Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
Key-Systems buys reseller EDC
Key-Systems has acquired one of its resellers, European Domain Centre.
The acquiring registrar did not disclose the terms of the deal, but said EDC will help boost its own BrandShelter corporate registrar business.
EDC says it has clients including AirBnB, Campari, Lycamobile, iStockPhoto and BusinessWire.
The company was founded in 2003 by Nikolaj Borge and Christopher Hofman Laursen and is based in Copenhagen, Denmark.
Its selling point has been its willingness to offer offer its customers the broadest range of gTLD and ccTLD options.
It’s been a customer of RRPproxy, Key-Systems’ reseller network, since 2008.
As it’s been using the Key-Systems IANA number all this time, it’s not possible to get an accurate figure for its domains under management from ICANN reports.
Let’s all have a nosey at how much ICANN staff get paid
It’s that time of year again when ICANN publishes its US tax returns and we all get to have a good old nosey at how much its top brass get paid.
Figures for fiscal 2016 — so, basically a year out of date — came out this week and they show some senior executives got big pay boosts.
Overall, the return shows that the 17 highest-paid ICANN staffers received a total of $7.3 million in a combination of salary and bonuses, or about $429,000 on average, in the year.
That’s an increase of $603,000 on fiscal 2015 or $488,000 if you don’t count the bonuses.
I’m only counting the 17 named executives who appear in both the FY15 and FY16 returns, and I’m not counting non-executive directors.
Three of these executives received pay rises, not including bonuses, in excess of $100,000. While most top staff saw pay increases below 5%, raises of 21%, 34%, 44% and even 58% were recorded.
Four of them received bonuses of $125,000 or more.
One of the 17 saw his compensation go down. I’m guessing that might be an exchange rate fluctuation.
CEO Fadi Chehade, who left three quarters of the way through the fiscal year, still took home $854,000 in salary and bonuses, up from $737,000 in FY15. His successor’s compensation does not figure into the FY16 numbers.
ICANN has 155 staff members making over $100,000 a year, the return shows, up from 132 the previous year. That means more than half of ICANN’s total staff is in six-figure territory.
ICANN’s pay policy is to set compensation at the 50th to 75th percentile of the “relevant market”, which I assume is the technology sector rather than the not-for-profit sector, in order to stay competitive when hiring.
Its FY16 tax return can be downloaded here (pdf) and the FY15 one is here (pdf).
Massive ransomware attack hits 150 countries, brought down by a domain reg
A massive outbreak of malware on Friday hit thousands of organizations in an estimated 150 countries and had a big impact on the UK National Health Service before being temporarily thwarted by a single domain name registration.
WannaCry, as the malware has been called, targets Windows boxes that have not installed a March security patch. It encrypts files on the hosts it infects and demands money for the decryption key.
The attack is Big News for several reasons.
First, it spread ransomware over the network using a remotely exploitable vulnerability that required no user error or social engineering to install itself.
Second, it hit an estimated quarter-million machines, including thousands at big organizations such as Telefonica, the NHS, Deutsche Bahn and FedEx.
Third, it posed a real risk to human life. A reported 70,000 NHS machines, including medical devices, were said to be infected. Reportedly, some non-critical patients had to be turned away from UK hospitals and operations were cancelled due to the inability of doctors to access medical records.
Fourth, WannaCry appears to have been based on code developed by the US National Security Agency and leaked last month.
All in all, it was an attack the scale of which we have not seen for many years.
But it seems to have been “accidentally” prevented from propagating further on Friday, at least temporarily, with the simple act of registering a domain name.
A young British security researcher who goes by the online handle MalwareTech said he was poring over the WannaCry code on Friday afternoon when he came across an unregistered domain name.
On the assumption that the malware author perhaps planned to use the domain as a command and control center, MalwareTech spent the ten bucks to register it.
MalwareTech discovered that after the domain was registered, the malware stopped encrypting the hard drives it infected.
He first thought it was a fail-safe or kill-switch, but he later came to the conclusion that the author had included the domain lookup as a way to thwart security researchers such as himself, who run malware code in protected sandbox environments.
MalwareTech wrote:
In certain sandbox environments traffic is intercepted by replying to all URL lookups with an IP address belonging to the sandbox rather than the real IP address the URL points to, a side effect of this is if an unregistered domain is queried it will respond as [if] it were registered
Once the domain was registered, WannaCry iterations on newly infected machines assume they were running in sandboxes and turned themselves off before causing additional damage.
MalwareTech was naturally enough proclaimed the hero of the day by many news outlets, but it appears that versions of the malware without the DNS query kill-switch already started circulating over the weekend.
Many are warning that the start of the work week today may see a new rash of infections.
The researcher’s account of the incident can be read in full here.
ICANN’s origin story is well worth a watch
The story of how ICANN was born is being told through an ongoing series of video interviews.
The ICANN History Project went live late last week with an initial batch of eight videos on the theme of ICANN’s relationship with the US government, from before ICANN’s inception in 1998 to more recent developments such as the IANA transition.
There are several hours of interviews to watch so far, covering many of the key figures in ICANN over the last 20 years.
We have the likes of “Father of the Internet” Vint Cerf, “Father of ICANN” Ira Magaziner, “Godmother of ICANN” Becky Burr and “Second Cousin of Usenet” Fadi Chehade (sorry).
Three of ICANN’s four chairs to date are interviewed, along with two of its six CEOs.
From the USG side, recently departed assistant secretary at the National Telecommunications and Information Administration Larry Strickling gets half an hour in the warm seat.
It’s fronted by Brad White, ICANN’s head of comms for North America, who says he’s trying to approach the project from a journalistic perspective.
Before he fell to the Dark Side, he was a TV reporter for many years, as will become quickly apparent.
I must admit I’ve only managed to watch half of the videos so far, but from what I’ve seen they’re pretty damn good. Don’t expect PR fluff or self-congratulatory circle-jerky.
The interviewees all seem to talk pretty frankly about what was going on around the time of ICANN’s formation in the quagmire of bloodthirsty partisan hackery over the Clinton-Lewinsky scandal, a stirring from the International Telecommunications Union, and Jon Postel’s hacking of the entire DNS.
All worth a listen, if you’re an ICANN nerd.
Subtitled versions of each are available in each of the UN languages.
It’s slightly disappointing that ICANN’s original CEO Mike Roberts and chair Esther Dyson aren’t among the first batch of interviews (Dyson, particularly, has emerged as a critic of ICANN since her departure in 2000) but I gather the project is ongoing and more content will be posted as it’s completed.
The videos are supplemented by documentation that speaks to the same topics as the interviews. As far as I can tell, it’s all public info already, but it’s nice to see it collected in one place.
The project can be found here.
Neustar’s .au deal in peril as Aussies look in-house
Australian ccTLD registry auDA is looking at bringing its back-end infrastructure in house, to the possible detriment of Neustar.
In a surprise move, auDA said late last month that several months of talks with AusRegistry, aimed at possibly extending its current back-end contract beyond 2018, had failed.
AusRegistry has operated .au for auDA since 2002, during which time the ccTLD has grown to 3.1 million domains.
The company was acquired by Neustar in 2015 as part of its $87 million acquisition of Bombora Technologies, parent to AusRegistry and ARI.
auDA said it has now launched an invitation-only “restricted tender exercise” to find advisers to help it build its own registry back-end.
AusRegistry will be among those invited to participate, auDA confirmed.
This week, the registry also announced that it has hired Bruce Tonkin, formerly of Melbourne IT and the ICANN board of directors, to be its “Registry Transformation Project Lead”.
It will also form an “Industry-led Advisory Panel” to give .au registrars a say in how the new registry is designed and built.
.gay, .music and others in limbo as ICANN probes itself
Several new gTLD applicants have slammed ICANN for conducting an investigation into its own controversial practices that seems to be as opaque as the practices themselves.
Seven proposed new gTLDs, including the much-anticipated .music and .gay, are currently trapped in ICANN red tape hell as the organization conducts a secretive probe into how its own staff handled Community Priority Evaluations.
The now broad-ranging investigation seems have been going on for over six months but does not appear to have a set deadline for completion.
Applicants affected by the delays don’t know who is conducting the probe, and say they have not been contacted by anyone for their input.
At issue is the CPE process, designed to give genuine “community” gTLD applicants a way to avoid a costly auction in the event that their choice of string was contested.
The results of the roughly 25 CPE decisions, all conducted by the independent Economist Intelligence Unit, were sometimes divergent from each other or just baffling.
Many of the losers complained via ICANN’s in-house Requests for Reconsideration and then Independent Review Process mechanisms.
One such IRP complaint — related to Dot Registry’s .inc, .llc, .llp applications — led to two of the three-person IRP panel deciding last July that ICANN had serious questions to answer about how the CPE process was carried out.
While no evidence was found that ICANN had coached the EIU on scoring, it did emerge that ICANN staff had supplied margin notes to the supposedly independent EIU that had subsequently been incorporated into its final decision.
The IRP panel majority wrote that the EIU “did not act on its own in performing the CPEs” and “ICANN staff was intimately involved in the process”.
A month or so later, the ICANN board of directors passed a resolution calling for the CEO to “undertake an independent review of the process by which ICANN staff interacted with the CPE provider”.
Another month later, in October, the Board Governance Committee broadened the scope of the investigation and asked the EIU to supply it with documents it used to reach its decisions in multiple controversial CPE cases.
A couple of weeks ago, BGC chair Chris Disspain explained all this (pdf) to the applicants for .music, .gay, hotel, .cpa, .llc, .inc, .llp and .merck, all of which are affected by the delay caused by the investigation.
He said that the investigation would be completed “as soon as practicable”.
But in response, Dot Registry and lawyers for fellow failed CPE applicant DotMusic have fired off more letters of complaint to ICANN.
(UPDATE: Dot Registry CEO Shaul Jolles got in touch to say his letter was actually sent before Disspain’s, despite the dates on the letters as published by ICANN suggesting the opposite).
Both applicants note that they have no idea who the independent party investigating the CPEs is. That’s because ICANN hasn’t identified them publicly or privately, and the evaluator has not contacted the applicants for their side of the story.
DotMusic’s lawyer wrote (pdf):
DotMusic’s rights are thus being decided by a process about which it: (1) possesses minimal information; (2) carried out by an individual or organization whose identity ICANN is shielding; (3) whose mandate is secret; (4) whose methods are unknown; and (5) whose report may never be made public by ICANN’s Board.
He added, pointedly:
The exclusion of directly affected parties from participation eerily reproduces the shortcomings of the EIU evaluations that are under scrutiny in the first place.
Dot Registry CEO Shaul Jolles, in his letter (pdf), quoted Disspain saying at a public forum in Copenhagen this March that a blog post addressing the concerns had been drafted and would be published “shortly”, but wasn’t.
He suggested the investigation is “smoke and mirrors” and, along with DotMusic, demanded more information about the investigator’s identity and methods.
It does strike me as a looking a bit like history repeating itself: ICANN comes under fire for non-transparently influencing a supposedly independent review and addresses those criticisms by launching another non-transparent supposedly independent review.
No matter what I feel about the merits of the “community” claims of some of these applicants, it has been over five years now since they submitted their applications and the courtesy of transparency — if closure itself its not yet possible — doesn’t seem like a great deal to ask.
XYZ acquires .storage, its 10th gTLD
XYZ.com said today that it has acquired the half-launched new gTLD .storage from its original owner.
The terms of the deal were not disclosed, but CEO Daniel Negari said in a blog post that it has been funded using some of the “excess of cash flow” from sales of .xyz domains.
The original .storage registry was Extra Space Storage, which rents out physical storage units in the US.
It started its protracted launch period a little over a year ago but had not planned to go to general availability until July this year.
Having apparently passed through its sunrise period and a special landrush for the storage industry, which ended in January, it has fewer than 800 domains in its zone file.
It looks like XYZ will be essentially relaunching the gTLD from scratch, with a new sunrise period penciled in for November and an early access period and GA slated for December.
Pre-launch pricing is around the $80 mark at the few registrars I checked today, and it looks like that will remain under the new management.
That’s despite XYZ talking today about .storage as a “premium” vertically-focused TLD along the lines of its $3,000 .cars or $750 .theatre.
The company said that it will not hold back reserved names at higher, premium pricing. Even nice-looking domains such as cloud.storage will be available at the base fee, it said.
The new acquisition becomes the 10th that XYZ has a hand in running, if you count the three car-related gTLDs it manages in a joint venture with Uniregistry. The others are .security, .rent, .protection, .theatre, and .college.
ICANN changes Panama meeting dates to avoid Muslim holiday
ICANN has changed the dates of next year’s ICANN 62 public meeting to accommodate the Muslim festival of Eid al-Fitr.
Eid is the movable festival marking the end of the fasting month Ramadan, when observant Muslims are allowed to start eating during daylight hours again.
In 2018, it runs from June 14-15, which would have made things difficult for Muslims hoping to attend ICANN’s mid-year meeting, previously slated to begin June 18.
So ICANN has pushed it back a week. ICANN 62 will now begin June 25. As a mid-year Policy Forum, it is the shortest meeting of the year.
The meeting is due to be held in Panama City, Panama.
Its the second change for the Panama meeting. ICANN had originally planned to meet there for ICANN 56 in mid-2016, but relocated the event to Helsinki due to the panic about Zika virus.
More change at the top at Donuts as Tindal steps down
Donuts has lost co-founder and COO Richard Tindal, who has announced his retirement.
Tindal was one of the four domain industry executives who founded Donuts in order to take advantage of ICANN’s new gTLD program about seven years ago.
No reason was given for his departure, which was announced in a blog post, beyond “retirement”.
Co-founders Paul Stahura, Jon Nevett and Dan Schindler are all still with the company, but founding CEO Stahura recently stepped into the chairman’s role to give venture capitalist Bruce Jaffe the corner office.
Tindal had previously worked in senior roles for Verisign, Neustar and Demand Media (now Rightside).
Second emergency registry tested with dead dot-brand
ICANN is running its second test of the Emergency Back-End Registry Operator system, designed as a failover for bankrupt gTLDs.
This time, the EBERO under the microscope is CORE Association, one of the three approved providers.
It this week took over operation of .mtpc, a dot-brand gTLD that Mitsubishi applied for, was delegated, never used, and then decided it didn’t want to run any more.
ICANN said:
ICANN is conducting a test of the Emergency Back-End Registry Operator program. Simulating an emergency registry operator transition will provide valuable insight into the effectiveness of procedures for addressing potential gTLD service interruptions. Lessons learned will be used to support ICANN’s efforts to ensure the security, stability and resiliency of the Internet and the Domain Name System.
The first test was conducted by ICANN and EBERO provider Nominet earlier this year, using the similarly unloved dot-brand .doosan.
I expect we’ll see a third test before long, using CNNIC, the third EBERO provider.
It would have plenty of dead dot-brands to choose from.
Recent Comments