NameStarter.com :: domaining business blog // Domaining for Domainers

Archive for the ‘baidu’ Category

Register.com: Baidu Can’t Sue Us for Negligence. Its In Our Contract.

March 22, 2010baidu, Domain Registrars, Domaining, Domainnamewire, lawsuits, Register.comComments Off on Register.com: Baidu Can’t Sue Us for Negligence. Its In Our Contract.

Domain name registrar argues that you can’t sue it for negligence because it’s in the TOS.

What happens if you register a domain name at Register.com and then Register.com screws up? Tough luck.

That’s the message the company is sending by asking a court to dismiss a lawsuit Baidu brought against it for handing over the keys to its account to a criminal.

In a motion to dismiss (pdf), Register.com’s representatives write:

Asserting a laundry list of inflammatory claims, Baidu seeks to hold Register liable for the January 11, 2010 cyber-attack, which appears to have originated from unknown criminals who also targeted sites such as Twitter, and which resulted in a brief interruption of service on Baidu’s Web site, baidu.com. But Baidu fails to inform the Court that when it registered its domain name through Register more than a decade ago, it expressly agreed to waive any future claims against Register for precisely the kind of service interruptions that form the basis of this lawsuit. Indeed, in numerous provisions of the parties’ contract, Baidu agreed that it would not and could not bring the very claims it now attempts to assert.

This seems like it’s on shaky grounds. Register.com didn’t just mess up, it really f’d up. It’s almost unbelievable.

If I park in a parking garage, I know the ticket says the garage isn’t responsible for theft. But if the garage operator hands a crow bar to a thief to break into my car, I can hold the operator responsible.

But Register.com claims its mistake was nominal:

In terms of the criminal attack, then, Baidu’s allegations boil down to the core of what actually happened here: a customer service agent mistakenly verified a customer by failing to confirm that the correct security code was provided back by the requester. But that is not an allegation of gross negligence; at best, it is simple mistake or ordinary negligence.

You should re-read what happened and decide for yourself.

Register.com also suggests that Baidu filed the complaint in part because Google had suggested it was moving out of China at the time. (See footnote 9 in the Motion to Dismiss).


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. Baidu Sues Register.com Over Hacking Incident
  2. How Baidu Got Hacked by the Iranian Cyber Army
  3. European Company Threatens Baidu Search Engine

How Baidu Got Hacked by the Iranian Cyber Army

February 24, 2010baidu, Domain Registrars, Domaining, Domainnamewire, Register.comComments Off on How Baidu Got Hacked by the Iranian Cyber Army

Court documents show how imposter allegedly duped Register.com into handing over access to Baidu.com.

Last month visitors to Baidu.com were redirected to a page stating that the site had been hacked by the Iranian Cyber Army.

Baidu later sued Register.com for allegedly allowing a security intrusion that enabled the hackers to change the name servers for Baidu.com. But the original lawsuit redacted the essential facts about how the hackers got control of Baidu’s account at Register.com. Now an unredacted copy of the lawsuit is available (pdf).

What it alleges is stunning. Here’s how Baidu alleges the hacker got access to one of the world’s most popular web sites domain name account in under an hour:

1. Hacker starts online chat session with Register.com representative, claiming to be an agent of Baidu.

2. Register.com representative asks hacker to provide verification information. Hacker provides invalid information, but Register.com goes ahead and e-mails a security code to the email address it has on file for Baidu anyway.

3. The hacker doesn’t have access to that e-mail address, so he/she relays a bogus security code to the Register.com representative via chat. Baidu claims the representative didn’t bother to compare the code to the actual one.

4. Hacker asks Register.com representative to change email address on file to antiwahabi2008@gmail.com, and representative does.

5. Hacker now uses “forgot password” link at Register.com to request the username and password to the account. Hacker can then log in and change the name servers.

This isn’t the first time a major corporation has had its nameservers changed thanks to a compromised domain account. But the details in how the account was allegedly compromised are stunning. It’s also unfortunate that, had Baidu used added security such as that offered by Moniker or Fabulous, this entire event could have been avoided.


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. Baidu Sues Register.com Over Hacking Incident
  2. European Company Threatens Baidu Search Engine
  3. Gmail Hack Leads to Domain Theft

Baidu Sues Register.com Over Hacking Incident

January 19, 2010baidu, Domain Registrars, Domaining, Domainnamewire, Register.comComments Off on Baidu Sues Register.com Over Hacking Incident

Domain name registrar sued over alleged security breach.

Baidu, Inc. announced that it has sued domain name registrar Register.com over a hacking incident by Iranian Cyber Army earlier this month. Baidu claims that Register.com was negligent, allowing the hackers to change the DNS for the domain name.

I have searched U.S. Federal Court records to find the lawsuit, but have not located it. It will be interesting to see the details behind the lawsuit, as presumably it will detail what exactly the hackers did to take down the site, including any edits to the nameservers for Baidu.com.

Once again, it’s time for a registrar to offer bullet-proof registrations, including a service that requires in-person verification to make any changes to a domain’s contact information or nameservers. I’m not sure if such a service will profitable, as I know at least one domain entrepreneur tried this in the past. Will companies pay substantially more to ensure their domain names aren’t hacked? They should, but that doesn’t mean they will.


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. European Company Threatens Baidu Search Engine
  2. Telnic Trips Up with Baidu.tel
  3. Register.com Must Stop “Call In” Practice by March

European Company Threatens Baidu Search Engine

December 9, 2009baidu, Domain Sales, Domaining, DomainnamewireComments Off on European Company Threatens Baidu Search Engine

Baidu Europe hopes to extort big bucks out of popular search engine.

Remember Baidu? Not the Chinese search giant, but the European software company that has promoted its trademarks and baidu.tld domain names for sale? Well, it’s putting its brand and domain names up for sale. And it’s not hiding the fact that it hopes the big search engine buys them.

In a brash press release about the sale on eBay, the company specifically cites Baidu the search company:

In 2008, Baidu Europe (baidu.eu) announced that it had the intention of selling its brand name and domain names due to the rapid growth of Baidu Inc (Nasdaq: BIDU), a very popular Chinese search engine. Baidu Inc. is now considered to be the world’s second largest search engine, the leading search engine in China. 76 percent of online searches in China are done at Baidu.com, compared to only 19.8 percent at Google, according to Search Engine Land. There is a fierce competition between Baidu.com and Google for worldwide search engine domination that is only expected to get more heated.

As if that’s not enough, the press release is clear about the threat to Baidu Inc. It says it has already talked to several interested parties, including “an American adult porn search engine”. The message is clear: Baidu Inc. needs to buy the trademarks and domains or risk having Baidu.eu and several other country code domains land on a porn site.


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. Telnic Trips Up with Baidu.tel
  2. The .Tel Search Engine Factor
  3. Domain Developers Turn to Search Engine Optimization