ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] MY "ALTERNATE ROOT" EXPERIENCE


Dear Ken,
the real issue is the stability of the existing major TLDs, like .com etc 
and the new TLDs in front of the viruscom (tricks, softwares, etc.. making 
the DNS to react differently from what the user expects). We registered 
viruscom.org to set-up a site on his topic to warn users like you (but it 
seems we are bypassed by the speed of the problem).  Help and information - 
this is a very new story. 10 months the first hearsays - your help, your 
information would be welcome.

The viruscoms already known for sure :

1. the first viruscom is obviously ".biz" by Vint Cerf. Which will make DNS 
to react in strange ways. Codenamed 'bis.biz".

2. the second we had reported may be a hoax (but it would help the 
dissemination, so it could however be classed as a virscom). Name is 
porn.com: when you call any .com address you reach an adult site with 
compliments of the person who sended the plug in to you. Afetr 7 days you 
reach a porn copy of the icann site and your disk is erased. The 
dissemination trick is to look as a New.net commercial proposition so you 
send it to your friends first, then to your ennemies when you understood 
what it is. Beware! reports are that you cannot unistall it (it would 
install twice: one at the righ place, one at random and revive eratically 
at power up).

3. the third is a very simple variation of the New.net plugin you 
experienced. From reports on New.net use (there may be several releases as 
this has been documented by two users and denegated by a New.net 
consultant) if you make a typo or type a non a-root TLD you are lead to a 
New.net site by default. This is made in checking a list of all the a-root 
TLDs in the plugin. You may create a viruscom very easily with this: just 
take a byte editor and change "com" into "dom" in the list. The user will 
never access .com anymore. Simple and Neat.

4. variations on New.net plugin had been announced a long ago on various 
MLs. So hackers had a lot of time to think about them. But there was no fun 
yet until .biz and New.net. During the @large campaign it was even 
suggested that a pro ORSC virus has been devised to reroute the users calls 
to ORSC root. This has never been traced, but as ORSC (or Pacific or 
others) only includes TLDs excluded by the iCANN, peolpe do not know if 
they are using the legacy or an inclusive root. So, It is possible that 
many people resolve bis.biz on Leah's .biz if  (should the DoC appoved the 
.biz take away).

The virsucom issue is of real interest. It mostly results from the 
inability of windows users to init their own root and of the possibility 
left to change what the user typed in the browser window into something 
else. We suppose that now the fashion starts being on it hackers will 
enjoy. As it has been said, "iCANN taught us how to take away .biz, why not 
to hi-jack .com". You will not prevent this people to have a try and 
some"fun". The first media reports will create instability and therefore 
interest for hackers ... and commercial competition in various fields 
(anti-viruscoms, plugins, etc...) will play on that.

The only real way to fight this is to extend the DNS to the user machine. 
So the user controls exactly what he does and where it goes. The best 
example of this is MultiBind. The user selects the roots he wants to 
include and then protects the pipe between his browser and MultiBind. 
MultiBind is then a plugin. Until MicroSoft/Netscape/Opera corrects this 
and includes a value added builtin MultiBind. This way the user will have 
RSC shopping list and will chose which TLDs he wants to access (some may be 
on a paying basis like for TV) and will be updated on changes for the other 
softwares. RSC will turn into multi TLD information resellers. iCANN will 
end in running the select TLD "legacy shop", "established since 1998".

Thank you for rising the matter. Interesting. I suppose this should be 
resolved before the end of the year, otherwise we will have an e-economy 
collapse. Look at the dissemination of the last Word viruses and the way 
the media covered them. And ask yourself about the impact of a nasty 
viruscom making the kids to access porn or may be tax comptrollers to 
access your banking accounts (remember that Windows stores your passwords 
and that Trojan horses are all over). If it develops it will be no joke. 
Thanks to "bis.biz".

Jefsey

PS.
BTW the Browser builtin MultiBind will nicely solve the international DN 
issue. And save a lot of time to WIPO and to the NAS. Chinese will use it 
quick and distrbute Roots on CDs so the Govs knows what is in it for sure.

BTW MultiBind was supposed to ship today?



On 19:16 02/05/01, L Gallegos said:
>On 2 May 2001, at 8:33, Digitel - Ken Stubbs wrote:
> > thanks for the timely response leah...
> >
> > it only points to the crux of the issue which is "inconsistancy" & the 
> sense
> > of unstability created by "irresponsible" actions of entities like 
> "new.net"
> >
> > my guess is that problems like the ones i had will come home to roost in
> > seroius "customer service issues" with new.net's affiliates & channel
> > partners.
>
>I doubt it, Ken.  I think that what will happen is new.net will improve
>upon the "activation" method and may be compelled to provide a clear
>description of what will occur with the download.
> >
> > i am not a fan of this kind of "everyone doing it their own way" when it
> > results in confusion and lack of confidence in the "system" and problems
> > like i experienced today.
>
>I see no problem with having different methods of configuring your own
>PC.  You do it every time you download an upgrade to a browser or
>obtain a plug-in like the "acrobat reader."  There is no gurarantee that
>things will work without conflict or that "Real Player" will operate on
>your existing system properly.  It is a choice between that or several
>other "players."
>
> >
> > the net has grown because of user confidence  a "stabile, consistant, and
> > predictable" foundation and, although there may be more than "one way to
> > skin a cat" here, my personal feeling is that most users aren't that
> > enthusiastic about taking an "unsure" step like i just took and results 
> like
> > i just had will only make them that much the less enthusiastic
> >
>
>You are correct.  Many users will opt to not download soemthing about
>which they are unsure, which is why it is a good idea to provide
>descriptions of what will occur and an uninstall feature.
>
>Choice is good, Ken.  It is simply the method that needs refining.
>
>Leah
>
> > ken stubbs
> >
> > ----- Original Message -----
> > From: "L Gallegos" <jandl@jandl.com>
> > To: "General assembly list" <ga@dnso.org>; "Digitel - Ken Stubbs"
> > <kstubbs@digitel.net>
> > Cc: "names council" <council@dnso.org>
> > Sent: Wednesday, May 02, 2001 12:10 PM
> > Subject: Re: [ga] MY "ALTERNATE ROOT" EXPERIENCE
> >
> >
> > > The new.net "plug-in" has been known to cause problems and, IMO,
> > > should have an explanation rather than just an auto-download from a
> > > pop-up window.  It should also have an "uninstall" description clearly
> > > shown in the same window.
> > >
> > > Most of the roots do not use this method and to compare it to all of
> > > them is unfair.  Both The PacificRoot and ORSC root provide maunal
> > > instructions (about a one minute task and not very different from
> > > settings for DSL or cable or any ISP).  They also offer a small program
> > > to effect the settings.  Neither one attacks your browser settings or
> > > proxies.
> > >
> > > I have always felt that new.net should offer the same instructions wrt to
> > > the browser changes and do not like the misleading pop-up that simply
> > > says "activate your browser."
> > >
> > > There is a major difference between "enabling dns" and a browser plug-
> > > in.
> > >
> > > Leah
> > >
> > >
> > > On 2 May 2001, at 7:50, Digitel - Ken Stubbs wrote:
> > >
> > > > today i had a very unnerving experience  with an alternate root entity
> > which i want to share with you .......
> > > >
> > > > i was curious about this "new.net" phenomena and went to the 
> www.new.net
> > site and at the top of the main page there was a link which said to "click
> > here" to be able to allow my browser to see the new.net tlds.. i clicked
> > there and, unbeknown to me, a program was installed in my computer which
> > > created absolute havoc for my entire computer system.
> > > >
> > > >  i was TOTALLY unable to send or receive e-mail or view any regular
> > sites or use the net at all.!!
> > > >
> > > > i was not aware that this program was placed in my system and and my
> > ability to use the net was totally disabled for quite some period of time.
> > > >
> > > > i also have an intel "anypoint" wireless system in my home which was
> > totally disabled as well.
> > > >
> > > > fortunately for me, i was able to contact one of company's network
> > engineers and he was able to troubleshoot the problem in short order 
> and get
> > the "phantom program" removed and restore my system to regular working
> > order.
> > > >
> > > > the point i make is this:
> > > >
> > > > i am not a "tecchie" and after this little encounter with "new.net" 
> i am
> > VERY MUCH MORE SKEPTICAL about the "alternate root" experience.  if i can
> > get paralyzed this easy, then there are uncountable numbers of persons who
> > could end up experiencing the same "sinking" feeling of being "cut off "
> > > from the regular net as we know and use as i had.
> > > >
> > > > the sense of "instability" created by this "encounter" is to say the
> > least "nerve-wracking"  & frustrating
> > > >
> > > > as a result of this experience "new.net" has lost significant
> > creditablity in my eyes and the "al
> > > ternate root" experience has left a very sour taste in my mouth.
> > > >
> > > >
> > > > ken stubbs
> > > >
> > > >
> > > >
> > >
> > >
> >
> > --
> > This message was passed to you via the ga-full@dnso.org list.
> > Send mail to majordomo@dnso.org to unsubscribe
> > ("unsubscribe ga-full" in the body of the message).
> > Archives at http://www.dnso.org/archives.html
> >
>
>
>--
>This message was passed to you via the ga@dnso.org list.
>Send mail to majordomo@dnso.org to unsubscribe
>("unsubscribe ga" in the body of the message).
>Archives at http://www.dnso.org/archives.html

--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>