Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Domain Names |
Sponsored by |
|
In a recent article at DomainNameWire.com, CitizenHawk was called out by a National Arbitration Forum (NAF) panelist for the submission of automated complaints which contained complete nonsense. Through the discussion in the comments to that article, the community discovered that the problem is far deeper. It turns out that UDRP panelists at NAF have been churning out boilerplate cut/paste decisions of their own, with utter nonsense of their own, and that this has been going on for years. more
I have been attending the Icann conference in Malaysia this week. One of the key events was the submission of the report from the Security & Stability Advisory Committee regarding Site Finder. In reading the committee's report I discovered what I believe is an incredible breakdown in logic and as a consequence, a very mistaken, or at least confused, set of conclusions. So, why do I say that? more
The new and proposed ICANN registry contracts contain no definite price terms, and thus permit potential tiered pricing on a per domain name basis. This has raised concern within the community that a registry operator might abuse its sole source position to engage in pricing practices detrimental to registrants. ...Notwithstanding the possibility of tiered pricing on a per domain name basis in connection with the recently executed sponsored registry contracts (.MOBI, .JOBS, .TRAVEL, .CAT, and .TEL), there have been numerous comments submitted in connection with this possibility in connection with the proposed contracts for the .BIZ, .INFO and .ORG registry contracts. There were four messages that motivate me to write this article... more
This morning, at 10 am in 2141 Rayburn, the Subcommittee on Courts, the Internet, and Intellectual Property is holding a hearing on "Internet Domain Name Fraud -- New Criminal and Civil Enforcement Tools." At that hearing, the Subcommittee will be considering a new Whois bill creating new penalties for people who provide false data when registering a domain name. We need to raise our collective eyebrows at this bill (which was suddenly dropped the evening before this hearing). The title of the bill is the "Fraudulent Online Identity Sanctions Act." (FOISA) more
Wal-Mart seems to have been particularly vigilant lately about protecting itself from third parties setting up websites critiquing Wal-Mart and its practices. ...Wal-Mart recently scored a victory in an arbitration proceeding under the Uniform Domain Name Dispute Resolution Policy ("UDRP") before the World Intellectual Property Organization ("WIPO") against Jeff Milchen, a self-proclaimed critic of Wal-Mart from Bozeman, Montana who registered the domain name "walmartfacts.biz". more
In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more
Adobe, Facebook, Microsoft and eBay are among a group of leading companies demanding ICANN to take a closer look at an "immediate and urgent matter" involving a subset of questionable domain name registrars. more
The term "attack surface" is often heard in cybersecurity conversations. It refers to the sum of all possible attack vectors or the vulnerabilities that threat actors can exploit to penetrate a target network or damage an organization somehow. An unused and forgotten subdomain, for instance, can become an attack vector when taken over. Certain categories of companies have very large attack surfaces. Such is the case of streaming media businesses like Netflix and HBO Max. more
Every time an individual logs on to the Internet a pornographer is able to copy the stream of digital bits created by the computer user's Internet connection. The data bits are used to compile a database of information about Internet user buying habits and sexual tastes. These pornographers use the information secretly collected from logged in computers to alter the category or type of pornographic images uploaded onto various websites. Pornographers, for example, know that as a result the pornography in Cyberspace is of an extremely disturbing sort when compared to porn found in "real-space." Internet users are primarily known fans of sexual images of incest, bestiality, and torture. Cyber porn -- as it is often called -- is bigger, badder, and more extreme. more
Over the last few years, it's become clear that abuse of the Domain Name System -- whether in the form of malware, botnets, phishing, pharming, or spam -- threatens to undermine trust in the Internet. At Public Interest Registry, we believe that every new .ORG makes the world a better place. That means anything that gets in the way of that is a threat, and that includes DNS Abuse. more
ICANN has consistently said its intention in complying with the European Union's General Data Protection Regulation (GDPR) is to comply while at the same time maintaining access to the WHOIS domain name registration database "to greatest extent possible." On February 28, ICANN published its proposed model. Strangely, while ICANN acknowledges that some of the critical purposes for WHOIS include consumer protection, investigation of cybercrimes, mitigation of DNS abuse, and intellectual property protection, the model ICANN proposes provides no meaningful pathway to use WHOIS in those ways. more
Whatever you think the answer is (typically about ten bucks), the answer is likely to change radically for the worse, based on new contracts that ICANN is planning to approve. On July 28th ICANN posted proposed new contracts for .ORG, .BIZ, and .INFO, for a public comment period that ends four days from now, on the 28th. There's a lot not to like about these proposed contracts, but I will concentrate here on two related particularly troublesome areas, pricing and data mining. more
Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse. This theme has been rising in prominence every year since 2018, and 2021 appears to be the tipping point, in which consensus has built around the idea that more can be accomplished in terms of reducing the impact of rogue actors using the Internet for malicious purposes. more
I just discovered that VeriSign's SiteFinder Web site is leaking data submitted in Web forms to its marketing analysis partner, Omniture. Forms can easily contain personal information such as an email address. For the problem to occur, a Web form must use the GET method. This data spill problem occurs if a Web page anywhere on the Internet submits a Web form to an action URL with a misspelled or expired domain name. Because of VeriSign's recent controversial changes to the DNS system, this form data is submitted to the SiteFinder Web site. more
The recent announcement in eWeek titled "Feds Won't Let Go of Internet DNS" (slashdotted here) has some major internet policy implications. The short, careful wording appears to be more of a threat to ICANN than a power grab. In short, the US Department of Commerce's (DOC) National Telecommunications and Information Administration (NTIA) announced that it was not going to stop overseeing ICANN's changes to the DNS root. ...Of course, they have done next to nothing to support DNSSEC or other proposal for securing the DNS, but it sounds reassuring. The last sentence shows that the Bush administration shares the Clinton administration's lack of understanding of how the internet should evolve... more
A World-Renowned Source for Internet Developments. Serving Since 2002.