| |||||
|
Arts & Entertainment Books Comics Health & Body Media Mothers Who Think News People Politics2000  Technology- Free Software Project Travel & Food  Columnists
- - - - - - - - - - - -
- - - - - - - - - - - - View From the Top - - - - - - - - - - - - Also Today For a full list of today's Salon Technology stories, go to the
Technology home page. - - - - - - - - - - - - Search Salon - - - - - - - - - - - - Salon Columnists - - - - - - - - - - - - Recently in Salon Technology Books Technology: View from the top Silicon Follies Books Complete archives for Technology - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
Domain name dunces
- - - - - - - - - - - -
Sept. 21, 1999 |
The sad saga of Network Solutions, the company that administers most Internet domain names, should give pause to anyone who blindly embraces such truisms. Network Solutions is the Virginia firm that won a contract from the federal government in 1993, at the commercial Internet's infancy, to handle the registration of domain names in the ".com," ".net" and ".org" top-level domains. On the basis of that contract, Network Solutions built itself into a public corporation with a market capitalization of over $2 billion today. Never mind that the contract is set to be superseded by a new system of competing registrars that's now being developed by a nonprofit group charged with opening up the domain-name business. And never mind that in fulfilling its central administrative role for the entire Internet, Network Solutions grew into a bizarrely unresponsive Kafkaesque bureaucracy that to this day causes system administrators everywhere to cringe with horror and frustration each time they have to deal with it. Being a monopoly means never having to say you're sorry. Network Solutions now calls itself "the dot com people" and is trying to position itself as a provider of all kinds of Internet-related services to the millions of customers whose domain names it already assigns. Last week, though, in the course of aggressively promoting one of those services, Network Solutions committed a series of boneheaded errors that make you wonder whether it ought to be trusted with anything as essential as the care and feeding of the domain name system. Scott Rosenberg's column appears once a week in Technology Network Solutions seems to want to transform itself into some kind of portal for businesses online, and recently it decided to offer a new free "Dotcomnow" e-mail service to large numbers of its clients as part of a new program called "Dot Com Essentials." It sent off e-mail messages to these clients, informing them that they had a great new free e-mail account, already conveniently set up with their company's name. The problem was, these accounts also all had temporary passwords that were sent via unsecured e-mail and that were created according to a simple formula that virtually anyone could figure out. All you had to do to hijack someone's "Dotcomnow" mailbox was to get to it before they did, plug in the temporary password and then, having gained access to the account, change the password to something only you, the hijacker, knew. As I write this column on Monday, there's word of another, even more absurd security hole in the free e-mail services Network Solutions offers: A back-door URL published in 2600, the hacker journal, allows you to access all the e-mail for any free e-mail account on the Network Solutions system (shades of a similar recent problem at Microsoft's Hotmail service). Presumably by the time you read this the company will have blocked the hole. But before it did, 2600 gathered a selection of irate e-mails, sent by disgruntled customers to Network Solutions regarding its password snafu, that makes for amusing reading.
| ||||
 |
 |
 |
 |
||
Next page |