Recent Posts
- Over 6,000 Brexit domains snapped up after mass delete
- Verisign saw MASSIVE query spike during Facebook outage
- .xxx shows up in botnet top-five TLDs for the first time
- ICANN splits $9 million new gTLD ODP into nine tracks
- “We fell short” — Tucows says sorry for Enom downtime
- Crain named ICANN CTO
- Bank spends $800,000 to move from a .bank to the exact-match .com
- Battle for .web “far from over”, says Afilias lawyer
- BMW porn site leads to registrar getting suspended
- CentralNic grows revenue 70% in 2021
- Nightmare downtime weekend for some eNom and Google customers
- XYZ bosses agree to pay $1.5 million to settle Fed’s loan scam claims
- New gTLD pioneer MMX to wind up
- ICANN trying to strangle SSAD in the crib?
- ICANN trying to water down its transparency obligations
- A decade after the last new gTLD round, Marby starts the clock on the next one
- Monte Cahn revealed as third new gTLD buyer
- “National security” cited as registry says you have to ask its CEO if you want to register more than TWO domains
- Whois reform to take four years, cost up to $107 million A YEAR, and may still be pointless
- New year, new server, new functionality
- ICANN is blocking 23 gTLD transfers over blockchain fears
- GoDaddy gets another year to negotiate .xxx contract
- GoDaddy wins .tv contract after Verisign blows off 20-year deal
- EURid’s CEO is retiring
- Omicron domain sells for $5,000
- Hamburg to have second crack at hosting ICANN meeting
- .org back-end deal will come up for re-bid, PIR says as it acquires four new gTLDs
- ICANN budget: staff bloat making a comeback
- ICANN budget: no more new gTLDs before 2028
- ICANN budget: mild optimism amid maturing industry
- ICANN says ODP will speed up new gTLDs in the long run
- Be the next “face” of dot-brands
- CentralNic makes another registrar acquisition
- ICANN takes the lamest swipe at Namecheap et al over blockchain domains
- GoDaddy hack exposed a million customer passwords
- EURid to drop 48,000 Brexit domains in one day
- Google to release another new gTLD next month
- XYZ counting standard sales as “premiums” because its fees are so expensive
- Nominet names Paul Fletcher new CEO
- CentralNic takes over a dead dot-brand
- Delta variant cranks up Aussie domain regs in Q3
- .music goes live, plots 2022 launch
- Three ICANN directors wanted to go to Puerto Rico
- Architect of Nominet boardroom bloodbath and Tucows backer win director seats
- Virgin territory as GoDaddy pushes $30 million porn domain renewals
- ICANN abandons face-to-face plan for Puerto Rico
- ICANN teases prices for private Whois lookups
- ICANN adds another six months to Whois reform roadmap
- ICANN domains revenue ahead of estimates again
- GoDaddy says it turned around Neustar, and .biz numbers seem to confirm that
- If you guessed Facebook’s “Meta” rebrand, you’re probably still a cybersquatter
- Almost 300,000 UK .eu regs disappeared because of Brexit
- Whois rule changes that nobody likes get approved anyway
- ICANN 72 has lowest turnout since records began
- CSC (not that one) scraps its dot-brand
- Verisign boss talks .web launch, timing and pricing
- First UNR gTLD buyer outs itself
- ICANN boss warns over existential “threat” from Russia
- Big dose of reality for gTLD-hungry dot-brand applicants
- UDRP respondent has name hidden on mental health grounds
- Facebook rebrand: did one new gTLD or domainer just hit the jackpot?
- .basketball domain emerges under GoDaddy with fewer hoops
- Donuts shuts down 14 registrars, but it’s “not related to DropZone”
- EURid fends off rivals for .eu contract
- Guy fills exact-match domain with porn, wins UDRP anyway
- Bahrain to relaunch ccTLD globally
- CentralNic says it’s making more money than expected
- Most registrars did NOT “fail” abuse audit, ICANN says
- Surprise eleventh-hour picks for NomCom leadership after ICANN U-turn
- Man with broken shift key sues ICANN and GoDaddy over Bitcoin domain
- Alice’s Registry disappears down the rabbit hole
- Nominet rebels dominate directorship slate
- 10 Years Ago… new gTLDs, ICANN pay, DNS abuse and ethics
- Nominet to purge £50 million from war chest for good causes as new chair outlines strategy
- .club — the whole TLD just went down
- Donuts’ DropZone approved despite competition fears
- I’m not kidding, ICANN is flirting with banning jokes
- DotConnectAfrica slammed for two-faced strategy as it loses .africa appeal
- PIR poaches new CTO from Verisign
- Marby finds his pandemic pessimism
- James Bond domains listed for sale by .bond registry
- Afnic gets renewed for .fr
- Tucows buys UNR’s registry business as Schilling bows out
- Neustar exec fingered in Trump’s Russian “collusion” probe
- Donuts’ drop-catching service not anti-competitive, ICANN says
- Almost no security researchers asking for Whois records – Tucows
- Price of Whois lookups could rise as ICANN delays reform work
- Cloudflare goes all-in with at-cost domains
- Hold on to your stats! ShortDot gets two gTLDs approved in China
- CentralNic spends $6.5 million on traffic network
- Nothing but losses ahead for MMX
- Afilias appeals .web ruling, Verisign responds with “rigging” claims
- ICANN won’t vote on new gTLDs for another year
- ICANN now has half a billion bucks in the bank after huge pandemic profits
- Dead dot-brands top 100. Here’s the list and breakdown
- I had a stroke
- Volkswagen drives IDN dot-brand off a cliff
- CTO Conrad quits ICANN
- France gets more domain takedown powers
- MMX to return GoDaddy cash to investors
- Could registrars get sued under new Texas abortion law?
- DropCatch raises antitrust concerns about Donuts’ Dropzone proposal
- ICANN could get the ball rolling on next new gTLD round this weekend
- Domain industry SHRINKS again… except of course it doesn’t
- Toilet-maker’s dot-brand gets flushed
- Latest geo-gTLD goes to sunrise
- NameSilo says it’s growing too fast to be acquired
- Most registrars fail ICANN abuse audit
- More privacy headaches? UK to withdraw from GDPR
- Bizarre redactions in Pirate Bay founder’s ICANN registrar ban
- ICANN cuts the weekend from next public meeting
- DotKids signs very weird new gTLD contract
- Dropping domains might get more expensive at Donuts
- .sucks registry probably “connected” to mass cybersquatter, panel rules
- As Kabul falls, Whois could present a danger to ordinary Afghans
- Second-level .au names coming next March with tight deadline
- ICANN director picks for 2021 revealed
- Over 2,000 attendees for ICANN 73?
- .za back-end deal up for grabs
- ICANN spills beans on Marby’s million-dollar payday
- ICANN 73 will be “virtual first”
- Registrars to get more domain takedown powers
- Irish domain sales closely track pandemic restrictions
- MMX drops two registrars
- “Crimes against humanity” claims against Afilias
Most registrars fail ICANN abuse audit
The large majority of accredited registrars failed an abuse-related audit at the first pass, according to ICANN.
(UPDATE October 14, 2021: ICANN disagrees with this characterization.)
The audit of 126 registrars, representing over 90% of all registered gTLD domains, founds that 111 were “not fully compliant with the [Registrar Accreditation Agreement’s] requirements related to the receiving and handling of DNS abuse reports”.
Only 15 companies passed with flying colors, ICANN said.
A further 92 have already put in place changes to address the identified concerns, with 19 more still struggling to come into compliance.
The particular parts of the RAA being audited require registrars to publish an abuse email address that it monitored 24/7 and to take action on well-founded cases of abuse within 24 hours of notification.
The results of the audit, carried out by ICANN Compliance and KPMG, can be found here (pdf).
Israeli registrar denies “arms dealer” claims
Israeli registrar GalComm has denied being involved in a widespread malware distribution scheme after being fingered by a security outfit.
Last month Awake Security accused the registrar, officially Communigal Communication Ltd, of being “at best complicit in malicious activity”.
The firm published a report entitled “The Internet’s New Arms Dealers: Malicious Domain Registrars” which linked GalComm to a network of malicious Chrome browser extensions the firm said can steal sensitive data from users who have them installed.
It identified 111 such plug-ins, which it said have been downloaded 33 million times, using over 15,000 domains registered via GalComm.
GalComm has around 48,000 domains registered in gTLDs at the last count, so that’s a sizable percentage of the registrar’s business.
Awake came to the conclusion that GalComm was well-aware of what its customers were up to.
Now, the registrar has sent a cease-and-desist notice to Awake, CC’d to ICANN (pdf), in which it denies all knowledge and responsibility for the malware.
GalComm’s line, to summarize, is that it’s just a registrar, and that it has no obligation to monitor how its customers use their domains.
It adds that the domains in question amount to 10% of its DUM. Still a pretty big chunk.
The company wants Awake to retract its report by today, which it has not yet done, or it will call in the lawyers.
An open question to the domain name industry about coronavirus
“Don’t worry. We’ve done this before.”
That was pretty much the first sentence out of my grandmother’s mouth when I called to wish her a happy Mother’s Day.
She was talking about World War II and the immediate post-war years. She’s 94, so she saw both.
She’s no Uncle Albert. I don’t think I’ve ever heard her talk about “The War” before. Not once. But when her grandson called her for the first time in embarrassing months, that was where her mind went straight away.
They couldn’t get oranges, for years, back then. If you were diabetic, you couldn’t get sugar, but they gave you extra butter instead. She developed an aversion to canned pineapple chunks that persists to this day. She still has her ration book, a souvenir of trying times, squirreled away somewhere.
She was in generally good spirits. She knows that Covid-19, if it gets through the front door of her granny flat, will very likely be the end of her. Her mind is fully intact, but her body is all kinds of fucked up. But she and the family members who bring her food are taking the proper precautions. And, she said, she’s been self-isolating since November anyway. What’s another 12 weeks?
The WWII comparison was not at all surprising to hear, of course. A lot of us have been thinking similar things. The media is currently resplendent with uplifting examples of what we Brits refer to as the “Blitz spirit” — unity and stoicism in the face of overwhelming adversity.
There are significant differences, of course.
The enemy now is not an identifiable political faction with a skull on its cap, but a remorseless, invisible beastie. The Allies are not a collection of like-minded liberal nations, but literally the entire human species.
The baddies don’t want to shoot you. They want to infiltrate your nasal cavity and make you accidentally kill your parents with a hug. You kill them with soap.
Back then, we required young men to travel overseas to kill and potentially die to serve the greater good. We asked the women they left behind to take to the factory floors and work traditionally male jobs. Now, all we ask of them is that they don’t go down the pub on a Saturday night, and apparently sometimes even that’s too big of an ask.
Society is asking me to work from home during the day and do nothing more than watch TV and play Xbox in the evenings. Fine. I can do that. I was doing that anyway. This, apparently, is how my generation gets to save lives.
It doesn’t feel like much of a sacrifice.
Worldwide, people are sitting alone at home, twiddling their thumbs, watching slightly-less-than-hi-def Netflix, and wondering how they can do more to make a positive difference in this civilizational battle.
In the domain industry, we’ve recently seen the Internet Commerce Association attempt to help out people who are financially struggling due to coronavirus with its #DomainAssist Twitter campaign.
I’m not sure how effective it’s going to be, but ICA members have money, are trying to make a difference, and I’m certainly not going to knock them for it.
But there is one battle that the domain industry is uniquely positioned, and maybe even obligated, to fight.
That’s the fight against misinformation.
The World Health Organization started alerting the world to the Covid-19 “infodemic” in early February.
“We’re not just fighting an epidemic; we’re fighting an infodemic,” WHO director-general Tedros Adhanom said at the Munich Security Conference February 15. “Fake news spreads faster and more easily than this virus, and is just as dangerous.”
Hear that? The world’s top doc says that misinformation is just as dangerous as something that could kill your grandmother.
Just as crime flourished in London during the Blitz, 21st century fraudsters have been quick to take advantage of the coronavirus panic.
The fake news ranges from the harmlessly satirical — a quarantined Tom Hanks being supplied with a volleyball for company — to the life-threatening — tales of how ingesting silver, taking cocaine or drinking bleach can protect your from the virus.
In India, fake news is persuading people to drink cow piss.
Some of these scammers are just conspiracy theorists raging against the Big Pharma machine. Others are actively trying to make money hawking bogus and dangerous fake vaccines and cures. In the era of pandemic, they’re just as bad as each other.
It’s serious stuff. An infected person who thinks they’ve ingested the magic cure is less likely to take the proper precautions and more likely to transmit the virus to others, who will transmit it to others, who will transmit it to others… and then a bunch of people die.
So far, the WHO and other health authorities have rightly been focused largely on the social media platforms where the majority of this bogosity spreads.
The likes of Facebook, Twitter and Google have made changes to their usage policies or content-promotion algorithms in response to the crisis.
Twitter has banned tweets that go against the official guidance on reducing the spread of the virus. Facebook is promoting authoritative news sources and fact-checking misinformation. Google searches for coronavirus return curated, science-based info embedded in the results page, and banned coronavirus-related advertising. YouTube is taking down videos peddling dangerous misinformation.
The social media side of the technology industry certainly seems to be backtracking on its usual “we just a neutral platform” stance.
But it’s not just happening on social media. Many of these posts lead to web sites that are harmful. Some are simple frauds and phishing attacks. Others promote fake cures or urge readers to ignore the official science-based advice.
These web sites use domain names. Thousands have been registered in recent weeks.
NewsGuard has identified dozens of web sites that are promoting coronavirus misinformation. Fact-checking sites such as the AFP and Snopes have identified many more.
So here’s my open question, which I pose to every registry, registrar and reseller reading this:
If you are told about a domain name under your management that is publishing dangerous misinformation, will you take it down?
I’d like to think I know the answer to this question already, but I’m not sure I do.
Registries and registrars are notoriously reluctant to act on complaints about the contents of web sites. Many require a court order before taking action.
During peace time, worthy principles such as free speech, privacy, and legal due process all play a role in this kind of decision-making.
The latest version of the Framework to Address DNS Abuse lists four types of content that its dozens of domain-industry signatories “should” (as opposed to “must”) act on — child sex abuse material, illegal opioid sales, human trafficking, and credible incitements to violence.
The underlying principle leading to this list is “the physical and often irreversible threat to human life”.
I’m reminded of the ethical conundrum faced by EasyDNS and CEO Mark Jeftovic back in 2014, when the company changed its usage policies after a guy died due to fake pharma bought via a domain under its management.
“In one case we have people allegedly pirating Honey Boo Boo reruns and on the other we have people dying. We don’t know where exactly, but the line goes somewhere in between there,” Jeftovic wrote at the time.
I don’t wish to pick on EasyDNS or Jeftovic — changing one’s mind in the face of new evidence is an admirable trait — but I think his quote poses the question quite well.
There’s a line where free speech ends and incitement to virological violence begins.
Figuring out where that line is is something the domain name industry is going to have to get to grips with, fast.
Recent Comments