From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_00B9_01C6A76C.5E7CEDB0
Content-Type: text/plain;
        charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable

   Hasn't this been tried before?  It's an interesting way to sell =
keywords that are not valid DNS names as described in the article.  I =
don't buy why it is more acceptable for them to do this than for =
verisign.

Rich

  "John Beamish"  wrote in message =
news:op.tco0u5zvm6tn4t{at}dellblack.wlfdle.phub.net.cable.rogers.com...
  OK ... I really don't know if this guy has something or not but =
thought =20
  you people might be interested.

  http://www.wired.com/news/technology/0,71345-0.html?tw=3Dwn_index_1


  By Ryan Singel| Also by this reporter
  02:00 AM Jul, 10, 2006

  Few netizens think about the internet's domain name system: the =20
  architecture that invisibly translates a browser's request for, say, =20
  wikipedia.org into the numeric IP address where the site is hosted.

  But a new startup is hoping to make DNS into a household word and =
usher in =20
  an age where smarter DNS service is offered competitively, like e-mail =
=20
  service or spam filtering today.

  The OpenDNS system, which will open its servers to the public Monday,  =

  wants to be a more user-friendly name resolution service than those =20
  provided by ISPs, with technology to keep fraudulent sites out of its  =

  listings, correct some typos and help browsers look up web pages =
faster.

  Setting up an internet connection to use OpenDNS is about as difficult =
as =20
  setting up a POP3 e-mail account, and more advanced users can tinker =
with =20
  their router settings to make the change across a small network.

  In return, sites like the notoriously sluggish MySpace.com load =20
  significantly faster, thanks to the way OpenDNS caches IP addresses. =
Users =20
  who type "wordpres.sorg" or "craigslist.or" into
their browser's =
address =20
  field are automatically routed to the correct address, instead of =
getting =20
  a 404 error page.

  Those who click on a link in a phishing e-mail that attempts to take =
them =20
  to a fake site and con them into entering their credit card number =
won't =20
  even make it to the website, if OpenDNS knows about it.

  OpenDNS can identify the sites both from monitoring abnormal DNS =
behavior =20
  and from relationships with services like Spamhaus that track online =20
  fraudsters.

  "In short, it's a safer and faster DNS service," says OpenDNS CEO =
David =20
  Ulevitch, who already runs a DNS company called EveryDNS that lets =20
  websites list their home address for free.

  But the long answer to the question of why he started the service is =
far =20
  more interesting.

  Ulevitch's seven-person startup is an attempt to revolutionize a layer =
of =20
  the internet's architecture in order to clean its underbelly of =
scammers =20
  and spammers.

  While working at EveryDNS, Ulevitch and his team started clearing out  =

  listings for fake PayPal sites and IP addresses controlling botnets of =
=20
  compromised computers. They grew frustrated with the knowledge that =
were =20
  only cleaning up their small section of the internet.

  "The problems we are trying to solve, such as phishing and malware, =
these =20
  are social DNS problems, not technical," Ulevitch says. "Recursive DNS =
=20
  servers are the root of the problem. None of these attacks work =
without =20
  DNS. We set out to create a DNS server and DNS service that provides =20
  intelligence and transparency into the way recursive DNS service =
works."

  The startup hopes to make money when users type in a nonexistent =
domain =20
  name, such as schwinnbicyclepumps.com.

  Currently, web surfers simple get an error message when they attempt =
to =20
  navigate to an unused domain. OpenDNS users will instead be routed to =
a =20
  company server that will present a list of search engine results and =
paid =20
  advertisements.

  The web-interception service currently lacks ads and isn't very useful =
-- =20
  it doesn't break up "schwinnbicyclepumps.com," for example, into =
discrete =20
  words -- but the company plans to fix these details once it has a user =
=20
  base.

  The tactic could be controversial, as it is reminiscent of VeriSign's =
Site =20
  Finder project, which it unilaterally launched in September 2003.

  VeriSign, which controls the .com and .net top-level domains through a =
=20
  contract with the U.S. government, began directing users who mistyped  =

  domains names to its own servers, where it presented paid search =
results. =20
  The move outraged the technical community and eventually led to an =
ICANN =20
  commission report (PDF) condemning the practice and an unsuccessful =20
  VeriSign lawsuit against ICANN.

  But OpenDNS' approach is very different from VeriSign's, according to =
DNS =20
  expert Allison Mankin, an independent consultant who helped write the =
Site =20
  Finder report and works with the Internet Engineering Task Force.

  "The important difference is this is your DNS service provider and not =
the =20
  provider of the support infrastructure of top-level domains," Mankin =
says.

  But to avoid problems, the service should strive for transparency, =
says =20
  Mankin. "It would be good to have an audit trail or log, so a user =
could =20
  look up and see why the service has refused to provide resolution."

  Mankin's sentiments are echoed by Rick Wesson, who runs a company =
called =20
  Support Intelligence that sells data on bad actors to OpenDNS. =
Wesson's =20
  service on the ICANN board with Mankin got him named as a defendant in =
two =20
  lawsuits filed by Verisign.

  "One of big things with Site Finder is that they did it for some 60 =20
  million domains," Wesson says. "I don't know how long it will take for =
=20
  OpenDNS do that. OpenDNS is actually able to provide some defense for  =

  people who use their service, and I have not seen anyone use DNS like =
a =20
  firewall. But the internet and the market can decide if they are doing =
a =20
  good thing."

  OpenDNS may also face legal challenges if the company's paid search =20
  results show up on unassigned domain names that match other companies' =
=20
  registered trademarks. Google has been hit with a number of such suits =
=20
  over its AdWords program. A lawsuit filed by Geico, an insurance =
company, =20
  was dismissed in 2004; another suit filed by home-decorating firm =
American =20
  Blind is ongoing.

  Current beta testers, pulled from the EveryDNS.net, are also begging =20
  OpenDNS to redirect clear typos, such as "wikepedia.org" (instead of =20
  "wikipedia.org"), away from typo-squatters who set up pages with =20
  advertising to cash-in on errant keystrokes, something Ulevitch seems =
game =20
  to implement.
------=_NextPart_000_00B9_01C6A76C.5E7CEDB0
Content-Type: text/html;
        charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable








   Hasn't
this been tried =
before? =20
It's an interesting way to sell keywords that are not valid DNS names as =

described in the article.  I don't buy why it is more acceptable =
for them=20
to do this than for verisign.
 
Rich
 

  "John Beamish" <JLBeamish{at}rogers.com>">mailto:JLBeamish{at}rogers.com">JLBeamish{at}rogers.com>
=
wrote in=20
  message news:op.tco0u5zvm6tn4t{at}dellblack.wlfdle.phub.net.cable.rogers.com..=
.OK=20
  ... I really don't know if this guy has something or not but =
thought =20
  you people might be interested.http://www.wired.com/news/technology/0,71345-0.html?tw=3Dwn_index=
_1">http://www.wired.com/news/technology/0,71345-0.html?tw=3Dwn_index_1=
A>By=20
  Ryan Singel| Also by this reporter02:00 AM Jul, 10, =
2006Few=20
  netizens think about the internet's domain name system: the =20
  architecture that invisibly translates a browser's request for, =
say, =20
  wikipedia.org into the numeric IP address where the site is=20
  hosted.But a new startup is hoping to make DNS into a =
household word=20
  and usher in  an age where smarter DNS service is offered=20
  competitively, like e-mail  service or spam filtering=20
  today.The OpenDNS system, which will open its servers to the =
public=20
  Monday,  wants to be a more user-friendly name resolution =
service=20
  than those  provided by ISPs, with technology to keep =
fraudulent=20
  sites out of its  listings, correct some typos and help =
browsers look=20
  up web pages faster.Setting up an internet connection to use =
OpenDNS=20
  is about as difficult as  setting up a POP3 e-mail account, =
and more=20
  advanced users can tinker with  their router settings to make =
the=20
  change across a small network.In return, sites like the =
notoriously=20
  sluggish MySpace.com load  significantly faster, thanks to =
the way=20
  OpenDNS caches IP addresses. Users  who type
"wordpres.sorg" =
or=20
  "craigslist.or" into their browser's address 
field are =
automatically=20
  routed to the correct address, instead of getting  a 404 =
error=20
  page.Those who click on a link in a phishing e-mail that =
attempts to=20
  take them  to a fake site and con them into entering their =
credit=20
  card number won't  even make it to the website, if OpenDNS =
knows=20
  about it.OpenDNS can identify the sites both from monitoring =
abnormal=20
  DNS behavior  and from relationships with services like =
Spamhaus that=20
  track online  fraudsters."In
short, it's a safer and =
faster=20
  DNS service," says OpenDNS CEO David  Ulevitch,
who already =
runs a=20
  DNS company called EveryDNS that lets  websites list their =
home=20
  address for free.But the long answer to the question
of why he =
started=20
  the service is far  more
interesting.Ulevitch's =
seven-person=20
  startup is an attempt to revolutionize a layer of  the =
internet's=20
  architecture in order to clean its underbelly of scammers  =
and=20
  spammers.While working at EveryDNS, Ulevitch and his team =
started=20
  clearing out  listings for fake PayPal sites and IP addresses =

  controlling botnets of  compromised computers. They grew =
frustrated=20
  with the knowledge that were  only cleaning up their small =
section of=20
  the internet."The problems we are trying to
solve, such as =
phishing=20
  and malware, these  are social DNS problems, not
technical," =
Ulevitch=20
  says. "Recursive DNS  servers are the root of the
problem. =
None of=20
  these attacks work without  DNS. We set out to create a DNS =
server=20
  and DNS service that provides  intelligence and transparency =
into the=20
  way recursive DNS service works."The startup
hopes to make =
money when=20
  users type in a nonexistent domain  name, such as=20
  schwinnbicyclepumps.com.Currently, web surfers simple get an =
error=20
  message when they attempt to  navigate to an unused domain. =
OpenDNS=20
  users will instead be routed to a  company server that will =
present a=20
  list of search engine results and paid  =
advertisements.The=20
  web-interception service currently lacks ads and isn't very useful =
-- =20
  it doesn't break up "schwinnbicyclepumps.com," for
example, into=20
  discrete  words -- but the company plans to fix these details =
once it=20
  has a user  base.The tactic could
be controversial, =
as it is=20
  reminiscent of VeriSign's Site  Finder project, which it =
unilaterally=20
  launched in September 2003.VeriSign, which controls the .com =
and .net=20
  top-level domains through a  contract with the U.S. =
government, began=20
  directing users who mistyped  domains names to its own =
servers, where=20
  it presented paid search results.  The move outraged the =
technical=20
  community and eventually led to an ICANN  commission report =
(PDF)=20
  condemning the practice and an unsuccessful  VeriSign lawsuit =
against=20
  ICANN.But OpenDNS' approach is very different from
VeriSign's, =

  according to DNS  expert Allison Mankin, an independent =
consultant=20
  who helped write the Site  Finder report and works with the =
Internet=20
  Engineering Task Force."The important difference
is this is =
your DNS=20
  service provider and not the  provider of the support =
infrastructure=20
  of top-level domains," Mankin says.But to avoid
problems, the =
service=20
  should strive for transparency, says  Mankin. "It
would be =
good to=20
  have an audit trail or log, so a user could  look up and see =
why the=20
  service has refused to provide
resolution."Mankin's sentiments =
are=20
  echoed by Rick Wesson, who runs a company called  Support=20
  Intelligence that sells data on bad actors to OpenDNS. Wesson's =20
  service on the ICANN board with Mankin got him named as a =
defendant in=20
  two  lawsuits filed by
Verisign."One of big things =
with Site=20
  Finder is that they did it for some 60  million domains," =
Wesson=20
  says. "I don't know how long it will take for  OpenDNS do =
that.=20
  OpenDNS is actually able to provide some defense for  people =
who use=20
  their service, and I have not seen anyone use DNS like a  =
firewall.=20
  But the internet and the market can decide if they are doing a  =
good=20
  thing."OpenDNS may also face legal challenges if
the company's =
paid=20
  search  results show up on unassigned domain names that match =
other=20
  companies'  registered trademarks. Google has been hit with a =
number=20
  of such suits  over its AdWords program. A lawsuit filed by =
Geico, an=20
  insurance company,  was dismissed in 2004; another suit filed =
by=20
  home-decorating firm American  Blind is =
ongoing.Current beta=20
  testers, pulled from the EveryDNS.net, are also begging  =
OpenDNS to=20
  redirect clear typos, such as "wikepedia.org" (instead of =20
  "wikipedia.org"), away from typo-squatters who set up pages =
with =20
  advertising to cash-in on errant keystrokes, something Ulevitch =
seems=20
  game  to implement.

------=_NextPart_000_00B9_01C6A76C.5E7CEDB0--

--- BBBS/NT v4.01 Flag-5