Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

New Nominet drop catching flaw revealed?

Discussion in 'Drop catching Domain Names' started by davedevelopment, Jul 30, 2020.

  1. davedevelopment

    davedevelopment Well-Known Member

    Joined:
    May 2009
    Posts:
    1,307
    Likes Received:
    86
    Not sure how I feel about using it. Someone mentioned nominet saying that anyone exploiting it would be contravening the AUP, but perhaps if that were the case, nominet should have announced something for all to see.
     
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
    IWA Meetup
     
  3. KarlM United Kingdom

    KarlM Well-Known Member

    Joined:
    Oct 2009
    Posts:
    2,428
    Likes Received:
    76
    What a shambles. probably leaving it so they have more justification for there cash cow auctions.
     
    • Agree Agree x 7
  4. bluerock United Kingdom

    bluerock Well-Known Member

    Joined:
    Jan 2005
    Posts:
    12,381
    Likes Received:
    137
    If I went to McDonalds and ordered regular fries and they gave me large fries I'd keep them :D
     
    • Funny Funny x 4
    • Like Like x 2
    • Agree Agree x 1
  5. Lovekraft United Kingdom

    Lovekraft Well-Known Member

    Joined:
    Mar 2010
    Posts:
    1,742
    Likes Received:
    102
    complete farce, does anyone know how long it has been around for? convenient timing indeed for a certain consultation.

    This is basic stuff, how can they not have this fixed already if it's been reported?
     
    • Agree Agree x 2
  6. Nominet.
     
    • Funny Funny x 4
  7. Here comes a horrendous few weeks of the big multi taggers hoovering everything up.
     
    • Agree Agree x 3
    • Like Like x 1
  8. Lovekraft United Kingdom

    Lovekraft Well-Known Member

    Joined:
    Mar 2010
    Posts:
    1,742
    Likes Received:
    102
    The difference is if Mcdonalds give you big fries by mistake it's not breaking any rules, it was just a mistake.
     
    Last edited: Jul 31, 2020
  9. super-whois

    super-whois Active Member

    Joined:
    Oct 2008
    Posts:
    347
    Likes Received:
    86
    Indeed, it's like going back to the counter and claiming you didn't get any fries, i.e. FRAUD.
     
  10. lazarus

    lazarus Super Moderator Staff Member

    Joined:
    Feb 2013
    Posts:
    1,485
    Likes Received:
    409
    • Funny Funny x 3
    • Agree Agree x 1
    Last edited: Jul 31, 2020
  11. Nigel

    Nigel Well-Known Member

    Joined:
    May 2005
    Posts:
    4,752
    Likes Received:
    120
    • Like Like x 1
    • Funny Funny x 1
  12. super-whois

    super-whois Active Member

    Joined:
    Oct 2008
    Posts:
    347
    Likes Received:
    86
    I remember seeing some odd behaviour on the usage command about a year ago, but I didn't investigate it at the time, so it's possible it has been a problem for some time.

    An interesting follow up:
    https://www.greywing.uk/the-blog/new-catching-flaw-part-2

    So was the old caching flaw still available on the Time Delay DAC, and doubling your quote helped in using this?
     
    • Informative Informative x 1
  13. Nigel

    Nigel Well-Known Member

    Joined:
    May 2005
    Posts:
    4,752
    Likes Received:
    120
    worrying to think that Nominet have been entrusted with helping provide the UK's national cyber security defence yet can't fix a simple flaw:

    'Nominet was brought in by the UK Government to deliver a vital part of the National Cyber Security Centre's Active Cyber Defence programme, Protective DNS. That expertise is now being deployed around the world as governments seek to protect their networks.'

    https://www.nominet.uk/cyber-security/
     
    • Funny Funny x 6
    • Like Like x 1
    • Winner Winner x 1
  14. domainseller200 United Kingdom

    domainseller200 Well-Known Member

    Joined:
    Jun 2007
    Posts:
    3,279
    Likes Received:
    138
    It always amazes me when anyone actually thinks that Nominet give a shit about anything at all coming from domainers...
     
    • Agree Agree x 2
  15. I agree, all the complaining in the world has made no difference in the 8/9 odd years I've been involved with Nominet.
     
    • Like Like x 1
  16. webber

    webber Active Member

    Joined:
    Sep 2019
    Posts:
    766
    Likes Received:
    235
    I have seen something similar in Jan/Feb
    I used my quota in half a day, then my server kept trying to reset the DAC connection and after some attempts I got a fresh new quota for some reason. The IP stayed the same. Don't know what happened, I couldn't replicated.
     
    • Informative Informative x 1
  17. BG United Kingdom

    BG Well-Known Member

    Joined:
    Sep 2004
    Posts:
    1,193
    Likes Received:
    134
    [​IMG]
     
    • Funny Funny x 1
  18. Ben Thomas

    Ben Thomas Well-Known Member

    Joined:
    Mar 2018
    Posts:
    2,621
    Likes Received:
    363
    Well, whatever happens. Hopefully it’s not economically controlled and gives us all a level playing field. Too long the U.K. namespace has been restricted to the coding competent, or those with money to invest in having something custom built. Those who understand the flaws and exploit them. It’ll be nice to see all the pretentious and conceited people get knocked down a peg or two.
     
    • Agree Agree x 2
    • Like Like x 1
  19. Murray

    Murray Well-Known Member

    Joined:
    Sep 2012
    Posts:
    4,261
    Likes Received:
    432
    God forbid hard work and talent be rewarded :p
     
  20. Ben Thomas

    Ben Thomas Well-Known Member

    Joined:
    Mar 2018
    Posts:
    2,621
    Likes Received:
    363
    As it should be, but not in this instance. Nominet is the governing body for UK domains. It should be easily accessible to everyone. Hard work should be rewarded, but it shouldn't give anybody a clear advantage over anybody else, It should be fair and equal for all. IMO.

    If it was fair, people wouldn't have to use hard work and talent to compete. Now, as someone who has never learned to develop EPP XML or any low-level languages, I may be biased. But I feel that I speak for the majority of people and not the minority.
     
  21. Murray

    Murray Well-Known Member

    Joined:
    Sep 2012
    Posts:
    4,261
    Likes Received:
    432
    This is a equal opportunity vs equal outcome argument

    Footaballers are paid so well because their talent draws thousands of people to a stadium and millions of people to watch at home

    Choose 22 random people from around the country to have a football match who is going to pay to watch? you turn something of value into nothing

    A lottery system for domains would be completely fair but benefit everyone and no one at the time, when the mumsnet or moneysavingexpert forum type people got wind of it you would have tens of thousands of entries for each obviously valuable domain

    Your chances of getting a good domain are the same as everyone else, practically none

    The .uk release system is now totally fair with no pesky barriers like talent but also now completely worthless, that is not a step forward that is just destruction of value
     
    • Agree Agree x 1