I registered bogusapple.com after a buddy of mine posted a screenshot of Little Snitch prompting iTunes' access to the domain. All credit for finding this snafu goes to gentmatt, and my bank account for allowing me the ability to frivolously buy a domain.
I don't believe that accessing this domain is built directly into the compiled code of apps, since (in my opinion) it did not happen close enough to a software update. I believe it is just some kind of a typo (bogus.apple.com?) for something used as part of the web page views that comprise the iTunes and the Mac App Store apps. I fully expect that this problem will quietly go away once they deploy new versions.
I picked up the domain just to see if any particularly exciting web requests were being made, and it's been fun to watch user agents, but as soon as Twitter, news sites, and forums got wind of it, it's pretty much impossible for me to discern any meaningful traffic anymore.
I suppose I could start filtering any requests with a referer, or ones not coming from *.apple.com. We'll see.
Not a question but just a word of advice to be careful.
What you did could to a layperson be construed as intentionally exploiting a bug in their software with the result that you're now intercepting requests from unsuspecting customers of theirs, and getting data via your logs that in some countries falls under privacy laws.
Depending on how big of an embarrassment this turns out to be for them and how well funded their legal department is this might not turn out to be hassle-free for you.
Well, it's not his fault Apple is sending traffic to the web site he owns.
If it is true that there is anything illegal with owning that domain and receiving traffic, then it is also true that a nefarious agent could "mistakenly" send a bunch of requests containing "private information" to the server of an enemy, then report the enemy's "illegal actions" to the authorities.
That's a shame, since the first thing that occurred to me was thank goodness someone with nefarious intentions didn't buy the domain and attempt to pass it off as something Apple owned (and thereby users might trust).
In addition to user agents it would be useful to collect path strings and operations so if you're getting GET / or GET /something?option&option&option would be useful.
I did a quick scan (not very definitive) through the Xcode SDK and didn't see anything hard coded with this name but you never know.
On the Apple Community link, you state that you lack adequate logging of :443, could you not link bogusapple to localhost/dedicated server through the hosts file then boot up an Apache/whatever instance to log the access traffic?
I didn't want to pay for an SSL certificate that would pass SSL validation (read: not StartCom, not CACert, and I will never ever support GoDaddy). Domain registration fees aren't going to break the bank, SSL is another story. Not to mention the whole 'proving who I am' and other identity checks any worthwhile SSL agency employs.
Sounds like "A cheap way to figure out if we're in a restricted DNS environment like e.g. airport wifi pre-payment." The implementation is clearly suboptimal, though - you want to control the canary domain.
It tries to load a text file over HTTP (http://www.msftncsi.com/ncsi.txt) and fetch the DNS record of dns.msftncsi.com. If the return of either is not as expected, Windows indicates 'No Internet Access' (although you are connected to a network).
I think the "typo" scenario makes the most sense. bogus.apple.com vs bogusapple.com. It would be an easy mistake to make and everything would look like it's working fine until someone happened to register the domain.
Right. I should have been more clear in my statement. I meant that, since Apple clearly doesn't control the domain, I find it hard to believe that they would use it intentionally.
I think you're being overly generous in ascribing the intentions of an entire company on this.
Most likely the real reason behind this is that some programmer in their employ who didn't know better hammered in "bogusapple.com" as the first thing he could come up with, committed it since it worked for him, and now a lot of people are trying to ascribe more complex intentions to Apple than that.
Could be. I don't know much about the internal development practices at Apple. One has to assume they have strict development and testing guidelines, but you're right - it is possible that some programmer hammered this in, and the change slipped past the code review and testing phases.
I don't know exactly when it started, but I suspect Apple has used this domain for at least a few days now. Whether that's as far back as Mountain Lion's release, or as recently as iTunes 10.7.
Considering some of our active theories, it may have only started becoming used as a result of that Terms & Conditions snafu that occurred the other day.
Either way, the problem predates my registration of the domain, which was around 13 hours ago now. I registered bogusapple.com as a result of seeing use of the domain.
I was at work and the network had blocked it putting it in the "placeholders" category. Note to self: hacker news may be more reputable than the large government agency's IT management.
i won't comment on the differences, which include the meaningless URL and useless "ncsi" in the text, and the fact that it still looks like an error rather than a successful test page.
The Apple page is absolutely minimal. Yet everything is in its place, and it can't leave any developer confused for a millisecond, or make a typo, as it's a human English word at a human, English URL.
Apple is Apple. Microsoft is a split millisecond of headache for a developer who rechecks his spelling of "ncsi" and the whole meaning of the ncsi concept three times to make sure his code is correct.
[1] This post is tagged as being creative (as opposed to rational). as a note, about half of my posts speak to creativity and design and half speak to rationality and logic. most people only do one or the other, so i can understand why each group is confused by the other. this lets me build two brands. just ignore the posts that don't apply to you.
Not at all cleaner. Don't test DNS resolution if you want to know about HTTP access, they are different and many networks or firewalls will allow DNS but require a login for HTTP.
I was specifically talking about that one page and its location. It is English, meant to be parsed as a literal by a program, it's not a random number or a response to a query, that .txt file is literally logically equivalent to the "succss" html page.
so, why is it so convoluted English instead of also just reading "Success"? It's just Microsoft being Microsoft.
this is not trollish of me in the slightest. if it doesn't apply to you, please just ignore it. I stand by the statement.
I'm serious in kind, but not degree :) I do realize it's pretty frivolous, and a bit funny.
It's also a good minimal example!
Even though it is only meant to be used as a literal in a program to check against with a regex, still, someone has to write that regex. Someone will either write in "Success" or write in " -- i just flipped tabs, clicked a link, then flipped back to finish this sentence -- "Microsoft NCSI".
so, ha-ha, but a little serious. it's a good example that pervades every other creative choice made at the two companies.
I did notice that, and agree with you. The minimal example continues: Apple does not care about standards very much, in this case doing something (caps html) for arbitrary reasons and counter to best-practice (and the standard), while actually very nearly being the current standard. But nobody notices or has much of a chance to notice. I have a lot of trouble imagining Google doing the same thing on the source code - I can only imagine Google using lowercase letters in the source, as is standard and "right". This is what separates Google from Apple. (many, many examples of this.)
...meanwhile, microsoft doesn't come within a mile of a current standard - it uses a .txt file (backwards compatibility to, in this case, 1982.)
Pretty sloppy on Apple's end if you ask me. Why check for a domain that you don't actually own? Imagine if someone bought the domain and worked out how to maliciously use it to their advantage? (I seriously doubt that's possible though). What kind of info was being sent to this domain, was it just a standard request to see if there is connectivity or was other information sent that could be used to identify a user? Sounds sub-par just like how the Wifi functionality does a request to: http://www.apple.com/library/test/success.html
A lot of folks are suggesting it was a typo, and they intended to use bogus.apple.com instead, which is very very likely.
I can tell you with 100% certainty that standard HTTP request information is being sent to the domain. So, IPs for the connection, User Agents of the software used to connect, and the request URL. That's pretty much it in a nutshell.
I've seen a few iTunes UAs, both Windows and Mac, and since this news has made the rounds, the signal to noise ratio just went wayyyyyy down. (Go figure.)
Now, it's the reverse situation. If iTunes and the App Store expect bogusapple.com to not resolve, what happens when it does? Why did Apple not own this domain?
I was very concerned that this could occur when I picked up the domain and started allowed traffic to it to succeed, but I haven't seen the massive social network outcry about problems... So I've put that concern to rest :).
As said elsewhere, I think the theory that they likely intended 'bogus.apple.com' is the best guess. Either way it was just a consideration that some developer and/or their code reviewer(s) overlooked.
Chrome, too, does three initial lookups on start up to see if ISPs intercept requests that cannot be resolved. It compares the IP addresses of the pages that are returned, and turns the infobox off if they are identical (as this suggests an ISP is intercepting the look ups).
Absolutely right - I forgot to mention that in my initial comment.
Chrome's behaviour makes much more sense than Apple's -- who hadn't even secured the bogusapple.com domains for themselves (as Microsoft did with Contoso, for example).
Oddly, I keep getting requests from people trying to buy my "DNS configured, but no web site" domain I use for testing. (Right now DNSSIG is expired, and if one examines the rest of the headers, it's obvious it was configured expired.)
I wonder, do any routers, proxies or local internet exchanges filter requests based on TLDs that don't exist in a dictionary of valid TLDs? I'm guessing at least some do, which may give incorrect results.
You jest, and we have the benefit of hindsight, but you can't use the "just a single dot" defense when Apple themselves tout their attention to detail with every product release (wasn't there something about their product design team now working on a nano/micrometer scale?)
Perhaps for testing purposes?
"What happens when the stats server isn't reachable?"
And then it got left that way, WHOOPS.
Long story short, this problem appears to have been resolved the same day it started, since it did not require a software update to fix, they just updated the web views for their store pages.
Is anyone still concretely still seeing the problem?
As best as we can tell, this issue started in the late evening Sunday, registration occurred very early in the morning Monday, and was subsequently resolved later in the day:
After the domain was registered (and assuming no change in iTunes & App Store) - I'm curious to know who owns the right to the domain. And possibility of domain sale.
Apple would have no problem taking this away if they filed a WIPO claim. He clearly registered it in 'bad faith' (a legal term) and is willfully and purposely violating their trademark. I suspect though all they would have to do is ask and he'd hand it over - perhaps with a letter threatening legal action if he didn't immediately comply.
>is willfully and purposely violating their trademark.//
Go on.
He's not trading using the Apple Computers trademark nor is their any confusion. There is nothing clear about his intention, there is no mens rea nor actus rea that can be established from the information in this thread AFAICT.
Apple have no automatic right to everything bearing the name "Apple". They have no more right to the bogusapple.com domain than they have a right to a box of [fruit] apples from your local grocer.
Will they get the domain if they wish it? Are mega-corps in control of the law in the USA?
WIPO - they've erred before and will do so again I feel; they appear to have a presumption that the world belongs to corporations and don't have an interest in protecting the rights of citizens. Not unlike some governments it seems.
The Apple in this domain refers to the trademarked Apple. He doesn't even attempt to hide that on the page, referring directly to the company himself. That is where the proof for willful trademark infringement comes from. If he had owned this domain for years and it was a blog about his favorite fruit, then he'd have a strong case to keep it.
Given the way he's using it I doubt Apple would ever do anything more than ask him for the domain. But if he were to do something like put up a porn site or even run ads, they might be pissed off enough to sue him for the domain + damages - and they'd likely win.
Use of a company name is not trademark infringement - trademarks indicate the origin of goods or services. Unless he's convincing anyone that what he's presenting is a service from Apple Computers then he's not infringing their trademark, wilfully or otherwise.
Moreover reading the page [as it was presented to me] shows he's clearly not intending to infringe the mark with the content of the website either. IIRC he makes it clear that he/the page doesn't have an association with Apple Computers.
If he puts up a porn site it will be even more obvious that he's not selling computers or consumer electronics. The actual ability to infringe Apple's marks would decrease hugely. Big name corps get special additional protections in some jurisdictions however that ignore things like the actualities of the situation.
If they sue him they'd probably win regardless of the spirit of the particular statutes that apply.
Do you think that these guys - http://www.usapple.org/ - are infringing Apple's trademarks too?
Those domains and bogusapple.com, as it is used here, are identical - and they are frequently lost by their owners whenever the people who own the trademarks go after them.
As DannyBee alluded to, when those corporations go up against deep pocketed squatters with good domain lawyers, they can sometimes be outsmarted and not get the domains. But the vast majority of the time they are successful.
>they are frequently lost by their owners whenever the people who own the trademarks go after them //
People get scared by legal threats from massive corporations - that doesn't mean that proper legal process requires [or should require] that such domains are handed over.
So if I own ggoogle.com you think I should be able to keep that domain and serve ads on it and profit from all of that traffic that is trying to find Google? Google should not be able to take that domain away from me?
That's an interesting viewpoint, but not one supported by the law.
Ggoogle is typo squatting. There's nothing inherently wrong with you using that domain but serving ads or having a search engine there would be most likely trademark infringements. If you had similar livery to Google then you'd probably be 'passing off' (in the legal sense).
Personally I find nothing morally or legally wrong as long as you make it clear that the origin of the domain content is not Google Inc. and that you don't use the domain commercially (in the copyright law sense of commercial).
Perhaps you can explain how a non-commercial use of that domain harms Google and indicate which laws prevent such a use.
Google wisely own ggoogle.
There are live examples of similar named sites: moogle, agoogle are domain-squatted, foogle hosts a business, etc..
To put this gently:
You don't know what you are talking about.
Nothing here has anything to do with trademark infringement.
Period.
I started to write a longer post detailing all the legalities involved here, but it's simply not necessary.
Additionally, in every WIPO appeal i've been involved that bears any similarity to this case, where WIPO ruled in favor of the claimant, it was overturned on appeal to a court of competent jurisdiction.
If it was necessary to file an appeal clearly there is some truth to what I said - or WIPO would never issue a decision that needed to be overturned.
As for the appeals process itself, yet it is a loophole that you can file an appeal in front of any podunk judge that will hear the case, whether or not he's ever even been on the internet or knows what a domain name is - and if that judge finds in your favor, you get to keep the domain. Again, that doesn't make what I said untrue.
Your logic is simply broken.
WIPO makes 3000+ UDRP decisions a year. Some will be right, some will be wrong. This is just reality. It has nothing to do with whether "there is some truth to what you said". Correlation does not imply causation.
If you appeal a WIPO decision in front of some judge who doesn't know a thing about the internet and that judge rules in your favor, you have not just proven WIPO made a mistake - but that is how you are choosing to interpret his decision.
You're clearly a typo-squatter or somebody who otherwise traffics in TM domains, so I'm never going to get you to agree with me on this, and that is fine, we don't need to agree. But your personal attacks are unnecessary.
Yes, I traffic in thousands of TM domains.
It's not that i'm a corporate IP lawyer who has dealt with a lot of these situations before (only on the fighting typo-squatters side, hilariously enough), and so my view is more nuanced than yours.
Instead, i'm just a typo squatter.
Because they have no control over the content on that site. The owner could easily throw up some raunchy content, which would make for a weird experience when it comes to discussions like this one.
Or, quite legitimately (I slay me), between RTM and pushing out the update, someone could have registered the domain and used it for content, then see their site hammered by irresponsible software publishers.
I registered bogusapple.com after a buddy of mine posted a screenshot of Little Snitch prompting iTunes' access to the domain. All credit for finding this snafu goes to gentmatt, and my bank account for allowing me the ability to frivolously buy a domain.
I don't believe that accessing this domain is built directly into the compiled code of apps, since (in my opinion) it did not happen close enough to a software update. I believe it is just some kind of a typo (bogus.apple.com?) for something used as part of the web page views that comprise the iTunes and the Mac App Store apps. I fully expect that this problem will quietly go away once they deploy new versions.
I picked up the domain just to see if any particularly exciting web requests were being made, and it's been fun to watch user agents, but as soon as Twitter, news sites, and forums got wind of it, it's pretty much impossible for me to discern any meaningful traffic anymore.
I suppose I could start filtering any requests with a referer, or ones not coming from *.apple.com. We'll see.
It's been a fun 13 hours.
Any questions?