DIE VERI$IGN DIE DIE DIE

[rone]

Please visit:
http://fuckverisignintheear.net/
http://verisigncaneatshitanddie.net/
http://moltenleadenemaforverisign.net/

See Slashdot for more details.

Comments

[gallifreyan.livejournal.com]

I think the lingerie lobby is sponsoring this effort. I've never seen so many panties in a knot at one time before.

oh my GOD

[dr-memory.livejournal.com]

I am sitting here with steam leaking out my ears. I am gibbering with rage. If it weren't 2:20am, I'd be screaming at the top of my lungs.

Here's the BEST part:

It's not just a web server.

There's also an MX record. That points to a mail server. That answers and speaks SMTP.

For now, it merely accepts the MAIL FROM and RCPT TO commands, and gives a 550 error to the latter. Wonder how many of the addresses given in the former will receive sales email from Verisign in the near future?

And of course, I'm sure that the Department of Homeland Security would have no interest whatsoever in an email server that gets nearly every single last mis-typed email in the world...

Re: oh my GOD

[lusercop.livejournal.com]

There is no MX record, just a port 25 listener on 64.94.110.11. And the script is just that, a script. It doesn't "accept MAIL FROM and RCPT TO", it just assumes that that is what you're doing and gives the appropriate response for that point in the dialogue.

You will be no doubt pleased to know that there are various patches for the nameservers to treat a positive response of 64.94.110.11 as an NXDOMAIN - got to be a good thing. I also updated my exim configuration to add the above address to the ignore_target_hosts setting, which means that it still treats it as unroutable.

If you're in the UK, this link (http://www.hinterlands.org/ver/txt/) may well be of interest, and there may be some equivalent for you US bods. (the nice thing about it being 0800 is that it costs them money for you to deal with it. (Unfortunately, I doubt that +44800 would work :-( ).

And of course, as if that weren't enough there's also the OpenSSH hole of the day. Oh well, at least that means that Theo's claim is going to have to move from "one" to "two".

Re: oh my GOD

[vardissakheli.livejournal.com]

This seems to be bogging down My Big Imployer's nameservers as badly as the past month's virus attacks. I've forwarded the /. and NYT articles to some of my network support contacts now.

from a network guy in France

[vardissakheli.livejournal.com]

I found this link in a newsgroup: http://www.imperialviolet.org/dnsfix.html (http://www.imperialviolet.org/dnsfix.html)

Anyway, there is a "Stop Verisign DNS Abuse" petition available at:
http://www.petitiononline.com/icanndns/ (http://www.petitiononline.com/icanndns/)

Don't know if anybody is applying these patches here, but at least the word is out.

[lots42.livejournal.com]

They are going to get in SOOO much trouble for this.

Someone is going to try to go to Disney.com or Microsoft.com and make a typo and then sue Verizon for trademark infringement.

Hell, if I didn't know better I'd assume Verizon was trying to commit financial suicide.

[ravieslave.livejournal.com]

Conversely, there are the websites one hits incorrectly and one is subsequently bombarded with "VERISIGN IS A BAD COMPANY!", which is a non-plus to one's psyche when one has the speakers perpetually on "WAKE THY NEIGHBORS!" By the way, I found you while aimlessly searching interests on LiveJournal and found John Paul Jones listed as one of yours. Neil Gaiman and Kristin Hersh also don't hurt. Also, 'prosaic prestidigitation' is genius.

[ronebofh.livejournal.com]

Aw, shucks. I'm just trying to tart up the English language a little bit, that's all.