Perhaps VeriSign intends to host sitefinder elsewhere, rename it, or whatever, so that those planning DDoS (distributed denial of service) attacks at least don't get prior warning of where it is going to reside, they'll have to code that in at the last minute.|
If you want to crash the net, VeriSign's sitefinder is probably the best single point of failure available. Do a DDoS attack (as is now [netcraft.com] happening to microsoft.com thanks to DoomJuice, MyDoom's devil offspring, or do you think VeriSign is much more robust and resilient than MicroSoft?) on a non-existent domain, or even include a randomizer that hits numerous almost certainly non-existent domains, eg: 2398s7fjer97vkjx87wqr.com, repeatedly and rapidly, and now multiply that by tens of thousands of zombies, watch the caches fill up, and see the BIND servers fall right over.
Not that those prone to launching DDoS attacks have anything against sitefinder, they get a kick out of inconveniencing sysadmins and other propheads, so they probably also get a kick out of sitefinder, heck, they're probably envious. But DDoSing the net might just prove too tempting to some script kiddee.
An additional benefit of doing it this way is, what happens if you get caught? Can you even be charged for a DDoS attack on a non-existent address? One can hear the defense lawyer now:
Ladies and Gentlemen of the Jury, my client [who is under the age of majority, so probably the worst he's looking at even if found guilty is probation due to the jurisdiction in which he resides, and while he could be sued for the $billions in damages, his parents have cut off his allowance, even his lawyer is acting pro bono, with the exception of a hefty cut of the movie/book/T-shirt rights] didn't commit a crime like breaking into someone's home, despite what the Prosecution would have you believe. He is being accused of kicking in the door at this address and we could all drive out there right now and all that you would see is that there is, and always has been, no-one residing at that address, it is, in point of fact, an empty lot. While they don't seem to care much for sitefinder going by their infrequent musings on the subject, one wonders if ICANN's somnolent Security and Stability Committee has even considered this aspect, which alone should be reason enough to have long since seen sitefinder classed as a Very Bad Thing. -g