» ISP News » 

UPD3 Nominet UK Bodge Risks Google.c.uk and BBC.c.uk Typo Security Threat

Posted Friday, August 1st, 2014 (11:31 am) by Mark Jackson (Score 1,367)
website hyperlink link secure

Nominet, which handles the registry of .uk Internet domains, is no stranger to controversy and some of their decisions over the years have caused plenty of head scratching. The latest bit of fun seems to be as a result of their new .uk rules, which have allowed typos for UK sites (e.g. bbc.c.uk, google.c.uk and hsbc.c.uk) to go to a different server (you can do it for almost any .uk or .co.uk domain).

At one point or another most of us will have miss-typed a domain name and in the past this was used by hackers and phishers to trick people into visiting fake versions of legitimate websites and brands. For example, it’s perilously easy to type google.c.uk instead of google.co.uk, the difference is that the .co.uk will take you to the real website while c.uk takes you to a completely separate site that could be exploited.

On top of that the text-prediction used by most web browsers can mean that once miss-typed you are highly likely to land upon the same fake site a second time when trying to type it again because the browser corrects your address to the previously typed one, which by now we’re all automatically attuned to accept (I’ve done it a few times by accident while testing for this article).

The situation appears to stem from the November 2013 introduction of Nominet’s new .uk namespace (here) and its associated rules (here), which is perhaps a risky approach to take when the potential collision space is so large (i.e. the owner of c.co.uk got c.uk by default = mass website redirection fun). But far from making .uk domains more secure it appears as if Nominet’s current approach could risk opening a door to scammers.

The introduction of the new .uk name (i.e. being able to register examplz.uk rather than just examplz.co.uk) was highly controversial and occurred against a background of strong opposition, with some viewing it as a victory of profit over sense. Never the less it happened and one of the consequences seems to be that Nominet has effectively allowed someone to register c.uk and thus redirect innocent typos into its clutches. ISPreview.co.uk has contacted Nominet for comment.

UPDATE 1:19pm

As some readers have pointed out claims.co.uk, a law firm for personal injury claims, owns the c.co.uk domain and under the .UK rules this meant they automatically got .c.uk without any checks. It’s unclear why claims.co.uk is allowing the domain to be used in such a way, although it’s possible they aren’t aware.

The registrar for the .c.uk domain itself goes back to the Dark Group Ltd t/a YSH (http://www.ysh.uk), which is the same organisation behind broadband ISP Fast.co.uk. ISPreview.co.uk has shot off a message to Fast.co.uk’s Mark Baker in the hopes of getting more information. In the meantime.. still no reaction from Nominet.

Domain name:
c.uk

Registrant:
Claims.co.uk Ltd

Registrant type:
UK Limited Company, (Company number: 6843986)

Registrant’s address:
Suite 5083
6 Slington House
Rankine Road
Basingstoke
Hampshire
RG24 8PH
United Kingdom

Data validation:
Registrant contact details validated by Nominet on 30-Oct-2013

Registrar:
Dark Group Ltd t/a YSH [Tag = YSH]
URL: http://www.ysh.uk

Relevant dates:
Registered on: 10-Jun-2014
Expiry date: 10-Jun-2024
Last updated: 17-Jun-2014

Registration status:
Registered until expiry date.

Name servers:
buy.internettraffic.com
sell.internettraffic.com

UPDATE 1:54pm

Fast.co.uk’s Mark Baker has informed ISPreview.co.uk that one of their customers changed the name servers for the offending domain to those of a “parking company who appear to have enabled wildcard DNS, hence anything.c.uk resolves” (i.e. it doesn’t appear to be specifically targeting popular brands and sites – it just hits everything the same). Baker noted that he couldn’t be “sure if that behaviour is intentional on our clients part“. Meanwhile the problem persists. Oh c.uk.

UPDATE 3:30pm

We had hoped that Nominet might wish to take this more seriously..

A Spokesperson for Nominet told ISPreview.co.uk:

Use of a domain name for unlawful purposes, or in a way that infringes the intellectual property rights of third parties is contrary to the terms and conditions of domain name registration, to which all registrants must agree. If any use of a .uk domain name comes to our attention that appears to be in breach of those terms, we would cooperate with law enforcement agencies in order to take any appropriate steps, and would reserve the right to take any action open to us under the registration contract.

In the case of the domain name c.uk it would appear that the registrant is redirecting all c.uk sub domains to www.c.uk, not targeting or imitating any specific websites. We have no indication that www.c.uk is being used for any unlawful purpose.”

Delicious
Add to Diigo
Tags:
Leave a Comment
7 Responses
  1. TomL

    But can’t only one person register c.uk? and then have to create ALL the fake subdomains like suggested? I think the authorities might already be keeping a close eye on that getting purchased. Plus this will be reserved for the person who already owns c.co.uk until 2017 anyway.

    • Vince

      No need to create the sub-domains specifically.

      You can wildcard with one entry in DNS, so not tricky or difficult.

  2. Richard

    You’re right of course Tom, except that it already exists – anything.c.uk is redirected to http://www.c.uk, which is merrily making money from advert clicks as we speak.

  3. Mark J, as Nominet members ourselves, these domains should fail data validation and thus get pulled fairly quickly. However, as claims.co.uk own the c.co.uk they automatically got .c.uk without any checks. Questions clearly need to be asked of claims.co.uk moral standing.

    The Dark Group, who have the domain on their tag, may take a dim view of the domains use, however, it’s been a while since I’ve spoken to Mark @ Dark

    Nominet seem fairly on the ball if they are informed.

  4. Interesting topic shown here, i am now working on it regularly here and would say keep the future posts like this continusoly.

IMPORTANT: Javascript must be enabled to post (most browsers do this automatically). On mobile devices you may need to load the page in 'Desktop' mode to comment.


Comments RSS Feed

* Your comment might NOT appear immediately (the site cache re-syncs periodically) *
* Comments that break our rules, spam, troll or post via fake IP/proxy servers may be blocked *
Promotion
Cheapest Superfast ISPs
  • Sky Broadband £20.00 (*28.99)
    Up to 38Mbps, 25GB
    Gift: None
  • Origin Broadband £23.89 (*31.58)
    Up to 38Mbps, Unlimited
    Gift: None
  • Vodafone £25.00
    Up to 38Mbps, Unlimited
    Gift: None
  • Hyperoptic £26.00 (*35.00)
    Up to 100Mbps, Unlimited
    Gift: None
  • bOnline £26.28 (*40.68)
    Up to 40Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
Poll
*Javascript must be ON to vote*
The Top 20 Category Tags
  1. BT (1801)
  2. Broadband Delivery UK (1270)
  3. FTTC (1145)
  4. FTTP (1131)
  5. Politics (904)
  6. Openreach (858)
  7. Business (791)
  8. Fibre Optic (721)
  9. Statistics (716)
  10. Mobile Broadband (662)
  11. Wireless Internet (599)
  12. Ofcom Regulation (576)
  13. 4G (538)
  14. Virgin Media (521)
  15. FTTH (460)
  16. Sky Broadband (425)
  17. TalkTalk (400)
  18. EE (350)
  19. Security (293)
  20. 3G (255)
New Forum Topics
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Promotion

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules