You have the same key problem with SSL/TLS certificates -- can't use your cert without your private key on the VPS.
Considering it costs around $250 to "register" your nationally Registered Trademark with the Trademark Clearinghouse (http://trademark-clearinghouse.com/) in order to even purchase ANY new gTLD in Sunrise, it's not too far fetched to purchase a "block" that covers hundreds of TLDs for a few hundred dollars. Alternately, trademark holders can purchase domains in Sunrise at a few hundred dollars each which is what the registries charge.
I don't disagree that the whole new gTLD "market" is a cash cow for ICANN, the new registries, and registrars (middle-men).
ICANN allowed it and now they're back pedaling since these brand and trademark holders pretty much have to purchase their brands in every new gTLD anyway, so the ICANN fee of 18-25 cents per domain really adds up.
Many registry operators have them, they are called "blocks" where you put a block on your TM'd string like "slashdot". For example, the Donuts registry which has over 200 new gTLDs allows you to buy a "block" which applies to all their TLDs for a fairly reasonable fee (a few hundred dollars).
I'm not sure where you got your numbers from, there are only 919 root-delegated Top Level Domains. There are a few hundred more pending new gTLD application with ICANN so the total for the next few years won't exceed 1200. (There are plans for a second round of new gTLD applications. The first round cost each applicant $185,000 USD.)
TLD = Top Level Domain
gTLD = Generic Top Level Domain (.com,
new gTLD = New Generic Top Level Domain recently allowed by ICANN (.club,
sTLD = Sponsored Top Level Domain aka "restricted TLD" (.aero,
ccTLD = Country Code Top Level Domain (.uk,
Extension = a sub-domain you can register under (.co.uk,
Sponsored TLDs are restricted. For instance, you need a "UIN" delegated by the "Travel Industry" for a
All legacy gTLDs are unrestricted. For awhile,
Most new gTLDs are unrestricted, while some are restricted like
ccTLDs can do whatever they want and are not governed by ICANN.
For now, you can "blacklist" new gTLDs without much consequence, because people and businesses are only starting to use them. Keep in mind scammers/spammers/annoying-people register CHEAP domains, so you might want to blacklist
But really, why block at the TLD level and not based on content and RFC compliance?
You can get a $15
The $2500 for trademark holders is extreme relative to other new gTLDs. Many charge a few hundred dollars for "trademark enabled sunrise registrations" (where you must have a registered trademark with the ICANN approved Trademark Clearinghouse (TMCH) which costs a few hundred dollars a year to maintain).
From the article: "Letters detailing the benefits of the Comcast deal were submitted to the Federal Communications Commission by staff members from Americans for Tax Reform, the American Enterprise Institute, the Institute for Policy Innovation, Competitive Enterprise Institute, the Free State Foundation and the Center for Individual Freedom, as well as by a professor at a technology program at the University of Pennsylvania, all of which received support from Comcast or its trade association, tax documents and other disclosures reviewed by The New York Times show. A similar pattern is evident with charities like the Urban League and more than 80 other community groups that supported the media company and that also accepted collectively millions of dollars in donations from the Comcast Foundation over the last five years, documents reviewed by The Times show."
That or there's just nothing to say since it's not real news.
I love that Slashdot has been doing this for years and wish more news sites did the same. (Ideally The Onion would report actual news today only.)
To follow that, the security problems we're discussing might not even be on the end user's devices themselves.
The biggest holes seem to be with the corporations data security (or lack thereof) and willing sharing of personal information to even less secure third parties.
If you're worried about identity theft, malware from some shady website may not be as big of a concern as a data breach involving thousands of customers.