September 29, 2003

More shit-fan imact

I’ve written before about the “senior administration official” leaking the identity of a CIA covert operative to the press, as revenge for her husband embarrassing the White House, a story Robert Novak ran. The story-behind-the-story was astounding, but got very little press at the time. Now that the CIA has requested a Justice Department investigation (which in fact has been underway for a while), and has publicized that request in the media, the media is reviving it–a little bit.

Billmon has been beating the drum on this story for the past couple of days.

One of Billmon’s commenters wondered, if the administration is willing to pull a dirty trick like this over a relatively piddling matter, what are they doing with the really important stuff? One shudders to think. And we can clearly drop the “if”: The fact of the CIA’s request makes it clear that the story is not bogus. Someone in the administration who is placed highly enough to find out Wilson’s wife’s secret identity, and vindictive enough to violate federal law and put her and her contacts’ lives at risk just to get back at her husband: Carl Rove comes to mind.

Later: Even some well-connected Republicans are appalled:

Compared to this, all of Clinton’s peccadilloes look like an mildly diverting scene from an Oscar Wilde production … Let me make this as plain as possible — I was an unpaid advisor for the Bush-Cheney 2000 campaign, and I know and respect some high-ranking people in the administration. And none of that changes the following: if George W. Bush knew about or condoned this kind of White House activity, I wouldn’t just vote against him in 2004 — I’d want to see him impeached. Straight away.

There’s lots, lots more out there in the blogosphere, but this is some of the juicy stuff.

Let’s beat on Verisign

Chip has been doing a good job of beating the drum on Verisign’s offensive “typojacking” (great word) of all unassigned domain names on the Internet. Meaning, for example, if you accidentally type “” into your browser, you are taken to a Verisign page that tell you “perhaps you meant one of these pages.” Prima facie, that actually sounds helpful, but there are serious problems with it. The architecture of the Internet depends on the ability to check whether a domain name is valid or not. This trick stymies that ability. It’s also sleazy, because Verisign can monetize your typos: rather than pointing you to the most likely correct spelling, they can suggest you visit sponsoring sites that seem like likely hits.

And finally, simply by visiting Verisign’s website, you are agreeing to their terms of service. There may have been a tattered fig leaf of respectability for that stunt when you had to intentionally go to their site, but that fig leaf is completely gone now. One harassment tactic that geeks could take would be to write them, saying “I came to your site completely by accident, and I do not agree to your terms of service. Please make it so that I can no longer accidentally violate your TOS.”

In fact, now that I think about it, I wonder if we can write up a sort of “reverse-TOS”–that is, we could file a TOS (hidden in a locked filing cabinet stuck in a disused lavatory with a sign on the door saying Beware of the Leopard) reading something like “responding to any HTTP GET or POST requests originating from my computer constitutes acceptance of these terms of service,” which might include terms like free ice cream delivered daily for the next year.