Latest news of the domain name industry

Recent Posts

Dyson says new gTLDs will kill the DNS

Kevin Murphy, February 7, 2012, Domain Tech

Former ICANN chair Esther Dyson thinks apps and new gTLDs will cause internet users to abandon domain names.

In an article for TechPresident entitled “Is the Open Web Doomed? Open Your Eyes and Relax“, Dyson writes:

Right now, we’re moving slowly from open data and APIs and standards, to a world of Facebook and apps. We’re likely to see abandonment of the DNS by consumers both because of those apps, and a tragedy of the commons where new Top-Level Domain names (.whatevers and .brands) confuse users and lead to more use of the search box or links within apps.

The point seems to run counter to the rest of her argument, which is that the open web will continue to be used even while Facebook carves away its own little corner of it and that the whole “walled garden vs open web” war is fought in cycles.

(At least, I think that’s what she’s saying, it’s not an easy read.)

I always find these arguments confusing.

If consumers are not using the DNS, where are these “search boxes” and “links within apps” sending them? IP addresses? How do the consumers know they got to where they wanted to go?

Verisign: our DNS was not hacked

Kevin Murphy, February 3, 2012, Domain Tech

Verisign today reiterated that the recently revealed 2010 security breaches on its corporate network did not affect its production domain name system services.

In a statement, Verisign said:

After a thorough analysis of the attacks, Verisign stated in 2011, and reaffirms, that we do not believe that the operational integrity of the Domain Name System (DNS) was compromised.

We have a number of security mechanisms deployed in our network to ensure the integrity of the zone files we publish. In 2005, Verisign engineered real-time validation systems that were designed to detect and mitigate both internal and external attacks that might attempt to compromise the integrity of the DNS.

The statement followed several news reports that covered the hacks and speculated about the mayhem that could ensue if Verisign’s root or .com zone systems were ever breached.

The information the company has released so far suggests that the attacks were probably against back-office targets, such as user desktops, rather than its sensitive network operations centers.

New gTLD applications briefly vanish after glitch

Kevin Murphy, February 2, 2012, Domain Tech

A software glitch in ICANN’s TLD Application System was apparently to blame for a number of “disappearing” new generic top-level domain applications today.

At about 4pm UTC today, two Neustar executives tweeted that some applications, among them the company’s own .neustar dot-brand application, had vanished from their TAS accounts.

TAS is the web-based application, presented as a series of questions, which applicants must use to file and pay for their new gTLD applications.

Several other applicants were also believed to be affected.

It took about two hours for ICANN to sort the problem out.

A spokesperson later said: “A display issue occurred in TAS, it has been corrected. All data is now visible & no information was lost.”

It’s the second technical problem to be reported in TAS this week.

On Tuesday, consultant Fairwinds Partners reported that some applicants had problems filling out their TAS profiles, preventing them from completing their applications.

Frankly, I’d be more surprised if this kind of thing didn’t happen.

TAS is brand new custom-built software, and as anyone who’s ever written software will tell you, no amount of testing can substitute for production use when it comes to finding bugs.

Typosquatting is huge but not dangerous, study finds

Kevin Murphy, December 15, 2011, Domain Tech

A study of typosquatted domain names has found that the practice is reaching pandemic levels for the largest brands, but that there’s surprisingly little malware distribution going on.

The security company Sophos surveyed 2,249 domains that were one letter different to the .com sites of Facebook, Google, Twitter, Apple and Microsoft, and found that two thirds resolved.

Not all of those 1,502 sites were malicious typosquats; some were legitimate sites that just happened to have similarly spelled names (such as goole.com and witter.com) Sophos noted.

Apple was the most-squatted company, according to this method: resolving Microsoft typos were at 61%, Twitter at 74%, Facebook at 81%, Google at 83% and Apple at 86%.

Sophos concluded that “there is a significant typosquatting ecosystem around high-profile, often-typed domain names.”

But it did not find as much malware as it was expecting, with only one domain leading to a malware site, 0.07% of the total.

However, 2.7% of the URLs “fell into the loose category of cybercrime”, which “means they are, or have been, associated with hacking, phishing, online fraud or spamming”.

The report, which also fingers parking services from Demand Media, Sedo, Oversee and Bodis as the recipients of 37% of the typo traffic, contains much more data and is well worth a read.

Annoyingly, it appears that Sophos only surveyed .com domains, so the data doesn’t really tell us much about the impact of TLDs (such as .co) on the typosquatting problem.

Go Daddy bans DNS harvesting

Kevin Murphy, November 9, 2011, Domain Tech

Go Daddy is blocking companies from harvesting its DNS records, the company has confirmed.

CTO Dave Koopman denied that Go Daddy has a “DNS Blackouts” policy, but confirmed that it has banned certain IP addresses from doing DNS queries for its customers’ domains. He wrote:

The rumor about “DNS Blackouts” was started by someone using Go Daddy servers to cache all Go Daddy DNS records on his personal servers for financial gain.

Back to our previous example of 100 queries a day. Instead of one person accessing 100 domain names, this individual was attempting to download tens of millions of Go Daddy DNS records – twice daily. While his behavior did not cause any system issues, we felt it best to revoke access to the offending IPs.

If Go Daddy finds unwanted activity in our network, Go Daddy takes actions to stop it.

That appears to be a reference to a blog post from DNSstuff.com founder R Scott Perry, who complained in early September about what he called a “Selective DNS Blackouts” policy.

Perry suggested that Go Daddy was trying to drum up interest in its Premium DNS service by providing poor DNS service to regular customers.

Blocking DNS queries from selected IP addresses draws to mind Go Daddy’s policy of banning DomainTools and other companies from harvesting Whois records in bulk.

In January, the company confirmed, that it was blocking commercial Whois aggregators including DomainTools. The ban appears to still be in affect for non-paying DomainTools users.

Like DomainTools, DNSstuff.com offers DNS monitoring and alerts for premium fees.