VeriSign changes prompt privacy warnings, anger

Privacy advocates are warning that recent changes to the .com and .net database of domain names by VeriSign Inc. could violate the privacy of millions of Internet users, inadvertently sending confidential e-mail content and Web surfing data to VeriSign's systems.

The concerns come after VeriSign introduced a new service last Monday to automatically direct users who type in a nonexistent Internet domain name to a company Web site,, which offers a choice of alternative Web addresses.

Almost immediately the service provoked angry responses from Internet users who charged that VeriSign was abusing its stewardship of the .com and .net domains to boost company profits.

The new service also prompted a lawsuit. Filed by Popular Enterprises LLC of Orlando, operator of the Site Finder competitor, the suit charges VeriSign with antitrust violations for using its control of the .com and .net domains to squeeze out competitors.

Now one company is warning that the service may be turning over a wealth of potentially useful information and sensitive personal data to VeriSign.

In particular, e-mail messages sent to addresses at nonexistent Internet domains will be delivered to VeriSign's Site Finder servers instead, according to Lance Cottrell, president and founder of Anonymizer Inc. of San Diego, a provider of anonymous Web surfing and online privacy protection products.

In the past, those messages would not have left the systems of the user's ISP (Internet service provider) before being marked as undeliverable and returned to the user. VeriSign could potentially harvest these messages and their contents, Cottrell said.

Internet users should also be concerned about VeriSign collecting information about surfing patterns from requests for domains they were trying to reach, he said. Such information could provide a wealth of free market research to Herndon, Virginia-based VeriSign, Cottrell said.

Such accusations are "fiction," according to Brian O'Shaughnessy, a VeriSign spokesman.

"We do not log, and do not have any plans to log, any data sent to Site Finder," he said

The new service is a valuable tool that will improve the Internet experience of the users behind more than 20 million mistyped domain requests each day, O'Shaughnessy said.

"Enhancing the user experience is the reason we're in this business. We, like many technology companies, are looking at the best way of using technology to make the user's experience online a fulfilling one," he said.

But the service has raised other questions and problems as well, according to Cottrell.

Some spam filters that use DNS (Domain Name System) requests to verify whether the return address on spam was valid were affected by the new VeriSign service, he said. Rather than being rejected by the .com and .net DNS servers, such requests are now sent to Site Finder, he said.

In addition, Site Finder does not filter incorrect domains for attack code, making the site vulnerable to cross-site scripting attacks, which could be used to hijack the Site Finder site and the VeriSign name for attacks on other Internet users, Cottrell said.

"It's a concentration of information that was previously very dispersed and that makes (Site Finder) a high value target for hackers," he said.

VeriSign acknowledged that the Site Finder service did affect some spam filters. However, the company is having a "robust conversation" with those companies and individuals to find ways around the problem, O'Shaughnessy said.

VeriSign could not immediately comment on accusations that the Site Finder site is vulnerable to cross-site scripting attacks.

Asked whether VeriSign had anticipated these problems and the backlash against Site Finder, O'Shaughnessy said that the company tested the new service thoroughly before deploying it, but that the complex nature of the Internet makes it difficult to predict all of the possible issues that might arise.

As for accusations that VeriSign abused its role as a manager of the Internet infrastructure in launching Site Finder, the company said that it is only acting in the best interest of Internet users.

"The facts are that millions of people are using the service now and getting to what they need quicker," O'Shaughnessy said.

The managers of other top-level domains, including the .biz domain are considering similar services, he said. Besides, companies are free to modify their DNS servers to do whatever they want, including ignore the Site Finder service, O'Shaughnessy said.

That's just what Anonymizer has done on the DNS server it operates, Cottrell said.

Requests that are returned from the .com and .net root servers with the Site Finder address are re-translated into "Domain does not exist" messages for the user, he said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Paul Roberts

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?