Latest news of the domain name industry

Recent Posts

Microsoft launches Kinect without Kinect.com

Kevin Murphy, June 14, 2010, Domain Sales

Microsoft has revealed that its long-awaited gaming platform previously known as Project Natal will be officially known as “Kinect”.

While the company has a trademark on the word, it does not currently own the domain name kinect.com.

It’s registered and redirecting to CAHG, which appears to be an advertising agency specialising in the pharmaceutical industry.

Kinect is widely recognized as a global leader in interactive marketing and promotion and serves as the Interactive Agency of Record for many market-leading brands in the US, Europe, Asia, South Africa, and the Middle East.

I expect lucky CAHG could shortly find itself on the receiving end of an offer it cannot refuse.

There is some precedent: four years ago, when Nintendo launched the Wii, the domain wii.com belonged to Weyerhaeuser, a forestry products company.

It took a few months for the name to change hands, for an undisclosed sum.

WSJ reporting bogus Indian domain name market info?

The Wall Street Journal is reporting that India “passed an Internet milestone of sorts” in the first quarter, when the number of .com domains registered in the country broke through 1 million.

Did it?

This is what the WSJ says:

[India] now has more than one million registered web sites using the suffixes .com or .net, according to data released today by VeriSign Inc., the U.S. company that tracks this sort of thing.

In its Domain Name Industry Brief, it reported that India now has a registered total of 1.037 million .com and .net domain names, up from about 800,000 in the same period the year before.

The number 1.037 million is terribly specific, considering that VeriSign’s Domain Name Industry Brief doesn’t say anything of the sort.

There’s nothing in the DNIB to suggest that anybody in India has ever registered a single .com domain.

The DNIB has never broken down .com registrations by location, and the Q1 report, released on Monday, doesn’t use the word “India” once.

If the WSJ numbers are accurate – the paper does appear to have interviewed a VeriSign India executive – I’m wondering how they were calculated.

It can’t be a case of tallying the number of .com domains managed by Indian registrars. Mumbai-based Directi alone has had more than a million .com names under its belt for a long time.

Could VeriSign be mining Whois records for location data?

It runs a thin registry, so it would have to reference Whois data acquired from its registrars in order to compute the numbers.

Or did the WSJ hit on unreliable sources? It seems possible.

Coupons.info sells for over $17,000

Kevin Murphy, May 27, 2010, Domain Sales

Go Daddy might be currently giving away .info domains as freebies when you buy a .com, but that doesn’t mean they’re all worthless.

Coupons.info has just sold through Sedo auction for $17,600, easily the priciest recent .info sale I can recall.

It looks as if the transaction closed yesterday, with the domain now redirecting to its new owner’s existing site at allcouponsdirect.com.

The seller had held a reserve price of $7,000, so I’m guessing he’s a happy bunny today.

Four of the top 100 brands have insecure domain names

Kevin Murphy, May 26, 2010, Domain Tech

Some of the world’s most famous global brands have domain names that are still vulnerable to the Kaminsky exploit and could be hijacked by others.

Earlier today, I ran all of the brands on Deloitte’s list of the top 100 brands through a vulnerability testing tool provided by IANA.

The results show that four of these brands – all household names – have domains classed as “highly vulnerable” to the Kaminsky exploit.

If the IANA test is reliable, this means that false data could be injected into their name servers, potentially redirecting users to a web site belonging to the attacker.

Another eight brands had domains that the IANA tool reported might be “vulnerable” to attacks, but which had measures in place to mitigate the risk.

The Kaminsky bug has been public for almost two years. It’s a cache poisoning attack in which a recursive name server is tricked into providing false data about a domain.

It becomes particularly scary when a domain’s authoritative name servers also have their recursive functions turned on. A successful attack could redirect all traffic to a compromised domain to a server managed by the attacker.

The surest way to avoid vulnerability is to turn off recursion. IANA says: “Authoritative name servers should never be configured to provide recursive name service.”

Alternatively, a method known as source port randomization can make the risk of being compromised by the Kaminsky exploit so small it’s barely a threat at all.

The IANA tool reports that four of the top 100 brands have at least one “highly vulnerable” authoritative name server that has recursion enabled and no source port randomization.

The other eight “vulnerable” domains were identified as running on at least one authoritative server that had recursion turned on and source port randomization enabled.

I’m not an expert, but I don’t believe this second category of companies has a great deal to worry about in terms of Kaminsky.

I picked the Deloitte brand list for this experiment because it is the list of brands Deloitte believes require the most trademark protection under ICANN’s new TLD process.

.CO Internet is already using the list during its sunrise period for the .co domain.

Michele Neylon of Blacknight has found some more vulnerable servers over here.

Hostway wants non-existent domain patent

Kevin Murphy, April 29, 2010, Domain Tech

Hostway, the large web hosting company, has applied for a US patent on a system of intercepting and redirecting requests for non-existent domains names.

The application describes “A system and method for controlling internet traffic controls internet traffic directed to a non-existing domain in a centralized manner.”

It appears to cover a service that could be offered to local ISPs, enabling them to show their users monetized search pages rather than domain-not-found error messages.

Under the system, ISPs would intercept NXDOMAIN responses to their users’ DNS lookups.

Instead of passing the error on to the browser, the ISP would consult a centralized controller for the IP address of a context-appropriate landing page to redirect the user to.

It’s not at all clear to me whether Hostway is using the technology or has plans to do so. The application was filed in October 2008.

ISPs using NXDOMAIN substitution to monetize error traffic is widespread but controversial.

ICANN president Rod Beckstrom strongly complained about the practice, which also has security implications, during a rant at the Nairobi meeting last month.

VeriSign’s Site Finder, and later Cameroon’s .cm, both controversially did similar things when they “wildcarded” non-existent domains at the TLD registry level.

Other interesting US patent applications published today include:

20100106650 – covering Go Daddy’s auction services.

20100106793 and 20100106794 – covering email forwarding under Go Daddy’s private registration services.

20100106731 – assigned to VeriSign, covering a method of offering alternative domain names for registration when a buyer’s first choice is unavailable.

.jobs aiming to become a gTLD by the back door?

Employ Media, the company behind the sponsored TLD .jobs, looks like it’s making a play to become a significantly more open gTLD.

The company has proposed a substantial relaxation of its registration policies, based on what may be a loophole in its ICANN registry contract.

Currently, the .jobs namespace is one of the most restrictive TLDs. Only company names can be registered, and registrants have to be approved HR professionals at those companies.

As you might imagine, it’s been phenomenally unsuccessful from a business point of view, with only about 15,000 domains registered since it went live five years ago.

Employ Media now wants to be able to register “non-companyname” domains, and is to apply to its sponsorship body, the Society for Human Resource Management, for permission.

At least, that’s what it looks like. The documents posted over at policy.jobs are pretty opaque.

Indeed, as ERE.net points out, the “proposed amendment” to its charter reads more like a claim that no amendment is required.

The company appears to be pursuing a business model whereby it could auction off (continue reading)

NeuStar files for patent on DNSSEC hack

Kevin Murphy, March 25, 2010, Domain Tech

NeuStar has applied for a US patent on a stop-gap technology for authenticating DNS queries without the need for DNSSEC.

The application, published today, describes a system of securing the DNS connection between authoritative name servers and recursive servers belonging to ISPs.

It appears to cover the technology underlying Cache Defender, a service it started offering via its UltraDNS brand last July.

It was created to prevent the kind of man-in-the-middle attacks permitted by the 2008 Kaminsky exploit, which let attackers poison recursive caches, redirecting users to phoney web sites.

The DNSSEC standard calls for DNS traffic to be digitally signed and was designed to significantly mitigate this kind of attack, but it has yet to be widely deployed.

Some ccTLDs are already signed, but gTLD users will have to wait until at least this summer. The .org zone will be signed in June and ICANN will sign the root in July but .com will not be signed until next year.

While Kaminsky’s vulnerability has been broadly patched, brute-force attacks are still possible, according an ISP’s experience cited in the patent filing.

“The patch that experts previously believed would provide enough time to get DNSSEC deployed literally provided the industry just a few extra weeks,” it reads.