Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Go Daddy plays down “massive” attack claim
Malicious hackers have compromised a number of WordPress installations running on Go Daddy hosting, but the company claims very few customers were affected.
Slashdot carried a story a few hours ago, linking to a blog claiming a “massive” breach of security at the domain name registrar.
(EDIT: as noted in the comments, this blog may itself have been hacked, so I’ve removed the link. You can find it in the comments if you want to take the risk.)
But Go Daddy says the problem is not as widespread as it sounds.
“We received reports from a handful of Go Daddy customers using WordPress their websites were impacted by the script in question,” Go Daddy security chief Todd Redfoot said in a statement.
“We immediately opened an investigation into what happened, how it was done and how many sites were affected,” he said. “The investigation is currently ongoing.”
The attack is certainly not ubiquitous. I host a number of WordPress sites with Go Daddy, including this one, and they all appear to be working fine today.
And a Twitter search reveals no references to an attack today prior to the Slashdot post, apart from the blog it was based on.
That doesn’t prove anything, but when Network Solutions’ WordPress hosting was breached last week there was a lot more tweet noise. That attack had thousands of victims.
For those interested in the details of the attack, this WordPress security blog appears to be the best place to get the nitty-gritty.
Go Daddy feature tallies Whois queries on your domain
I may be a bit late off the blocks, but I just learned about a rather nifty little feature buried within Go Daddy that lets you see when somebody has done a Whois lookup on one of your domains.
Log in to your Domain Manager, click Tools, click Exportable Lists, click Add New Export, then check the relevant boxes in the wizard.
The feature exports a .csv file telling you how many Whois searches have been run against each of your domain names in the last day, week, month and year.
I imagine this could provide a few useful data points when deciding how much interest there is in a domain you’re planning to sell.
I also found it quite interesting that more people executed Whois queries on domainincite.com in March than bothered to click the About tab at the top of the page.
Domain people are an odd bunch.
Demand Media gets pre-IPO board boost
Demand Media has added two big names to its board of directors, a move certain to feed the rumors that the company is preparing for an IPO this year.
Joining the board is Peter Guber, CEO and chairman of Mandalay Entertainment, a TV and movie production company that also has its fingers in the sports and digital media pies.
Josh James also takes a seat. He co-founded web analytics firm Omniture, now part of Adobe, and took it public during the dot-com boom.
“The experience they bring from two different ends of the spectrum – creative arts and web analytics – will be invaluable as Demand Media continues to focus on creating the content that consumers want,” Demand CEO Richard Rosenblatt said.
Demand Media, which owns domain name registrars eNom and BulkRegister, is mainly in the mass-market, search-driven content business.
It was reported last week that the company has hired Goldman Sachs to help it prepare for a public listing later this year.
Bulking up the board is one of the things companies do before they head to the stockmarket.
Network Solutions under attack again
Network Solutions’ hosting operation is under attack for the second time in a week, and this time it’s definitely not a WordPress problem.
The company has acknowledged that it has “received reports that Network Solutions customers are seeing malicious code added to their websites”, but has not yet released further details.
Sucuri.net, which was intimately involved in the news of the hack against NSI’s WordPress installations last week, blogged that this time the attacks appear to have compromised not only WordPress, but also Joomla-based and plain HTML sites.
Last week’s attacks were eventually blamed on insecure file permissions, which enabled shared-server hosting customers to look at each other’s WordPress database passwords.
But today NSI, one of the top-five domain name registrars, said: “It may not be accurate to categorize this as a single issue such as ‘file permissions’.”
Sucuri said that malicious JavaScript is being injected into the sites, creating an IFrame that sends visitors to drive-by download sites.
It’s a developing story, and not all the facts are out yet.
But it’s clear that NSI has a public relations problem on its hands. Some customers are already using Twitter to declare that they will switch hosts as a result.
And if it’s true, as Sucuri reports, that Google is already blocking some of the affected sites, who can blame them?
Demand Media in rumored IPO
Demand Media, which owns number-two domain registrar eNom, could file to go public this summer, the Financial Times has reported.
Widely thought of as a “content mill”, Demand is in the business of mining search and domain data and pumping out content which it can sell ads against.
The FT, using anonymous sources, reports that an IPO, which could happen by November, would value the firm at $1.5 billion. Revenue is estimated to be around $250 million a year.
While selling domain names does not appear to be Demand’s core business, other domain name registrars have a rocky record when it comes to public listings.
Register.com, which used its early-mover advantage to IPO at the tail end of the dot-com boom, ended up going private after low-cost registrars like Go Daddy started eating its lunch.
Go Daddy itself gave the world a glimpse at its finances when it filed its S-1 back in 2006, but CEO Bob Parsons yanked the IPO at the eleventh hour, citing poor market conditions and his inability to keep his mouth shut during the traditional pre-offering Quiet Period.
Parsons said at the time that it’s hard to show a profit under GAAP as a growing registrar, due to the way registrations are accounted for.
Tucows, meanwhile, has managed to tick along quietly with a listing on the small-cap markets for years.
WordPress founder criticizes NSI’s security
WordPress founder Matt Mullenweg had a few harsh words for top-five domain registrar Network Solutions today, after a whole bunch of NSI-hosted blogs were hacked over the weekend.
It appears that NSI’s web hosting operation, which includes a one-click WordPress installation service, was failing to adequately secure database passwords on shared servers.
Or, as Mullenweg blogged: “A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files.”
WordPress, by necessity, stores its database passwords as plaintext in a script called wp-config.php, which is supposed to be readable only by the web server.
If the contents of that file are viewable by others, a malicious user could inject whatever content they like into the database – anything from correcting a typo in a blog post to deleting the entire site.
That appears to be what happened here: for some reason, the config files of WordPress blogs hosted at NSI gave read permissions to unauthorized people.
The cracker(s) who noticed this vulnerability chose to inject an HTML IFrame into the URL field of the WordPress database. This meant visitors to affected blogs were bounced to a malware site.
Mullenweg is evidently pissed that some news reports characterized the incident as a WordPress vulnerability, rather than an NSI vulnerability.
NSI appears to have corrected the problem, resetting its users’ database passwords as a precaution. Anybody making database calls in custom PHP, outside of the wp-config.php file, is going to have to go into their code to update their passwords manually.
Go Daddy follows Google out of China
Go Daddy is to stop accepting new .cn registrations, after CNNIC demanded that it start collecting photographs and signed registration documents from Chinese customers.
General counsel Christine Jones told the Congressional Executive Committee on China that Go Daddy has also seen an increase in DDoS attacks, specifically against human rights sites that it hosts.
“Domain name registrars, including Go Daddy, were then instructed to obtain photo identification, business identification, and physical signed registration forms from all existing .CN domain name registrants who are Chinese nationals, and to provide copies of those documents to CNNIC,” she said.
Any domain without such documentation would have been blocked by China, she said.
“For these reasons, we have decided to discontinue offering new .CN domain names at this time. We continue to manage the .CN domain names of our existing customers,” she said.
Go Daddy has about 1,200 Chinese customers and 27,000 .cn domains on its books. The company is not going to block Chinese customers. What China will do about them remains to be seen.
The move comes at a tense time for US-China internet relations, with Google grabbing headlines all week due to its ongoing censorship row with the country.
Jones denied the move has anything to do with Google. “We made the decision that we didn’t want to act as an agent of the Chinese government,” she said.
I’ve uploaded a PDF of her written testimony here.
Verizon seeks another registrar scalp
After killing off small Indian registrar Lead Networks last week, Verizon wasted no time in gunning for a larger target, DirectNIC.
The carrier sued DirectNIC on Friday, claiming the company has been involved in the systematic typosquatting of hundreds of thousands of domains, including at least 288 belonging to Verizon.
There appears to be at least two things going on here.
First, Verizon is claiming that the common registrar practice of parking expired, pre-delete domains, somehow falls foul of US anti-cybersquatting laws if the parked domains are typosquats.
DomainNameWire addresses the possibly discomforting precedents this could set over here.
Second, the Verizon complaint resurrects the theory that DirectNIC’s owners, including CEO Sigmund Solares, are or were themselves typosquatters, using shell (continue reading)
Dynadot sorry for .tv snafu
Dynadot has apologised to customers for glitches during last week’s .tv landrush that allowed people to register premium domain names at well below market prices.
On Thursday, VeriSign slashed the first-year prices of “premium” .tv names and set the renewal fees to a standard lower registry rate.
While prices were lower, they were still premium, but some domainers discovered they could register domains previously priced in the tens of thousands of dollars for the standard fee at some registrars, Dynadot included.
Dynadot said this weekend that this was because “we were given an incomplete list of the Premium .TV Domain Names… So, any Premium .TV Domain Names that weren’t on the list were displayed at the normal .TV registration price.”
The company further apologised for giving registrants store credit, rather than a cash refund, after it discovered its mistake and deleted the registrations, which was “probably not the best way to handle the situation”. This policy has been reversed, and registrants can now get a “no questions asked” refund.
Demand during the .tv land-rush was evidently so high that Dynadot’s float at VeriSign was quickly drained.
The company said: “We had a problem with the central registry and ran out of funds. This meant we could not process any COM/NET/TV/CC domain registrations, domain transfers, and domain renewals.”
Cybersquatting registrar goes into receivership
Lead Networks Domains, an Indian domain name registrar, has been handed to a California receiver after a cybersquatting lawsuit filed by Verizon.
ICANN said today that Bret Fausset has been appointed receiver for the Mumbai-based company, which had about 130,000 domains under management when Verizon sued it.
Verizon sued Lead in January 2008, claiming the registrar’s customers had registered 238 misspellings of Verizon trademarks.
The company further claimed that Lead ignored UDRP rulings that went against it and supplied UDRP avoidance services to its users.
ICANN yanked Lead’s accreditation last July. Fausett said he will now transition any of its remaining domain names to a new registrar.
Recent Comments