Freenom shuts down 12.6 million domains — report
Dying free-domains registry Freenom has shut down at least 12.6 million domains across three of its TLDs, according to research from Netcraft.
Netcraft’s latest web server survey shows that the domains — across .tk, .cf and .gq — no longer resolve, according to the company.
That’s 98.7% of the resolving domains Freenom had a month earlier, Netcraft said.
Freenom, also known as OpenTLD, said in February that it was to exit the domains business entirely as part of its settlement with Facebook owner Meta, which had sued it for alleged cybersquatting.
It had already lost its ICANN registrar accreditation and its government contracts to run its portfolio of ccTLDs.
The company’s business model was to offer most domains for free and then monetize them when the registrations expired or were suspended for abuse. It attracted a lot of abusive registrants.
Interestingly, Netcraft notes that the deletions meant that Cloudflare saw a 22% drop in its total hosted domains (with Cloudflare acting as host, not registrar) over the month.
GlobalBlock blocking 2.5 million domains
GoDaddy-led brand protection project GlobalBlock says it is already blocking over 2.5 million domains, just a couple of weeks after its formal launch.
The GlobalBlock web site reports that 2,569,815 domains are currently being blocked across 559 extensions (a mix of ccTLDs, gTLDs, third-level domains and blockchain names), for an average of just under 4,600 per extension.
It’s difficult to extrapolate much useful information about rapid market demand for the service from this one number, for a variety of reasons.
First, the more-expensive GlobalBlock+ service can block well north of 10,000 domains, mostly homographic variants of a trademark, for a single fee, which could mean as few as just a couple hundred customers have signed up so far at the most pessimistic interpretation.
Second, GlobalBlock offered pricing incentives to existing customers of GoDaddy’s AdultBlock and Identity Digital’s Domain Protected Marks List, both of which are over a decade old, in the months-long run-up to launch.
The vanilla, single-brand GlobalBlock service retails for about $6,000 per year, with GlobalBlock+ going for closer to $9,000.
Microsoft moving its cloud apps from .com to .microsoft
Microsoft is planning to move all of its Microsoft 365 apps off a multitude of .com domains and consolidate them all under .microsoft, its dot-brand gTLD.
The company says it will move Teams, Outlook, and Microsoft 365 web apps to the cloud.microsoft domain. They currently use domains such as outlook.office.com, teams.microsoft.com and microsoft365.com.
It first announced the move in April last year and this week reminded developers of apps that use its cloud platform that they need to support the new domain.
Explaining the move to the dot-brand last year, the company wrote:
Consolidating authenticated user-facing Microsoft 365 experiences onto a single domain will benefit customers in several ways. For end users, it will streamline the overall experience by reducing sign-in prompts, redirects, and delays when navigating across apps. For admins, it will drastically reduce the complexity of the allow-lists required to help your tenant stay secure while enabling users to access the apps and services they need to do their work.
Microsoft plans to launch the teams.cloud.microsoft domain in June but run the two domain schemes in parallel for a while, so as to not unnecessarily break apps in its developer ecosystem.
It’s not going to dump microsoft.com altogether, saying that it plans to use it for “non-product experiences such as marketing, support, and e-commerce.”
The cloud.microsoft domain is already one of the more visible dot-brand names out there, ranking in the top 20 most-visited, according to Majestic rankings.
Hat tip: The Register.
Dueling domain blocking services to launch at ICANN 79
Norwegian startup NameBlock is set to launch its suite of brand protection and domain security services later this week, with a somewhat different take on the market to its primary competitor.
Recently appointed CEO Pinky Brand tells me the company plans to formally launch March 1, the day before the ICANN 79 public meeting begins in Puerto Rico.
The company is coming out with two services to begin with — BrandLock, which allows trademark owners to block their marks across multiple TLDs, and AbuseShield, which blocks hundreds of variant domains that are considered at the most risk of abuse.
BrandLock is perhaps most directly comparable to the DPML service offered by Identity Digital, GoDaddy’s AdultBlock, and the multi-registry GlobalBlock service that is also due to formally launch in San Juan next week.
The service requires the buyer to own a verified trademark, and the exact match of that mark will be blocked over a multitude of ccTLDs and gTLDs. Brand said reseller partners may choose to bundle different TLDs thematically or offer them as one-offs.
He said he expects it to retail for $40 to $50 per domain per year, so presumably makes the most sense for the more-expensive TLDs or for buyers who have other reasons to want a block rather than a defensive registration.
The value proposition seems a lot clearer for AbuseShield, which is notable for not requiring a trademark to get protection — it’s more of a security pitch than a brand-protection story.
Under AbuseShield, when a registrant buys a name in a participating TLD, they will be given the option to pay to block a couple hundred potentially abusive variant domains in that same TLD, for a far lower cost than they’d pay to defensively register them individually.
Using data from NameBlock’s majority shareholder iQ Global, the company identifies homographic variants and common “abuse prefixes” — strings such as “login” and “https” — to compile a list of domains to be blocked. A feature called VariantCatcher will automatically block already-registered risky domains at the registry when they expire, for no extra cost.
“We want to make the abuse prevention market much, much wider than it has been before,” Brand said. “You’d pay $89 to $129 a year the block the 100 to 250 variations that we know are most likely to be used by someone to do you harm.”
At first, the service will be available through NameBlock resellers, currently those registrars focused on corporate services, but the company plans to make an API available in a few months that will let retail registrars offer the service as an up-sell in their storefront.
At launch, NameBlock has around 15 resellers, such as MarkMonitor, CSC, 101Domain, Encirca and Gandi, Brand said. Registries for about a dozen TLDs will be on board, but Brand said he expects this to grow to 40 to 50 in a couple months.
CoCCA which makes registry software used by 57 ccTLDs, has already announced its support for NameBlock’s services.
Elsewhere at ICANN 79, you’ll find the Brand Safety Alliance, a GoDaddy-led initiative purveying the new GlobalBlock service, which is more of brand-protection play
As I’ve previously blogged, because portfolio registries GoDaddy and Identity Digital are involved, GlobalBlock can provide blocking coverage in hundreds of TLDs — over 560 at the current count — with prices starting at about $6,000 a year retail.
While GlobalBlock and NameBlock are certainly operating in the same space, there appears to be enough variation between the two services that the market might be able to support both.
Domain universe grows on new gTLDs despite .com shrinkage
The number of domain names on the internet grew by about 600,000 during the fourth quarter of 2023, despite the drag caused by shrinkage in .com and .net, according to Verisign’s latest Domain Name Industry Brief.
There were 359.8 million registered domains at the end of the year across all TLDs, a 0.2% increase over September, the latest DNIB says.
The growth was hampered by declines in Verisign’s own flagship gTLDs, which were down by 1.2 million names over Q3 and a million names year-over year. Verisign blamed softness in China for the declines during its Q4 earnings call last week.
New gTLD reg volume picked up most of the slack, growing by 1.6 million or 5.3% over Q3, and 4.4 million or 15.9% over 2022. This seems to have been largely driven by six-figure increases at a handful of low-cost gTLDs coupled with smaller increases across the board.
ccTLDs grew more modestly, up about 200,000 names or 0.2% quarter over quarter and 5.3 million names, 4%, year over year. There were 138.3 million ccTLD domains at the end of the year. Growth seems to have been tempered by six-figure declines in the likes of .uk and .ru.
ICANN insists it is working on linkification
Having been accused of ignoring the lack of universal support for new gTLDs in favor of virtue-signalling its support for multilingual domain names, ICANN has now insisted it is working on the problem.
ICANN chair Tripti Sinha said in a letter (pdf) published today that ICANN staff have been “actively engaging” with the software developer community on a “multitude of efforts” aimed at getting Universal Acceptance for all domain names.
She was responding to an October 2023 letter from .tube CEO Rami Schwartz, whose solo research last year uncovered the fact that many major app developers — including WhatsApp maker Meta — were relying on hard-coded TLD lists up to eight years old to validate domains.
This meant domains in the hundreds of TLDs that went live after November 2015 were not being detected as domains, and therefore not automatically “linkified” into clickable links, in many near-ubiquitous apps and web sites.
But Sinha insists that ICANN has been putting resources into the problem, including creating a “technical UA team” that is “actively engaging with technical organizations and communities, raising bug reports, as well as contributing open-source code where possible”.
The team has been participating in hackathons and conferences to push the UA message, she said, and has engaging in web sites such as Stack Overflow (where coders ask each other questions about tricky programming problems) to educate developers.
She named Meta and WordPress as software companies ICANN has been reaching out to directly.
“The ICANN org team has been meeting with META and reported UA related issues to them, including linkification. The team has recently also reported the issues shared by you related to more recently delegated TLDs, including .TUBE,” she told Schwartz. “META continues to look into these issues and is making progress towards resolving them.”
She also pointed out that ICANN and the ICANN-funded Universal Acceptance Steering Group held a Universal Acceptance Day last year and will conduct another this year.
UA Day is actually dozens of individual events — over 50 last year — that took place across the world over the space of a couple of months. This year’s event appears to be equally diverse, with events taking place from March to May across many locations mainly in Asia, Africa and South America.
The UASG supplies PowerPoint presentations and videos to each event to use if they wish, but the focus is very much on the substantially trickier problem of UA for internationalized domain names — domains or email addresses that use non-Latin scripts or diacritics not present in ASCII — rather than the lower-hanging fruit of getting developers to update their TLD lists more frequently.
Even though there hasn’t been a new TLD delegation for a couple of years, there were still almost 30 TLDs deleted from the DNS root last year. The number of valid TLDs changes perhaps more frequently than many developers realize.
Walking down the street somewhere, I once saw a barbershop called “Every Six Weekly”. Crap brand, certainly, but the message lodged itself in my borderline autistic nerd brain — that’s how often society expects me to get my hair cut, every six weeks.
Maybe ICANN should try something like that.
ICANN picks its first ever Supreme Court
After foot-dragging for a decade, ICANN has finally approved a slate of a dozen jurists to act as its de facto Supreme Court.
Its board of directors voted at the weekend to create the first-ever Independent Review Process Standing Panel, a pool of legal experts from which panels in future IRP proceedings — the final appeals process for ICANN decisions under its bylaws — will be drawn.
ICANN has not named the 12 people yet. The names are redacted from the published resolution, presumably because they haven’t signed contracts yet. ICANN said they are “well-qualified” and “represent a diverse breadth of experience and geography”.
The names were put forward by a cross-community working group called the IRP Community Representatives Group, which looked after the application and interview process. A thirteenth CRG pick was deemed “ineligible” by ICANN for undisclosed reasons.
The Standing Panel is intended to make IRPs faster and cheaper by drawing the three-person panel in each case from an established pool of experienced professionals. The panelists will be contracted for staggered terms of service.
The ICANN bylaws have called for the establishment of such a panel for over a decade, but its timely creation was another victim of the lethargy that consumed ICANN for years. The lack of a Standing Panel has been raised by claimants in multiple IRPs, some of which are ongoing.
Elsewhere in IRP policy-making, a separate staff/community working group called the IRP Implementation Oversight Team expects to shortly publish certain revisions to the IRP rules for public comment, but the fact that the legal language of the rules is to be written by the law firm Jones Day, which represents defendant ICANN in IRP cases, has raised some eyebrows.
DNS Women barred from ICANN funding?
A networking group set up to support women in the domain name industry, especially in the developing world, may be banned from applying for ICANN funding under rules published earlier this week.
Concerns have been raised that DNS Women may be excluded from the $10 million in non-profit Grant Program funding ICANN is making available this year because its CEO participated in the program’s community rule-making process.
ICANN’s rules, written by Org staff based on the recommendations of the Cross-Community Working Group on New gTLD Auction Proceeds (CCWG-AP), ban anyone from applying for grants — set at between $50,000 and $500,000 — if they have potential conflicts of interest.
Participation in the CCWG-AP is listed as one such conflict:
No person that participated as a member (including temporary member appointments) of the Cross-Community Working Group on New gTLD Auction Proceeds (CCWG-AP) is eligible to apply for or be included within funded proposal activities as principals, advisors, or in other roles. Grants may not be awarded to businesses and organizations owned in whole or in part by the CCWG-AP members or their family members. Grant funding may not be used to pay compensation to CCWG-AP members or their family members.
DNS Women is currently led by Vanda Scartezini, who was a member of CCWG-AP representing the At-Large Advisory Committee. She’s written to ICANN to express surprise to find herself suddenly unable to apply for funding. ICANN has responded with a pointer to the CCWG-AP’s recommendations, where the language closely mirrors that found in the new application rules as implemented.
But if Scartezini has shot herself in the foot, she may not be alone. According to the CCWG-AP’s final report, there may have been almost enough foot-shooting to create a Paralympic football team.
Of the 22 people who participated as full members of the group — and would be therefore barred from financially benefiting from grants — 10 people answered “yes” or “maybe” when asked to disclose whether they or their employer expected to apply for funding (almost all, including Scartezini, were “maybes”).
The $10 million tranche available this year comes from a $217 million fund ICANN raised auctioning off contested gTLDs following the 2012 application round.
GoDaddy service to let you block domains in over 650 TLDs
GlobalBlock, a domain blocking service introduced to little fanfare by GoDaddy Registry and Identity Digital in June, is planning to launch next month with support from over 650 gTLDs and ccTLDs.
Built on the successes of GoDaddy’s AdultBlock and Identity Digital’s DPML, the new service was supposed to launch last week under the banner of the Brand Safety Alliance, but was delayed until January.
GlobalBlock enables trademark owners to pay one fee to block their marks across all participating TLDs, saving money on defensive registrations. Company names and celebrity names are also covered. A premium version, GlobalBlock+ also covers typos and IDN homographs.
It’s not just gTLD registries that have signed up. Nominet is participating, as is CoCCA. BSA is promising some pretty obscure ccTLDs will be part of the service.
In what appears to be a game-changing innovation, a feature of the service called Priority Autocatch seems set to stop cybersquatters and phishers from drop-catching domains that match strings protected by the block list.
Say you’re Facebook and you see some scumbag has registered facébook.ninja, if you’re subscribed to GlobalBlock+, the AutoCatch feature will see the domain removed from the available pool when it expires, rather than dropping so a second ne’er-do-well can register it.
GlobalBlock appears to be the reason no fewer than 35 registries covering over 300 gTLDs have recently asked ICANN for permission to launch a “Label Blocking Service” via the Registry Service Evaluation Process.
There’s money in blocking services. GoDaddy is making millions from AdultBlock. Some research I’ve been doing recently suggests some registries might be making more from blocks and defensive registrations than they are from regular domain sales.
For registries with small TLD portfolios, blocking services generally offer a poor value proposition. Services like DPML, which covers hundreds of TLDs, or AdultBlock, which covers all the porny ones, have been successful.
The BSA is offering brand owners a lot of carrots to get them to sign up early.
First, if you already have an AdultBlock or DPML subscription, your marks are already pre-validated. GoDaddy is also offering a 50% discount on AdultBlock until January 30; AdultBlock and DPML subscribers get 10% off GlobalBlock until April 30.
BSA says that pricing for GlobalBlock and the initial list of TLDs will be released in early January. Wholesale pricing will go up probably every six months as new TLDs are added, but customers will only pay the increased price upon renewal while benefiting from the added blocks.
General availability pricing begins February 15.
Did I find a murder weapon in a zone file?
Registrars are usually very reluctant to police the content of web sites by taking down domains they manage, but they quite often make an exception when the web site in question calls for violence. But what if the site itself attempts to physically harm visitors through their screens?
It sounds a bit mad, but I think I’ve found such a site.
I recently randomly came across a domain name that caught my eye while scrolling through a zone file. I’m not going to reveal the domain here, but it consisted of three words across the dot and could be taken as an instruction to “murder” a specific, but unnamed, individual.
Expecting humor, I visited the domain out of curiosity and was confronted by a blank page that rapidly flashed between two background colors, creating a strobe effect. There was no other content.
My first impression was that the site had been created in order to trigger seizures in photosensitive epileptics. The CSS seemed to confirm that the strobe effect fell within the frequency range that the charity Epilepsy Action says can cause such seizures.
This raised an interesting question: could this be considered “DNS abuse”?
The DNS Abuse Institute’s definition (pdf) says DNS Abuse consists of “malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)”.
DNSAI says registries and registrars “must” act on these five categories of abuse, but it adds that there are some categories of web content where registrars “should” take action. Its Framework to Address Abuse, which has been endorsed by dozens of registries and registrars, states:
Specifically, even without a court order, we believe a registry or registrar should act to disrupt the following forms of Website Content Abuse: (1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence. Underlying these Website Content Abuses is the physical and often irreversible threat to human life.
Epileptic seizures can be fatal. A school friend of mine did not make it out of his teens due to one. Even when non-fatal, they are dangerous and clearly unpleasant.
So if a site encouraging physical violence “should” be taken down, what about a site that seems designed to actively physically attack individuals, no incitement required? That’s a reasonable question, right?
I filed an abuse report with the registrar managing the domain and was told it did not violate its acceptable use policies.
Attacking epileptics with flashing images sent online has been a criminal offence in the UK since October 26, when the controversial Online Safety Act 2023 was enacted.
A component of the Act is named Zach’s Law, after an eight-year-old boy who in 2020 was attacked with flashing images by internet wankers after he carried out a sponsored walk for the Epilepsy Society.
The Act makes it illegal to send a flashing image to somebody you know is epileptic with the intent to harm them. You can get up to five years imprisonment and a fine.
Recent Comments