Latest news of the domain name industry

Recent Posts

ICANN heads to Mar-a-Lago for budget crisis talks

Kevin Murphy, April 1, 2018, Gossip

Cash-strapped ICANN has invited select community members to emergency budget talks at the Mar-a-Lago resort in Florida, DI has learned.

The three-day summit next week will address how best to spend the organization’s $138 million annual budget, along with its $236 million auction proceeds war chest and its $80 million of leftover new gTLD application fees.

“Recent public comments have made it clear than many valued ICANN community members have misunderstood our FY19 budget,” CEO Goran Marby said. “I believe a long weekend of intensive discussions at Mar-a-Lago should persuade the community that we’re actually on the right track.”

To encourage participation from an increasingly weary volunteer pool, attendees will be treated to complimentary spa treatments, golfing, and the most beautiful pieces of chocolate cake, he said.

DI has managed to obtain a preliminary agenda for the summit, which can be read here (pdf).

Business-class flights and three nights’ accommodation at the exclusive members club will be covered by ICANN.

Mar-a-Lago, purchased by Donald Trump in the 1980s, is a “six-star” resort in Palm Beach, Florida. It was originally a five-star hotel, until 2004 when Trump purchased the one-star hotel next door and knocked through.

Marby defended the choice of venue, pointing out that the guest list is to be strictly limited to the ICANN board of directors, industry CEOs, and members of the Intellectual Property Constituency.

DI understands that the IPC will be permitted to invite members of the Non-Commercial Stakeholder Group to attend, should they require golf caddies.

To ensure gender diversity, all attendees will be able to bring along their spouses or partners. ICANN will make up any shortfall by hiring decorative females from a pool of Trump litigants.

A small support team of 50 ICANN staffers will also be available to hand out fresh towels, collect empty glasses, and so on.

Remote participation will be available via AOL Instant Messenger.

Chief financial officer Xavier Calvez declined to disclose the cost of the summit, citing privacy concerns caused by “GDPR or something”, but DI understands it is to be accounted for as a line item in ICANN’s Federal lobbying disclosure.

Calvez said ICANN has managed to negotiate “substantial” bulk discounts on the usual $200,000 Mar-a-Lago membership fees and $2,000-a-night room rates.

The cost will also be offset by sponsorship contributions from ICANNwiki and the National Rifle Association, he said.

Registry and registrar CEOs polled by DI this weekend were split on whether they would attend.

“Of course I’m going,” Blacknight CEO Michele Neylon told us by phone from an airport lounge in Kigali.

But .xyz chief Daniel Negari said he would attend only if he can secure sufficient funding for his bus fare to the airport.

Among the cost-cutting proposals on the menu, DI understands, is a request to consolidate all current and future policy working groups into a single, unified WG.

Sources say this would have the added benefit of reducing the annual policy implementation budget to zero dollars between now and, at the earliest, 2045.

Get drunk on Neustar’s tab and it will donate money to hurricane relief

Kevin Murphy, March 5, 2018, Gossip

Neustar has promised to donate thousands of dollars to a Puerto Rican hurricane relief charity, providng enough people show up to its open bar event in San Juan next week.

It’s fairly standard for domain companies of Neustar’s size to host free after-hours social events during ICANN meetings, but this time the company said it will donate $25 for each attendee to charity.

The beneficiary is the Puerto Rico Resistance Fund, operated by Americas for Conservation and the Arts, which is helping rebuild the island after Hurricane Maria hit it for six last September.

“We want to bring together the community, help spread awareness of the hardship and devastation in Puerto Rico, and make our community proud they are contributing in a small way financially,” Neustar VP Lori Anne Wardi told DI.

With the company telling me it expects 500 guests or more to the invitation-only event, expect a total donation topping $12,500.

The venue is the Antiguo Casino, which appears to be about a 10-minute taxi ride from the Puerto Rico Convention Center, at which the ICANN 61 public meeting is being held.

The event runs from 1900 to 2330 local time.

The official death toll in Puerto Rico from Maria was 64, but a New York Times analysis puts the number at closer to 1,000. Parts of the island, a US territory, are still suffering from infrastructure problems such as power outages.

Berkens sues Twitter over hacked account

Kevin Murphy, December 28, 2017, Gossip

Blogger and high-profile domain investor Mike Berkens of TheDomains.com has sued Twitter for allowing his account to be hacked and failing to rectify the problem.

As industry Twitter users will no doubt already be aware, Berkens’ account @thedomains came under the control of an unknown hacker on Friday last week.

The avatar was changed from the The Domains logo to the face of an East Asian man and tweets from the account began to sound out of character.

Despite the attack being reported to Twitter by Berkens and others (including yours truly), the account does not yet appear to have been returned to its proper owner.

In a complaint filed yesterday in Northern California, Berkens claims Twitter “still has done nothing to substantially acknowledge, investigate or respond to Plaintiffs’ complaint, and restore Plaintiffs’ access to the Account.”

The suit, which also names (as Does) the unknown hackers, has nine counts ranging from computer fraud to trademark infringement to negligence and breach of contract.

Berkens wants his account back, as well as damages. He’s currently tweeting from @thedomainscom as a temporary workaround.

The complaint, kindly donated by George Kirikos, can be read here (pdf).

Domain President? Dicker fallout continues as Schwartz unleashes tweetstorm

Kevin Murphy, June 12, 2017, Gossip

“Domain King” domain investor Rick Schwartz has twunleashed a twirade of Twitter twabuse about deleted podcasts that would put Donald Trump to shame.

Starting late Sunday night and apparently still ongoing at time of publication, Schwartz has been haranguing Michael Cyger, publisher of the DomainSherpa and DNAcademy investor sites, about dozens of deleted DomainSherpa podcasts.

So far, he’s hit send on scores of tweets. A very small sample:

Cyger was the host of the DomainSherpa video podcast, which regularly featured Schwartz and TheDomains publisher Mike Berkens as guests.

Also a regular guest was industry pariah Adam Dicker, who many domainers believe has used shady business practices in his dealings with others in the community.

After stories began to emerge of Dicker’s alleged wrongdoings, Cyger decided to stop using him as a guest. He subsequently removed all previous shows featuring Dicker from the DomainSherpa web site.

Now, Schwartz and Berkens are pissed that the hundreds of hours they volunteered into appearing on the show were wasted, and that hundreds of social media links they used to promote the shows are useless.

The three parties chatted by phone back in March, all seem to agree, about how to resolve this issue.

Cyger says it was agreed that the deleted shows would be replaced by an explanation that the show had been removed.

But Berkens and Schwartz claim that Cyger has in fact been ignoring their requests to reinstate the shows — hence the tweetstorm over the last 24 hours. Cyger denies that claim, and says he believes he did the right thing by removing the shows.

I, for the record, have no opinion on the matter.

Hacker hostage crisis at ICANN secret key ceremony! (on TV)

Kevin Murphy, March 24, 2017, Gossip

One of ICANN’s Seven Secret Key-Holders To The Internet got taken out as part of an elaborate heist or something on American TV this week.

In tense scenes, a couple of secret agents or something with guns were forced to break into one of ICANN’s quarterly root zone key signing ceremonies to prevent a hacker or terrorist or something from something something, something something.

The stand-off came after the secret agents or whatever discovered that a hacker called Mayhew had poisoned a guy named Adler, causing a heart attack, in order to secure his position as a replacement ICANN key-holder and hijack the ceremony.

This all happened on a TV show called Blacklist: Redemption that aired in the US March 16.

I’d be lying if I said I fully understood what was supposed to be going on in the episode, not being a regular viewer of the series, but here’s the exposition from the beginning of the second act.

Black List

Botox Boss Lady: Seven keys control the internet? That can’t be possible.

Neck Beard Exposition Guy: They don’t control what’s on it, just how to secure it. All domain names have an assigned number. But who assigns the numbers?

Soap Opera Secret Agent: Key holders?

Neck Beard Exposition Guy: Seven security experts randomly selected by ICANN, the Internet Corporation for Assigned Names and Numbers.

Bored Secret Agent: Max Adler’s wife mentioned a key ceremony.

Neck Beard Exposition Guy: Yeah, four times a year the key holders meet to generate a master key and to assign new numbers, to make life difficult for hackers who want to direct folks to malicious sites or steal their credit card information.

Botox Boss Lady: But by being at the ceremony, Mayhew gets around those precautions?

Neck Beard Exposition Guy: Oh, he does more than that. He can route any domain name to him.

That’s the genuine dialogue. ICANN, jarringly, isn’t fictionalized in the way one might usually expect from US TV drama.

The scene carries on to explain the elaborate security precautions ICANN has put in place around its key-signing ceremonies, including biometrics, smart cards and the like.

The fast-moving show then cuts to the aforementioned heist situation, in which our villain of the week takes an ICANN staffer hostage before using the root’s DNSSEC keys to somehow compromise a government data drop and download a McGuffin.

Earlier this week I begged Matt Larson, ICANN’s VP of research and a regular participant in the ceremonies (which are real) to watch the show and explain to me what bits reflect reality and what was plainly bogus.

“There are some points about it that are quite close to how the how the root KSK administration works,” he said, describing the depiction as “kind of surreal”.

“But then they take it not one but two steps further. The way the ceremony happens is not accurate, the consequences of what happens at the ceremony are not accurate,” he added.

“They talk about how at the ceremony we generate a key, well that’s not true. It’s used for signing a new key. And then they talk about how as a result of the ceremony anyone can intercept any domain name anywhere and of course that’s not true.”

The ceremonies are used to sign the keys that make end-to-end DNSSEC possible. By signing the root, DNSSEC resolvers have a “chain of trust” that goes all the way to the top of the DNS hierarchy.

Black ListThe root keys just secure the bit between the root at the TLDs. Compromising them would not enable a hacker to immediately start downloading data from the site of his choosing, as depicted in the show. He’d then have to go on to compromise the rest of the chain.

“You’d have to create an entire path of spoofed zones to who you wanted to impersonate,” Larson said. “Your fake root zone would have to delegate to a fake TLD zone to a fake SLD zone and so on so you could finally convince someone they were going to the address that you wanted.”

“If you could somehow compromise the processes at the root, that alone doesn’t give you anything,” he said.

But the show did present a somewhat realistic description of how the ceremony rooms (located in Virginia and California, not Manhattan as seen on TV) are secured.

Among other precautions, the facilities are secured with smart cards and PINs, retina scans for ICANN staff, and have reinforced walls to prevent somebody coming in with a sledgehammer, Larson said.

Blacklist: Redemption airs on Thursday nights on NBC in the US, but I wouldn’t bother if I were you.