Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

A more cynical interpretation is that he almost certainly tried to sell this to MS privately, and they didn't bite at the price he was asking. The public offering at $1.7M is likely an attempt to force their hand.

Frankly that doesn't sound to expensive given the context, it's probably less than Microsoft's existing bug bounty budget anyway. I don't know why they couldn't work this out, or why they never bothered to try to address the issue over the multiple decades this guy has been keeping this domain out of dangerous hands.

Just write the check, Satya.



With a large organization like Microsoft, people who understand this don’t have the power to make this happen. And people who the power will WTF this for 6 months. By the time they make the decision, it will be too late. I doubt Satya will read this.

It took me half hour to understand what is going on. Imagine an MS executive


Sure. But Microsoft has known about his domain, and this issue, since 1997, if not earlier. So they've had over 20 years to think about it.


They’ve just changed default settings to neuter the issue, and hoped the problem with established networks would eventually go away on its own as people upgraded.

In fact, I bet that domain was much more valuable in 2005 than it is now.


Perhaps. But TFA reports a recent test that was frightening enough.


> Imagine an MS executive

Which is the problem.

Like politics, the people driving the bus have no idea what happens under the hood. That's an incredibly stupid way to run society!


The article says MS offered $20k a while back and he passed.


That's an insulting offer, no?


It is. "adventus.com" just sold for 22k. "mymind.com" sold for 36k. "rude.com" sold for 100k. "gorilla.com" sold for almost 500k and "voice.com" sold for 30 million!

Any offer below 500k would be downright ridiculous.


Yeah, I dabble in domain trading and this domain would fetch $500k minimum on the open market.


Who would pay that though? “Corp” is going to pretty hard for any company to establish as a brand.


I think the NSA might.


And when if they use it, the registration should be cancelled for abuse, like any other domain, no?


Maybe the NSA has adequate resources.


Any state-actor would find it a very worthy investment for $2-5m. Absolute gem for passive intel collection.


Fantastic name for corporate lawyers and B2B companies


Until they understood what sorry of internal info they could get, then they'll pay that 500k before anyone else could bid it up.

50/50/90 a chunk of my work records for the past ten years could be accessible if someone hits this domain and just sponges it up. Shivers.


> Just write the check, Satya.

Why should they? The sale will surely be heavily scrutinized and if the new owner tries anything then the domain will quickly be shut down for abuse.


Because it's fundamentally Microsofts mistake? The asking price for the domain isn't unreasonable given it's a 4 letter .com and Microsoft can easily afford it.

All this does is make Microsoft look incompetent.


It's fundamentally Microsoft's mistake, sure, but that doesn't entitle this guy to extort them for 2 million dollars.


Extortion would be 20milion. 2 mil is not unreasonable given the circumstances.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: