digg

Facebook Connect Join Digg About

Goggle.com? Gross. What should OpenDNS do?

blog.opendns.com Should OpenDNS replace goggle.com a malware source and a domain typosquatter with the correct google.com host? They want our opinions, what are your thoughts?

Who dugg this? Made popular Aug 5, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

123 Comments

show profanity settings
expand all
  • inactive, on 10/12/2007, -1/+79I'd suggest a "did you mean"-type list with an explanation, like what google does for typos. Simply because I wouldn't want my domain name effectively erased from the internet if some large company registers something similar.
  • szelij, on 10/12/2007, -9/+44It's a steep slope. I'd rather OpenDNS be neutral rather than redirect. As much as i hate spammers and spyware vendors, i value neutrality more.
  • davidu, on 10/12/2007, -5/+34What if you didn't want google.com and were just looking for goggles?

    It's not cut and dry. Which is why it'd be a feature, of course.

    -david
  • Chordonblue, on 10/12/2007, -2/+29I think the 'right thing' in this case is to track the MF's down who run 'goggle.com' and beat the hell out of them.

    Barring that, can techies massively sue them for all the time and heartache they've caused us?

    I'm sorry if this offends, but man I've love to see some ass kicking go down on these bastards and others like them...
  • link470, on 10/12/2007, -2/+27Even if I were lookin for goggles, I'd still go to google;)
  • Ebeniz, on 10/12/2007, -3/+27I don't think this would work out... I agree with the above digger with the "did you mean..." page

    Imagine if this was implemented 2 years ago? Digg.com would be redirected to disney's site Dig.com and all this wouldn't exist....
  • OrangeTide, on 10/12/2007, -6/+28Isn't the point of OpenDNS to let people setup and protect themselves from malware, phising and garbage sites? The defaults should be locked down tight, like OpenBSD's defaults. Peel back the settings yourself if you want to do something "advanced" like visit a malware site.
  • doxx, on 10/12/2007, -4/+26If I were just looking for goggles then I would not be using OpenDNS and I should be checked for insanity.
  • rickolus, on 10/12/2007, -6/+25"It's a steep slope. I'd rather OpenDNS be neutral rather than redirect. As much as i hate spammers and spyware vendors, i value neutrality more."

    If a site is deemed to have malicious intent, like spyware, then screw the neutrality. It's not like they gave ME a choice to infect my computer with their crap. I say block the site. And work on getting them some jail time while your at it. Spyware and pop-ups make me want to vomit blood.
  • eclectro, on 10/12/2007, -2/+19^^goggle is a dictionary word and not necessarily a typo. If people were to lose their domain name for drive-by downloading this problem would clean right up. But then that would also mean that Icann grew a spine, and we know that can't ever happen.
  • synaesthesia, on 10/12/2007, -2/+16If I had goggle.com i'd be goatseing the whole world. Then again, these days i'd probably end up in a federal penitentiary for that
  • doxx, on 10/12/2007, -4/+16You obviously do not get the point, you are entrusting OpenDNS to remove _BAD_ sites so you can reach the sites you want to with confidence. They are not replacing sites like goggle.com to make money, they are replacing it because it protects consumers from the scum that run sites like goggle.com.
  • Chordonblue, on 10/12/2007, -0/+11But even if you WERE looking for goggles, THAT site certainly isn't going to show you any!
  • xaxa, on 10/12/2007, -4/+15No! Keep every domain as it should be, if they redirect malware sites, they'll follow with redirecting spam sites, hacker sites, porn sites "to save the children", communist sites.

    This kind of thing should be client-side, it's not the responsibility of DNS to secure your computer from malware. Fix your computer.
  • ElectroBot, on 10/12/2007, -0/+10The the new owners can ask OpenDNS to review the new site and be removed from the redirect if they aren't a malware/spyware site anymore.
  • trogdoor, on 10/12/2007, -1/+10Please everyone that doesn't know what openDNS is read http://en.wikipedia.org/wiki/Opendns before commenting.
  • Urusai, on 10/12/2007, -3/+11Using DNS to block malware sites is stupid. Solve the problem either at the browser level, or better yet by fixing the system that allows cybersquatting in the first place. The current system is as stupid as letting people go around with badges saying "New York Pollice Department" and letting them shoot and arrest people who are too dumb to realize they aren't the real police.
  • PoptartKing, on 10/12/2007, -1/+9Somewhat revelant is that OpenDNS is a service whose main selling point is correcting spelling mistakes and isn't attached to an ISP (and thus isn't foisting itself onto users).
  • KCorax, on 10/12/2007, -3/+11Riiight, give an obscure authority the power to change the way we browse. I say take your paws off the domain name system on the whole.
  • PoptartKing, on 10/12/2007, -1/+8I'm pretty sure he was implying that his computer isn't virus-ridden, not that he is godly.
  • hackershandbook, on 10/12/2007, -2/+8My preference would be a page that said “you have entered a URL that … .. did you mean to type www.google.com (or whatever)?"

    Be be warned that is and is a source of malware and a typosquatter and may cause your computer harm.

    Click here to continue to or to continue to the real site.

    In my mind covert blocking without informing the consumer is nothing more than misdirection and censorship - no matter how well intentioned - and the consumer should always be given the choice of continuing to the site they have chosen - if they want to

    no site should be blocked because of content - no matter how repugnant we find it ourselves - that way lies net-censorship and your favourite site might be next!
  • Mr.Scientist, on 10/12/2007, -0/+6If OpenDNS is a service that helps its users avoid badware, then yes, of course you should remove typosquatter domains.

    If OpenDNS wants to be an alternative DNS provider, then you should never ever deliver a response that is different from what a standard resolver would get from the authoritative servers.

    I guess you're the former, so go ahead and block them, but I'll never use such a "service". Like practically all free blocking services it's bound to use its users as leverage at some point in the future. And what the hell is Open about OpenDNS?
  • doxx, on 10/12/2007, -5/+10Screw goggle, I want google! If I am using OpenDNS knowing they are going to fix hosts on a typo, then what's the harm other than taking money away from the jerks that do malware and typosquatting?

    I don't want any typosquattinig hosts, go for it OpenDNS!
  • fufubag, on 10/12/2007, -1/+6Is this Mr. Nissan?
  • blapierre, on 10/12/2007, -2/+6@Ellada7
    Good thing you aren't master of the universe
  • TKDWILSON, on 10/12/2007, -1/+5"""It's not like they gave ME a choice to infect my computer with their crap."''""

    Actually, they do. You click the OK to install their software. The ONLY person to blame is you.

    Eric Wilson
  • sTiVo, on 10/12/2007, -0/+4But it COULD sell you goggles if the next guy that registers or buys the domain does that kind of thing. It's great dictionary-word domain for selling, say, eyeware. We have to find a way to screw this guy into giving up and encourage legit business to take over.

    I'd like to see an Adblock/Fliterset type of extenstion in FF for DNS
  • davidu, on 10/12/2007, -2/+6She runs Windows but I don't. :-)

    Please note the "pimpzilla" Firefox theme in a corporate screenshot as well.

    -david
  • sakabako, on 10/12/2007, -0/+3then don't use OpenDNS.

    I set it up in my apartment to protect non-tech roommates from continuing to get attacked, if you don't want the protection then use any other DNS server.
  • AICkieran, on 10/12/2007, -0/+3@Chordonblue, Here ya go, Have fun!

    Domain Name: GOGGLE.COM
    Knowledge Associates
    PMB # 308 94 Gardiners Avenue
    Levittown, NY 11756-3753
    US
  • ahac, on 10/12/2007, -1/+4So what if they sell Goggle.com to someone who then tries makes a serious site?
  • davidu, on 10/12/2007, -4/+7Yeah Shepard,

    If goggles.com was a real site that'd be totally different. It's a malware site praying on google users who make typos. That's just straight lame. For the same reason they have a right to exist I have a right to let users choose if they don't want to see that crap.

    I don't feel like fixing my sister's computer all the time, so she won't see it. :-)

    -david
  • Shananra, on 10/12/2007, -0/+3OpenDNS does not blindly redirect for typos, it only redirects if one of the following apply:

    A) The domain that you enter is not properly formatted, but it seems obvious what you were getting at.

    B) The website you are visiting is "unsafe"

    If the website simply cannot be found, then instead of redirecting, you get search results. You only need to worry about your site being bypassed if it is deemed "unsafe"
  • orsino23, on 10/12/2007, -4/+7Many years ago I owned a computer store whose name (and later URL) so it turned out was one letter different than another store in another country. My store was established in 1985 (when the WWW was a distant dream) and the store in the other country was established in 1982. Today would I have to be called a cybersquatter or ripoff artist? Would I have to have to have my domain name taken away? I could easily pass a polygraph that I had no knowledge in 1985 that the other store even existed, let alone that I would ten years later be in a situation where I would have a similar URL (who the heck knew what a URL was back then?).

    Yes, I agree that obvious cybersquatters should be squashed but there is a huge gray area. The basic problem is the way the WWW was set up to start with. It's way too late now to change it, but it should have been set up without the now-useless suffixes (and the prefix www while we're at it). I'm sure that in the pioneer days when it was believed that the Internet would be a largely educational and academic network it made sense to split up .com and .org and .gov and the national suffixes but today with everything overrunning everything else, those suffixes are nothing more than a pain. How many trillions of keystrokes have been wasted typing www. and .com?

    With the gift of 20/20 hindsight, I would have instructed Mr. Berners-Lee (or is that Mr. Gore? hehehe) to set up the web in this fashion: http://YOURDOMAIN. First come first serve. Any domain name can be challenged by anyone but only ONE challenge per domain. Upon challenge, domain name owner must present registration documentation to support claim to name. This documentation is retained by whatever central database. If anyone can prove with documentation that they have PRIOR registration then the domain falls to them. This would work very well with the huge companies like ford, nike, levis, etc. After all it would be pretty difficult for Joe Schmo to prove that he registered the Ford name before Henry Ford. Smaller companies would have to joust for the name. They would be free to change it around if they wanted. If I wanted to call my company forrd, then anyone stupid enough to put an extra r in the middle of a carmaker's title would end up at my site. Tough beans. If you don't realize you've misspelled ford then you're likely a menace on the roads and shouldn't be allowed to drive anyway! :) Individual name domains would be strictly first come first serve if there was no commercial registration. Therefore, the first John Smith to register johnsmith would be it. The next one could go with jsmith or john-smith or whatever. The internet is a free enterprise community thus if I wanted to buy johnsmith, I could deal directly with the owner and negotiate whatever terms were mutually acceptable.

    But I guess it's far too late now!!!
  • tylerni7, on 10/12/2007, -0/+3Huh I dunno if anyone else will find this odd, but there was an external link to an article on OpenDNS from Digg in that Wikipedia article, interesting...
  • bennyboy371, on 10/12/2007, -1/+4You had a legitimate site, I'm sure. Thats no problem. The problem here is the fact that goggle.com is not set up as legitimate. Some people strangely dispute this. Then why aren't they legitimately selling Goggles at goggle.com? They're sitting on a domain that resembles a massive site, and is a simple typo away from spreading spyware to people that type two g's instead of two o's. Why is blocking them a problem for some people? There is NO grey area as to knowing what type of site this is. I've been believing they should've done this to others a long time ago. Why have spyware and spam grown so huge? Because no one does anything about it. I think its damn time to start undoing some damage.
  • ElectroBot, on 10/12/2007, -0/+3Yes, you're right that it is easier to program viruses for Linux than it is for Windows or Mac OS X. BUT, good luck spreading that virus.

    BTW Yes I know there are Linux viruses, but barely anyone catches them because Linux was designed more towards security. And as of the posting of this comment there still isn't a single virus for Mac OS X. The 2 "viruses" (for Mac OS X) a couple months back were actually Trojans that you had to GIVE them admin access to activate. In Windows the OS does that by itself.
  • BIGmog, on 10/12/2007, -1/+3If your fingers are fat, just edit your local hosts file for goggle.com to point to google's IP.
  • noGoodNamesLeft, on 10/12/2007, -1/+3If you'd bothered to read the article, you'd have realised that the guy had been talking about his tech-ignorant sister's computer. Maybe she deserved to have that happen for being a n00b?
  • bennyboy371, on 10/12/2007, -1/+3I use Windows and I went to it, caught it immediately. I've never had a virus on this system. Closest I've had was 3 annoying cookies at one time, which were gone within an hour.
  • CoolWind, on 10/12/2007, -0/+2How about using this Hosts file (Yes, it includes goggle.com) - http://www.mvps.org/winhelp2002/hosts.htm
    "Now includes most major parasites, hijackers and unwanted Search Engines! Proudly now the #1 rated HOSTS file on the Internet! Now regularly featured on the Kim Komando Radio Show"

  • ginjointjukebox, on 10/12/2007, -0/+2Ha ha. I love the Pimpzilla.
  • PrayerNeeder, on 10/12/2007, -0/+2If Open DNS blindly redirects for typos, then what's to stop it from blindly redirecting for politically sensitive sites?
  • inactive, on 10/12/2007, -2/+4Either redirect to Google, or direct to a place where you can buy goggles.
  • portwojc, on 10/12/2007, -0/+2If you don't like what OpenDNS is doing then don't use them. You can set you're own DNS server individually last I checked so this question isn't really needed.
  • japface, on 10/12/2007, -3/+5meh, the girl on the site is hot. keep it up says I.
  • DirtyCash, on 10/12/2007, -1/+3I agree completely, don't start coming up with things to filter anything i do. If I type 'goggle' instead of 'google' then i accept my punishment. It's called life I don't need anyone to live it for me, let it be an option not the default.
  • BrokenBeta, on 10/12/2007, -0/+2I don't understand people who say that "goggle.com" isn't typosquatting. It blatantly is. The fact that it happens to make another word has nothing to do with it. The site has nothing to do with goggles. It's just there to catch people's typos and fill their machines with adware.
  • rusty0101, on 10/12/2007, -0/+2The problem with redirecting to a page saying 'you have entered "goggle.com", did you mean "google.com"?' is that you have to build the infrastructure in such a way that the result of 'no, I really ment goggle.com' results in a link that has to be resolved again through opendns, which you have to program around.

    That may be OK for one or two users, but if OpenDNS starts getting really popular, how do you deal with thousands of lookups and followups. Likewise that may be OK for web browsers, but there are other protocols being used every day, most of which do need a dns lookup as well. Should your OpenDNS server be expected to have a check function for every protocol? I would think that would create a lot more overhead than it is worth.

    If the intent of the service is to protect users from malware, and they believe that a mallware distributor is typosquating, then I think they should send back a does not resolve message.

    The reason for that is that the domain name you entered is going to be included in the request to the web server. If the web server does not recognize the name, it should be sending back an error message.
  • Ikioi, on 10/12/2007, -0/+2@Urusai

    I have to disagree. I block at the DNS because A) it's easy by modifying your hosts file in Windows (or equivilant in Linux), and B) it costs them money. To exploit typos like this, the sites are not just paying for permanent hosting but for a domain name as well. Unlike temporary sites that send spam or virii, squatters have to do exactly that... squat. Blocking a URL is far more effective than blocking an IP alone. An IP can be changed easier than a pair of underwear. Changing a domain requires money as well as an IP. Block an IP, and you could block all of the scammers domains. Block the domain, and you could block the scammer on any IP.

    What you are saying is similar to telling an administrator that blocking a break in attempt should be done by increasing your password size to make it harder, but not to block their IP. While they should fix the other problems, not utilizing every resource available, like DNS and IPs, doesn't make practical sense.
  • Fetching more discussions...
    Show 51 - 100 of 121 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.