expect the Net to act a certain way, which is what much of the fuss is about. --Declan] 

---

Date: Wed, 24 Sep 2003 22:48:23 +0200
To: Declan McCullagh <declan () well com>
From: Henrik Nilsson <henrik.nilsson () mac com>
Subject: Re: [Politech] Michael Geist's column on VeriSign's domain name
 redirection
Cc: domains () blipp com
As someone who has worked the last 6 years covering public interest issues regarding Internet services (Swedish Ministry of Communications, Telecom regulatory agency incl advisor to Swedish government on ICANN, Competition/Anti-trust Authority) let me say that, much as I respect prof Geist, he is talking up his posterior. It will take something more drastic than being redirected to a commercial message for a national government to intercede at short notice and with various legal issues outstanding. Much as I personally find Verisign's action objectional, let me state that Internet governance (and most other governance) proceeds under the law, with due process, and with all deliberate speed. Exitable elements of the Internet community may wish for more direct action - more thoughtful individuals may prefer governments to procede with caution. 

Yours, etc

Henrik Nilsson
Stockholm, Sweden

---

Date: Tue, 23 Sep 2003 11:12:06 -0400
From: Carey Lening <clening () piercelaw edu>
To: Declan McCullagh <declan () well com>
Subject: The latest stupidity from Verisign.

Seen this?

http://www.theregister.co.uk/content/6/32933.html
Apparently Verisign wasn't content with just sending out false mail registrations to non-Verisign folks. They have to resort to yet another questionable act -- in defiance of ICANN. 

So how long does this contract run ? ;)
(Politech still rocks, even after all these years, and my random changing email addresses.) 

Carey Lening

---

Date: Mon, 22 Sep 2003 15:24:35 -0700
To: declan () well com
From: Malcolm Hoar <malch () malch com>
Subject: Latest word from VeriSign re wilcards

Declan:

This is outrageous:

"All indications are that users, important members of the
internet community we all serve, are benefiting from the
improved web navigation offered by Site Finder."

http://www.icann.org/correspondence/lewis-to-twomey-21sep03.htm


--
|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
| Malcolm Hoar           "The more I practice, the luckier I get". |
| malch () malch com                                     Gary Player. |
| http://www.malch.com/               Shpx gur PQN.                |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


---

Subject: OMG, this is horrible!
Date: Thu, 18 Sep 2003 14:58:37 -0700
Message-ID: <0C5792DFC53F764F9CC9312C8F15F5F41632D8 () e2k ultrabac com>
From: "Paul Bunn" <Paul () UltraBac com>
To: "Declan McCullagh (E-mail)" <declan () well com>

What an abuse of their power of controlling the root name servers!
Mis-type a URL, get a VeriSign spam. It's like they're cybersquatting the entire internet name space. 
http://www.petitiononline.com/icanndns/petition.html

---


From: "Richard M. Smith" <rms () computerbytesman com>
To: "Declan McCullagh" <declan () well com>
Subject: VeriSign hires Omniture to snoop on typos
Date: Wed, 17 Sep 2003 11:19:39 -0400

Hi,

Here's another interesting angle on the Verisign Site Finder Web site.
VeriSign has hired a company called Omniture to snoop on people who make
domain name typos.  I found this Omniture Web bug on a VeriSign Site
Finder Web page:

http://verisignwildcard.112.2o7.net/b/ss/verisignwildcard/1/G.2-Verisign
-S/s03509671784255?[AQB]&ndh=1&t=17/8/2003%2010%3A39%3A28%203%20240&page
Name=Landing%20Page&ch=landing&server=US%20East&c1=www.elinkprocess.com/
html/minibank_1000.html&c2=www.elinkprocess.com/html/minibank_1000.html%
20%2803/00%29&c12=Yes&c13=03&c14=No&c15=00&c16=Yes&c17=15&c22=NOT%20SET&
g=http%3A//sitefinder.verisign.com/lpc%3Furl%3Dwww.elinkprocess.com/html
/minibank_1000.html%26host%3Dwww.elinkprocess.com&r=http%3A//www.google.
com/search%3Fas_q%3Dmini-bank%2B1000%26num%3D100%26hl%3Den%26ie%3DUTF-8%
26oe%3DUTF-8%26btnG%3DGoogle%2BSearch%26as_epq%3D%26as_oq%3D%26as_eq%3D%
26lr%3D%26as_ft%3Di%26as_filetype%3D%26as_qdr%3Dall%26as_occt%3Dany%26as
_dt%3Di%26as_sitesearch%3D%26safe%3Dimages&s=1024x768&c=32&j=1.3&v=Y&k=Y
&bw=1024&bh=538&ct=lan&hp=N&[AQE]

The query string of the URL contains the usual things such as the Web
page URL, the referring URL, browser type, screen size, etc.  This query
string is built on the fly by about 50 lines of JavaScript embedded in
the Verisign Web page.

The Omniture server sets a cookie so that people can be watched over
time to see what typos they are making.

Here's a bit more about the Omniture snooping service:

   http://www.omniture.com/announcement.html

Note to Omniture:  Yes, I was using Google to research security issues
with the Mini-Bank 1000 ATM, but my interests are purely academic. ;-)

Richard M. Smith
http://www.ComputerBytesMan.com
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)
Previous By Date Next
Previous By Thread Next

Current thread: