Latest news of the domain name industry

Recent Posts

.CO landrush auctions kick off today

Kevin Murphy, August 10, 2010, Domain Registries

.CO Internet has today started auctioning off domain names that had multiple applicants during the .co landrush earlier this summer.

According to the company, over 2,500 names will be auctioned over the next four weeks. The top three most-contested names were Slots.co, Insure.co and Denver.co.

Other notable .CO domain names up for auction include Mexi.co, America.co, Betting.co, Vitamins.co, UsedCars.co, Happy.co, Ebook.co and Jackpot.co.

Registrants who applied for one of the contested domains need to sign up at www.COauctions.co.

There have been almost 410,000 .co registrations since the Colombian country-code domain was opened up to international registrants last month.

So far, the biggest seller has been o.co, sold to Overstock for $350,000.

Given that slots.com sold for $5.5 million, it seems likely that slots.co could fetch something in five figures or beyond.

6 Comments Tagged: , , ,

McAfee calls for ICANN spam crackdown

Kevin Murphy, August 10, 2010, Domain Tech

The security company McAfee has claimed that ICANN needs to try harder in the fight against spam by cracking down on rogue registrars.

In a report released today, the company makes the bold assertion that ICANN “holds the trump card to the spam problem” and that it should step up its compliance efforts.

Although ICANN cannot stop spam itself and does not link spammers to the Internet, it does accredit the registrars that sell the domains that cybercriminals use to fill our inboxes with advertisements and malware

McAfee notes that ICANN has previously de-accredited spammer-friendly registrars such as the notorious EstDomains, but that it needs to do more.

ICANN needs to continue this trend against registrars that knowingly provide domain services to cybercriminals. The organization also needs to harden its policies that define under what circumstances an accreditation can be revoked, so that it can take quicker action against rogue registrars.

The claims come in a report entitled “Security Takes The Offensive”, available here.

The report does not lay all the blame for spam at ICANN’s door, of course. The author also goes after ISPs and the SMTP protocol itself.

The report does not point out that there are 250-odd TLDs over which ICANN has no registrar accreditation powers whatsoever.

Despite my best efforts with Google, I’ve been unable to find a single instance of McAfee publicly participating in ICANN policy-making, so I have to wonder how serious it is.

At least guys like KnuJon are not afraid to show up at meetings and stir things up a bit.

1 Comment Tagged: , , ,

Domain name hijacker gets jail time

Kevin Murphy, August 10, 2010, Domain Registrars

A man who hijacked Comcast’s domain name, causing hours of outages for the ISP’s customers, has been sentenced to four months in jail.

James Black, who went by the handle “Defiant”, will also have to serve 150 hours of community service, three years of supervised release, and pay Comcast $128,557 in restitution.

Assistant United States Attorney Kathryn Warma told the court:

Mr. Black and his Kryogenicks crew created risks to all of these millions of e-mail customers for the simple sake of boosting their own childish egos.

The attack took place over two years ago. Kryogenicks reportedly used a combination of social engineering and technical tricks to take over Comcast’s account at Network Solutions.

During the period of the hijacking, comcast.net redirected to the hacker’s page of choice. All Comcast webmail was unavailable for at least five hours.

Comment Tagged: , , , ,

DNS Made Easy whacked with 50Gbps attack

Kevin Murphy, August 9, 2010, Domain Services

The managed DNS service provider DNS Made Easy was knocked offline for 90 minutes on Saturday by a distributed denial of service attack estimated at 50Gbps.

This could be the largest DDoS attack ever. The largest I’ve previous heard reported was 49Gbps.

The company, which promises 100% uptime, tweeted that the attack lasted eight hours, but only saw one and a half hours of downtime.

Here are some tweets from the company, starting on Saturday afternoon:

Out of China. Over 20 Gbps…. Don’t really know how big actually. But it’s big. We know it’s over 20 Gbps

Update…. Over 50 Gbps… we think. Since core Tier1 routers are being flooded in multiple cities…..

Trying to organize emergency meeting with all Tier1 providers. We probably have over 50 senior network admins looking into this.

This is flooding the provider’s backbones. By far the largest attack we have had to fight in history.

And, post-attack:

The good: Not everyone was down, not all locations were down at once. The bad: There were temporary regional outages.

Almost back to normal in all locations. Full explanation, details, and SLA credits will be given to all users as soon as possible.

We did not see a 6.5 hour long outage. That would be ultra-long. DDOS attack was 8 hours. Less than 1.5 hours of actual downtime.

It will prove costly. The company’s service level agreement promises to credit all accounts for 500% of any downtime its customers experience.

Quite often in these cases the target of the attack is a single domain. Twitter and Facebook have both suffered performance problems in the past after attackers went after a single user for political reasons.

For a DNS provider, any single domain they host could be such a target. I’d be interested to know if that was the case in this incident.

2 Comments Tagged: , , ,

Digging for dirt in the Demand Media IPO – roundup

Kevin Murphy, August 9, 2010, Domain Registrars

Demand Media, parent of second-largest domain name registrar eNom, has filed to go public, and the publication of its S-1 registration document has given an unprecedented glimpse inside the company.

Unsurprisingly, the “content mill” part of Demand’s operation, which accounts for more than half of its revenue, has garnered the most media coverage over the weekend.

Demand says that the fact that is “transforming traditional content creation models” and is “frequently the subject of unflattering reports in the media about our business and our model.”

Reports of its IPO are no exception.

This report in DailyFinance.com observes that the key difference between Demand and traditional media is that Demand does it “at scale”, with some 10,000 writers producing 5,700 articles per day.

DaniWeb notes that Demand’s freelancers are “working for wages often well below industry standard to churn out content” and said the company is subject to “redundancies, inefficiencies and the reliance on trying to game Google”.

Others are more direct: “wtf: this is why the Internet is full of unreadable junk”

CNNMoney.com reports that Demand is “notorious” for paying as little as $15 per article, and that it can make a 58% return on a month’s articles over seven quarters.

As a freelancer reporter, I don’t like Demand’s model either. I think it devalues the profession. The S-1 reveals that the company is well aware that it’s also quite exploitative:

We believe that over the past two years our ability to attract and retain freelance content creators has benefited from the weak overall labor market and from the difficulties and resulting layoffs occurring in traditional media, particularly newspapers. We believe that this combination of circumstances is unlikely to continue and any change to the economy or the media jobs market may make it more difficult for us to attract and retain freelance content creators.

On the domain name side of the business, DomainNameWire was quickest off the mark, digging out the fact that eNom uses look-ups by prospective registrants to decide what articles might be profitable and what web sites it could develop.

The S-1 says:

These queries and look-ups provide insight into what consumers may be seeking online and represent a proprietary and valuable source of relevant information for our platform’s title generation algorithms and the algorithms we use to acquire undeveloped websites for our portfolio.

eNom has already said that this should NOT be interpreted as “front-running”. (apologies, the first version of this article accidentally omitted the word “not”)

Also found in the S-1, and already known from eNom’s registration agreement Ts & Cs, the company keeps some customers’ expired domain names for itself, if they have value.

I can remember a time not too many years ago when this kind of behavior was frowned upon.

DNW also points to the list of Demand’s subsidiaries. There are 146 of them, at least 100 of which are shells for ICANN registrar accreditations.

Others, such as Acquire This Name, which KnuJon had beef with (pdf) a year ago, act as eNom resellers.

Looking at the financials, All Things Digital gently mocks the company’s reliance on non-standard “Adjusted OIBDA” numbers in its S-1 to make the company appear profitable.

Meanwhile, Mike Berkens at TheDomains is incredulous looking at the amount of money Demand has lost since its inception: some $52 million.

2 Comments Tagged: , ,