Latest news of the domain name industry

Recent Posts

KnujOn scores a win as BizCN gets first breach notice

The Chinese registrar BizCN has received its first breach notice from ICANN’s compliance department, following a sustained campaign by anti-abuse activist KnujOn.

The notice concerns Whois accuracy, specifically for the domain names rapetube.org and onlinepharmacy4.org, and a bunch of other peripheral breaches of the Registrar Accreditation Agreement.

The “porn” site rapetube.org was the subject of a Washington Post article last December, in which KnujOn’s Garth Bruen said he feared the site might contain footage of actual crimes.

Bruen has been chasing BizCN about Whois inaccuracy, and specifically the rapetube.org domain, since 2011.

He said in a September 2013 CircleID post that he’s filed Whois inaccuracy complaints about the domain with ICANN “multiple times”.

His campaign against ICANN Compliance led to an Ombudsman complaint (which was rejected) last year.

Now Compliance appears to be taking the case more seriously. ICANN, according to the breach notice, has been on BizCN’s case about rapetube.org’s Whois since March 24 this year.

At that time, the name was registered to a Vietnamese name with a French address and phone number and a contact email address at privacy-protect.cn.

According to Bruen’s interview with the Post, this email address bounced and nobody answered the phone number. The privacy-protect.cn domain does not appear to currently resolve.

ICANN evidently has some unspecified “information” that shows the email “does not appear to be a valid functioning email address”.

But BizCN told ICANN April 2 that it had verified the registrant’s contact information with the registrant, and provided ICANN with correspondence it said demonstrated that.

ICANN says the correspondence it provided actually predated KnujOn’s latest complaint by six months.

In addition, when BizCN forwarded a scanned copy of the registrant’s ID card, ICANN suspected it to be a fake. The notice says:

Registrar provided copies of correspondence between the reseller and registrant. The response included the same email address that was still invalid according to information available to ICANN, and included a copy of a government identification card to confirm the registrant’s address. According to information available to ICANN, the identification card did not conform to any current or previous form of government identification for that jurisdiction.

Despite repeated follow-up calls, ICANN said it still has not received an adequate response from BizCN, so its accreditation is now in jeopardy.

BizCN has something like 450,000 gTLD names under management and is in the top 50 registrars by volume.

As for rapetube.org, it’s still registered with BizCN, but its Whois changed to a Russian company “Privat Line LLP”, at privatlinellp.me, on or about April 17.

That change is not going to help BizCN, however, which is being asked to provide evidence that it took “reasonable steps to investigate and reasonable steps to correct the Whois inaccuracy claims”.

It has until May 29 to sort out the breaches or face termination. Read the breach notice here.

ICANN cans “Spam King” registrar

Kevin Murphy, November 26, 2013, Domain Registrars

ICANN has terminated the registrar accreditation of Dynamic Dolphin, which it turned out was owned by self-professed “Spam King” Scott Richter.

The company has until December 20 to take down its ICANN logo and cease acting as a registrar.

ICANN, in its termination notice (pdf) late last week, said that it only became aware earlier this month that Richter was the 100% owner of Dynamic Dolphin.

Richter grew to fame a decade ago for being one of the world’s highest-profile spammers. He was sued for spamming by Microsoft and Myspace and was featured on the popular TV program The Daily Show.

As well as being a thoroughly unpleasant chap, he has a 2003 conviction for grand larceny, which should disqualify him from being the director of an ICANN-accredited registrar.

He removed himself as an officer on October 9 in response to ICANN’s persistent inquiries, according to ICANN’s compliance notice.

But he was much too late. ICANN has terminated the accreditation due to the “material misrepresentation, material inaccuracy, or materially misleading statement in its application”.

The question now has to be asked: why didn’t ICANN get to this sooner? In fact, why was Dynamic Dolphin allowed to get an accreditation in the first place?

Former Washington Post security reporter Brian Krebs has been all over this story for five years.

Back in 2008, with a little help from anti-spam outfit KnujOn, he outed Richter’s links to Dynamic Dolphin when it was just a Directi reseller.

Yesterday, Krebs wrote a piece on his blog going into a lot of the background.

Another question now is: which registrar is going to risk taking over Dynamic Dolphin’s registrations?

As of the last registry reports, Dynamic Dolphin had fewer than 25,000 gTLD domains under management.

According to ICANN’s termination notice, 13,280 of these use the company’s in-house privacy service, and 9,933 of those belong to just three individuals.

According to DomainTools, “Dynamic Dolphin Inc” is listed as the registrant for about 23,000 names.

According to KnujOn’s research and Krebs’s reporting, the registrar was once among the most spam-friendly on the market.

ICANN compliance not broken, Ombudsman rules

Kevin Murphy, October 28, 2013, Domain Policy

Ombudsman Chris LaHatte has rejected a complaint from spam research firm KnujOn — and 173 of its supporters — claiming that ICANN’s compliance department is failing consumers.

In a ruling posted online today, LaHatte said there was “no substance” to complaints that a small number of “bad” registrars, notably BizCN, have been allowed to run wild.

KnujOn’s Garth Bruen is a regular and vocal critic of ICANN compliance, often claiming that it ignores complaints about bad Whois data and fails to enforce the Registrar Accreditation Agreement, enabling fake pharma spamming operations to run from domains sponsored by ICANN-accredited registrars.

This CircleID blog post should give you a flavor.

The gist of the complaint was that ICANN regularly fails to enforce the RAA when registrars allow bad actors to own domain names using plainly fake contact data.

But LaHatte ruled, based on a close reading of the contracts, that the Bruen and KnujOn’s supporters have overestimated registrars’ responsibilities under the RAA. He wrote:

the problem is that the complainants have overstated the duties of the registrar, the registrant and the role of compliance in this matrix.

He further decided that allegations about ICANN compliance staff being fired for raising similar issues were unfounded.

It’s a detailed decision. Read the whole thing here.

ICANN will not attend White House drugs meeting

Kevin Murphy, September 28, 2010, Domain Policy

ICANN has declined an invitation from the Obama administration to attend a meeting tomorrow to discuss ways to crack down on counterfeit drugs web sites.

The meeting, first reported by Brian Krebs, was called with an August 13 invitation to “registries, registrars and ICANN” to meet at the White House to talk about “voluntary protocols to address the illegal sale of counterfeit non-controlled prescription medications on-line.”

The meeting is reportedly part of the administration’s Joint Strategic Plan to Combat Intellectual Property Theft, which was announced in June.

It also follows a series of reports from security firms that called into question domain name registrars’ willingness to block domains that are used to sell fake pharma.

ICANN tells me that, following talks with White House Intellectual Property Enforcement Coordinator Victoria Espinel, it was agreed that it would “not be appropriate” for ICANN to attend.

The decision was based on the fact that ICANN’s job is to make policy covering internet names and addresses, and not to regulate the content of web sites.

ICANN’s vice president of government affairs for the Americas, Jamie Hedlund, said the meeting was “outside the scope of our role as the technical coordinator of the Internet’s unique identifiers.”

I suspect it also would not have looked great on the global stage if ICANN appeared to be taking its policy cues directly from the US government rather than through its Governmental Advisory Committee.

Demand Media-owned registrar eNom, which has took the brunt of the recent criticism of registrars, recently signed up to a service that will help it more easily identify and terminate domains used to sell counterfeit medicines.

eNom to crack down on fake pharma sites

Kevin Murphy, September 17, 2010, Domain Registrars

Demand Media is to tighten security at its domain registrar arm, eNom, after bad press blighted its recent IPO announcement.

The company has signed a deal with fake pharmacy watchdog LegitScript, following allegations that eNom sometimes turns a blind eye to illegal activity on its customers’ domains.

The news emerged in the company’s amended S-1 registration statement (large HTML file), filed with the US Securities and Exchange Commission yesterday. New text reads:

We recently entered into an agreement with LegitScript, LLC, an Internet pharmacy verification and monitoring service recognized by the National Association of Boards of Pharmacy, to assist us in identifying customers who are violating our terms of service by operating online pharmacies in violation of U.S. state or federal law.

LegitScript will provide eNom with a regularly updated list of domain names selling fake pharma, so the registrar can more efficiently turn them off. The companies have also agreed to work together on research into illegal online pharmacies.

Surrounding text has also been modified to clarify that eNom is not required, under ICANN rules, to turn off domains that are being used to conduct illegal activity.

This is a bit of a PR win for the small security outfits KnuJon and HostExploit, firms which had used the occasion of Demand’s S-1 filing to give eNom a good kicking in the tech and financial press.

HostExploit reported last month that eNom was statistically the “worst” registrar as far as illegal content goes.

ICANN executives are reportedly going to be hauled to Washington DC at the end of the month to explain the problem of fake pharma to the White House.

Registries and registrars have also been invited, and I’d be surprised if eNom is not among them.

  • Page 1 of 2
  • 1
  • 2
  • >