Latest news of the domain name industry

Recent Posts

Registrars could be held liable for US gun violence

Kevin Murphy, August 20, 2019, Domain Policy

A US presidential candidate has come out in support of amending the law to make domain name companies liable when customers use their services to incite violence.

Beto O’Rourke, a former member of Congress, stated last week that he wants to amend the Communications Decency Act to hold providers of “domain name servers” liable “where they are found to knowingly promote content that incites violence”.

He’s believed to be the first among the swarm of 2020 Democratic presidential hopefuls to lay out a plan to combat online hate speech.

The proposed amendments to Section 230 of the CDA are part of a sweeping package of reforms O’Rourke is proposing in order to tackle gun violence and domestic terrorism in the US.

He comes from El Paso, Texas, which was the target of a race-based terrorist attack a couple of weeks ago.

He’s also pushing for stricter gun controls, such as compulsory licensing and training.

But I’m not going to get into that stuff here. This is a blog about domain names. I’m British, so you can probably guess what my opinion on guns is.

In terms of online content, O’Rourke’s plan seems primarily aimed at getting the big social media platforms to more heavily moderate the content produced by their users.

But it specifically calls out domain name companies also:

Beto would require large internet platforms to adopt terms of service to ban hateful activities, defined as those that incite or engage in violence, intimidation, harassment, threats, or defamation targeting an individual or group based on their actual or perceived race, color, religion, national origin, ethnicity, immigration status, gender, gender identity, sexual orientation or disability. These companies also would be required to put in place systems designed to identify and act on content violating the terms of service. Platforms must be transparent when they block content and provide for an appeal process in order to guard against abuse.

Beto supports amending Section 230 of the CDA to remove legal immunity from lawsuits for large social media platforms that fail to change their terms of service and put in place systems as described above. Informational service providers of all sizes, including domain name servers and social media platforms, also would be held liable where they are found to knowingly promote content that incites violence.

Should registrars be worried about this?

If the legal test was that registrars “knowingly promote content that incites violence”, that seems like a pretty high bar.

I’m not convinced even Epik, which has come under fire for providing domain services to the likes of Stormfront and 8chan — both of which O’Rourke cites in his policy — “knowingly promotes” incitements to violence.

That’s not to say that registrars couldn’t find themselves prosecuted or sued anyway, of course.

O’Rourke is not a current front-runner in the Democrat presidential pack. While still in the race, he’s towards the bottom of the top 10, polls suggest.

What O’Rourke’s policy statement does suggest is that the regulation of online speech could become a significant issue in the 2020 election, and that the domain name industry in the US could find itself a political football in an extremely divisive game.

After more racist shootings, take one guess which registrar 8chan just switched to

Kevin Murphy, August 5, 2019, Domain Registrars

Controversial web forum 8chan has moved its domain name to a new registrar after it was linked to at least one of the two mass shootings that occurred in the US over the weekend.

According to Whois records, it’s just jumped to racist-friendly Epik, having been registered at Tucows since 2003.

The switch appears to have happened in the last few hours. At time of writing, you’re going to get different results depending which Whois server you ping.

Some servers continue to report Tucows as the registrar of record, perhaps using cached data, but Epik’s result looks like this:

Whois output

8chan is an image/discussion board that describes itself as “the Darkest Reaches of the Internet”. It’s reportedly heavily used by racists, extremists and those with an interest in child pornography.

It was widely linked by the media to the shooting in the border town of El Paso, Texas on Saturday, which claimed the lives of 20 people and left 26 more injured.

The suspect in the case reportedly posted to 8chan a 2,300-word racist “manifesto”, in which he ranted against Latino immigration, just 20 minutes before launching the attack.

This morning, Cloudflare announced that it would no longer provide denial-of-service attack protection for the web site, saying:

The rationale is simple: they have proven themselves to be lawless and that lawlessness has caused multiple tragic deaths. Even if 8chan may not have violated the letter of the law in refusing to moderate their hate-filled community, they have created an environment that revels in violating its spirit.

Google removed the site from its index a few years ago, due to allegations about child abuse material.

At this point, it’s not clear whether Tucows also ejected 8chan, or whether its owners decided to jump ship, perhaps sensing which way the wind is blowing.

Its new home, Epik, calls itself the “Swiss bank” of domain registrars, and has actively courted sites that enable far-right political views.

The registrar openly sought the business of Gab.com, the Twitter clone used largely by those who have been banned by Twitter, after GoDaddy suspended the site’s domain last November.

In March this year, Epik CEO Rob Monster came under fire for publicly doubting the veracity of the video of the mosque shootings in Christchurch, New Zealand, which killed 50 people.

8chan was also frequented by the perpetrator of that attack, among others.

Epik is described as “cornering the market on websites where hate speech is thriving”, according to the Southern Poverty Law Center, an anti-racist group.

Monster has said that he does not support the views of extremists, but merely wants to provide a platform where registrants can exercise their rights to free speech.

XYZ weighs into Epik controversy with .monster fundraising domain

Kevin Murphy, March 21, 2019, Domain Registries

New gTLD registry XYZ.com has set up a domain to help raise money for victims of the terrorist attack in Christchurch, New Zealand last week.

The domain is give.monster. It redirects to a page on Givealittle.co.nz, a Kiwi crowdfunding site, that has so far raised almost NZD 7.8 million ($5.3 million) for the victims of the attack, which killed 50 and injured many more last Friday.

Given the amount of coverage in the New Zealand press, it appears that the fundraising page is legit.

The domain is obviously a reference to Epik.com CEO Rob Monster, who has come in for criticism this week for hosting and sharing the terrorist’s video of the attack, and then suggesting it might be a hoax, as I blogged earlier today.

XYZ is able to create this domain because it is the registry for .monster, a gTLD it acquired last year that is currently slap-bang in the middle of its early access launch period.

Whois records show that the domain was created a little over an hour ago and belongs to XYZ.com LLC.

I learned about it through this comment on DI:

We are sorry to see this in our industry… Please visit http://www.Give.Monster and donate to support victims of the horrific Christchurch shootings. Thank you for your support.

XYZ.com is the registry for .xyz, .college, .rent and other gTLDs. .monster previously belonged to recruitment web site Monster.com.

After NZ shooting, Epik has a Monster PR problem

Kevin Murphy, March 21, 2019, Domain Registrars

Domain name registrar Epik.com has come under fire from prominent domain investors and others after CEO Rob Monster suggested that video of the recent mosque shootings in New Zealand, which he hosted on an Epik service and shared on social media, was a hoax.

Domainer-bloggers including Shane Cultra, Konstantinos Zournas, and DNPlaybook.com have questioned Monster’s decision, and one of his own senior staffers, former DomainNameWire contributor Joseph Peterson, took to a domainer forum to in parts criticize and defend his boss.

Cultra was particularly harsh in his criticism this week, calling for domainers to move their domains out of Epik and for his friend, Epik director Braden Pollock, to remove himself from the board.

He wrote: “I would like to think that any respectable domain investor remove their domains from Epik… Rob Monster’s agenda has no place in our industry”.

DNPlaybook wrote that Monster has become “Facilitator of Hate and Promoter of Conspiracies”.

Other domainers have written that they have removed, or will remove, their domains from Epik, though Monster wrote earlier this week that the impact on its business so far has been minimal.

Epik is an ICANN-accredited registrar with about 400,000 gTLD names under management at the last count. It’s almost doubled in size over the last two years.

The company and its CEO have been subject to criticism for months over their decision to provide services to web sites that enable the promotion of far-right ideologies such as white supremacism and Nazism.

But the latest row kicked off on March 15, when Monster used his personal Twitter account to share a link to the self-shot, first-person video of one of the terrorist attacks at a mosque in Christchurch.

Fifty people, all Muslims attending Friday prayers or in the vicinity of the mosques, were killed by the same person during the attacks.

The first attack was live-streamed on Facebook from a head-mounted camera. Apparently viewed live by fewer than 200 people, copies were nevertheless widely circulated on social media and elsewhere.

The copy of the video linked to by Monster was hosted by Epik-owned privacy services provider Anonymize.com, on an “effectively uncensorable” file-sharing service the company is currently developing.

In a subsequent tweet, Monster threw doubt upon whether the footage was real, writing: “Shell casings simply vanish into thin air. Etc. It looks like low budget CGI”.

Anyone with a grain of common sense who has seen the video will tell you that Monster is clearly talking absolute bollocks here. It’s not a fake.

Monster’s Twitter account has since been deleted. According to Peterson, Epik’s director of operations, Monster deleted it himself. Reading between the lines, it appears he was pressured to do so by his staff, including Peterson.

Monster has not yet deleted — and is in fact still actively using — his @epik account on Gab.com, the Twitter clone often used by far-right activists who have been banned from or choose not to use Twitter due to their views.

A March 15 post on Gab by Monster links to a copy of the Christchurch killer’s rambling “manifesto”, again hosted on anonymize.com. This link is still live, but I’ve redacted it in the screen-cap below, which shows Monster effectively using the manifesto to promote the forthcoming Anonymize service.

Monster on Gab

I’ve been unable to confirm whether Epik is still hosting the video of the attack, though there are reports that it was taken down a matter of hours after posting. (UPDATE 1816 UTC: the video is in fact still live on the Anonymize service).

Epik and Monster drew attention last November when Monster publicly offered to become the registrar for Gab.com, after the domain was suspended by GoDaddy.

Monster at the time said the move was to protect freedom of speech online.

Epik again attracted attention last month when it acquired BitMitigate, a denial-of-service protection startup which has been providing services to unapologetic Nazi propaganda site The Daily Stormer since August 2017, when Cloudflare told the site to GTFO.

It’s also taken on the domain business of video hosting site BitChute, which is often used as a refuge for political vloggers (including some on the far right) who have been demonetized or banned by YouTube.

For these reasons, in January Epik attracted the attention of the Southern Poverty Law Center, an anti-racist group based in the US. The SPLC wrote that “Epik is cornering the market on websites where hate speech is thriving”.

The post, and other news reports, strongly hint that Monster’s own political views might be more aligned with those of his customers than he cares to admit.

Monster naturally rebuts these suggestions, calling the SPLC post “highly defamatory and inaccurate”. In one of his most recent posts on Namepros, before his staff asked him to back away from the public square for a while, he wrote:

As for those members of the domain community who have taken the opportunity this week to rebuke me for allowing free speech to continue on the Internet, please know that I am neither seeking publicity or controversy. I am of sound mind. I am not a Nazi, an anti-semite, a homophobe, a misogynist, a bigot, or a racist. I believe love and understanding will overcome hate and divisiveness.

The future of the domain industry is being determined in 2019. Censorship, WHOIS privacy, sinkholing, DDoS, deplatforming, demonetization, unpersoning, are all symptoms of the disease which is a relentless desire by the few to dictate the narratives and choices to be consumed by the many.

Peterson has also denied that his boss harbors secret extremist views, in a series of lengthy, nuanced posts (starting here) on Namepros this week.

He writes that Monster has a “weird conspiratorial streak” and a natural inclination to believe in “false flag” conspiracy theories. He doubts the official story on 9/11 and believes the moon landings were faked, Peterson said. Monster is also a “Bible-believing Christian”, according to his Gab profile.

Peterson also writes that a significant portion of Epik’s employees, including some in important roles, are Muslims. He writes that he was “appalled” by Monster’s decision to post the video, but added:

But to infer that he did this because he hates muslims and condones murder is not just simplistic; it is LUDICROUS. One person murders 30+ muslims. The other person hires them and works with them closely on a daily basis. To equate these 2 is simply wrong. Whatever the reasons Rob felt it necessary to re-publish a link to content others had decided to censor, hatred of muslims was NOT the reason.

He goes on to say:

I object to Epik — the team I work with and the customers we look after — being portrayed falsely as some epicenter of “hate speech” or the alt right. We are not. We are a domain registrar and marketplace with a wide range of services. We are a company whose boss has taken controversial (and in some ways courageous) steps to protect free speech. Unfortunately, that same boss has stepped on that message with some very bad PR moves. When Rob does that, it irritates me to the point of exasperation. And I tell him so.

According to Peterson, Monster and his wife came under attack last year with a leafleting campaign in his local neighborhood, denouncing him as a Nazi.

He suspects this kind of behavior may have caused his boss to “double-down” on exactly the same kinds of activities that invited the controversy in the first place.

Whatever the reason, Epik certainly has got a PR problem on its hands right now.

I doubt this is the last we’ll hear of it.

Terror fears prompt security crackdown for ICANN 55

Kevin Murphy, January 28, 2016, Domain Policy

ICANN is bringing in metal detectors, bag searches and ID checks at its forthcoming public meeting in Marrakech, Morocco.

The measures are being introduced despite ICANN’s assurances that it considers the chance of terrorism at ICANN 55 to be “LOW”.

In a statement today, ICANN meetings boss Nick Tomasso said:

we are in constant and on-going communication with our hosts and the Moroccan government, to assess any security concerns surrounding the upcoming meeting. In addition, we are working with a highly respected global security-consulting firm, which gives us on-going updates of potential risks. This firm has also assigned a senior level analyst to work with ICANN.

As of this date, the assessments of these various security experts is that there is only a LOW risk of any type of terrorist activity in Morocco.

The statement comes as some members of the ICANN community have been expressing concerns about visiting Morocco, in the light of recent ISIS/Daesh-linked terrorist attacks in North Africa.

Morocco itself has not been the target of any successful Daesh attacks, though members of the cell behind the November attacks in Paris are reported to have Moroccan links.

Marrakech was bombed by an Al Qaeda-linked group in 2011.

Several Western governments urge visitors to the country to exercise caution, saying there’s a high risk of terrorist attacks.

The UK government says, for example:

There is a high threat from terrorism in Morocco. Attacks could be indiscriminate, including in places visited by foreigners.

The US government is less alarmist:

The potential for terrorist violence against U.S. interests and citizens exists in Morocco. Moroccan authorities continue to disrupt groups seeking to attack U.S. or Western-affiliated and Moroccan government targets, arresting numerous individuals associated with international terrorist groups. With indications that such groups still seek to carry out attacks in Morocco, it is important for U.S. citizens to be keenly aware of their surroundings and adhere to prudent security practices such as avoiding predictable travel patterns and maintaining a low profile.

I’ve heard community members speculate that an ICANN meeting, with its broad international mix of delegates, some governmental, might be an attractive target.

Personally, I’m not convinced the risk is much greater than it would be in any Western capital. My mother is vacationing unaccompanied in Egypt around the same time, and I’m fine with that.

However, ICANN seems to be taking the concerns seriously.

Tomasso added the following, non-exhaustive list of new security measures for ICANN 55:

  • Every delegate will now need a government-issued ID to pick up a badge at the registration desk.
  • There will be increased security screening for those entering our meeting venue, which may include metal detectors, magnetic wands and bag checks.
  • There will be advanced verification of delegate registration information by Moroccan authorities.
  • Security will be increased at the hotels where delegates are staying.
  • We are establishing a 24/7 operations center at the venue.

It’s not exactly TSA-levels of privacy invasion, but I can see some would-be delegates being put off by the extra hassle.

If ICANN were to cancel the Marrakech meeting, it would risk seriously pissing off African community members.

The Marrakech meeting was originally scheduled for 2015, but it was postponed due to fears about the Ebola virus, which at the time was running rampant in African countries thousands of miles away.

In 2010, ICANN was criticized for its handling of security concerns around a meeting in Kenya, where at least 74 delegates cancelled their registrations over terror fears.

ICANN also cancelled a planned 2011 meeting in Jordan due to Middle East security concerns.

ICANN 55 is scheduled for March 5 to 10.