Verisign has unilaterally broken DNS. Now when you try to resolve the address for a nonexistent domain you no longer get back an error, you get back a record that points to Verisign.
$ whois dnsisbroken.com
No match for "DNSISBROKEN.COM".
$ dig dnsisbroken.com
;; ANSWER SECTION:
dnsisbroken.com. 873 IN A 64.94.110.11
I can't even begin to explain all the ways this is a bad idea. The large tech media hasn't quite picked this up yet, but there's lots more on the net including New York Times, NANOG discussion, Slashdot, The Inquirer, Advogato, BizReport, BR Online and blogs via Feedster.
techbad
  2003-09-16 14:54 Z