Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Go Daddy tech support is a cash cow
Go Daddy’s call center support staff make the company hundreds of thousands of dollars a day in up-sells, according to documents revealed as part of an employee class-action lawsuit.
I covered the lawsuit (PDF), filed by three former Go Daddy employees, for The Register on Friday.
One of the plaintiffs, Toby Harris, was fired after he leaked “confidential” screenshots of the company’s CRM system to his home email address.
I’m not going to get into the details of the lawsuit, which concerns labor practices, here.
But the screenshots, which offer a bit of insight into how much revenue these front-line call center staff make for Go Daddy, are worth looking at.
According to one, Harris delivered over $10,000 in gross sales for the company over nine working days in January, taking about 5% of that for himself in commission.
Not bad for a rookie $12-an-hour support guy, considering how cheap most Go Daddy products are.
Another CRM screen shows the performance of a couple dozen members of Harris’ team, including how much commission they made over a two-week period and how many customer calls they handled.
These 23 employees made between $1,290 and $255 in commissions over the period, averaging $564 each, dealing with on average 31 calls each per day.
If that’s 5% of the gross, over 10 business days, you could try to extrapolate some company-wide data, but the screenshot probably represents too small a sample to make any precise calculations.
Still, it’s pretty clear that that a substantial chunk of Go Daddy’s revenue is generated by call center staff.
Harris told me he was expected to shift $250 to $450 worth of product every day, the equivalent of selling at least one new $8 domain name to every caller.
Domain Name Wire reported last December that the company had 1,600 support staff. At the low end of $250 a day, that would equate to $400,000 a day or $146 million a year from the phones alone.
I guess I found this a little surprising because while I always knew Go Daddy’s web site was a cash machine, I had assumed its call center spent most of its time providing technical support.
As a customer, I often wondered how the company managed to run such a high-quality support service on such a pitifully low-margin loss-leader.
Now I know. Judging by these leaked numbers, those guys more than pay for themselves.
VeriSign poised to sell SSL business to Symantec
Reliable news sources including the Wall Street Journal and Reuters are reporting that VeriSign is on the verge of offloading its market-leading SSL certificate business to Symantec for over $1 billion.
The sale would be the latest in a series of spin-offs that started in 2007, highlighting the company’s renewed focus on domain names.
VeriSign spent many years acquiring a bunch of companies in tenuously related markets – deals that never really made any sense to me – and the last few years selling them off again.
But SSL is not really in the same category as VeriSign’s bizarre forays into, for example, the Crazy Frog ringtone company. It’s the business the company was founded on when it was spun out of RSA Security 15 years ago.
It’s called VeriSign for a reason.
But offloading the SSL business would make sense. One of the reasons VeriSign bought Network Solutions ten years ago was the obvious retail synergies between domain names and SSL certificates – customers could buy both at the same time.
That synergy was diluted when VeriSign spun the NSI registrar business out as a separate company three years later, creating the vertically separated domain name market we know today.
Symantec, with its fingers in the enterprise and home/small business pies, might be able to make a better crack at the SSL game.
So is this bad news for SSL’s current silver medal holder, Go Daddy?
Possibly. Symantec is a force to be reckoned with – only marketing prowess could explain why so many people use Norton.
Of course, these news stories could be nonsense.
But my guts say they’re probably based on the same kind of leaks that companies often float to the press, to see what the markets do, when they’re in the final stages of negotiations.
China connection to Go Daddy WordPress attacks
Go Daddy’s hosting customers are under attack again, and this time it looks like it’s more serious.
Reports are surfacing that WordPress sites hosted at Go Daddy, and possibly also Joomla and plain PHP pages there, are being hacked to add drive-by malware downloads to them.
Go Daddy has acknowledged the attacks, blaming outdated WordPress installations and weak FTP passwords, and has put up a page with instructions for cleaning the infection.
Last week, I was told that the first round of attacks was very limited. Today, the attackers seem to have stepped it up a notch.
As a result, Go Daddy could find itself in a similar situation to Network Solutions, which had a couple of thousand customer sites hacked a few weeks back.
The attacks appear to be linked to a well-known crime gang with a Chinese connection.
According to Sucuri, when a Go Daddy-hosted WordPress page is hacked, JavaScript is injected that attempts to redirect surfers to a drive-by attack from the domain kdjkfjskdfjlskdjf.com (don’t go there).
This domain was registered with BizCN.com, an ICANN-accredited Chinese registrar, but its name servers appear to have been created purely for the attack.
The registrant’s email address is hilarykneber@yahoo.com. This connects the attack to the “Kneber” botnet, a successful criminal enterprise that has been operating since at least December 2009.
A Netwitness study revealed the network comprised at least 74,000 hacked computers, and that the bulk of Kneber’s command and control infrastructure is based in China.
Since Kneber is known to be operated by a financially motivated gang, and it’s by no means certain that they’re Chinese, it’s probably inaccurate to suggest there’s something political going on.
However, I will note that Go Daddy was quite vocal about its withdrawal from the .cn Chinese domain name registration market.
Network Solutions, while it was quieter, also stopped selling .cn domains around the same time as the Chinese government started enforcing strict registrant ID rules last December.
Hostway wants non-existent domain patent
Hostway, the large web hosting company, has applied for a US patent on a system of intercepting and redirecting requests for non-existent domains names.
The application describes “A system and method for controlling internet traffic controls internet traffic directed to a non-existing domain in a centralized manner.”
It appears to cover a service that could be offered to local ISPs, enabling them to show their users monetized search pages rather than domain-not-found error messages.
Under the system, ISPs would intercept NXDOMAIN responses to their users’ DNS lookups.
Instead of passing the error on to the browser, the ISP would consult a centralized controller for the IP address of a context-appropriate landing page to redirect the user to.
It’s not at all clear to me whether Hostway is using the technology or has plans to do so. The application was filed in October 2008.
ISPs using NXDOMAIN substitution to monetize error traffic is widespread but controversial.
ICANN president Rod Beckstrom strongly complained about the practice, which also has security implications, during a rant at the Nairobi meeting last month.
VeriSign’s Site Finder, and later Cameroon’s .cm, both controversially did similar things when they “wildcarded” non-existent domains at the TLD registry level.
Other interesting US patent applications published today include:
20100106650 – covering Go Daddy’s auction services.
20100106793 and 20100106794 – covering email forwarding under Go Daddy’s private registration services.
20100106731 – assigned to VeriSign, covering a method of offering alternative domain names for registration when a buyer’s first choice is unavailable.
Go Daddy plays down “massive” attack claim
Malicious hackers have compromised a number of WordPress installations running on Go Daddy hosting, but the company claims very few customers were affected.
Slashdot carried a story a few hours ago, linking to a blog claiming a “massive” breach of security at the domain name registrar.
(EDIT: as noted in the comments, this blog may itself have been hacked, so I’ve removed the link. You can find it in the comments if you want to take the risk.)
But Go Daddy says the problem is not as widespread as it sounds.
“We received reports from a handful of Go Daddy customers using WordPress their websites were impacted by the script in question,” Go Daddy security chief Todd Redfoot said in a statement.
“We immediately opened an investigation into what happened, how it was done and how many sites were affected,” he said. “The investigation is currently ongoing.”
The attack is certainly not ubiquitous. I host a number of WordPress sites with Go Daddy, including this one, and they all appear to be working fine today.
And a Twitter search reveals no references to an attack today prior to the Slashdot post, apart from the blog it was based on.
That doesn’t prove anything, but when Network Solutions’ WordPress hosting was breached last week there was a lot more tweet noise. That attack had thousands of victims.
For those interested in the details of the attack, this WordPress security blog appears to be the best place to get the nitty-gritty.
.co enters pricey global sunrise
Trademark holders can from today apply for their brands as .co domain names, even if they do not do business in Colombia.
The second stage of .CO Internet’s sunrise period allows owners of non-Colombian trademarks to apply for their domains through one of 10 chosen launch registrars.
Prices vary from $225 with OpenSRS to $335 through Dotster, with most deals comprising non-refundable application fees plus first-year registration. Go Daddy is charging $299.99 and Network Solutions is charging $279.99.
With the possible exception of .xxx, I’ve got a suspicion that this could be one of the last “generic” TLD launches with such expensive sunrise periods.
It’s quite possible there could be pricing pressure if ICANN quickly approves a few hundred new gTLDs next year. If each charges ~$300 for a pre-launch, it could cause some some registrants to rethink their defensive registration strategies.
The .co sunrise ends June 10. General availability begins July 20.
Go Daddy feature tallies Whois queries on your domain
I may be a bit late off the blocks, but I just learned about a rather nifty little feature buried within Go Daddy that lets you see when somebody has done a Whois lookup on one of your domains.
Log in to your Domain Manager, click Tools, click Exportable Lists, click Add New Export, then check the relevant boxes in the wizard.
The feature exports a .csv file telling you how many Whois searches have been run against each of your domain names in the last day, week, month and year.
I imagine this could provide a few useful data points when deciding how much interest there is in a domain you’re planning to sell.
I also found it quite interesting that more people executed Whois queries on domainincite.com in March than bothered to click the About tab at the top of the page.
Domain people are an odd bunch.
Demand Media in rumored IPO
Demand Media, which owns number-two domain registrar eNom, could file to go public this summer, the Financial Times has reported.
Widely thought of as a “content mill”, Demand is in the business of mining search and domain data and pumping out content which it can sell ads against.
The FT, using anonymous sources, reports that an IPO, which could happen by November, would value the firm at $1.5 billion. Revenue is estimated to be around $250 million a year.
While selling domain names does not appear to be Demand’s core business, other domain name registrars have a rocky record when it comes to public listings.
Register.com, which used its early-mover advantage to IPO at the tail end of the dot-com boom, ended up going private after low-cost registrars like Go Daddy started eating its lunch.
Go Daddy itself gave the world a glimpse at its finances when it filed its S-1 back in 2006, but CEO Bob Parsons yanked the IPO at the eleventh hour, citing poor market conditions and his inability to keep his mouth shut during the traditional pre-offering Quiet Period.
Parsons said at the time that it’s hard to show a profit under GAAP as a growing registrar, due to the way registrations are accounted for.
Tucows, meanwhile, has managed to tick along quietly with a listing on the small-cap markets for years.
China domain name registrations plummeting
The Chinese ccTLD has lost almost four million domain name registrations since it implemented Draconian identification requirements last December.
According to CNNIC, the .cn manager, there were 9.53 million domains registered at the end of February, compared to 12.28 million in January and 13.45 million in December.
That’s a loss of 3.9 million domains since the new registration requirements were introduced mid-December.
The bulk of the loss appears to have come from pure .cn names, which dropped from 8.61 million in December to 6.14 million in February.
The .com.cn namespace lost about half a million names over the same period. The rest of the drop-off came in lesser-used second-level domains such a .org.cn.
Since December 14, CNNIC has required all Chinese registrants to provide photo ID before they register a domain.
Recently, the registry has tried to enforce retroactive enforcement of this requirement, causing registrars including Go Daddy and Network Solutions to abandon the TLD altogether.
FourSquare.com expires, reporter seeks padding
Visitors to one of the web’s hottest geo apps had a bit of a surprise today when instead of FourSquare.com’s normal site they found a Go Daddy parking page.
It’s the usual problem — the company forgot to renew its registration.
That’s pretty much all there is to say about the story, unless you’re London daily newspaper Metro, which decided to pad the piece with a big chunk of lorem ispum:
It’s free for a reason.
Recent Comments