ArticlesChris over at Things I’ve Seen reports an interesting development.
A typo in my very own blogroll linked to a non-existent domain. Some nasty person created a domain to match the broken link, and put a site there which intermittently advertises porn and other times offers a more standard/less prurient domain-squatting search page. Needless to say, I strongly recommend the corrected link to girtby.net rather than this dodgy domain.
I pondered how it came to be that the nasty person decided that this was a good domain name to use.
From least likely to most likely, here are my suggestions:
- They used an random eight character string.
- They say girtby.net and guessed what common typos would be.
I consider this unlikely, because I tried other variations, including the far more likely replacing .net with .com, without finding any other domains.
- They collected data from DNS lookups (either from one of the top-level domains, one of the intermediate domains, or just from traffic passing through), and found this to be a common error.
I consider this unlikely, because I doubt that many people have clicked on the (unannotated) blogroll link. OddThinking doesn’t get that much traffic… yet.
- They crawled the web, and found OddThinking with an anchor tag to a non-existent domain.
Cool! OddThinking is big enough to be targeted by nasty people! I’m doing something right!
Could that last method truly be the technique that they used? I’ve got an idea for an experiment to find out.
Imagine if every page of your web-site had a link to a static, gibberish, non-existent domain. Suppose it was in, say, blue-on-blue so no-one would notice it, except a crawling bot.
If the gibberish domain was to suddenly be registered by a squatter page, that’d be good evidence.
(It doesn’t prove it though – perhaps they sniffed the DNS lookups when bots like Google tried to follow the link?)
If it was the case that it was detected by crawlers, the next thing to do would be to create a WordPress plugin that did this automatically, changing the broken link as soon as the domain is created. I am sure domain squatters get their domains cheaply, but it can’t be free. If a few web-sites did this (especially in a co-ordinated manner), would it achieve an effective Denial of Service on domain squatters?
Comment by Aristotle Pagaltzis on December 18, 2005
I don’t see how it could be more than a drop in the bucket. And no, not even the drop that makes the bucket overflow.
Comment by Alastair on December 18, 2005
Domain squatters are not the problem they once were. I remember hearing Phill Torrone from Make magazine saying that when they were choosing the title for their publication, they looked and found that the obvious domain was already taken. However they were savvy enough to realize that it was more important to have a #1 Google rating than to have the domain name, and so that’s what they went after (mainly through aggressive online involvement of the online techy community).
Anyway I’m sure the domain squatters know this and their tactics are changing to continue to chase the Google search rankings. We can all be thankful to Google that the spammers do not seem to be winning, despite the advent of comment spam, splogs, and other nonsense.
Nevertheless I await the results of your experiment with interest…
Comment by Casey on December 19, 2005
Here’s how I’d do it: Take a list of every domain name (you have GOT one, haven’t you?). Take a list of the rate of traffic to each site (OK, I admit, this is harder to get hold of. I don’t have one, by the way). Then work out which currently available domain names would generate the most typo-traffic. So, no offense to Alastair, taking htomail.com would be more profitable than gritby.net.
Hang on a second… typos, lists of names… this is sounding very familiar 🙂
Of course, if you had a copy of the web-graph, you could always just look for the most common non-existant domain name.
Comment by Alastair on December 21, 2005
Here’s how they’re doing it. Very interesting.
Comment by Julian on March 5, 2006
Casey,
Here’s my rather belated response:
Nice link to the Name Game! I like the idea of trying to get a domain name that would cover many mis-spelled domains.
I agree this the approach you describe is a sensible one, if you can find some usage statistics, and if the goal is to beat people mistyping links into the address bar. Alastair’s article describes exactly this approach being used.
However, I don’t think that is being done in this instance because none of the other, more likely typos have been taken e.g. girtby.com
I think this nasty person has tried to find pre-existing typos, and then registered the domain to match. I haven’t been able to prove this, because, two-and-a-half months after setting up the bait (as described above), no-one has nibbled, by registering the gibberish domain.
Comment by Julian on March 5, 2006
Aristotle,
I was planning on producing a formula to justify this:
On one side would be the plug-in set-up costs, extra bandwidth costs (web-server and web-client), delay costs, etc. The time-based costs would be multiplied by how long before a gibberish domain gets registered. The set-up costs would be divided by how many gibberish domains you expect to get registered in the lifetime of your web-site.
On the other side would be an estimate of how much it costs for a nasty person to register a gibberish domain – probably something like $US5-10.
The result would be a question like “Are you willing to spend 1.3 cents in order to cost a nasty person $5?”.
Even if it doesn’t wipe them the bad guys out, I am betting a number of Internet protectors-of-justice would take up such an offer, purely for the sense of vengeance.
Unfortunately, with my honeypot still untouched after 2.5 months, the cost for the web-owner will probably be too great to be worthwhile.