Latest news of the domain name industry

Recent Posts

ICANN urged to kill new TLD morality veto

Kevin Murphy, September 17, 2010, Domain Services

ICANN has been asked to eliminate references to “morality and public order” objections from its new top-level domain application process.

A cross-constituency working group has advised ICANN’s board of directors to scrap the term and to ensure that whatever replaces it does not enable individual governments to veto new TLDs based on their own local laws.

The so-called “MOPO” or “MAPO” part of the Draft Applicant Guidebook attracted criticism because ICANN’s Governmental Advisory Committee seemed to want to use it to grant themselves the right to block any TLD application they deemed too controversial.

The fear from the GAC was that if nations started blocking whole TLDs at their borders, it could ultimately lead to the fragmentation of the DNS root.

The fear elsewhere was that some edgy TLD applications, such as .gay or .sex, could be rejected due to the unilateral objections of backward regimes, harming freedom of speech.

But if ICANN incorporates the working group’s new recommendations into the next version of the DAG, that probably won’t be allowed to happen.

The group this week forwarded an interim report to the ICANN board for its consideration. While incomplete, it already carries a few recommendations that managed to find consensus.

Notably, the report recommends that, “National law not based on international principles should not be a valid ground for an objection”, which would seem to scupper any chances of Uganda or the Holy See blocking .gay, for example.

The working group has so far failed to reach consensus on how governmental objections should be registered and processed, but one option is:

The Applicant Guidebook should allow individual governments to file a notification (not an objection) that a proposed TLD string is contrary to their national law. The intention is that an “objection” indicates an intent to block, but a “notification” is not an attempt to block, but a notification to the applicant and the public that the proposed string is contrary to the government’s perceived national interest. However, a national law objection by itself should not provide sufficient basis for a decision to deny a TLD application.

The working group, which counted a few GAC members among its number, has managed to unanimously agree that the awkward term “morality and public order” should be dumped.

One possible contender to replace it is “Objections Based on General Principles of International Law”.

The group has also discussed the idea that a supermajority vote could be required if the board decides to reject a TLD application based on a MOPO objection.

The report is a work in progress. The working group expects to send an updated document to the ICANN board shortly before its retreat later this month.

Whether any of this will be acceptable to the GAC as a whole is up for debate.

DNS Made Easy whacked with 50Gbps attack

Kevin Murphy, August 9, 2010, Domain Services

The managed DNS service provider DNS Made Easy was knocked offline for 90 minutes on Saturday by a distributed denial of service attack estimated at 50Gbps.

This could be the largest DDoS attack ever. The largest I’ve previous heard reported was 49Gbps.

The company, which promises 100% uptime, tweeted that the attack lasted eight hours, but only saw one and a half hours of downtime.

Here are some tweets from the company, starting on Saturday afternoon:

Out of China. Over 20 Gbps…. Don’t really know how big actually. But it’s big. We know it’s over 20 Gbps

Update…. Over 50 Gbps… we think. Since core Tier1 routers are being flooded in multiple cities…..

Trying to organize emergency meeting with all Tier1 providers. We probably have over 50 senior network admins looking into this.

This is flooding the provider’s backbones. By far the largest attack we have had to fight in history.

And, post-attack:

The good: Not everyone was down, not all locations were down at once. The bad: There were temporary regional outages.

Almost back to normal in all locations. Full explanation, details, and SLA credits will be given to all users as soon as possible.

We did not see a 6.5 hour long outage. That would be ultra-long. DDOS attack was 8 hours. Less than 1.5 hours of actual downtime.

It will prove costly. The company’s service level agreement promises to credit all accounts for 500% of any downtime its customers experience.

Quite often in these cases the target of the attack is a single domain. Twitter and Facebook have both suffered performance problems in the past after attackers went after a single user for political reasons.

For a DNS provider, any single domain they host could be such a target. I’d be interested to know if that was the case in this incident.

SnapNames lawsuit: “halvarez” was chasing $1.5 million bonus

Howard Nelson Brady, the former SnapNames VP and alleged shill-bidder known as “halvarez”, was chasing a $1.5 million performance-related bonus, according to a lawsuit filed yesterday.

SnapNames and its parent, Oversee.net, have sued Brady for $33 million, claiming he used the pseudonym “Hank Alvarez” and his privileged access to SnapNames’ auction platform to artificially inflate the sale prices of auctioned domain names.

According to the complaint, Brady started his alleged shill-bidding in order to boost SnapNames’ revenues and boost his potential “earn-out” from the June 2007 acquisition of SnapNames by Oversee.

“The purchase of the SnapNames business was based almost entirely on projections extrapolated from past revenues of SnapNames, which had been artificially inflated by Defendant Brady’s shill-bidding,” the complaint says.

Oversee further claims that, following the acquisition, Brady set about embezzling money from the company by buying domains using his “halvarez” account and then refunding himself some of the purchase price.

The company alleges he made $175,000 that way, before suspicious activity was noticed on his account.

“Hank Alvarez” had a mail drop, a Paypal account, and sometimes sent emails to Brady, which were then forwarded to other members of staff, the lawsuit claims.

The lawsuit is seeking a mountain of cash. Clearly, Oversee and SnapNames are not pulling any punches when it comes to attempting to restore their reputation.

The bulk of the $33 million is made up of punitive damages, but Oversee also wants Brady’s entire salary and other compensation for the period while the alleged activities were taking place.

You can read the complaint in PDF format here.

Comwired buys DNS.com for relaunch

Kevin Murphy, April 26, 2010, Domain Services

Comwired has acquired the domain name DNS.com in order to relaunch as a provider of managed enterprise DNS services.

The company announced this morning that it bought the domain, first registered in 1991 and previously parked, for an undisclosed amount.

The transaction appears to have happened at the end of last month and the site is already live.

With the acquisition, Comwired looks like it’s targeting the market for high-availability DNS resolution currently occupied by the likes of Neustar, Afilias and Dynamic Network Services.

The company was perhaps previously best-known for the geographic traffic-splitting service it offered to domainers and others.

The Whois record for DNS.com still shows a Moniker private registration, which I speculate would not be an exactly comforting sight for would-be enterprise customers.

DNS is sexy? Dyn thinks so

Kevin Murphy, April 8, 2010, Domain Services

Dynamic Network Services has launched a marketing campaign aimed at convincing people that DNS is “sexy”.

The company, which provides managed DNS services as Dyn.com, evidently has its tongue in its cheek, but has plastered the “DNS is Sexy” slogan across its web site anyway.

It has even registered DNSisSexy.com to bounce users to its corporate pages.

There’s a list of ten reasons why this frankly bizarre proposition might be true, including:

7. Standard features like DNSSEC on our Dynect Platform defend you from would be cyber criminals that want to steal your important information online. Bye bye identity theft!

Feeling sexy yet? Me neither.

How about:

9. Recursive DNS like our free Internet Guide, can protect your family and friends from unwanted Web content with customized defense plans.

Feeling sexy now? No?

Still, Go Daddy managed to mainstream domain name registration by incorporating boobs quite heavily in its TV campaigns, and everybody is interested in the ongoing sex.com and .xxx sagas, so it’s not beyond the bounds of possibility that Dyn could do the same for managed DNS.

To be honest, I can’t quite visualise it.

Dyn is asking people to tweet their reasons why DNS is “sexy” including the hashtag #dnsissexy. I’ve done mine.

Bizarre domain suggestion tool

Kevin Murphy, March 23, 2010, Domain Services

There are plenty of available domain name suggestion tools out there, but BizNameWiz has to be the strangest I’ve seen.

The press release says it uses a “unique and creative algorithm”.

No kidding. I’ll let these screengrabs speak for themselves. (continue reading)

OpenDNS serves 1% of the internet

Kevin Murphy, March 23, 2010, Domain Services

OpenDNS, the free DNS resolution provider, said today it has 18 million users on its books, meaning it now provides DNS for more than 1% of the world’s internet users.

The percentage is based on the estimate that there are 1.67 billion internet users.

“One percent of all of the world’s Internet users is a momentous achievement and our growth rate indicates that number will climb at an even more rapid pace going forward,” said CEO David Ulevitch.

When OpenDNS launched in 2006, I couldn’t really see the need.

But since then, the company has added services such as URL filtering, which have become popular with the 25,000-odd schools on the company’s customer roster.

Far more useful to domain-buying adults such as me and you is the company’s CacheCheck, which enables you to manually update OpenDNS’s cache of any given domain. Over the years, this has often proven to be an invaluable time saver when meddling with my domains’ DNS records.

Was dynamic DNS Mariposa’s undoing?

Kevin Murphy, March 3, 2010, Domain Services

Spanish cops have arrested three people they suspect of building and running the “Mariposa” botnet, and it looks like they were tracked down through dynamic DNS services.

Mariposa spread into 190 countries and had 12.7 million infected PCs on it, according to this PDF report from Defence Intelligence. Over half of the Fortune 1000 were compromised.

According to the AP, “the suspects used Internet services that wound up cooperating (continue reading)