Language Selection

English French German Italian Portuguese Spanish

Google Wins 'Typosquatting' Dispute

Filed under
Web

An Internet arbitrator has awarded Google Inc. the rights to several Web site addresses that relied on typographical errors to exploit the online search engine's popularity so computer viruses and other malicious software could be unleashed on unsuspecting visitors.

The National Arbitration Forum, a legal alternate to litigating in court, sided with a Google complaint alleging that Sergey Gridasov of St. Petersburg, Russia, had engaged in "typosquatting" by operating Web sites named googkle.com, ghoogle.com and gooigle.com.

After former Stanford University graduate students incorporated the search engine in September 1998, Google registered its domain name a year later. Gridasov registered his Web sites in December 2000 and January 2001, according to Google's complaint.

In a decision made earlier this week, arbitrator Paul A. Dorf, endorsed Google's contention that the misspelled addresses were part of a sinister plot to infect computers with programs - known as "malware" - that can lead to recurring system crashes, wipe out valuable data or provide a window into highly sensitive information.

Gridasov didn't respond to Google's complaint, filed May 11, meaning the arbitrator could accept all reasonable allegations as true.

The Associated Press sent an e-mail Friday to the address that Gridasov listed when he registered his Web sites. The response, which wasn't signed by Gridasov, acknowledged the misspelled names were adopted to attract more visitors, but said there hadn't been any complaints until the sites began posting code from another company, which assured it wouldn't cause any trouble.

F-Secure, a Finnish company specializing in identifying malware, identified googkle.com as a troublemaker in an advisory posted April 26 - nearly three weeks before Mountain View-based Google filed its complaint.

Trying to piggyback on the popularity of a heavily trafficked Web site isn't new. For instance, the address Whitehouse.com used to display ads for pornography was a surprise for Web surfers looking for Whitehouse.gov, the president's official online channel. Whitehouse.com now operates as a private Web site that sells access to public records.

Google's brand ranks among the most trusted on the Internet and its Web site attracts more than 66 million unique monthly visitors, making it an inviting target for scheming opportunists.

By MICHAEL LIEDTKE
Associated Press

More in Tux Machines

Linux/FOSS Events

  • The Linux Foundation Announces Session Lineup for ApacheCon(TM) Europe
  • OpenShift Commons Gathering event preview
    We're just two months out from the OpenShift Commons Gathering coming up on November 7, 2016 in Seattle, Washington, co-located with KubeCon and CloudNativeCon. OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. Origin adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. And we're excited to say, the 1.3 GA release of OpenShift Origin, which includes Kubernetes 1.3, is out the door! Hear more about the release from Lead Architect for OpenShift Origin, Clayton Coleman.

Security News

  • Report: Linux security must be upgraded to protect future tech
    The summit was used to expose a number of flaws in Linux's design that make it increasingly unsuitable to power modern devices. Linux is the operating system that runs most of the modern world. It is behind everything from web servers and supercomputers to mobile phones. Increasingly, it's also being used to run connected Internet of Things (IoT) devices, including products like cars and intelligent robots.
  • security things in Linux v4.6
    Hector Marco-Gisbert removed a long-standing limitation to mmap ASLR on 32-bit x86, where setting an unlimited stack (e.g. “ulimit -s unlimited“) would turn off mmap ASLR (which provided a way to bypass ASLR when executing setuid processes). Given that ASLR entropy can now be controlled directly (see the v4.5 post), and that the cases where this created an actual problem are very rare, means that if a system sees collisions between unlimited stack and mmap ASLR, they can just adjust the 32-bit ASLR entropy instead.

Raspberry Pi PIXEL and More Improvements

Trainline creates open source platform to help developers deploy apps and environments in AWS