Recent Posts
- Com Laude ditches brand as $450 million deal closes
- No RDAP? No accreditation
- Fifth-largest gTLD not dead after all
- Half of registrar’s domains are abusive, ICANN says
- Burr joins PIR after leaving ICANN board
- Refunds galore as gTLD losers finally bow out
- .goo terminated as search engine closes down
- GoDaddy to offer domain blocking to people who don’t have trademarks
- Happy new year expected for domain industry, says ICANN
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
VeriSign boss leaves domain industry
Former VeriSign chief executive Mark McLaughlin, who resigned last week, is leaving the domain name industry entirely, signing up as the new CEO of Palo Alto Networks, a firewall vendor.
The privately held company is being tipped for an imminent IPO, which could mean a big stock payday for McLaughlin if executed successfully.
The Wall Street Journal quotes McLaughlin today as saying “the upside is on the equity side”.
Coming ahead of the launch ICANN’s top-level domains program, you could have been forgiven for thinking that McLaughlin may have been headhunted by a new gTLD player.
That would have been a heck of an endorsement of the commercial opportunity of new gTLDs, for the head of .com and .net to throw in with the newcomers.
But clearly McLaughlin has realized there’s more money in firewalls.
Smart man.
At VeriSign, founder Jim Bedzos has taken over as CEO while a permanent replacement for the 10-year VeriSign veteran is sought.
Fight over gb.com claims thousands of victims
Thousands of companies that use the pseudo-top-level-domain .gb.com have gone offline due to a legal fight between the registry and its founder.
CentralNIC sells third-level gb.com domains as a “Great Britain” alternative to .co.uk. A Google search reveals a great many small businesses use the extension for their web sites.
They’re all out of luck today. Anybody attempting to access any .gb.com domain is now welcomed by a placeholder page, which states:
You may be here because you have been sold a domain or email service using the gb.com domain that has ceased to work.
You can restore that service swiftly by registering with GB.COM Ltd.
GB.COM Ltd will not provide a service that you have paid others for, unless they have an arrangement with GB.COM Ltd.
If you have already paid for future service and it has ceased then you should contact your supplier.
GB.com appears to be owned by Stephen Dyer, who founded CentralNIC in 2000, but left the company following a buyout several years ago.
“This interruption relates to a longstanding legal dispute regarding the domain name gb.com, dating back to when the current shareholders acquired the business in 2004,” CentralNIC said.
Historical Whois records show that the email address associated with gb.com switched from CentralNIC to a webmail account at some point in September that year.
It’s currently registered to steve@enovi.com, which appears to be a Dyer-owned domain.
CentralNIC evidently has been selling domains under an extension it was not in control of for the last seven years, and now whatever leasing agreement it had arranged has broken down.
The company said: “We are currently taking legal advice about this and will be taking urgent steps to restore the service, but we cannot achieve that instantly.”
Until a solution can be found, it recommends that affected registrants sign up with GB.com to (hopefully) quickly restore DNS service to their sites.
However, the new GB.com site is so painfully amateurish that some customers seem to have mistaken it for a phishing attack.
I have some additional advice – after your gb.com domain is resolving again, register a new domain in a proper TLD (.uk, .com) and redirect all your traffic to it until your users know where to find you.
Then cancel the gb.com domain.
GB.com Ltd has already demonstrated pretty comprehensively that it doesn’t give a damn about your business, so I think you’ll agree it doesn’t deserve your money.
There are ways to go about a registry transition seamlessly, and this most certainly is not one of them.
Quite how GB.com hopes to match newly signed-up customers with the true previous registrants is not entirely clear – there’s potential for abuse unless it has full access to CentralNIC’s thick Whois.
Also worth pondering — where’s all the email to .gb.com domains going?
While this is a commercial dispute, rather than a technical stability problem, it still Looks Bad for CentralNIC, which recently has been heavily marketing itself as a “.brand” back-end provider.
It shouldn’t harm the company’s ability to pass an ICANN technical evaluation, but it may give potential clients pause for thought.
Of the 20 pseudo-TLDs listed on CentralNIC’s site, at least three others – us.com, us.org and gr.com – appear to be registered in the names of third parties, according to Whois records.
There’s no reason to believe these domains are in any immediate danger, however. They don’t appear to have any connection to GB.com or Dyer.
CentralNIC said: “We can confirm, with absolute certainty, that no other CentralNic domain extensions are subject to any such disputes.”
That will come as little comfort to the thousands of small businesses that find themselves offline today.
One such customer has set up a LinkedIn group to discuss the situation, and Twitter traffic from customers seems to be increasing as British users wake up to the news.
UPDATE: It seems that Stephen Dyer has form.
He was also director of Snappy Designs Ltd, owner of the photo-hosting site Fotopic.net, which went into liquidation earlier this year, leaving thousands of photographers stranded.
Amateur Photographer reported in March that potentially millions of images could have been lost due to the business’s failure.
The site currently says the images are safe. Users do not have access to them, however.
(spotted by @whois_search)
VeriSign CEO quits. But where’s he going?
VeriSign’s CEO and president Mark McLaughlin has quit the company for a CEO position at an undisclosed private company.
The news of his departure, after two years at VeriSign’s helm, came during the company’s second quarter earnings call yesterday.
McLaughlin’s been at VeriSign for over a decade. In his time as CEO, he oversaw a massive restructuring at the company.
VeriSign is now dramatically smaller – 1,000 people compared to 5,000 when he took over – following the sale of assets such as the security business, which Symantec bought.
His resignation is effective on Monday, but he’s told the company he’ll stick around until late August. Founder and chairman Jim Bedzos will become interim CEO while a replacement is found.
But where’s McLaughlin going?
The timing, less that six months before ICANN’s new top-level domains program kicks off, is certainly curious. It would be an unbelievable coup for a new gTLD firm to hire the former boss of .com.
A lot of people are switching companies at the moment, positioning themselves the best to exploit the new gTLD opportunity. (Anybody need a writer? I’m told my prices are very reasonable).
But he could be going anywhere, of course.
On VeriSign’s earnings call yesterday, McLaughlin said he wanted to join a private company and take it public, which made me think he may be leaving the domain business entirely.
McLaughlin is an advisor to Altos Ventures, a venture capital firm with a bunch of startups to its name.
There are not a great many companies in the domain industry – that we know about, at least – that immediately jump out as near-term IPO candidates.
McLaughlin plans to announce his new employer next week.
FarmVille domain seized from Chinese squatter
Zynga has claimed control of the domain name farmville.co.uk from a Chinese cyberquatter.
The summary decision under Nominet’s Dispute Resolution Service was made July 14, and posted to the Nominet web site today, but the Whois still shows the previous owner.
According to Whois records, the domain was registered July 1, 2009, just a couple of weeks after the popular FarmVille game launched on Facebook.
The domain currently resolves to a Sedo placeholder page.
If this proves anything, it’s that owners of rapidly growing web applications need to keep an eye on their brands in non-core TLDs, because cybersquatters are too.
ICANN demands the right to terminate .jobs
ICANN has asked the International Chamber of Commerce to rule that it has the right to terminate Employ Media’s .jobs contract.
It’s filed its response to Employ Media’s demand for arbitration over the disputed Universe.jobs service, which saw the registry vastly expand the .jobs space.
Employ Media “transcended the very intent behind creation of the TLD” with Universe.jobs, which allocated tens of thousands of .jobs domains to the DirectEmployers Association, ICANN said.
The organization wants the ICC to rule that it “may, but is not required to, terminate the Registry Agreement with Employ Media”, as it has already threatened.
Employ Media took ICANN to arbitration in May, after ICANN notified it that it was in breach of its registry agreement and they were not able to settle their differences in private talks.
The registry wants a declaration that it is not in breach.
But according to ICANN, Employ Media is still and has always been restricted to selling domains just to human resources professionals to promote jobs “within their own organizations”.
That’s despite ICANN’s approval of a contract amendment last year that allowed the registry to sell non-companyname .jobs domains.
This liberalization, ICANN says, did not allow the company to launch Universe.jobs, which monetizes at least 40,000 geographical and vocational .jobs through a massive third-party jobs board.
ICANN is now trying to frame the arbitration proceeding around a single question – was its breach notice “appropriate” or not?
The whole debacle is based around two interpretations of the .jobs Charter, which spells out who can register .jobs domains. This is what it says:
The following persons may request registration of a second-level domain within the .JOBS TLD:
– members of SHRM [the Society For Human Resources Management]; or
– persons engaged in human resource management practices that meet any of the following criteria: (i) possess salaried-level human resource management experience; (ii) are certified by the Human Resource Certification Institute; (iii) are supportive of the SHRM Code of Ethical and Professional Standards in Human Resource Management, as amended from time to time, a copy of which is attached hereto.
Employ Media’s interpretation is fairly literal and liberal – any signed-up SHRM member can register a .jobs domain and somebody at DirectEmployers is a member and therefore eligible.
Becoming a SHRM member is pretty straightforward and cheap. It’s not much of a barrier to entry.
ICANN argues that this interpretation is bogus:
Employ Media has espoused policies that allow a .JOBS domain name (or thousands of them) to be used for virtually any purpose as long as a human resource manager is propped up to “request” the domain. In doing so, Employ Media has failed to enforce meaningful restrictions on .JOBS registrations, as required by the Registry Agreement.
It further argues that Employ Media should have allocated premium .jobs domains through an “open, fair and transparent” process, rather than the “self-serving… backroom deal” with DirectEmployers.
Evidence now filed by ICANN shows that the two organizations have been arguing about this since at least November 2009, when Employ Media launched a Universe.jobs “beta”.
ICANN also now says that it has no problem with Universe.jobs, provided that Employ Media and SHRM amend their Charter policies to make the service retroactively compliant.
The more this dispute progresses and the more convoluted and expensive it becomes, the more it leaves me scratching my head.
You can download the latest arbitration documents from ICANN.
ICM gives away .xxx domains to porn stars (video)
It seems that pretty much every time I’ve written about .xxx over the last five or six years the article has been mentioned, or focussed on, how the porn business hates it.
For a change, here’s a shameless propaganda video (possibly NSFW) that ICM Registry produced during a recent, evidently quite boozy, party at Platinum Lace, a strip joint in London.
Context: ICM was sponsoring the party.
The people heard supporting .xxx are either porn actresses who’ve just been given their .xxx domains, employees of the Paul Raymond stable of top-shelf men’s magazines, or domain registrars.
One of the interviewers is “Mario”, a Z-lister known for being annoying on the TV show Big Brother last year. I figured his 15 minutes were already up, but I guess not.
The other is ICM’s sales director Vaughn Liley. He’s the one who starts interviews with the question “So, do you think .xxx will be good for the industry, or great?”
Watch out, David Frost.
Also seen posing, though not speaking, is Ben Dover, pretty much the only mainstream-famous porn video producer ever to come out of the UK.
Bit-squatting – the latest risk to domain name owners
Forget phishing, forget cybersquatting, forget typosquatting, high-value domain name owners may have a whole new threat to worry about – “bit-squatting”.
This appears to be the conclusion of fascinating new research to be presented by Artem Dinaburg at the Black Hat and DEF CON hacker conferences in Las Vegas next week.
Defective internet hardware, it turns out, may be enabling a whole new category of typosquatting that could prove worrying for companies already prone to domain name abuse.
According to a summary of Dinaburg’s research, RAM chips can sometimes malfunction due to heat or radiation, resulting in “flipped bits”, where a 1 turns into a 0 or vice-versa.
Because the DNS uses ASCII encoding, a query containing a single flipped bit could actually send the user to a completely different domain name to the one they intended to visit.
To test the theory, Dinaburg appears to have registered the typo domain name mic2osoft.com. While it’s not visually confusing or a likely typo, in binary it is only one bit different to microsoft.com.
The ASCII binary code for the digit 2 is 00110010, which is only one bit different to the lower-case letter r, 01110010.
The binary for the string “microsoft” is:
011011010110100101100011011100100110111101110011011011110110011001110100
and the binary encoding for “mic2osoft” is (with the single changed bit highlighted):
011011010110100101100011001100100110111101110011011011110110011001110100
Therefore, if that one bit were to be accidentally flipped by a dodgy chip, the user could find themselves sending data to the bit-squatter’s domain rather than Microsoft’s official home.
I would assume that this is statistically only a concern for very high-traffic domains, and only if the bit-flipping malfunction is quite widespread.
But Dinaburg, who works for the defense contractor Raytheon, seems to think that it’s serious enough to pay attention to. He wrote:
To verify the seriousness of the issue, I bit-squatted several popular domains, and logged all HTTP and DNS traffic. The results were shocking and surprising, ranging from misdirected DNS queries to requests for Windows updates.
…
I hope to convince the audience that bit-squatting and other attacks enabled by bit-flip errors are practical, serious, and should be addressed by software and hardware vendors.
His conference presentations will also discuss possible hardware and software solutions.
For large companies particularly at risk of typosquatting, the research may also present a good reason to conduct a review of their trademark enforcement strategies.
I’m not going to be in Vegas this year, but I’m looking forward to reading more about Dinaburg’s findings.
The annual Black Hat and DEF CON conferences are frequently the venues where some of the most beautifully creative DNS hacks are first revealed, usually by Dan Kaminsky.
Kaminsky is not discussing DNS this year, judging by the agendas.
The conferences were founded by Jeff Moss, aka The Dark Tangent, who joined ICANN as its chief security officer earlier this year.
Final gTLD Applicant Guidebook expected this week
It’s been over a month since ICANN approved its new top-level domains program, but we still don’t have a final-final version of the Applicant Guidebook.
The resolution approving the program ICANN passed in Singapore called for a number of amendments to be made to the 352-page tome.
The current draft was published May 30, and so far ICANN has not said when the next version – likely to be the version used in the first round of applications – will be released.
I inquired, and now word has come from on high that ICANN’s new gTLD team hopes to have the English version of the new Guidebook published by the end of July – this coming weekend.
The Singapore resolution called for changes to the government Early Warning and Advice processes, added protection for Olympic and Red Cross trademarks, and a modification of the Uniform Rapid Suspension cybersquatting policy.
One has to wonder if the changes outlined in the resolution are the only changes that we’ll see – a month seems like a long time to make just a few fairly minor edits.
The resolution said the board “authorizes staff to make further updates and changes to the Applicant Guidebook as necessary and appropriate”.
The first round of new gTLD applications is set to open January 12.
Could .om become the next typo TLD?
Will Oman’s .om domain follow in the footsteps of .co? Or .cm? Or neither?
The country-code top-level domain is set to be transferred to a new manager following an ICANN vote this coming Thursday.
The redelegation is one item on a unusually light agenda for the board’s July 28 telephone meeting. It’s on the consent agenda, so it will likely be rubber-stamped without discussion.
The domain is currently assigned to Oman Telecommunications Company, but the new owner is expected to be the national Telecommunications Regulatory Authority or an affiliated entity.
The Omani TRA was given authority over the nation’s domain names by Royal Decree in 2002.
It has already successfully had the Arabic-script ccTLD .عمان approved by ICANN for use as an internationalized domain name, but the IDN has not yet been delegated.
AusRegistry International this March won a $1.3 million contract with the TRA to provide software and services for the .om and .عمان registries.
At the time, the TRA said it planned to market both Latin and Arabic extensions to increase the number of domain registrations.
The .om ccTLD is of course a .com typo, like .co and .cm, but squatting is not currently possible due to its strict registration policies.
Only Omani entities may register .om domains today, and only third-level domains (such as example.com.om and example.net.om) may be registered. Domains may not be resold.
I have no particular reason to believe this situation will change under new stewardship, but it will certainly be worth keeping an eye on the TLD for possible policy changes.
When Cameroon’s .cm opened up, it implemented a widely vilified blanket wildcard in an attempt to profit from .com typos.
Colombia’s .co of course took the responsible route, disowning wildcards and embracing strong anti-squatting measures, even if its mere existence was still a headache for some trademark owners.
ICANN fights government gTLD power grab
ICANN has opposed a US move to grant governments veto power over controversial new top-level domain applications.
Cutting to the very heart of Obama administration internet governance policy, ICANN has told the National Telecommunications and Information Administration that its recent proposals would “undermine the very principle of the multi-stakeholder model”.
The stern words came in ICANN’s response to the NTIA’s publication of revisions to the IANA contract, the contract that allows ICANN to retain its powers over the domain name system root.
The NTIA’s Further Notice Of Inquiry contained proposed amendments to the contract, including this:
For delegation requests for new generic TLDS (gTLDs), the Contractor [ICANN] shall include documentation to demonstrate how the proposed string has received consensus support from relevant stakeholders and is supported by the global public interest.
This was widely interpreted as a US attempt to avoid a repeat of the .xxx scandal, when ICANN approved the porn gTLD despite the unease voiced by its Governmental Advisory Committee.
As I noted in June, it sounds a lot like code for “if the GAC objects, you must reject”, which runs the risk of granting veto powers to the GAC’s already opaque consensus-making process.
In his response to the FNOI (pdf), ICANN chief Rod Beckstrom says that the NTIA’s proposal would “replace” the “intensive multi-stakeholder deliberation” that created the newly approved Applicant Guidebook.
He also pointed out the logical inconsistency of asking IANA to remain policy-neutral in one part of the proposed contract, and asking it to make serious policy decisions in another:
The IANA functions contract should not be used to rewrite the policy and implementation process adopted through the bottom-up decision-making process. Not only would this undermine the very principle of the multi-stakeholder model, it would be inconsistent with the objective of more clearly distinguishing policy development from operational implementation by the IANA functions operator.
NTIA head Larry Strickling has been pounding the “multistakeholderism” drum loudly of late, most recently in a speech in Washington and in an interview with Kieren McCarthy of .nxt.
In the .nxt interview, Strickling was quite clear that he believes ICANN should give extra authority to governments when it comes to approving controversial strings.
The NTIA concern – shared by other government entities including the European Commission – is that controversial strings could lead to national blocking and potentially internet fragmentation.
While Strickling declined to comment on the specific provisions of the IANA contract, he did tell .nxt:
If the GAC as a consensus view can’t support a string then my view is that the ICANN Board should not approve the string as to do so in effect legitimizes or sanctions that governments should be blocking at the root zone level. And I think that is bad for the Internet.
Where you’re dealing with sensitive strings, where you’ve engaged the sovereignty of nations, I think it is appropriate to tip the hat a little bit more to governments and listen to what they say. On technical issues it wouldn’t be appropriate but on this particular one, you’ve got to listen a little bit more to governments.
He also indicated that the US would not necessarily stand up for its principles if confronted by substantial objections to a string from other governments:
So we would be influenced – I can’t say it would be dispositive – if a large number of countries have a problem with a particular string, even if it was one that might not be objectionable to the United States government.
And that is out of interest of protecting the Internet’s root from widespread blocking at the top-level by lots of governments.
Does this mean that the US could agree to a consensus GAC objection to a .gay gTLD? A .porn? A .freespeech? It certainly sounds like it.
Recent Comments