Yet another stupid idea

Yet another stupid idea http://www.ideaspace.net/users/wkearney/archives/entries/000491.html It seems Network Solutions, part of Verisign, has added what's known as a wildcard A record to the root DNS servers. For the non-geeks out there this means they've added a hack that damages how web sites are found. wkearney 2003-09-30T08:27:43-05:00 http://www.ideaspace.net/users/wkearney/archives/entries/000491.html en-us Geek It seems Network Solutions, part of Verisign, has added what's known as a wildcard A record to the root DNS servers. For the non-geeks out there this means they've added a hack that damages how web sites are found. 2003-09-30T08:27:43-05:00 It seems Network Solutions, part of Verisign, has added what's known as a wildcard A record to the root DNS servers.

For the non-geeks out there this means they've added a hack that confuses how web sites are found.

]]> It seems Network Solutions, part of Verisign, has added what's known as a wildcard A record to the root DNS servers. For the non-geeks out there this means they've added a hack that damages how web sites are found. Before this hack when you tried loading a web page with the wrong URL it would fail with the familiar 404 page. Now it resolves to Versign's advertisement page.

Why is this bad you say?

Think of it this way, let's say you try sending a fax and accidentally dial the wrong number. If there's no fax machine at that number your machine will beep and/or print an error. This way you'll know right away the fax didn't go through. You can double-check the number and try again. It'd be a real disaster if the phone company started redirecting your faxes to a special wrong-number fax machine, wouldn't it? Your fax machine would think the fax went through! To the wrong number, but you wouldn't see an error. If your machine is smart enough and you're dilligent enough you might check the tranmission receipt. Yeah right.

Before if you tried using the wrong URL you'd get an error. Now if you try the wrong URL you get a Versign advertising page.

From a geek perspective this has even worse complications. But it's one that affects mere mortals as well. By putting up this wildcard answer-anything address they're making it easier for spammers to fill your inbox with junk mail and viruses!

Before Versign made this hack your mail software could be configured to check if the person sending you mail was actually coming from a real network domain. More often than not spammers send mail that's incapable of receiving replies. They'd forge the outgoing address to a non-existant domain. Your mail server could do a quick lookup and if the domain was bogus they could immediately block the mail as junk. Now that Verisign has screwed things up you'll be getting more spam. Idiots.

This is yet another example of marketing idiots run amok with technology. Instead of asking if what they're doing will cause problems they just go ahead and do it. All for the sake of peddling some advertising junk.

For more on this read: nsi horror stories, All your *.COM./*.NET. are belong to us and IAB's response.

What this boils down to is Versign is abusing one of the most important aspects of the Internet. They've deliberately broken what was an otherwise important and valuable part of the Internet. They've done this for no other reason that to spam you with advertising. This is wrong and it must be returned to it's previous state.

]]> 491 490 492 wkearney Bill Kearney wkearney@ideaspace.net wkearney Bill Kearney