Recent Posts
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
ICE domain seizures enter second phase
The US Immigration & Customs Enforcement agency seems to be consolidating its portfolio of seized domain names by transferring them to its own registrar account.
Many domains ICE recently seized at the registry level under Operation “In Our Sites” have, as of yesterday, started naming the agency as the official registrant in the Whois database.
ICE, part of the Department of Homeland Security, has collected over 100 domains, most of them .coms, as part of the anti-counterfeiting operation it kicked off with gusto last November.
The domains all allegedly either promoted counterfeit physical goods or offered links to bootleg digital content.
At a technical level, ICE originally assumed control of the domains by instructing registries such as VeriSign, the .com operator, to change the authoritative name servers for each domain to seizedservers.com.
All the domains pointed to that server, which is controlled by ICE, resolve to a web server displaying the same image:
(The banner, incidentally, appears to have been updated this month. If clicked, it now sends visitors to this anti-piracy public service announcement hosted at YouTube.)
Until this week, the Whois record associated with each domain continued to list the original registrant – a great many of them apparently Chinese – but ICE now seems to be consolidating its portfolio.
As of yesterday, a sizable chunk — but by no means all — of the seized domains have been transferred to Network Solutions and now name ICE as the registrant in their Whois database records.
Rather than simply commandeering the domains, it appears that ICE now “owns” them too.
But ICE has already allowed one of its seizures to expire. The registration for silkscarf-shop.com expired in March, and it no longer points to seizedservers.com or displays the ICE piracy warning.
The domain is now listed in Redemption Period status, meaning it is starting along the road to ultimately dropping and becoming available for registration again.
Interestingly, most of the newly moved domains appear to have been transferred into NetSol from original registrars based in China, such as HiChina, Xin Net and dns.com.cn.
After consulting with a few people more intimately familiar with the grubby innards of the inter-registrar transfer process than I am, I understand that the names could have been moved without the explicit intervention of either registrar, but that it would not be entirely unprecedented if the transfers had been handled manually under the authority of a court order.
If I find out for sure, I’ll provide an update.
NetSol to alert cops over domain hijacking
Network Solutions intends to “notify the proper authorities” after a high-profile customer had his account hijacked over the weekend.
Stephen Toulouse, head of policy and enforcement for Microsoft’s Xbox LIVE, lost access to stepto.com, including his web site and email, for several hours yesterday, after a disgruntled teenaged gamer persuaded a member of NetSol’s support staff to hand over the account.
In a statement published on its blog, the domain name registrar said it was an “isolated incident directed at a specific customer account”, adding:
We maintain a well developed processes to ensure that Social Engineering attempts or any identified security concerns are immediately alerted to a Supervisor, who will expedite the investigation, usually with the help of the Network Solutions Security team. In this case, the procedure was not followed, and we apologize for any trouble caused to our customer.
Our Security team continues to investigate this matter. Additionally, because we take this matter very seriously, we intend to notify the proper authorities with the evidence that we have gathered, so that they may investigate the person(s) responsible for the fraud.
According to a new YouTube video released by the person claiming responsibility for the attack, “Predator”, he’s 15. He blamed Toulouse for his frequent Xbox LIVE bannings.
While he said he perpetrated the attack to highlight insecurities in Xbox LIVE, he also offered to hijack other gamers’ accounts for up to $250.
Comments posted in response to his first post-attack video claim to reveal his true identity, but of course comments on YouTube are not what you’d call reliable evidence.
The video itself does reveal a fair bit of information, however, so I can’t imagine tracking him down will be too difficult, especially if Microsoft has his parents’ credit card number on file.
His YouTube channel also has videos of him operating a botnet. That’s a whole lot more serious.
Xbox security chief gets domain hijacked
The head of Xbox Live policy and enforcement at Microsoft has had his domain name compromised by a disgruntled gamer using a social engineering attack on Network Solutions
Stephen Toulouse, who goes by the screen name “Stepto” and has the domain stepto.com, seems to have also lost his email, hosting and, as a result, his Xbox Live account.
He tweeted earlier today: “Sigh. please be warned. Network solutions has apparently transferred control of Stepto.com to an attacker and will not let me recover it.”
Somebody claiming to be the attacker has uploaded a video to YouTube showing him clicking around Toulouse’s Xbox account, whilst breathlessly describing how he “socialed his hosting company”.
It’s a bit embarrassing for Toulouse. He was head of communications for Microsoft Security Response Center for many years, handling comms during worm outbreaks such as Blaster and Slammer.
Now at Xbox Live, he is, as the attacker put it, “the guy who’s supposed to be keeping us safe”.
But it’s probably going to be much more embarrassing for Network Solutions. When the tech press gets on the story tomorrow, difficult questions about NSI’s security procedures will no doubt be asked.
Toulouse has already made a few pointed remarks about the company on his Twitter feed today.
Social engineering attacks against domain name registrars exploit human, rather than technological, vulnerabilities, involving calling up tech support and trying to convince them you are your victim.
In this case, hijacking the domain seems to have been a means to control Toulouse’s email account, enabling the attacker to reset his Xbox Live password and take over his “gamer tag”.
The same technique was used to compromise the Chinese portal Baidu.com, that time via Register.com, in late 2009. That resulted in a lawsuit, now settled.
The attacker, calling himself Predator, was apparently annoyed that Toulouse had “console banned” him 35 times, whatever that means.
He seems to have left a fair bit of evidence in his wake, and he appears to be North American, so I expect he’ll be quite easy to track down.
Predator’s video, which shows the immediate aftermath of the attack, is embedded below. It may not be entirely safe for work, due to some casually racist language.
UPDATE (April 5): The video has been removed due to a “violation of YouTube’s policy on depiction of harmful activities”. I snagged a copy before it went, so if anybody is desperate to see it, let me know.
Microsoft spends $7.5 million on IP addresses
It’s official, IP addresses are now more expensive than domain names.
Nortel Networks, the bankrupt networking hardware vendor, has sold 666,624 IPv4 addresses to Microsoft for $7.5 million, according to Delaware bankruptcy court documents (pdf).
That’s $11.25 per address, more than you’d expect to pay for a .com domain name. Remember, there’s no intellectual property or traffic associated with these addresses – they’re just routing numbers.
This, I believe, is the first publicly disclosed sale of an IP address block since ICANN officially announced the depletion of IANA’s free pool of IPv4 blocks last month.
The deal came as part of Nortel’s liquidation under US bankruptcy law, which has been going on since 2009. According to a court filing:
Because of the limited supply of IPv4 addresses, there is currently an opportunity to realize value from marketing the Internet Numbers, which opportunity will diminish over time as IPv6 addresses are more widely adopted.
Nortel contacted 80 companies about the sale a year ago, talked to 14 potential purchasers, and eventually received four bids for the full block and three bids for part of the portfolio.
Microsoft’s bid was the highest.
The Regional Internet Registries, which allocate IP addresses, do not typically view IP as an asset that can be bought and sold. There are processes being developed for assignees to return unused IPv4 to the free pool, for the good of the internet community.
But this kind of “black market” – or “gray market” – for IP addresses has been anticipated for some time. IPv4 is now scarce, there are costs and risks associated with upgrading to IPv6, and the two protocols are expected to co-exist for years or decades to come.
In fact, during ICANN’s press conference announcing the emptying of the IPv4 pool last month, the only question I asked was: “What is the likelihood of an IPv4 black market emerging?”.
In reply, Raul Echeberria, chair of ICANN’s Number Resource Organization, acknowledged the possibility, but played down its importance:
There is of course the possibility of IPv4 addresses being traded outside of the system, but I am very confident it will be a very small amount of IPv4 addresses compared to those transferred within the system. But it is of course a possibility this black market will exist, I’m not sure that it will be an important one. If the internet community moves to IPv6 adoption, the value of the IPv4 addresses will decrease in the future.
I doubt we’ll hear about many of these sales in future, unless they come about due to proceedings such as Nortel’s bankruptcy sale, but I’m also confident they will happen.
The total value of the entire IPv4 address space, if the price Microsoft is willing to pay is a good guide, is approximately $48.3 billion.
New TLDs conference calls for speakers
The newdomains.org conference on new top-level domains, scheduled for September 26 and 27 in Munich, has put out a call for speakers.
Here’s the catch: if you’re interested, you might need an audition tape. The organizers want to see a short YouTube clip of your presenting skills in action before they consider your pitch.
Ram Mohan, CTO of Afilias, and Tim Schumacher, CEO of Sedo, are both already named on the draft agenda, but there are still plenty of open spots, including the first-day keynote.
Franz Josef Pschierer, IT commissioner of the Bavarian state government, will keynote day two.
The conference is being organized by the registrar United Domains, part of the same family of domain name companies as Sedo and 1&1 Internet.
While newdomains.org will take place in Germany, possibly the biggest market for new TLDs outside of the US, all the sessions will be conducted exclusively in English.
The conference currently looks like it’s shaping up along the same lines as the .nxt conference last month, with sessions on brand protection, community building, marketing and so on.
One notable difference is the addition of coached “workshops” as well as panel discussions.
Extracurricular activities include a tram ride around the city and a visit to the Hippodrom tent at Oktoberfest, the world-famous beer-drinking festival.
Needless to say, I shall be in attendance. For the trams, obviously.
What O.co says about new TLDs
Overstock.com’s shock rebranding move yesterday is not only a big marketing coup for .CO Internet, it also may be good news for new top-level domains in general.
In a pair of US TV commercials (available here and here if you’re overseas) Overstock has started calling itself O.co, the domain it bought privately from the .co registry for $350,000 last July.
When I wrote, last November, “Overstock’s .com domain is its brand, and that’s not about to change”, I may well have been wrong. Go to overstock.com and look at the logo.
This is good evidence, if it were needed, that the very same trademark interests currently opposed to ICANN’s new TLDs program are also keenly aware of the benefits.
Overstock has had its eyes on O.com for over five years, and fought unsuccessfully within ICANN to have single-letter .com domains released from the VeriSign reserved list.
It was not until .co relaunched last summer – essentially a new TLD – that Overstock got the opportunity to register a domain (almost?) as good as the one it wanted.
I find this interesting because Overstock, like many other major brand owners, has been a vocal opponent of new TLDs.
In a July 2009 letter to ICANN (pdf), for example, Overstock expresses many of the same views about new TLDs that are still being expressed by the trademark interests currently holding up the program.
I’m not suggesting that Overstock’s eagerness to use O.co negates its specific criticisms of the new TLDs program, but its conflicting behavior does seem to suggest a certain degree of cognitive dissonance.
On the one hand, it opposed new TLDs. But when a new TLD launched, it grasped the opportunity with both hands and rebranded the whole company around it.
If what I hear is true, many of the companies publicly opposed to new TLDs are also the ones simultaneously investigating their own “.brand” domains.
Could Overstock’s latest move represent a pent-up demand for new TLDs among big brands? What does that mean for the future of .com as the internet’s premium real estate?
Eleven new ccTLDs coming next week
ICANN is set to approve 11 new internationalized domain name ccTLDs, representing four nations in Asia and the Middle East, at its board meeting next week.
On the January 25 consent agenda – which is typically rubber-stamped without discussion – is the approval of IDN ccTLDs for South Korea, India, Singapore and Syria.
Korea is due to get .한국, Singapore gets . 新加坡 (Chinese) and .சிங்கப்பூர் (Tamil), while Syria gets the Arabic string .سورية.
Massively polyglot India will be delegated its ccTLD in seven of its most-popular languages.
The delegations will push the number of TLDs in IANA’s database to over 300 for the first time.
This week, the ccTLD for Thailand went live with Thai-language registrations under .ไทย. You can watch a video of ICANN CEO Rod Beckstrom congratulating the nation here.
Also on ICANN’s agenda next week is the re-delegation of the ASCII ccTLDs for Burkina Faso, Congo and Syria – .bf, .cd and .sy respectively – to new registry managers.
TucsonShooting.com crashes after Tucson shooting
A gun blogger had his web site crash shortly after Saturday’s bloodbath in Tucson, Arizona, because he owns the domain name TucsonShooting.com.
To be clear, the domain has nothing to do with the failed assassination attempt on Rep Giffords. The blogger just likes shooting and he’s based in Tucson. He’s owned the domain since 2002.
In this video, he explains what happened to his site after the massacre, which killed six people.
The domain TucsonShooting.com is the first hit in Google when you search for [tucson shooting], testifying to the power of a good SEO domain. It redirects to GunWebsites.net.
The blogger notes:
Who in their right mind would think there’d be someone so opportunistic to capitalize on a tragedy like this by putting up a domain either ahead of time or so quickly?
Clearly, he hasn’t met many domainers.
ICANN sets date for GAC showdown
ICANN and its Governmental Advisory Committee will meet for two days of talks on the new top-level domains program in Geneva from February 28, according to GNSO chair Stephane Van Gelder.
As well as the Applicant Guidebook (AGB) for new TLDs, the meeting is also expected to address the GAC’s outstanding concerns with the .xxx TLD application.
While I’d heard Geneva touted as a possible location, this is the first time I’ve heard a firm date put to it. As well as Van Gelder, other sources have heard the same date.
Talks ending March 1 would give ICANN less than two weeks before its public meeting in San Francisco kicks off to get the AGB into GAC-compatible shape before the board votes to approve it.
Is that a realistic timeframe? I guess that will depend on how the GAC meeting goes, the depths of the concessions ICANN decides to make, how receptive the GAC is to compromise, and whether it is felt that more public comment is needed.
Also, as I speculated last week, ICANN may have to officially invoke the part of its bylaws that deals with GAC conflicts, which it does not yet appear to have done, if it wants to approve the Guidebook at the end of the San Francisco meeting in March.
If the program is approved in March, that would likely lead to applications opening in August.
There’s likely to be one ICANN board meeting between now and Geneva – its first meeting of the year is usually held in late January or early February – so there’s still time for ICANN to make changes to AGB based on public comment, and to get its process ducks in a row.
There’s also plenty of time for the GAC to provide its official wish-list or “scorecard” of AGB concerns, which I believe it has not yet done.
Van Gelder also wonders on his blog whether the Geneva meeting will take place in the open or behind closed doors.
ICANN’s director of media affairs, Brad White, put this question to ICANN chair Peter Dengate Thrush during a post-Cartagena interview. This was his answer:
We haven’t actually resolved the rules of engagement with the GAC on this particular meeting but the standard position for all organizations within ICANN is that they are open… On the other hand if at any point think we the negotiation could be assisted by a period of discussing things in private I guess we could consider that.
That looks like a “maybe” to me.
Is this the domain name industry’s first music video?
DotAfricaConnect is pretty serious about its plan for .africa.
The company yesterday released this music video to promote its top-level domain bid. Unlike most corporate anthems, this one is actually not terrible, despite the dodgy editing.
The singer, Patricia Kihoro, appears to be the former winner of an African TV talent show. It mystifies me how few people in the room seem to be paying her, and her dancers, any attention.
Recent Comments