In order to protect its customers (actually, potential
customers) from domain frontrunning and tasting, Network Solutions is
using domain front-running and tasting. Its excuses ring
As we reported earlier, Network Solutions has taken the extraordinary step of registering domains as you search for them
The company acknowledged what is obvious to anyone testing the process
and states that it is doing it in order to protect users from abuse by
Network Solutions has responded to criticism with some changes to the domain
"protection" program. Click
here to read more.
It's an extraordinary affair, as it brings together a number of
controversies that have been brewing in the domain name business for
some time. I first reported on what I called "Whois Hijacking" about 18 months ago
Now it's called "front-running," but we don't know much more about it.
Somehow malfeasants are able to find out about domain name lookups as
users make them and register them themselves.
I did some testing of this and was able to demonstrate it. Even
though it's not a widespread phenomenon, the ICANN SSAC (Security and
Stability Advisory Committee) revealed a study it is doing on the problem
back in October.
Now, to prevent the bad guys from front-running your domain after
you search for it on networksolutions.com, NetSol beats them to the
punch and registers it. At that point you can buy it from Network
Solutions for one year at the low, low rate of $34.99.
If you'd like to buy it from another registrar with lower prices,
the set of which includes just about everyone else in the industry,
you'll have to wait four days. If no suckers have turned up to buy it
from NetSol, it'll release the domain.
What's up with this four-day wait? That has to do with another
abusive practice that Network Solutions is protecting us from by
employing it: domain tasting. Funny it should come up; just yesterday I wrote a column about developments in ICANN's study of domain tasting
which is an abuse of the "Add Grace Period." After a domain is
registered, ICANN rules state that the registrant can "undo" the
registration with a full refund of fees from the registry, ICANN, and
anyone else involved. The point is simply to allow mistakes to be
What's that you say? You've never seen this option from your
registrar when you registered a domain? That's because registrars don't
let normal, honest customers use it. It's only available to people
scamming the system, with the collusion of a registrar.
In fact, there are cases of registrants with large enough portfolios
that they save money by creating their own registrar. This opens up all
sorts of potential abuses. The examples I saw 18 months ago were such a
case, as the registrant (Chesterton Holdings
) and the registrar (NameKing
) appear to be owned by the same people. But I digress.
Domain tasting is a big, big deal. According to the ICANN report I
discussed yesterday, the majority of new domain registrations are for
tasting purposes. What do they do with these domains? They throw up a
template page with links and ads and mucho keywords designed to get the
best search engine response they can, as if anyone is actually
searching for that page. The owner makes money off these links and ads;
this is called "monetizing" the domain.
Now obviously Network Solutions is tasting the domain, but it says it isn't. Read this CircleID post
to see Network Solutions' response on this matter. It claims that it's
not monetizing the domains, and therefore it's not tasting.
I would argue that it doesn't have to monetize the domains in order
to be tasting, and that in any event it is monetizing because every
"protected" domain has Network Solutions links and materials on it,
offering the opportunity to register it to anyone-not just the person
who searched for it.
This is the central, glaring hypocrisy in the company's
explanations: The domain isn't protected for the person who did the
searching. Only Network Solutions is protected.
On the subject of where Network Solutions went wrong, this editorial in Domain Name Wire
makes a lot of other good points, although it is far too generous to
the company's motivations. It points out that there's no notice; you
don't find out that Network Solutions has reserved the domain until
after it has done it.
It also points out that by collecting all these searches in a place where they can be publicly searched (see this page
for 20,000 domains registered in this way by Network Solutions), it is actually creating a tasting menu for the bad guys.
There's an interesting quote from Network Solutions' statement: "...Front Runners purchase search data from Internet Service Providers and/or registries and then taste those names.
Really, do they? There has been some speculation about this, including
from me, but I'm not aware of any hard evidence that ISPs or registries
are selling data to domain tasters. I'll have to ask them about it. Of
course, I don't have any better answer for how front-runners get their
I'm sure it has lots of happy customers, but when I think of Network Solutions, the first thing I think of is its history of abusing its customers' trust
This is not the first time the company has moved aggressively, taking
advantage of an apparent legal vacuum. The fact that it now claims to
be acting in its customers' best interests just makes it more
It's a shame that problems like domain tasting and front-running
take years to fix. In the meantime honest people get ripped off and the
networks get overloaded, and people who add no productive value to the
system get rich. I'm not surprised at which side Network Solutions
chose to sign up with.
Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.