MarkMonitor infiltrated by Syrian hackers targeting Facebook

Kevin Murphy, February 6, 2014, Domain Registrars

The corporate brand protection registrar MarkMonitor was reportedly hacked yesterday by the group calling itself the Syrian Electronic Army, in an unsuccessful attempt to take out Facebook.

While MarkMonitor refused to confirm or deny the claims, the SEA, which has been conducting a campaign against high-profile western web sites for the last couple of years, tweeted several revealing screenshots.

One was a screen capture of a DomainTools Whois lookup for facebook.com, which does not appear to have been cached by DomainTools.

Another purported to be a cap of Facebook’s control panel at the registrar.

The SEA tweeted more caps purporting to show it had access to domains belonging to Amazon and Yahoo!.

In response to an inquiry, MarkMonitor rather amusingly told DI “we do not comment on our clients — including neither confirming nor denying whether or not a company is a client.”

This despite the fact that the company publishes a searchable database of its clients on its web site.

The attackers were unable to take down Facebook itself because the company has rather wisely chosen to set its domain to use Verisign’s Registry Lock anti-hijacking service.

Registry Lock prevents domains’ DNS settings being changed automatically via registrar control panels. Instead, registrants need to provide a security pass phrase over the phone.

First URS case decided with Facebook the victor

Kevin Murphy, October 25, 2013, Domain Policy

Facebook has become the first company to win a Uniform Rapid Suspension complaint.

The case, which dealt with the domain facebok.pw, took 37 days from start to finish.

This is what the suspended site now looks like:

The URS was designed for new gTLDs, but .PW Registry decided to adopt it too, to help it deal with some of the abuse it started to experience when it launched earlier this year.

Facebook was the first to file a complaint, on August 21. According to the decision, the case commenced about three weeks later, September 11, and was decided September 26.

I don’t know when the decision was published, but World Trademark Review appears to have been the first to spot it.

It was pretty much a slam-dunk, uncontroversial decision, as you might imagine given the domain. The standard is “clear and convincing evidence”, a heavier burden than UDRP.

The registrant did not respond to the complaint, but Facebook provided evidence showing he was a serial cybersquatter.

The decision was made by the National Arbitration Forum’s Darryl Wilson, who has over 100 UDRP cases under his belt. Here’s the meat of it:

IDENTICAL OR CONFUSINGLY SIMILAR

The only difference between the Domain Name, facebok.pw, and the Complainant’s FACEBOOK mark is the absence of one letter (“o”) in the Domain Name. In addition, it is well accepted that the top level domain is irrelevant in assessing identity or confusing similarity, thus the “.pw” is of no consequence here. The Examiner finds that the Domain Name is confusingly similar to Complainant’s FACEBOOK mark.

NO RIGHTS OR LEGITIMATE INTERESTS

To the best of the Complainant’s knowledge, the Respondent does not have any rights in the name FACEBOOK or “facebok” nor is the Respondent commonly known by either name. Complainant has not authorized Respondent’s use of its mark and has no affiliation with Respondent. The Domain Name points to a web page listing links for popular search topics which Respondent appears to use to generate click through fees for Respondent’s personal financial gain. Such use does not constitute a bona fide offering of goods or services and wrongfully misappropriates Complainant’s mark’s goodwill. The Examiner finds that the Respondent has established no rights or legitimate interests in the Domain Name.

BAD FAITH REGISTRATION AND USE
The Domain Name was registered and is being used in bad faith.

The Domain Name was registered on or about March 26, 2013, nine years after the Complainant’s FACEBOOK marks were first used and began gaining global notoriety.

The Examiner finds that the Respondent has engaged in a pattern of illegitimate domain name registrations (See Complainant’s exhibit URS Site Screenshot) whereby Respondent has either altered letters in, or added new letters to, well-known trademarks. Such behavior supports a conclusion of Respondent’s bad faith registration and use. Furthermore, the Complainant submits that the Respondent is using the Domain Name in order to attract for commercial gain Internet users to its parking website by creating a likelihood of confusion as to the source, sponsorship or affiliation of the website. The Examiner finds such behavior to further evidence Respondent’s bad faith registration and use.

The only remedy for URS is suspension of the domain. According to Whois, it still belongs to the respondent.

Read the decision in full here.

Who really uses IDNs? [Guest Post]

Stéphane Van Gelder, November 19, 2012, Domain Tech

Are Internationalised Domain Names really useful, or just a way for an ASCII-focused internet governance community to feel better about itself?

Beyond all the hoopla about ICANN’s 2009 program to enable countries to operate their own non-Latin script internet suffixes (aka the “IDN ccTLD Fast Track”), what should really matter is the Internet user.

Yes, those sitting in ICANN meeting rooms at the time, listening to the hyperbole about how the internet was now going truly global probably felt like they were feeding the hungry and bringing peace to the world. But do people actually use IDNs?

I will admit that at the time, I was dubious. Of course, saying so in ICANN circles would have been akin to wearing a “Camembert is bad” t-shirt in the streets of Paris: poor form! But still, I couldn’t help ask myself if having a single one-language system unite the world was actually such a bad thing?

“How would you like it if the Internet had been invented in China and you had to use their alphabet,” was the usual rebuke I got if I ever dared to doubt out loud. And there really is no arguing with that. If the internet was Chinese, I’d want the Mandarin version of ICANN to roll out IDNs pretty sharpish.

Nonetheless, can the usefulness of IDNs still be questioned?

Facebook in Latin

Talking to a local internet expert whilst attending last week’s excellent Domain Forum in Sofia, Bulgaria, the answer would seem to be a surprising yes.

“Why would kids in this country use IDNs,” I was told when I suggested that, surely, Bulgaria must be excited about the prospect of natural language web addresses. “What worries the authorities here is the fact that kids are using Latin scripts so much on social media sites that they don’t even know how to write in Cyrillic anymore! So even if they could use IDN web and email addresses, why would they? They want to communicate like everyone else does on Facebook.”

In truth, Bulgaria’s view may be skewed by the horrible experience it’s had with ICANN’s IDN Fast Track. The country was refused its own IDN country code due to a perceived similarity with another TLD that no-one in Bulgaria really feels is warranted. But not all potential IDN users feel they are useless. Neighbors in Russia tell of a different IDN experience.

The Russian registry saw stunning initial take-up when it opened the IDN .РФ (.RF for Russian Federation) to general consumption on November 11, 2010. Registration volumes were explosive, with almost 600,000 names registered in the first month. Strong growth continued for a year, hitting a peak of 937,913 registered names in December 2011.

No profit

But the following month, that number fell off a cliff. Total registrations dropped to 844,153 in January 2012. “Initial registrations were driven in part by speculators,” explains ccTLD .RU’s Leonid Todorov. “But when people saw they couldn’t make huge profits on the domains, they started letting them go.”

Even so, .РФ remains a real success. Although November 2012 figures show a year on year decline of 8.63%, the TLD still sports a whopping 845,037 names.

At 66%, .РФ has a slightly lower renewal rate than ASCII Russian equivalent .ru (73%), probably because of those day-one speculators, but it remains widely used. Current delegation figures (i.e. the number of domain names that are actually used for email or websites) stand at a commendable 70% and have not stopped rising since .РФ opened in 2010 with a 45% delegation rate.

The Cyrillic Russian domain sees a vast predominance of personal use, with 77% percent of domains being registered by individuals. “Russians care deeply about their national identity,” says my Bulgarian friend when I suggest that IDNs do seem to matter in some Cyrillic-using countries. “To them, Dot RF is a matter of national pride.”

National pride

So IDNs may not really be all that different from ASCII domain names, with take-up depending on perceived use or value. Europe’s IDN experience seems to confirm this, as European registry EURid’s Giovanni Seppia explained in Sofia.

He revealed that since EURid introduced IDNs on December 11, 2009, registrations reached a peak of around 70,000 (a mere fraction of the 3.7 million names currently registered in the .eu space) before dropping off quite sharply.

Why? Well .eu IDNs may not hold much potential for real use or investment value for Europeans. Although web use is possible with IDNs, software primarily designed for an ASCII-only world does not always make it easy.

Email capability would be a real boost, but so far only the Chinese seem to have enabled it for their local script domains. The Chinese registry recently announced this, without giving details on how the use of all-Chinese character email addresses has been implemented or which email clients support IDNs.

Whatever the technology, countries which combine national pride and a character set far removed from our own probably see more desire for IDNs. With two years of hindsight, Russia obviously loves its IDN. And as other countries like China bring more elaborate IDN capabilities online, demand should grow and force even this IDN skeptic to recognize the new character(s) of the internet.

This is a guest post written by Stéphane Van Gelder, strategy director for NetNames. He has served as chair of the GNSO Council and is currently a member of ICANN’s Nominating Committee.

Facebook gTLD ruled out by ICANN director vote?

Kevin Murphy, April 12, 2012, Domain Policy

While Google recently confirmed its new top-level domain plans, an ICANN director has given a big hint that rival Facebook has not applied for any new gTLDs.

Director Erika Mann, head of EU policy at Facebook in Brussels, voted on ICANN’s “digital archery” method of batching new gTLD applications at the ICANN board meeting March 28.

Because ICANN’s new conflict of interest rules require directors to recuse themselves during votes on matters affecting their own businesses, this could be taken as a pretty strong indication that Facebook is not applying for a new gTLD.

If Mann was aware of a .facebook or other Facebook gTLD bid, I think there’s a pretty strong chance she would have not have participated in the digital archery decision.

At least one director whose employer is believed to have applied for a dot-brand gTLD, IBM’s Thomas Narten, did not attend the March 28 meeting.

Sébastien Bachollet, Steve Crocker, Bertrand de La Chapelle, Ram Mohan, George Sadowsky, Bruce Tonkin, Judith Vazquez, Suzanne Woolf and Kuo-Wei Wu also did not attend.

The March 28 board meeting was the first one with new gTLD program votes that Mann has participated in since the new conflict rules were introduced in December.

The news is obviously a couple of weeks old, but I think it’s worth mentioning now in light of the fact that social networking competitor Google revealed earlier this week that it will apply for some gTLDs.

Google confirms new gTLD bids

Google will apply for several new generic top-level domains, according to a report in AdAge.

The company will apply for some dot-brands, and possibly some keywords, the report indicated.

“We plan to apply for Google’s trademarked TLDs, as well as a handful of new ones,” the spokeswoman said in an emailed statement.

AdAge speculates that .google and .youtube would be among the applications, which seems like a fair assumption.

The revelation comes despite the fact that Google engineers recently stated that there would be no guaranteed search engine optimization benefits from owning a gTLD.

However, I wouldn’t be surprised if keywords representing some of Google’s services, such as .search and .blog, are also among its targets.

The total cost to Google is likely to run into millions in ICANN application fees alone.

It will also be interesting to see which registry provider — if any — Google has selected to run its back-end.

Google is one of the few companies out there that could scratch-build its own registry infrastructure without breaking a sweat.

The AdAge report also quotes Facebook and Pepsi executives saying they will not apply.