Security firm should admit it screwed-up labeling .zip the shadiest top level domain.
It’s been a while since I’ve handed out a
prestigious Domain Dunce award, but this week’s “Shady TLDs” report from security firm Blue Coat is very deserving.
There’s just one problem: .Zip is an unreleased top level domain name from Google. There’s only one second level .zip domain in existence, and that’s nic.zip.
Someone at Blue Coat clearly didn’t do its homework. But what really qualifies Blue Coat for a Domain Dunce nomination is its response to the screwup.
Instead of admitting that it screwed up, and someone certainly is taking some heat inside the company for not noticing this, the company is saying that it’s just a methodology issue.
As it turns out, its data shows that strings ending in .zip are trying to ping the web. This is not surprising given the .zip extension for zip files. Blue Coat explains in a blog post:
… .zip URLs are showing up in our traffic logs, among the billion or so anonymized Web requests that our customers send us every day to be categorized in our WebPulse system. Generally, if you look closer, most of these appear to be filenames, not URLs – but they somehow ended up in somebody’s browser somewhere as a URL, and got treated accordingly. (For example, many of the requests are for [whatever].zip/favicon.ico URLs.)
…So, when one of those URLs shows up out on the public Internet, as a real Web request, we in turn treat it as a URL. Funny-looking URLs that don’t resolve tend to get treated as Suspicious — after all, we don’t see any counter-balancing legitimate traffic there.
Err, so you’re telling me .zip was the only non-active TLD that showed up in this data? I doubt that, given the name collision issue the industry wrestled with last year.
Let’s be honest about what likely happened. Someone saw .Zip was a delegated TLD, didn’t dig into the data, and put it as the shadiest TLD. If .zip didn’t show up on a TLD list or had the company realized it wasn’t released yet, it wouldn’t have been in the report. Realizing its mistake, the company is suggesting it knew this all along.
Congratulations, Blue Coat. You’re our latest Domain Dunce winner.