20i Domains

New Nominet drop catching flaw revealed?

Discussion in 'Drop catching Domain Names' started by davedevelopment, Jul 30, 2020.

  1. davedevelopment

    davedevelopment Well-Known Member

    Joined:
    May 2009
    Posts:
    1,320
    Likes Received:
    89
    Not sure how I feel about using it. Someone mentioned nominet saying that anyone exploiting it would be contravening the AUP, but perhaps if that were the case, nominet should have announced something for all to see.
     
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
    articles.co.uk
     
  3. karlm United Kingdom

    karlm Well-Known Member

    Joined:
    Oct 2009
    Posts:
    2,106
    Likes Received:
    18
    What a shambles. probably leaving it so they have more justification for there cash cow auctions.
     
    • Agree Agree x 7
  4. bluerock United Kingdom

    bluerock Well-Known Member Full Member

    Joined:
    Jan 2005
    Posts:
    10,295
    Likes Received:
    72
    If I went to McDonalds and ordered regular fries and they gave me large fries I'd keep them :D
     
    • Funny Funny x 4
    • Like Like x 2
    • Agree Agree x 1
  5. Lovekraft United Kingdom

    Lovekraft Well-Known Member Full Member

    Joined:
    Mar 2010
    Posts:
    1,650
    Likes Received:
    91
    complete farce, does anyone know how long it has been around for? convenient timing indeed for a certain consultation.

    This is basic stuff, how can they not have this fixed already if it's been reported?
     
    • Agree Agree x 2
  6. Aaron Clifford

    Aaron Clifford Well-Known Member

    Joined:
    Jun 2010
    Posts:
    2,645
    Likes Received:
    199
    Nominet.
     
    • Funny Funny x 4
  7. Aaron Clifford

    Aaron Clifford Well-Known Member

    Joined:
    Jun 2010
    Posts:
    2,645
    Likes Received:
    199
    Here comes a horrendous few weeks of the big multi taggers hoovering everything up.
     
    • Agree Agree x 3
    • Like Like x 1
  8. Lovekraft United Kingdom

    Lovekraft Well-Known Member Full Member

    Joined:
    Mar 2010
    Posts:
    1,650
    Likes Received:
    91
    The difference is if Mcdonalds give you big fries by mistake it's not breaking any rules, it was just a mistake.
     
    Last edited: Jul 31, 2020
  9. super-whois United Kingdom

    super-whois Active Member

    Joined:
    Oct 2008
    Posts:
    204
    Likes Received:
    43
    Indeed, it's like going back to the counter and claiming you didn't get any fries, i.e. FRAUD.
     
  10. lazarus

    lazarus Well-Known Member Exclusive Member

    Joined:
    Feb 2013
    Posts:
    1,263
    Likes Received:
    281
    • Funny Funny x 3
    • Agree Agree x 1
    Last edited: Jul 31, 2020
  11. Nigel United Kingdom

    Nigel Well-Known Member

    Joined:
    May 2005
    Posts:
    4,361
    Likes Received:
    89
    • Like Like x 1
    • Funny Funny x 1
  12. super-whois United Kingdom

    super-whois Active Member

    Joined:
    Oct 2008
    Posts:
    204
    Likes Received:
    43
    I remember seeing some odd behaviour on the usage command about a year ago, but I didn't investigate it at the time, so it's possible it has been a problem for some time.

    An interesting follow up:
    https://www.greywing.uk/the-blog/new-catching-flaw-part-2

    So was the old caching flaw still available on the Time Delay DAC, and doubling your quote helped in using this?
     
    • Informative Informative x 1
  13. gregfindley

    gregfindley Well-Known Member

    Joined:
    Dec 2006
    Posts:
    1,447
    Likes Received:
    127
    #SecurityBeginsHere
     
    • Funny Funny x 2
    • Agree Agree x 1
  14. Nigel United Kingdom

    Nigel Well-Known Member

    Joined:
    May 2005
    Posts:
    4,361
    Likes Received:
    89
    worrying to think that Nominet have been entrusted with helping provide the UK's national cyber security defence yet can't fix a simple flaw:

    'Nominet was brought in by the UK Government to deliver a vital part of the National Cyber Security Centre's Active Cyber Defence programme, Protective DNS. That expertise is now being deployed around the world as governments seek to protect their networks.'

    https://www.nominet.uk/cyber-security/
     
    • Funny Funny x 6
    • Like Like x 1
    • Winner Winner x 1
  15. domainseller200 United Kingdom

    domainseller200 Well-Known Member

    Joined:
    Jun 2007
    Posts:
    3,343
    Likes Received:
    126
    It always amazes me when anyone actually thinks that Nominet give a shit about anything at all coming from domainers...
     
    • Agree Agree x 2
  16. Aaron Clifford

    Aaron Clifford Well-Known Member

    Joined:
    Jun 2010
    Posts:
    2,645
    Likes Received:
    199
    I agree, all the complaining in the world has made no difference in the 8/9 odd years I've been involved with Nominet.
     
    • Like Like x 1
  17. webber

    webber Active Member

    Joined:
    Sep 2019
    Posts:
    190
    Likes Received:
    43
    I have seen something similar in Jan/Feb
    I used my quota in half a day, then my server kept trying to reset the DAC connection and after some attempts I got a fresh new quota for some reason. The IP stayed the same. Don't know what happened, I couldn't replicated.
     
    • Informative Informative x 1
  18. BG United Kingdom

    BG Well-Known Member Full Member

    Joined:
    Sep 2004
    Posts:
    1,097
    Likes Received:
    92
    [​IMG]
     
    • Funny Funny x 1
  19. Ben Thomas

    Ben Thomas Well-Known Member

    Joined:
    Mar 2018
    Posts:
    1,720
    Likes Received:
    219
    Well, whatever happens. Hopefully it’s not economically controlled and gives us all a level playing field. Too long the U.K. namespace has been restricted to the coding competent, or those with money to invest in having something custom built. Those who understand the flaws and exploit them. It’ll be nice to see all the pretentious and conceited people get knocked down a peg or two.
     
    • Agree Agree x 2
    • Like Like x 1
  20. Murray

    Murray Well-Known Member

    Joined:
    Sep 2012
    Posts:
    4,201
    Likes Received:
    401
    God forbid hard work and talent be rewarded :p
     
  21. Ben Thomas

    Ben Thomas Well-Known Member

    Joined:
    Mar 2018
    Posts:
    1,720
    Likes Received:
    219
    As it should be, but not in this instance. Nominet is the governing body for UK domains. It should be easily accessible to everyone. Hard work should be rewarded, but it shouldn't give anybody a clear advantage over anybody else, It should be fair and equal for all. IMO.

    If it was fair, people wouldn't have to use hard work and talent to compete. Now, as someone who has never learned to develop EPP XML or any low-level languages, I may be biased. But I feel that I speak for the majority of people and not the minority.