Latest news of the domain name industry

Recent Posts

Blue Coat explains .zip screw-up

Kevin Murphy, September 4, 2015, 08:55:44 (UTC), Domain Tech

Security vendor Blue Coat apparently doesn’t check whether domains are actually domains before it advises customers to block them.

The company yesterday published a blog post that sought to explain why it denounced Google’s unlaunched .zip gTLD as “100% shady” even though the only .zip domain in existence leads to google.com.

Unrepentant, Blue Coat continued to insist that businesses should consider blocking .zip domains, while acknowledging there aren’t any.

It said that its censorware treats anything entered into a browser’s address bar as a URL, so it has been treating file names that end in .zip — the common format for compressed archive files — as if they are .zip domain names. The blog states:

when one of those URLs shows up out on the public Internet, as a real Web request, we in turn treat it as a URL. Funny-looking URLs that don’t resolve tend to get treated as Suspicious — after all, we don’t see any counter-balancing legitimate traffic there.

Further, if a legal domain name gets enough shady-looking traffic — with no counter-evidence of legitimate Web traffic — it’s possible for one of our AI systems to conclude that the behavior isn’t changing, and that it deserves a Suspicious rating in the database. So it gets one.

In other words, Blue Coat has been categorizing Zip file names that somehow find their way into a browser address bar as .zip domain names.

That may sound like a software bug that Blue Coat needs to fix, but it’s still telling people to block Google’s gTLD anyway, writing:

In conclusion, none of the .zip “domains” we see in our traffic logs are requests to registered sites. Nevertheless, we recommend that people block these requests, until valid .zip domains start showing up.

That’s a slight change of position from its original “Businesses should consider blocking traffic that leads to the riskiest TLDs”, but it still strikes me as irresponsible.

The company has still not disclosed the real numbers behind any of the percentages in its report, so we still have no idea whether it was fair to label, for example, Famous Four’s .review as “100% shady”.

Tagged: , , , ,

Comments (3)

  1. Richard Funden says:

    Wow, they have developed Artificial Intelligence (“one of our AI systems”) and they use it for this?

    Makes sense though, as there is no real intelligence anywhere in their report…

    I for one welcome the rise of our Robot overlords!

  2. Rubens Kuhl says:

    Let’s see: we have a com domains being registered since 1985. MS-DOS version 2.1 already used .com as file extension in 1983, so we have been seeing this dilemma for 20 years… in those years, MS-DOS and Windows applications (.com is still an executable Windows file extension now) had to differentiate from more than 100 million .com domains.

    Where is this a new technical problem ?

  3. Acro says:

    This is as BS of a response as the rest of the ‘study’.

Add Your Comment