This weblog is no longer being maintained. All information here has been ported to EclecticEchoes.com. This site (heupel.com/eclectic) remains only for archival purposes.
Go ISC! They have released a patch to circumvent Verisign’s attempt to hijack domain name typo’s. For those not big on the underpinnings of the net, ISC is an organization that writes and maintains several key pieces of open source software that make the net work. In this case the relevant piece of software is BIND which most ISP’s and the root nameservices use to translate www.heupel.com into the numerical IP notation that computers, routers etc. can understand. Verisign recently introduced a service to “assist” when you type in a domain wrong in the .com or .net TLD’s. On the surface it’s not a bad thing, but there are two problems with it–first it promotes paid placement suggestions to the top of any possible suggestions, and second is it completely negates one of the main techniques for fighting spam. One easy way to identify spam as such is to check whether the domain it claims to originate from is a genuine active domain. This is an inexpensive (computationally) and quick check as a first line of spam defense. Unfortunately because of the new Verisign service, any checks against a .com or .net domain will now return as valid. In response to the second issue ISC felt it must release an emergency patch.