Recent Posts
- ICANN board seat up for reelection
- Verisign: our DNS was not hacked
- New gTLD applications briefly vanish after glitch
- .sas could be the first contested dot-brand gTLD
- .com passed 100 million mark in October
- Startup America obtains s.co and offers free .co domains to entrepreneurs
- Hackers stole data from Verisign, Blacknight
- .me beating .co in start-ups?
- Moniker and SnapNames join Key-Systems stable
- Exclusive: StarHub confirms dot-brand gTLD bid
- Cybersquatters face jail time in the Philippines
- ICANN advertises new gTLDs on Twitter
- ARI signs up 21 new gTLD clients
- Five amusing Twitter accounts to follow
- Verisign to apply for a dozen new gTLDs
- Manwin files its first cybersquatting complaint
- ICANN tells Congressmen to chillax
- Sedari wins .moscow contract
- Ombudsman dealing with new gTLDs complaint
- One-year .co.uk domains will be more expensive
Verisign: our DNS was not hacked
Verisign today reiterated that the recently revealed 2010 security breaches on its corporate network did not affect its production domain name system services.
In a statement, Verisign said:
After a thorough analysis of the attacks, Verisign stated in 2011, and reaffirms, that we do not believe that the operational integrity of the Domain Name System (DNS) was compromised.
We have a number of security mechanisms deployed in our network to ensure the integrity of the zone files we publish. In 2005, Verisign engineered real-time validation systems that were designed to detect and mitigate both internal and external attacks that might attempt to compromise the integrity of the DNS.
The statement followed several news reports that covered the hacks and speculated about the mayhem that could ensue if Verisign’s root or .com zone systems were ever breached.
The information the company has released so far suggests that the attacks were probably against back-office targets, such as user desktops, rather than its sensitive network operations centers.
.com passed 100 million mark in October
Verisign’s .com registry passed the 100 million domains under management milestone in October, the company’s monthly ICANN registry report revealed today.
The exact number of domains under management in .com on October 31 was 100,540,971, having increased by a net 690,243 registrations over the course of the month.
That’s a pretty big deal, but for some reason Verisign didn’t make any announcements about it at the time.
ICANN registry reports, which all contracted gTLDs must submit, are filed three months after the fact, for competitive reasons.
The number of domains in the .com zone file – which is what most people track to follow the fortunes of TLD operators — differs from the total number in the registry.
Domains which do not have name servers or are in special registry status codes such as Pending Delete do not show up in the zone file.
Today, RegistrarStats reports 100,052,046 domains in the .com zone, while HosterStats’ count yesterday was 100,045,666. The registry is likely to have about 1.5 million more, however.
Hackers stole data from Verisign, Blacknight
Hackers broke into Verisign’s corporate network and made out with sensitive data, it emerged today.
The attacks happened in 2010 and the company does not believe its all-important domain name infrastructure – which supports .com and several other top-level domains – was compromised.
Reuters broke the news today, but the attack was actually revealed in a Securities and Exchange Commission filing last October. The filing said:
In 2010, the Company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers. We have investigated and do not believe these attacks breached the servers that support our Domain Name System (“DNS”) network. Information stored on the compromised corporate systems was exfiltrated.
The filing, which was required under recent SEC disclosure rules, goes on to say that the attacks were “not sufficiently reported to the Company’s management” until September 2011.
It adds that Verisign does not know whether the “exfilitrated” – ie, stolen – data was used by the attackers. The filing does not say what was taken.
Back in 2010, Verisign was still a security company. It did not sell off its SSL business to Symantec until August that year. The filing does not say whether SSL data was breached.
As one of the logical single points of failure on the internet, Verisign is of course the subject of regular attacks, mainly of the performance-degrading distributed denial of service variety.
The bigger worry, as Reuters rather breathlessly notes, is that if hackers could compromise the integrity of the DNS root or .com/.net zones, it could lead to mayhem.
In unrelated news, the domain name registrar Blacknight today revealed that it got hacked on Tuesday.
The attackers may have got away with contact information – including email addresses and telephone numbers – for up to 40,000 customers, the company said.
Financial information such as credit card numbers was not compromised, Blacknight said.
The company has contacted Irish data protection regulators and will also inform the police. Customers are advised to change their passwords.
If you’re a Blacknight customer you’ll also want to be on the lookout for “spear-phishing” attacks in the near future. When the bad guys know your name, it can lead to a more convincing phish.
Verisign to apply for a dozen new gTLDs
Verisign plans to apply to ICANN for about 12 new generic top-level domains, according to the executive in charge of registry services.
“We intend to do about 12. Most of those will be transliterations of .com,” senior vice president Pat Kane said on the company’s fourth-quarter earnings call yesterday.
This does not mark a significant change of strategy – the company has been open about its intention to apply for internationalized domain name variants of .com for over a year – but I believe it’s the first time it’s put a number on it.
It will be interesting to see which gTLDs – if any – Verisign will go for which are not .com IDNs.
My view is that it would make more sense for the company to apply for potentially high-volume .com competitors, such as .web or .blog. It has the capacity, the channel and the cash.
Smaller niche gTLDs may not be worth the distraction and risk, and would be better suited to dedicated registries that can concentrate on more focused marketing.
In any event, we’re going to see some major consolidation in the new gTLD space four or five years from now, and Verisign could well vacuum up cash-making registries at that time.
CEO Jim Bidzos also said on the call that Verisign has been retained to provide the registry for “several” dot-brand applications, but that it will not see any material revenue until 2013.
The major event for 2012, he noted, is the renewal of the .com Registry Agreement with ICANN, which expires at the end of November.
Verisign is already “engaging” with ICANN on this, Bidzos said.
This contract will be posted for public comment and sent to the US Department of Commerce for approval.
I’m expecting controversy, particularly if the contract continues to allow Verisign to increase prices.
It’s going to be harder for Verisign to argue that it needs the extra cash to invest in its infrastructure if it’s also leveraging that infrastructure to win lucrative dot-brand contracts.
Tiny start-up secures .bank gTLD trademark
A likely new gTLD applicant has secured a US trademark on the term “.bank”.
Asif LLC, a Wisconsin start-up with an undisclosed number of employees, won approval for the trademark 4,085,335 on Tuesday, for use in “domain name registration services”.
(UPDATE: Asif actually does business now as Domain Security Company LLC, but the trademark application was filed under its former name.)
As Domain Name Wire reported last year, Asif became a Go Daddy reseller in order to provide the US Patent & Trademark Office with proof it was using the brand.
It appears the gambit was successful, and the company now has a card to play in its inevitable battle with other .bank applicants, such as the BITS/American Bankers Association project.
Mary Iqbal, Asif’s CEO, told DomainIncite today that the company also has a trademark pending in Pakistan, where it has existing business connections.
Iqbal says she’s serious about her .bank application. It’s an idea she’s been working on for a few years.
Asif has been talking to security companies about providing the security infrastructure for the gTLD and has already signed up with a registry back-end provider, she said.
All she was prepared to disclose at the moment is that one of these partners has “ground-breaking encryption technology” and that the company has solid plans for its security profile.
The .bank gTLD would of course be limited to manually verified financial institutions, Iqbal confirmed.
Explaining the reseller site used to get the trademark, Iqbal said: “We intend to use that in future to sell .bank domain names but for now we’re selling names in other TLDs.”
Asif also has a pending US trademark on “.secure”, which it also plans to apply for as a gTLD.
Iqbal said that the company plans to offer small and medium sized e-commerce businesses extra security services if they redirect their customers to their .secure domain at the checkout.
While I am unaware of any other public .secure applicants, the .bank gTLD is expected to be contested.
A joint project of the American Bankers Association and BITS, part of the Financial Services Roundtable, has already essentially confirmed that it plans to apply for .bank and possibly two other financial gTLDs, using Verisign as its back-end.
“We don’t know for sure if they’re going to apply for .bank,” Iqbal said, however. “If somebody else does apply, all I can say that we are the legal rights holder for .bank.”
Holding a trademark on a term gives companies the right to file a Legal Rights Objection against new gTLD applicants.
However, as much as I love an entrepreneur, I estimate the chances of Asif getting its .bank application approved at roughly zero, trademark or not.
There are about half a dozen different reasons Asif would probably not pass the Legal Rights Objection test, which would leave it in a contention set with other .bank applicants.
The final mechanism offered by ICANN to resolve contested gTLDs is an auction, and nobody goes into an auction against the American Bankers Association expecting to win.
ICANN also encourages applicants in contention sets to talk it out amongst themselves before resorting to auction. If Asif is lucky, a rival .bank applicant will pay it to go away before the string goes to auction.
If it’s very lucky, somebody will acquire the trademark before the company – which Iqbal said is already funded but would welcome additional investment – splashes out $185,000 on its application fee.
The Asif .bank application also stands a substantial chance of being objected to by governments.
ICANN’s Governmental Advisory Committee, and in particular the influential US representative, has very strong views on gTLDs purporting to represent regulated industries.
If the GAC is faced with a choice between a .bank backed by the ABA and BITS with a Verisign back-end, and one backed by a tiny Wisconsin start-up, I believe there’s a pretty good chance the Wisconsin start-up is going to find itself on the receiving end of a GAC Advice objection.
Just a hunch.
