Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
New gTLD applications briefly vanish after glitch
A software glitch in ICANN’s TLD Application System was apparently to blame for a number of “disappearing” new generic top-level domain applications today.
At about 4pm UTC today, two Neustar executives tweeted that some applications, among them the company’s own .neustar dot-brand application, had vanished from their TAS accounts.
TAS is the web-based application, presented as a series of questions, which applicants must use to file and pay for their new gTLD applications.
Several other applicants were also believed to be affected.
It took about two hours for ICANN to sort the problem out.
A spokesperson later said: “A display issue occurred in TAS, it has been corrected. All data is now visible & no information was lost.”
It’s the second technical problem to be reported in TAS this week.
On Tuesday, consultant Fairwinds Partners reported that some applicants had problems filling out their TAS profiles, preventing them from completing their applications.
Frankly, I’d be more surprised if this kind of thing didn’t happen.
TAS is brand new custom-built software, and as anyone who’s ever written software will tell you, no amount of testing can substitute for production use when it comes to finding bugs.
Typosquatting is huge but not dangerous, study finds
A study of typosquatted domain names has found that the practice is reaching pandemic levels for the largest brands, but that there’s surprisingly little malware distribution going on.
The security company Sophos surveyed 2,249 domains that were one letter different to the .com sites of Facebook, Google, Twitter, Apple and Microsoft, and found that two thirds resolved.
Not all of those 1,502 sites were malicious typosquats; some were legitimate sites that just happened to have similarly spelled names (such as goole.com and witter.com) Sophos noted.
Apple was the most-squatted company, according to this method: resolving Microsoft typos were at 61%, Twitter at 74%, Facebook at 81%, Google at 83% and Apple at 86%.
Sophos concluded that “there is a significant typosquatting ecosystem around high-profile, often-typed domain names.”
But it did not find as much malware as it was expecting, with only one domain leading to a malware site, 0.07% of the total.
However, 2.7% of the URLs “fell into the loose category of cybercrime”, which “means they are, or have been, associated with hacking, phishing, online fraud or spamming”.
The report, which also fingers parking services from Demand Media, Sedo, Oversee and Bodis as the recipients of 37% of the typo traffic, contains much more data and is well worth a read.
Annoyingly, it appears that Sophos only surveyed .com domains, so the data doesn’t really tell us much about the impact of TLDs (such as .co) on the typosquatting problem.
Go Daddy bans DNS harvesting
Go Daddy is blocking companies from harvesting its DNS records, the company has confirmed.
CTO Dave Koopman denied that Go Daddy has a “DNS Blackouts” policy, but confirmed that it has banned certain IP addresses from doing DNS queries for its customers’ domains. He wrote:
The rumor about “DNS Blackouts” was started by someone using Go Daddy servers to cache all Go Daddy DNS records on his personal servers for financial gain.
Back to our previous example of 100 queries a day. Instead of one person accessing 100 domain names, this individual was attempting to download tens of millions of Go Daddy DNS records – twice daily. While his behavior did not cause any system issues, we felt it best to revoke access to the offending IPs.
If Go Daddy finds unwanted activity in our network, Go Daddy takes actions to stop it.
That appears to be a reference to a blog post from DNSstuff.com founder R Scott Perry, who complained in early September about what he called a “Selective DNS Blackouts” policy.
Perry suggested that Go Daddy was trying to drum up interest in its Premium DNS service by providing poor DNS service to regular customers.
Blocking DNS queries from selected IP addresses draws to mind Go Daddy’s policy of banning DomainTools and other companies from harvesting Whois records in bulk.
In January, the company confirmed, that it was blocking commercial Whois aggregators including DomainTools. The ban appears to still be in affect for non-paying DomainTools users.
Like DomainTools, DNSstuff.com offers DNS monitoring and alerts for premium fees.
ICANN steps in front of astrology lawsuit
ICANN has agreed to take over a critical online time zone database, after its original operators were sued for copyright infringement by an astrology software company.
The organization said last night that it will start to manage the Internet Time Zone Database, following the retirement of Arthur David Olson, who has managed it for nearly 30 years at the US National Institutes of Health.
“The Time Zone Database provides an essential service on the Internet and keeping it operational falls within ICANN’s mission of maintaining a stable and dependable Internet,” ICANN COO Akram Atallah said.
While it’s possible that ICANN will face criticism for this apparent case of “mission creep”, the move could actually be pretty good news for new top-level domains applicants.
The tz database is used by countless applications and platforms. It’s baked into Java, PHP, Perl, Python, .NET, PostgreSQL and BSD-derived operating systems including Mac OS X.
If ICANN is able to leverage those relationships, it may be able to increase adoption of its Universal Acceptance of TLDs project, an authoritative database of all live TLDs.
This could help new gTLDs, primarily those longer than three characters, have a smoother ride in terms of compatibility with internet software.
But the real reason for the handover to ICANN at this time appears to be the fact that Olson was sued at the end of September by Astrolabe, a Massachusetts-based provider of astrology software.
Astrolabe claims (pdf) it has copyright on some facts about historical time zone information, and has sued Olson for an injunction and damages
The lawsuit prompted the removal of the FTP site where the database is hosted, and oodles of bad karma for Astrolabe after the suit was reported in The Register.
So has ICANN just risked having its name added to the lawsuit in order to ensure the ongoing stability of the time zone database? Is it taking one for the team? It certainly appears so.
According to Astrolabe’s latest observations:
Conditions are confused and uncertain. Feelings run high. Perceptions are altered, leading to misunderstandings. Imagination, escapism, and gullibility are factors to contend with.
Indeed.
ANA finds SEO more effective than Facebook
Advertisers are “beginning to question the effectiveness” of social media marketing, but they’re still mostly sold on the benefits of search engine optimization.
That’s according to a new study from the Association of National Advertisers, the results of which have just been published.
The ANA’s survey of 92 marketers gave SEO an “effectiveness rating” of 52%, the highest rating given to any of the six categories respondents were asked to comment on.
However, that represented a decline of three percentage points from a similar survey in 2009.
Social networking sites (presumably including Facebook, although names were not named) received an effectiveness rating of 28%, up from 17% two years ago, ANA reported.
SEO and social sites were used in marketing by 88% and 89% of respondents respectively.
ANA president Bob Liodice said in a press release:
While marketers have substantially increased their use of newer media platforms over the past few years, they are beginning to question the effectiveness of some of these vehicles. The ANA survey indicates a strong willingness by marketers to integrate innovative new approaches into their marketing mix; however, this enthusiasm is tempered by concerns regarding the return-on-investment of these emerging options.
While it’s all speculation at this point, SEO improvements are often pointed to as a potential (and I stress: potential) benefit of new dot-brand or category-killer top-level domains.
The ANA is the current opponent-in-chief of ICANN’s new gTLD program.
Pirates set up domain seizure workaround
Movie and music pirates are setting up alternative DNS services to help users work around the government seizure of domain names.
A new service, BlockAid.me, launched an open beta at the end of September. It’s currently being promoted prominently on at least one major movie/music/games-sharing site.
The site encourages internet users to reconfigure their computers to use BlockAid’s DNS servers. That way, if a domain name used by a piracy web site is seized by law enforcement, BlockAid will be able to direct surfers to the original owner’s IP address more or less transparently.
This is exactly what the experts predicted would happen.
Ever since the US Immigration and Customs Enforcement agency started seizing domain names associated with pirated content and US politicians have been discussing legislation to streamline the process, workarounds have been expected.
In May, DNS experts including Paul Vixie, Dan Kaminsky and now-ICANN chair Steve Crocker said that the Protect-IP Act in the US would persuade many users to switch to offshore DNS servers.
They warned that this would lead to a rise in cybercrime against consumers, as disreputable or insecure DNS providers send surfers to spoofs of banks and other sensitive sites.
While there’s no reason to believe the BlockAid project has this kind of nefarious activity in mind, if the idea catches on it’s probably inevitable that a similar service operated by crooks will emerge eventually.
Amusingly, BlockAid’s web site says that it may financially support itself in future by showing ad-laden web pages instead of returning NXDOMAIN errors, a much-criticized money-making tactic many ISPs already use.
Note also that the .me registry is managed by Afilias, a heavily US-based company, which likely makes BlockAid.me just as vulnerable to seizure as any .com address.
Google ranks new .xxx site higher than its .com
Is Google experimenting with swapping out .com domains when an equivalent .xxx exists?
Last week, ICM Registry announced it had granted ifriends.xxx to iFriends, a popular network of adults-only webcams, as part of its pre-launch Founders Program.
Today, a Google search for iFriends sometimes returns ifriends.xxx right at the top, with ifriends.com nowhere to be seen on the first page.
Other times, ifriends.com or ifriends.net gets top billing.
The iFriends network has been around since 1998, according to an ICM press release, so its .com and .net domains will presumably already have significant juice.
Obviously, Google has been useless for returning easily predictable results ever since it started “personalizing” SERPs a couple years back.
Running a few non-scientific experiments, it seems that the choice of browser, toolbar, Google site and location may play a factor in which results you see.
The significant thing seems to me to be the fact that when your results do include the .xxx domain first, it appears to completely replace the .com.
What do you see when you search? What do you think is going on?
.xxx reveals new gTLD support problems
It’s late 2012. You’ve spent your $185,000, fought your way through objections, won your contention set, and proved to ICANN that you’re technically and financially capable of running a new generic top-level domain.
The registry contracts have been signed. But will your gTLD actually work?
The experiences of .xxx manager ICM Registry lately suggest that a certain amount of outreach will be needed before new gTLDs receive universal support in applications.
I’ve encountered three examples over the last few days of .xxx domain names not functioning as expected in certain apps. I expect there will be many more.
Skype. Type http://casting.com into a chat window and Skype will automatically make the link clickable. Do the same for the .xxx equivalent, and it does not.
Android, the Google mobile platform. I haven’t tested this, but according to Francesco Cetaro on Twitter, unless you manually type the http:// the domain doesn’t resolve.
TweetDeck, now owned by Twitter. It doesn’t auto-link or auto-shorten .xxx domains either, not even if you include the http:// prefix.
This problem is well known from previous new gTLD rounds. ICANN even warns applicants about it in the Applicant Guidebook, stating:
All applicants should be aware that approval of an application and entry into a registry agreement with ICANN do not guarantee that a new gTLD will immediately function throughout the Internet. Past experience indicates that network operators may not immediately fully support new top-level domains, even when these domains have been delegated in the DNS root zone, since third-party software modification may be required and may not happen immediately.
Similarly, software applications sometimes attempt to validate domain names and may not recognize new or unknown top-level domains.
As a 10-year .info registrant, I can confirm that some web sites will still sometimes reject email addresses at .info domains.
Sometimes this is due to outdated validation scripts assuming no TLD is longer than three characters. Sometimes, it’s because the webmaster sees so much spam from .info he bans the whole TLD.
This is far less of an issue that it was five or six years ago, due in part to Afilias’s outreach, but just this week I found myself unable to sign up at a certain phpBB forum using my .info address.
I understand ICM has also been reaching out to affected app developers recently to make them aware that .xxx now exists in the root and has resolvable domains.
ICANN also has released code in C#, Java, Perl, and Python (though not, annoyingly, PHP) that it says can be easily dropped into source in order to validate TLDs against the live root.
The last beta was released in 2007. I’m not sure whether it’s still under development.
(UPDATE: CentralNic CTO Gavin Brown has knocked up a PHP implementation here.)
Bit-squatting – the latest risk to domain name owners
Forget phishing, forget cybersquatting, forget typosquatting, high-value domain name owners may have a whole new threat to worry about – “bit-squatting”.
This appears to be the conclusion of fascinating new research to be presented by Artem Dinaburg at the Black Hat and DEF CON hacker conferences in Las Vegas next week.
Defective internet hardware, it turns out, may be enabling a whole new category of typosquatting that could prove worrying for companies already prone to domain name abuse.
According to a summary of Dinaburg’s research, RAM chips can sometimes malfunction due to heat or radiation, resulting in “flipped bits”, where a 1 turns into a 0 or vice-versa.
Because the DNS uses ASCII encoding, a query containing a single flipped bit could actually send the user to a completely different domain name to the one they intended to visit.
To test the theory, Dinaburg appears to have registered the typo domain name mic2osoft.com. While it’s not visually confusing or a likely typo, in binary it is only one bit different to microsoft.com.
The ASCII binary code for the digit 2 is 00110010, which is only one bit different to the lower-case letter r, 01110010.
The binary for the string “microsoft” is:
011011010110100101100011011100100110111101110011011011110110011001110100
and the binary encoding for “mic2osoft” is (with the single changed bit highlighted):
011011010110100101100011001100100110111101110011011011110110011001110100
Therefore, if that one bit were to be accidentally flipped by a dodgy chip, the user could find themselves sending data to the bit-squatter’s domain rather than Microsoft’s official home.
I would assume that this is statistically only a concern for very high-traffic domains, and only if the bit-flipping malfunction is quite widespread.
But Dinaburg, who works for the defense contractor Raytheon, seems to think that it’s serious enough to pay attention to. He wrote:
To verify the seriousness of the issue, I bit-squatted several popular domains, and logged all HTTP and DNS traffic. The results were shocking and surprising, ranging from misdirected DNS queries to requests for Windows updates.
…
I hope to convince the audience that bit-squatting and other attacks enabled by bit-flip errors are practical, serious, and should be addressed by software and hardware vendors.
His conference presentations will also discuss possible hardware and software solutions.
For large companies particularly at risk of typosquatting, the research may also present a good reason to conduct a review of their trademark enforcement strategies.
I’m not going to be in Vegas this year, but I’m looking forward to reading more about Dinaburg’s findings.
The annual Black Hat and DEF CON conferences are frequently the venues where some of the most beautifully creative DNS hacks are first revealed, usually by Dan Kaminsky.
Kaminsky is not discussing DNS this year, judging by the agendas.
The conferences were founded by Jeff Moss, aka The Dark Tangent, who joined ICANN as its chief security officer earlier this year.
Why we won’t see dotless domain names
Will http://google ever work?
Will any of the hundreds of .brand gTLDs expected to be approved by ICANN in its first round of new top-level domains resolve without dots?
Will users be able to simply type in the name of the brand they’re looking for into their browser’s address bar and have it resolve to the company’s official site?
Probably not, according to the experts.
ICANN’s Applicant Guidebook answers this question, but you need to know where to look, and to know a little about DNS records, to figure it out what it actually says.
Section 2.2.3.3 of the Guidebook (page 75 of the May 30 PDF) provides a list of the permissible contents of a new gTLD zone.
Specifically not allowed are A and AAAA records, which browsers need in order to find web sites using IPv4 and IPv6 respectively.
“To facilitate a dotless domain, you would need to place an A or a AAAA record in the zone, and these are not on the list of permitted record types,” said Kim Davies, root zone manager at IANA. “The net result is a default prohibition on dotless domains.”
Applicants may be able to obtain A/AAAA records if they specifically ask for them, but this is very likely to trigger an Extended Evaluation and a Registry Services Review, according to Davies and the Guidebook.
There’s an additional $50,000 fee for a Registry Services Review, with no guarantee of success. It will also add potentially months to the application’s processing time.
(Incidentally, ICANN has also banned DNS “wildcards”. You cannot have an infinite SiteFinder-style catch-all at the second level, you need to allocate domain names individually.)
Applicants that successfully obtain A/AAAA records, enabling dotless domains, would face a far greater problem than ICANN’s rules – endpoint software probably won’t support them.
“As it stands, most common software does not support the concept,” Davies said. “There is a common assumption that fully qualified domain names will have at least one dot in them.”
You can type IP addresses, host names, domain names or search terms into browser address bars, and dots are one of the ways the software figures out you’re looking for a domain.
You can test this today. There are already a handful of top-level domains, probably fewer than 20 and all ccTLDs, that have implemented an A record at the TLD level.
On some platforms, you may be able to get URLs such as http://io and http://ac to work.
They don’t revolve on any Windows 7 browser I’ve tested (Firefox/IE/Chrome), but I’d be interested in hearing your experiences, if you’d be so good as to leave a comment below.
Given the lack of software support, it may be a poor use of time and resources to fight ICANN for a dotless gTLD that most internet users won’t even be able to resolve.
According to a recent CircleID article by Paul Vixie, chairman of the Internet Systems Consortium, many browsers treat domains without dots as local resources.
Only if the browser’s “DNS search list” cannot find a local resource matching the dotless TLD will it then go out to the internet to look for it.
In some organizations, a local resource may have been configured which matches a new gTLD. There may be a local server called “mail” for example, which could clash with a .mail gTLD.
A recent article in The Register quoted security people fretting about what would happen if a malicious hacker somehow persuaded ICANN to approve a string such as .localhost or .lan.
These worries appear to be largely reliant on an erroneous belief that getting your hands on a gTLD is going to be as simple as registering a domain name.
In reality, there’s going to be months of technical evaluation – conducted in a fish-bowl, subject to public comment, applicant background checks and, in the case of a request for A records, the aforementioned Registry Services Review – before a gTLD is approved.
If everything works according to plan, security problems will be highlighted by this process and any gTLDs that would break the internet will be caught and rejected.
So it seems very unlikely that we’re going to see domains without dots hitting the web any time soon.
Domain names are designed to help people find you. Dotless domains today will not do that, even if ICANN does approve them.
Recent Comments