Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
IP address privacy policy killed
A proposal that would have brought the equivalent of domain name proxy registrations to IP addresses in North America has been dropped after its author had a chat with the FBI.
The policy would have allowed ISPs that take their IP addresses from ARIN, the American Regional Internet Registry, to substitute their own contact information in place of their customers’ details.
Proposing the policy, Aaron Wendel of WholesaleInternet.com initially said that the requirement to publish customer lists into a Referral Whois (RWHOIS) database “runs contrary to good business practices” and allows ISPs to poach each other’s customers.
Wendel publicly withdrew his proposal an hour ago at the ARIN meeting in Toronto, shocking some attendees.
He said he was doing so after a late-night session hearing the concerns of an FBI agent who is at the meeting, as well as conversations with members of ARIN staff.
The proposed policy had also been criticized by companies including Paypal, and many security experts.
RWHOIS allows any internet user to identify the user of an IP address in much the same way as Whois allows domain name registrants to be identified.
It is regularly used by law enforcement to track down spammers and other online crooks.
Unlike Whois, RWHOIS has a carve-out protecting residential users.
RapidShare chases cybersquatters
RapidShare, the popular German file-hosting site, has filed six cybersquatting claims against people with the word “rapidshare” in their domains.
The UDRP complaints are either a sign that RapidShare is cracking down on pirated content, or an example of balls-out intellectual property chutzpah.
My guess is it’s the latter, for two reasons.
First, a search reveals dozens of popular sites with “rapidshare” in the domain, all serving RapidShare links to copyrighted content, none of which have had UDRP claims filed against them.
Second, each of the six domains RapidShare has filed claims for seem to provide links only to files hosted by competing services such as Hotfile.com or Uploading.com.
RapidShare.com is currently the 35th most-popular site on the internet, more popular than Craigslist, according to Alexa.
A German court ruled two years ago that it had to start deleting pirate content, and it has been playing whack-a-mole with the bootleggers ever since.
Now, it wants the World Intellectual Property Organization to help it protect its trademark. There’s irony for you.
Network Solutions under attack again
Network Solutions’ hosting operation is under attack for the second time in a week, and this time it’s definitely not a WordPress problem.
The company has acknowledged that it has “received reports that Network Solutions customers are seeing malicious code added to their websites”, but has not yet released further details.
Sucuri.net, which was intimately involved in the news of the hack against NSI’s WordPress installations last week, blogged that this time the attacks appear to have compromised not only WordPress, but also Joomla-based and plain HTML sites.
Last week’s attacks were eventually blamed on insecure file permissions, which enabled shared-server hosting customers to look at each other’s WordPress database passwords.
But today NSI, one of the top-five domain name registrars, said: “It may not be accurate to categorize this as a single issue such as ‘file permissions’.”
Sucuri said that malicious JavaScript is being injected into the sites, creating an IFrame that sends visitors to drive-by download sites.
It’s a developing story, and not all the facts are out yet.
But it’s clear that NSI has a public relations problem on its hands. Some customers are already using Twitter to declare that they will switch hosts as a result.
And if it’s true, as Sucuri reports, that Google is already blocking some of the affected sites, who can blame them?
$10 billion disk-maker wins domain name
Seagate Technology, the world’s biggest hard disk drive maker, has won seagatetechnology.com – the exact match of its company name – at UDRP.
The squatter, identified as Standard Bearer Enterprises, registered the name in 2004. That’s six years of squeezing click revenue from an exact-match name of a multi-billion dollar firm.
Standard Bearer has a track record of losing famous names at UDRP, and was named in a cybersquatting lawsuit filed by Andre Agassi and Steffi Graff last year.
Seagate is a huge company, reporting revenue approaching $10 billion last year. It has been using the Seagate Technology trademark since 1983.
It’s not exactly naive about domain names, either.
Its primary domain, seagate.com, was first registered in 1992 – the Neolithic by internet standards. It beggars belief that its taken 18 years to secure its long-form company name.
Demand Media in rumored IPO
Demand Media, which owns number-two domain registrar eNom, could file to go public this summer, the Financial Times has reported.
Widely thought of as a “content mill”, Demand is in the business of mining search and domain data and pumping out content which it can sell ads against.
The FT, using anonymous sources, reports that an IPO, which could happen by November, would value the firm at $1.5 billion. Revenue is estimated to be around $250 million a year.
While selling domain names does not appear to be Demand’s core business, other domain name registrars have a rocky record when it comes to public listings.
Register.com, which used its early-mover advantage to IPO at the tail end of the dot-com boom, ended up going private after low-cost registrars like Go Daddy started eating its lunch.
Go Daddy itself gave the world a glimpse at its finances when it filed its S-1 back in 2006, but CEO Bob Parsons yanked the IPO at the eleventh hour, citing poor market conditions and his inability to keep his mouth shut during the traditional pre-offering Quiet Period.
Parsons said at the time that it’s hard to show a profit under GAAP as a growing registrar, due to the way registrations are accounted for.
Tucows, meanwhile, has managed to tick along quietly with a listing on the small-cap markets for years.
Porn group starts anti-XXX campaign
Now that the Christians appear to have quietened down, the adult entertainment industry has unleashed its own letter-writing campaign aimed at crippling ICM Registry’s bid for the .xxx TLD.
The Free Speech Coalition has started urging its members to lobby ICANN with emails demanding that the .xxx proposal is rejected.
The front page of its web site started carrying the call to action earlier today, already resulting in over a dozen form complaints.
The anti-porn complaints that have flooded ICANN’s forums for the last week focussed largely on the alleged harmful effects of porn, and will probably be politely ignored.
But unlike the Christians, the FSC has read the background documents – which request comments on how ICANN should process ICM’s application – and its letters are therefore on-topic
They urge ICANN to “Adopt Option #3” by agreeing with the dissenting minority view of the Independent Review Panel that recently ruled ICANN was unfair to reject ICM back in 2007.
“Regardless of the option chosen, I ask that ICANN continue to consider the widespread opposition of the sponsored community in any further decisions concerning a .XXX sTLD,” the letters add.
The campaign is not unexpected, but it won’t make ICANN’s board of directors’ decision any easier. After all, .xxx is ostensibly a “sponsored” TLD, and a significant voice within its potential customer base does not appear to want it.
There may also be other power games at play.
ICM president Stuart Lawley claimed during his IRP cross-examination in September that the FSC had offered to support ICM in 2003, but only if it could control the sponsoring organization and collect the associated $10 per domain per year.
The ICANN comment period runs until May 10. The FSC’s own comments, from boss Diane Duke, are here.
TLDH sells off domain portfolio, waits for new TLDs
Top Level Domain Holdings has reported blah revenue for its fiscal 2009, as it reorganized itself in preparation for ICANN’s forthcoming new gTLD round.
The company, which owns registry services firm Minds + Machines and has interests in dotNYC and DotEco, is listed on London’s low-cap AIM market.
It today reported revenue for the 12 months to October 31, 2009 of £315,000 ($487,000), up from £232,000 ($358,000) a year earlier, with an operating loss of £1.4 million, ($2.2 million) down from £1.5 million ($2.3 million).
TLDH also revealed that it sold off its entire parked domain name portfolio for $250,000 last November, after the end of its financial year, after it found parking revenue on the decline:
The Company’s domain name portfolio comprising mainly German and other European parked domain names that receive direct navigation and search traffic which can be monetized through search links to generate click-through advertising revenues generated a lower revenue in the period and were subsequently sold following the period end for US$250,000 in cash.
TLDH recorded an impairment charge of £154,000 ($238,000) for this transaction, suggesting the company sold its portfolio for approximately half of its previously reported paper value.
The firm says its strategy is “to build a portfolio of gTLD applicants and infrastructure technologies”, and believes ICANN’s recent Nairobi meeting decisions continued “a trend of increasing the barriers to application for non-experts”.
TLDH still looks like it has more than enough cash on hand to see it through to when ICANN begins officially accepting new TLD applications, barring further delays, with £4.3 million ($6.6 million) in the bank at the end of October.
ICANN publishes Whois reform wish-list
ICANN’s latest stab at reforming Whois could lead to lots of useful new features, from more comprehensive search to more uniform privacy services.
The organization has released a staff report, “Inventory of WHOIS Service Requirements”, outlining 12 technical areas where Whois could be improved.
If the ideas were implemented, Whois records could one day contain your Twitter address or instant messaging screen name, as well as the current set of data.
The proposals could also lead to registrant search features in Whois as standard, allowing users to pull up a list of all the domains registered by any given individual.
That kind of service is only currently available at a premium price from the likes of DomainTools. The ICANN proposals could bake it into the spec.
The new paper, apparently released yesterday, was designed to outline technical requirements that might be needed to support future policies on Whois.
So while it’s not policy, it’s a good indicator of where ICANN thinks policy may head.
It concludes with a list of 12 “possible requirements” for the GNSO and other stakeholders to consider over the next couple of months before the Brussels meeting.
Here are the highlights: …continue reading
WordPress founder criticizes NSI’s security
WordPress founder Matt Mullenweg had a few harsh words for top-five domain registrar Network Solutions today, after a whole bunch of NSI-hosted blogs were hacked over the weekend.
It appears that NSI’s web hosting operation, which includes a one-click WordPress installation service, was failing to adequately secure database passwords on shared servers.
Or, as Mullenweg blogged: “A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files.”
WordPress, by necessity, stores its database passwords as plaintext in a script called wp-config.php, which is supposed to be readable only by the web server.
If the contents of that file are viewable by others, a malicious user could inject whatever content they like into the database – anything from correcting a typo in a blog post to deleting the entire site.
That appears to be what happened here: for some reason, the config files of WordPress blogs hosted at NSI gave read permissions to unauthorized people.
The cracker(s) who noticed this vulnerability chose to inject an HTML IFrame into the URL field of the WordPress database. This meant visitors to affected blogs were bounced to a malware site.
Mullenweg is evidently pissed that some news reports characterized the incident as a WordPress vulnerability, rather than an NSI vulnerability.
NSI appears to have corrected the problem, resetting its users’ database passwords as a precaution. Anybody making database calls in custom PHP, outside of the wp-config.php file, is going to have to go into their code to update their passwords manually.
WIPO’s UDRP market share lead narrows
The number of UDRP cases filed with the National Arbitration Forum dipped slightly last year, according to NAF numbers released today.
The organization said it received 1,759 filings last year, compared to 1,770 in 2008. Only 1,333 of the cases were actually heard; the others were dropped or settled.
While that’s a decline for NAF, it’s not quite as steep as the almost 10% drop experienced by rival arbitrator WIPO over the same period.
That said, WIPO is still the primary choice of companies trying to enforce their trademarks in the domain name system, saying last month that it received 2,107 complaints in 2009.
It was also the year of big multi-domain cases for both outfits.
WIPO handed 1,542 domains to Inter-Continental Hotels in a single case, while NAF transferred a relatively modest 1,017 domains to ConsumerInfo.com.
Recent Comments