Registrar Influence on the Domain Security Posture of the Forbes Global 2000

In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more

11th Registration Operations Workshop (ROW), June 21th, 2022, Online

The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The 11th ROW will be held online on Tuesday, June 21st, 2022 at 13h00 -- 16h00 UTC. The discussion topics will be... more

Domain Name Theft, Fraud And Regulations

When it comes to domain name disputes, no domain name has captured more media attention than sex.com. Of course, disputes about sex often obtain a great deal of attention, and the sex.com domain name dispute can grab its share of headlines because the case involves sex, theft, declared bankruptcy, a once-thriving Internet porn business, and fraud, instead of the typical cybersquatting allegations. Indeed, this case is remarkable for its potential impact on the development of caselaw concerning whether there is a valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. The answer is no, but the caselaw to support that answer is in tension with cases that strongly imply a contrary conclusion. more

Busting Domain Name Secondary Market Myths

The Secondary Market in domain names plays a critical role in Internet commerce yet is often misunderstood. This article will attempt to clear up some of the myths that frequently arise when discussing the Secondary Market... Domain name investors are but one group participating in the thriving domain name Secondary Market, in which already registered domain names move from one owner to another. more

Domain Registry Models: Thin or Thick?

The domain registrars discussion -- despite the occasional bizarrity -- mostly demonstrates that there is no unanimity among registrars on this issue. So, what arguments can be made in favor of either model, from a registrant's point of view? The thick domain registry model -- under the assumption that registries are more diligent with registrant data than some registrars may be -- helps take care of escrow concerns... more

Beyond WHOIS: Rethinking Domain Verification in a Post-GDPR World

The introduction of GDPR in 2018, and the subsequent tightening of privacy regulations around the world, was a necessary step toward protecting user data. Consumers gained critical rights over their personal information, and companies were forced to adopt stronger standards for how they collect, store, and use that data. However, one unintended consequence has been the erosion of access to domain registration information once easily available through WHOIS databases. more

Refusing REFUSED

The U.S. Congress' road to Stopping Online Piracy (SOPA) and PROTECT IP (PIPA) has had some twists and turns due to technical constraints imposed by the basic design of the Internet's Domain Name System (DNS). PIPA's (and SOPA's) provisions regarding advertising and payment networks appear to be well grounded in the law enforcement tradition called following the money, but other provisions having to do with regulating American Internet Service Providers (ISPs) so as to block DNS resolution for pirate or infringing web sites have been shown to be ineffectual, impractical, and sometimes unintelligible. more

Go Daddy Sues VeriSign Over Site Finder

Go Daddy Software, Inc. has filed a lawsuit in Federal District Court in Arizona against VeriSign Inc., seeking a temporary restraining order against VeriSign's new Site Finder service, a paid-advertising page VeriSign has established on the Internet to which the traffic associated with mistyped, and other, domain names will be directed. Go Daddy's lawsuit claims that VeriSign is misusing its position as the .com and .net domain registry to gain an unfair competitive advantage by intercepting (and profiting from) internet traffic resulting from the scores of invalid domain names that are typed into users' browsers on a daily basis. more

Increasing Broadband Price Competition Across the US

Competition has been creeping into broadband pricing for the last several years as cable companies have been using low introductory rates to try to win new customers and offering similarly low prices to try to keep them. Anybody who competes against the big cable companies will tell you that cable companies have been competing for years by offering two-year promotional prices to keep customers. However, competition might have gone into a new gear recently... more

What Are the Connected Assets of Confirmed Fake FBI Domains?

Two months ago, the Federal Bureau of Investigation (FBI) alerted the public to a list of domains that could easily be mistaken to be part of its network. The list of artifacts contained a total of 92 domain names, 78 of which led to potentially malicious websites, while the remaining 14 have yet to be activated or are no longer active as of 23 November 2020. more

Millions of Smart Toothbrushes Hijacked in Cyberattack on Swiss Firm

Hackers have commandeered approximately three million smart toothbrushes, transforming them into a botnet for launching a DDoS (Distributed Denial of Service) attack against a Swiss company's website, causing significant financial losses. more

The Real Facts About New gTLDs

Many with financial interests in new gTLDs, such as Donuts, have painted a rosy picture of how new gTLDs create greater availability of meaningful domain name options that the global masses have been waiting for. Their message seems to be: FINALLY, there is an alternative to .com in new domain extensions like .guru, .photography, .blackfriday and .tips. But, the reality is that we have always had options other than .com to choose from when registering a domain name. The challenge isn't choice, its relevance and credibility. more

Visit of US House Speaker Pelosi to Taiwan Has Little Impact on Network Infrastructures

I'm writing this from Taipei, where I have lived in peace for over 10 years. Sadly I learned that during this week, intermediate-range ballistic missiles (operated by China) have flown far above the capital of Taiwan and that five of them have landed in the waters of Japan's exclusive economic zone (EEZ). This provocative live-firing drill came as a direct response from China following Pelosi's visit. more

New CSC Research Finds Significant Lack of Redundancy for Enterprise DNS

As outlined in CSC's recent 2020 Domain Security Report: Forbes Global 2000 Companies, cybercriminals are disrupting organizations by attacking the protocol responsible for their online presence -- their domain name system (DNS). When a DNS is overwhelmed with traffic due to a distributed denial of service (DDoS) attack or configuration error, content and applications become inaccessible to users, affecting both revenue and reputation. more

A Responsible Domain Industry Needs a Responsible Registrant Appeals Process

As the steward of .ORG, Public Interest Registry is committed to serving as an "exemplary registry" for the DNS. As part of that mission, PIR published our Anti-Abuse Principles last year that serve as our north star to address questions of abuse. As PIR has stated on many occasions, generally speaking, the DNS is not the appropriate place to address questions of website content abuse because of the blunt tool we as a registry have and the collateral damage that can be caused by suspending a domain name for a piece of content. more