Comment - uk controls internet security- The Inquirer

Comments

customers who searched for _____ also might like _________

How are they getting through the security of the true hosts to the existing sub and similar-sounding domains, just because another ISP lists them as alternate options that 'you may also be interested in'?

If you're a domain jacker you'd already know how to get lists of similar names that are free, and find out unused sub domain names.

It makes it sound like they found a way to get the ISP listing the sites to host (or redirect to) jacked versions of them? In that case, only the ISP doing the listing is insecure, not the actual real sites.

But then if you mistyped a real site, and were taken to a page of alt options to it, you might actually then notice you'd mistyped it. Would you really go visit the alt options, and continue to not notice none of them were the site you were originally after.

Unused domains, is a different story. Using those isn't threatening any security directly.

Or is this more about users being directed to visit dodgy sites - which again, isn't a threat to internet security directly (anymore than visiting any other dodgy site is).

posted by : zupakomputer, 21 April 2008 Complain about this comment

Barefruit is one of the bigger internet Evils

I think we all agree, that we don't wan't to see addsites when we accidently mistyped a url. In most cases they don't offer right what you search for but what they want to sell to you. I sometimes loose some seconds of my onlineexperience because i took some of these sites for real websites and did not realize my mistake. I like Error messages more.

Well, they cannot send you to a Spamsite when the domain you typed isn't even registered. Its only possible when the domains are explicitely registered or if soem subdomains are not used. In both cases the Owner of the correct domain can do something against if. He could either warn the provider who registered the mispelling or sue him. And with every domain he has he should use a dnstag with widlcards, that lets every subdomain translate to his mainsite. If he cannot control the dns tags via a domainrobot, he can call his Provider to do so.
Every Owner of a website should do so to prevent exploitation of unused subdomains by the provider.

posted by : David Burkhardt, 21 April 2008 Complain about this comment

Chinese Whispers

What a brilliant piece of reporting Nick!

posted by : bowen, 21 April 2008 Complain about this comment

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Java Developer (Java and .

Are you a Java Developer wi...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review