Over on the Network Neutrality Squad yesterday, I noted, without comment, the following quote from the new Time Warner Cable privacy policy bill insert: "Operator's system, in delivering and routing the ISP Services, and the systems of Operator's Affiliated ISPs, may automatically log information concerning Internet addresses you contact, and the duration of your visits to such addresses." Today I will comment, and explain why such logging by ISPs creates a clear case for regulatory intervention, on both privacy and competition grounds. more
Netchoice, a lobbying group for the e-commerce industry had a strange reaction on the failure of the GNSO working group on Whois to reach a consensus. After all, they say, "Privacy concerns with Whois that were identified years ago have already been addressed by in the marketplace"... more
They are out there. In Internet Cafes and dark rooms from New York to Hong Kong to Iran, the domain name hijackers are plotting to steal your domain names. Fortunately, there are some steps that you can take to protect yourself against losing your domain names. ...Registrars are often skeptical of claims of domain hijacking, and the hijackers often "launder" the domain names to look as if they have sold them to third parties... By the time you discover that your domain name has been stolen, it may be at its third or fourth different registrar in the name of a completely different party... more
Google News now shows more than 300 stories about Spamhaus, most about a proposed court order following a district court default judgment. To me, the most interesting is the meta-story -- why the non-event of a proposed order has the blogs scrambling with claims of constitutional crisis and even the notoriously close-lipped ICANN issuing an announcement "in response to community interest expressed on this topic." more
On March 2, EnCirca launched its ProForwarding leasing service for .pro domains. When we launched the service, we were sure that the ProForwarding service would appeal to a segment of the internet community not being served well by other extensions: self-employed professionals and other small businesses. Based on the response we've received, it appears we were right. It also caught the attention of ICANN and others, who accused us of "violating the spirit of .pro". Does .pro even have a spirit? And if it does, who gets to decide what it is? more
In a follow up to Microsoft's Strider URL Tracer tool released a few months ago, SecurityFocus is running an article which takes a closer look at how Microsoft's free Strider URL Tracer with Typo-Patrol is aimed at fighting typo-squatters and domain parking abuse. From the article: "In most cases, the typo domain is not even selling a product or service itself. The typo domain makes its money from syndicated advertising such as Google's AdSense program. The typo-squatter simply parks the domain and the only content on the site ends up being the ads served from a syndicated advertising program..." more
One of the best sources of information about sites on the web is the Whois database. A trio of patent applications from Go Daddy, published last week at the US Patent and Trademark Office, explores whether adding additional information to the Whois database might help reduce spam, phishing, and other fraudulent practices and improve search engine results. The patent filings from Go Daddy would add reputation information to the published Whois data to let others use it for a number of reasons, including enabling search engines incorporate it into their ranking mechanisms. ...The patent application from Google focuses upon fighting web spam using a wide range of data, including that associated with domain names. ...We can't really be certain that Google is presently using this information, but there are some indications that they may be... more
In an RFC prepared by Donald E. Eastlake 3rd and Declan McCullagh, an analysis is offered for proposals to mandate the use of a special top level name or an IP address bit to flag "adult" or "unsafe" material or the like. This document explains why these ideas are ill considered from legal, philosophical, and technical points of view: "Besides technical impossibility, such a mandate would be an illegal forcing of speech in some jurisdictions, as well as cause severe linguistic problems for domain or other character string names." more
What if we created a rule that gave everyone - good or bad - the right to hide their license plate, where they live, who they are, and just go incognito? What if we made it a right to walk into any building in the world, and simply say "No, thank you" when the security guards asked for one's identification? The criminals would celebrate, and we'd all be utterly alarmed. We would immediately be afraid for our personal safety. more
An article in BusinessWeek discusses "domain tasting" and its affects on major brands. The article, titled "The Great Internet Brand Rip-Off", discusses so-called "domain tasting" and how major brands are being exploited through domain tasting combined with typosquatting... It's important to distinguish between the two types of domain tasting... more
Yesterday the ICANN board discussed and approved ICANN staff to enter into negotiations with ICM Registry, Inc. for the .XXX Top Level Domain (TLD). I'm sure there will be a longer more complete presentation from ICANN later about this, but as an individual board member I thought I'd post a quick note before people got carried away with speculation based on a lack of information. more
ICANN has consistently said its intention in complying with the European Union's General Data Protection Regulation (GDPR) is to comply while at the same time maintaining access to the WHOIS domain name registration database "to greatest extent possible." On February 28, ICANN published its proposed model. Strangely, while ICANN acknowledges that some of the critical purposes for WHOIS include consumer protection, investigation of cybercrimes, mitigation of DNS abuse, and intellectual property protection, the model ICANN proposes provides no meaningful pathway to use WHOIS in those ways. more
Privacy/proxy services carry no per se stigma of nefarious purpose, although when first introduced circa 2006 there was some skepticism they could enable cybersquatting and panelists expressed different views in weighing the legitimacy for their use. Some Panels found high volume registrants responsible for registering domain-name-incorporating trademarks. Others rejected the distinction between high and low volume as a determining factor. more
The OTP, or One-Time Pad, also known as the Vernam cipher, is, according to the NSA, "perhaps one of the most important in the history of cryptography." If executed correctly, it provides uncrackable encryption. It has an interesting and storied history, dating back to the 1880s, when Frank Miller, a Yale graduate, invented the idea of the OTP. Communication was expensive and difficult in the age of telegrams, and few messages were easily encrypted. more
This morning I was forwarded a link to the Business2.0 article on domainer Kevin Ham about a half-dozen times and one sent the reddit comment thread on it (titled "This guy is a piece of s**t") and I had to chuckle and replied "I see Techno-Pinkos are out in full force". Some of the comments are just classicly clueless: "He's just a parasite. Someone gaming the system for their own financial ends without providing a useful service to anyone, and making it worse for many." ...Newsflash: Speculation is any time you choose one path, good or service over another in the hopes that you will do better... more