DNS Stressed From Financial Maneuverings 196
jcatcw writes "The Domain Name System is showing signs of being out of control. Automated software systems are being used to re-register large batches of expired domain names. In addition, speculators are using a loophole in the registration process that lets domains be tested for their potential profitability as pay-per-click advertising sites during a free five-day "tasting" period."
Why is this news? (Score:3, Funny)
Re: Why is this news? (Score:5, Insightful)
ICANN which (on paper) "measures community consensus and implements it as policy" is the entity that had to approve the policies that lets this happen.
No domain expires any more, the registrars snap them up on principle, try them out and if they get one click in the "don't have to pay yet" grace period then they keep the domain. Very very few, if any domains actually expire back into the free pool.
What strikes me as hysterical is the people that went on to become ICANN accused the alternative root people 10 years ago of wanting to do exactly this. To be honest we hadn't even thought of it. We just wants to see no centralized single-point-of-failure control over the dns.
I note with irony itoldyouso.com is taken by squatter.
Comment removed (Score:4, Interesting)
Re: Why is this news? (Score:5, Informative)
After such a domain is detagged [nominet.org.uk], Nominet try to contact thet registrant to confirm that they no longer want to use the domain. Only if the registrant confirms this, or fails to settle an invoice if one exists within 30 days, does the domain become 'suspended'. After 60 further days, the domain is cancelled and can be registered by someone else.
Nominet even make it a policy to dissuade domain spammers from registering expired domains:
Giving an exact date would compromise Nominet's policy of allocating domain names on a first-come, first-served basis. It could lead to an increase in speculative applications for domain names, which may result in an abuse of Nominet's registration automated systems.
Re: (Score:2)
This is a red herring. A spammer (or domain squatter) know that a domain name will expire in a certain period, so they just run a cron job to check the status of the domain every 15 minutes or so, and register it if they find its available. That's what they do with expiring .coms. Yes its a bit riskier with the .co.uk of another spammer sneaking in, but a spammer will be able to grab the domain name before a good
Re: (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
It takes less than 2 minutes for me to login to my hosting company control panel and renew for x many years. What's the big problem? It sounds like your resgitrar/hosting company sucks, or you're lazy. Always give yourself 2 years' breathing room on a dom
Re: Why is this news? (Score:4, Informative)
Re: (Score:2)
I had not heard of the "testing" period. (Score:5, Insightful)
If you want to test the domain, then LEASE the domain name. None of this automated click-count crap for free while other people who would USE the domain name wait to see if it will ever be available.
Re:I had not heard of the "testing" period. (Score:5, Insightful)
I could see offering a trial period if a domain name cost $10,000 or something (and maybe they should), but these days you can buy domain names for pretty much nothing anyway, so a trial period is utterly pointless.
Re: (Score:3, Insightful)
Who says DNS registrars care about promiting legitimate business or stopping ad click farms? Its pretty much their bread and butter right now. If there's a problem here, then it can be solved by regulating these registrars. Now, considering these registrars are usually ad impression squatters and domain typo resellers themselves, well, dont hold your breath expecting them to regulate themse
Can we make them unprofitable? (Score:3, Insightful)
1) Register to trial a domain
2) Wait a few days and count the hits
3) If it didn't get the required number of hits then drop it, otherwise pony up to keep the domain.
If there is some way that I can get a feed of each of the 35 million new names each month, then i can have a script simply wget a couple of pages off each site from each of a few IP addresses.
That way they'll think they've hit paydirt, pay to keep the domain and suddenly realise that it doesn't get any hits
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2, Insightful)
Re: (Score:2)
Re: (Score:2)
imo 5 days is not enough to build significant new users for a domain so the only use of theese "trials" is to assess how much holdover traffic there is from the sites created by previous owners of the domain.
Re:I had not heard of the "testing" period. (Score:5, Interesting)
What's an acceptable lease rate though? At $20 a year what should they charge for 5 days?
$20.
Actually, if you want to rid yourself of domain squatters forever, what is needed is a tiered DNS pricing scheme in which short periods cost MORE than long periods. People who have held a domain name for years should be able to renew it for progressively less, while people registering a domain name should have to pay for more because it requires additional work to set things up on the part of the registrar (even if that work is basically automated). Make the first year $100, the next year $50, the next year $20, the next year $10, and subsequent years $5. The domain squatters would balk because their next renewal of any domain name would cost them $100+, and most of those link sites wouldn't justify that level of payment.
Of course, this technique would only work for about 90% of domains. Any domain that was worth squatting on for $100 at the time the pricing went into effect would likely remain squatted upon forever. Even still, that would significantly reduce the current pool and would eliminate future squatting (because there are almost zero domains that are likely to be worth $100 to a speculator without some assurance of ROI.
Re: (Score:3, Interesting)
One last thing. The free tasting period is really just a "you can get your money back within X days" policy. The fix for this policy is "If you made a mistake, you can change the registration to the correct domain within X days, but you must extend the registration one year at the same time. Allow a one-time exemption for the "maximum 10 years ahead" rule, but in effect, this would mean that typo squatters and domain squatters would be able to shift to a different domain exactly once and then they would
Re: (Score:2, Insightful)
If the purpose is indeed to allow people to change their minds, fix mistakes, or whatever, then this would not in any way cause them problems.
If they want to live test, they can set the IP address in their local DNS. Hell, they can do that without even registering.
Re:I had not heard of the "testing" period. (Score:4, Insightful)
And no squating. If you sitting on that domain name primarily to offer it for sale then it returns to the pool. No parking. No ad/link farms. If you have address.com and you went out of business then you went out of business. Sorry.
This is why we have Flickr, and Digg, and all of those other "mispelled" domain names. All single words are used up. All three and four and most five letter acronyms are gone. Double-word combinations are getting there. Common words with i or my are few and far between.
A friend tried to get a
Re: (Score:2)
Lease rates for tasting and regular names. (Score:2)
The $6 fee isn't particularly cost-based; it was a scam from the beginning, but it's supposed to cover their costs for handling transactions, maintaining reliable database storage, etc.
The "Add Grace" period lets you return domain names for fr
Re: (Score:2)
Re:I had not heard of the "testing" period. (Score:5, Funny)
Re: (Score:2)
"Everybody RUN FOR YOUR LIVES! The Domain Name System is out of control! Bolt the doors shut, cannibalize your pets, and hug your children good bye!"
That ought to do it.
Timely! (Score:5, Interesting)
We got a notice that the name was re registered within a few seconds of its release, and Godaddy had not acquired it on our behalf. The backorder thing also came with monitoring service that notifies us of any changes to the domain's whois.
Three days later, I received a notification that the domain's whois had changed again. I figured the new owners were setting it up for their use, but instead it was changed to my info. We suddenly had the name in our account.
Re: (Score:2)
Re: (Score:2)
Sadly, I did check the registration before is was registered, but didn't have access to the servers required to reserve it (this was back before you could buy such things on the open market).
Re: (Score:2)
I hear you. My family names .com is like this too. I have the .net (I use to have the .org, but gave it up and it's since been snapped up). Sadly, I was like a month or two too late to get the .com. Well, if I ever wanted it as an email address, I know where to go. hehe.
Re: (Score:2)
Re: (Score:2)
I believe
Re: (Score:2)
I hadn't considered
Re: (Score:3, Informative)
FALSE. FALSE. FALSE.
This has NEVER been true. Why do people insist on spreading this lie around?
Please read the RFC [rfc-editor.org] before you continue to propagate this utter nonsense. In fact, I'll even quote it for you:
Re: (Score:2)
I owned my last name
And it sits
They offered to sell it to me
Cybersquatting Search Tool (Score:5, Interesting)
Here is a slick, free typosquatting search tool [citizenhawk.com] that lets you find and explore the kind of problematic domains mentioned in the article. Try playing with the various search options - it's addictive. For instance, there are 141 registered domains that contain the word "slashdot", and 199 more that are a one-character misspelling of "slashdot". That's within just 4 TLDs.
The firm also offers a novel service that allows companies to recover lost traffic without necessarily filing lots of lawsuits.
Full disclosure - I am CitizenHawk's president. That being said, I can say we are intimately involved in tracking DNS updates daily - and I agree. Tasting is a serious problem that threatens to push the DNS system beyond its limits.
DNS != Registrar System (Score:5, Informative)
No kidding (Score:2)
I'll say. A domain I owned expired recently and was bought up before I could repurchase. There is nothing special about this particular domain name and I can't imagine anyone wanting it except to use it for resale profit on pure speculation only.
Nice system. Gets me loads of spam and doesn't offer shit otherwise.
Re: (Score:2)
There's a grace period. It's like, 15 or 30 days or something.
I have half a dozen domains with buttloads of actual content. I'm lazy and stupid and they're always expiring. Somebody allways calls or emails after a few days or so reminds me and I renew the errant domain.
Use it or lose it.
Re: (Score:2)
Millions of domains and you think they all follow your example and experience? Oh but if it were that simple
Contact information goes stale. Changes are difficult if not impossible without help from the original supporting registration agent. Expiration tracking agents and grab tools cost more than the price of the domain. The reasons behind a less than happy outcome are varied and real. Good for you t
Typosquatters want ad revenue, not just resale (Score:2)
It's scum messing up the domain name space's usefulness, and it ought to be stopped.
Bad headline : DNS != Domain Name System (Score:4, Informative)
Re: (Score:2)
It's actually not. There's no difference in the capability (or stupidity) of registrars since the first one went live.
Pet peeve: they nearly all still publish A records when they don't need to, never mind we've known for almost two decades this is a bug. To this day people are being bit by it.
Re: (Score:2)
Nothing wrong with the title at all.
Well maybe its *GASP* Time for Reform (Score:3, Interesting)
Sure it might sound restrictive, but with bots drop catching domains with brute forcing techniques it could weed out the worst of abuse.
Re:Well maybe its *GASP* Time for Reform (Score:5, Insightful)
Is advertising a legitimate reason? Sure, any rational person can see that the typosquatter sites are really just advertising sites, and no content. However, some of them have "search engines" (that just return advertising results..) and how can you argue that those are not legitimate, while google (also a search engine, also returns some paid results/advertising) is? If you mandate that sites have to have useful content, then they'll probably just start inserting blobs of random content, or news feeds, or something else that technically complies with the requirements. Why shut them down, but not, eg, MSN or Yahoo, which are both a bunch of ads crammed around some content?
Unfortunately I don't know how you solve the problem that way. In the end, the squatters will continue, making changes to their sites whenever you change the content requirements, and in the worst case, legitimate sites will be forced to make changes in order to comply (even though a legitimate site should never have to change, since they are legitimate).
Re: (Score:2)
Re: (Score:2)
re: legitimate use definition (Score:2)
However legitimate use of a domain for serving a webpage could include:
* validates as a (x)html page
* each page differs from others on any domains owned by the applicant by at least 20% of code content (#1)
* does not advertise clearly illegal products or services (in the jurisdiction of the registry)
* has valid and verifiable domain contact details in the registry entry (#2)
* has a abuse@ address which is answered on request (#3)
#1 - is probably quite easily abused (e
Re: (Score:2)
.org Maintainer Moves to Squash Name Tasting (Score:5, Informative)
Or set a limit to the % returned (Score:4, Interesting)
FWIW, the Godaddy.com CEO has blogged about this topic a few times, the numbers are staggering.
http://www.bobparsons.com/index.php?/archives/118
Re: (Score:2)
Leave everything as it is, but once a person or corporation takes advantage of "name tasting", revoke all their domain names, and ban them from registering a domain name for life.
Seriously, there is not a single good thing that can come out of this service beyond lining the pockets of the registrars.
Re: (Score:2)
It's not wildly severe. It's the minimum punishment required to stop the perpetrator from being a nuisance on the internet again. The sentence doesn't need to be any more severe once it is sufficient to eliminate the problem.
I don't see that as the problem (Score:4, Insightful)
The bigger problem is everyone currently lining up to replace ICANN is probably worse than the ICANN.
Financial maneuvering? Add political maneuvering.
The solution found! (Score:2)
2. Resurrect Jon Postel.
3. Profit!!!!
Re: (Score:2)
The bigger problem is everyone currently lining up to replace ICANN is probably worse than the ICANN.
Financial maneuvering? Add political maneuvering."
Financia; and political maneuvering is how was born. While Ira Magaziner was running aruond in foreground trying to get the community to agree on bylaws and structure he was running around in background getting a board and bylaws set up from left field who knew n
Two obvious fixes (Score:5, Insightful)
If you register fo0.com on May 1 and on May 2 you realize you goof and you meant to register foo.com, fine. But your registration still expires next May 1. In addition, you only get 1 or 2 "free goofs" after which you pay a paperwork fee, maybe a few pennies or less, to cover the actual costs of changing things around.
The people who run DNS should neither gain nor lose if I register 1 name for 1 year vs. I register 100 names for short consecutive periods that add up to 1 year. Currently they lose big time.
Fix #2: Meaningful domain-lapse rules
In general, if a domain is revoked or lapses, nobody except you should be able to claim it without your permission for a certain period of time. I'd suggest a minimum of 30 days.
I theory this is the way it was supposed to work but in practice
Obviously there will be special cases, such as names transferred by court order.
Re: (Score:3, Insightful)
Also, you can just charge a nominal fee for some of these things. Let's face it-- a 1 year fee for most hosting isn't that much to begin with, and if you messed up and registered the wrong domain, you'd do that approximately once, and for that a $1 fee probably wouldn't cause anyone to flip out. But if you're registering tons of domains all the time, it will add up.
Am I wrong? Are there legitimate reasons to register tons of domains that might result in purchasing hundreds of mistaken domains in a year?
Re: (Score:2)
There already *is* a nominal fee for these tastings: five days' interest on the $6 deposit, which is worth about $0.006. Considering that the
Re:Two obvious fixes (Score:5, Insightful)
Screw that. If you register fo0.com and you meant to register foo.com, screw you, you're out whatever you spent ($10-35). That's a slightly annoying lesson if you're a regular person. But it would destroy the typosquatting market.
Re: (Score:2)
McGrew??
One even more obvious fix (Score:4, Interesting)
It's just politically unacceptable to the people who have a religious belief in free market capitalism, and who can never admit that it's what's causing the problems with DNS.
It's this: Make domain name registrations non-transferable.
Think about it. You don't get rampant speculation in phone numbers. You don't find it impossible to get a new phone number because none are available. You don't have to pay $5k to a speculator to get a phone number in your desired area code. Why? Because you can't sell your phone number to someone else on eBay, and you can't keep phone numbers you aren't using for a trivial cost. If you *could* do those things, numbers like mine (which by chance ends in "00") would fetch serious money.
If Joe Slimeball couldn't sell the cooldomain.com he wasn't using and had no plans to use, he wouldn't spend $30 a year to keep it.
Re:One even more obvious fix (Score:4, Interesting)
It can be tricky, but local the vanity numbers brokerage is a thriving niche business.
Re:One even more obvious fix (Score:4, Informative)
--S
Re: (Score:2)
Testing period (Score:5, Insightful)
Who does the testing period benefit besides spammers and squatters? Does someone who legitimately want to use a domain name "test" it for five days... and then what? Of course someone who wants to the domain is going to keep it. But if you don't want it, why did you register it, unless of course you were testing it for how many people accidentally typed your domain name, and then we come back to the spammers and squatters. I'd be interested in knowing a legitimate purpose for this five day testing period.
stale links are the big win (Score:2, Insightful)
Now I get tired of being vain so I let the domain expire.
Someone tastes the domain and their ads get viewed by 3-4 people a day.
That's a few thousand people a year.
Pretty soon that adds up to real money.
Re:stale links are the big win (Score:5, Funny)
First of all, who is going to visit "David Wrist He Greatest.com"? It's gibberish!
That's a few thousand people a year. Pretty soon that adds up to real money.
Second, how much do ad-views pay? One or two cents? Four people per day for a year would only be $14.60. Not sure that's a huge incentive.
But mostly it's the first issue. David Wrist He Greatest?? wtf?!
Re: (Score:2)
Legitimate Uses ofTesting period (Score:2)
Typos - Domains used to cost $35 from Verisign or its predecessors. Making a mistake was really annoying. At $6, who cares?
Trademark Conflicts - you can't always tell that somebody else in the world (or even the US) isn't using a name that's pretty similar to the one you're trying to register. You could offer to sell it to them, but that's treading on abusive domain name squatting and can lead to high legal costs. Even so, it's still going to cost you more than $6 to deal
Re: (Score:2)
Even then, they could guess based on cookies and IP addresses (they don't do this).
Who gets to fix it? (Score:2, Interesting)
If ICANN doesn't take action, who will? Who can?
This seems to be a fairly clear problem (Score:4, Insightful)
The obvious question is... (Score:3, Interesting)
As far as so called "domain tasting" goes, I prefer Bob Parsons' term "domain kiting" with all the same negati
Re: (Score:2)
Re: (Score:2)
Yes, I understand the difference, I meant domain name.
Of course the domain can server as an alias for the ip address
Of course I understand, maybe you don't ... in order for a typical website to work, one looksup its domain name to get the ip address, and the browser sends the http request to port 80, no?
Worse, many "registrars" are phony (Score:5, Interesting)
It's worse than that. And it's all ICANN's fault.
ICANN has become a trade association for domain registrars. Which isn't surprising; they're the ones that pay it money.
A big problem is that registrars are allowed to speculate in domain names. ICANN has the power to prohibit this (see section 4.2 of the Registrar Agreement [icann.org]) but has not done so. To speculate in domain names, it helps to be a registrar, which isn't that expensive. ICANN's pricing starts at $4000/year. As a result, there are now about 800 "registrars" [icann.org], most of which are fronts for domain speculators. Most of them don't register domains for others at all.
As a result, ICANN's constituency is now composed primarily of typosquatting slimeballs. That's why we're in this mess.
Why don't we build an alternative DNS system? (Score:2, Interesting)
It shouldn't be that hard to setup something simpler than the current mess. For example, mycompany.com might point to DNS squatters in the ICANN domain, but to an actual "mycompany" in the "new" domain. The new domain would feature low registration fees to those willing to put up a real website. Perhaps something like torrents could be used to spread the DNS updates to eliminate control by evil entities.
Since normal DNS servers would get ICANN entries, non-evil people can point to port 53 to use non-ev
Access to the TLD roots? (Score:3)
My Idea (Score:4, Interesting)
So on and so forth. And if you act now, for only $100,000 you can register a custom non-reserved gTLD for your own purpose (subject to approval, id check, no squatters, etc.):
This will make that $40,000
Re:My Idea (Score:5, Informative)
Holy 1995 batman.
Date: Fri, 15 Sep 1995 12:40:30 -0700
From: Jon Postel
Message-Id:
To: rick@uunet.uu.net
Subject: Re: ISOC Statement on Domain Name Fees
Rick:
I think this introduction of charging by the Intenic for domain
registrations is sufficient cause to take steps to set up a small
number of alternate top level domains managed by other registration
centers.
I'd like to see some competition between registration services to
encourage good service at low prices.
I do think we need to proceed with some care, to understand what are
the requirements and responsibilities of these service centers, what
informatrion they have to provide to the community, what oversight they
are subject to and by whom, etc.
I'd be happy if you could help me come up with a plan for this.
--jon
Yep... (Score:2)
Trying to figure this out (Score:2, Interesting)
Happened to me last year (Score:2)
Does this really matter at all? (Score:2)
Look, if you want to take a guess at a domain name and type it into your address bar in your browser, feel free. Maybe you'll get lucky and hit the real site, maybe you won't. I admit it, sometimes I don't bother with Google and I take a guess and just type in a domain.
But if you REALLY want to be sure you're hitting the REAL web site of interest, just Google it! 99% of the time the site you really
From anouther side of the coin (Score:2)
I have a family friedn whom I shall call "Bob", Bob likes to think hes tech savy (he is not) he has alot of money as well, one day at a family BBQ Bob made an appearence and told us about this great investment opportunity, for £1500 hes bought 50 web domains with adverts on, they adverts are pretty m
Re: (Score:2)
Cybersquatter's are scum and need to be dealt with, preferably with penalties. Recently I suffered from cybersquatting when a cybersquatter took a domain name seconds after it came up for grabs. But instead of us all moaning about the issues they cause I suggest we educate people about the issue
I have a family friend whom I shall call "Bob", Bob likes to think he's tech savvy (he is not) he has a lot of money as well. One day a
Re: (Score:2)
Actually it is.
And no, it is not how "smart" people make money, it is how sociopathic jerks make money. Enough people with your attitude and Capitalism would turn into a kleptocratic dog-eat-dog anyting-goes nightmare where top 1% owns 90% of everything with no relationship of wealth-to-merit of any sort while the rest does not even have health-care ... oh wait there appears to be enough of jerks in c
Re: (Score:2)
As a web browser, I almost never encounter these pages and as soon as I do I leave that page again immediately. If someone is willing to pay for my eyeballs for that one second it takes me to process that the site is a fraud, so be it.
As a
Re: (Score:2)
Yes, for the DNS infrastructure and therefore for all the useful sites/services on the Internet.
One problem is that jerks like that original poster abuse the system to the point of breakage of all the other useful site
Re:WTF??? (Score:2, Insightful)
And systemic destruction of some communal resource is always a result of their smug abuse of one "loophole" or another.
Bzzt.. wrong. DNS is a communal system but the Name Registry systems used for registration of domain names are not. These registries are usually run by for-profit corporations (e.g. VeriSign for .com) and these companies are anything BUT community resources. It doesn't matter to VeriSign if their $6.00 cut for each registration comes from squatters or legitimate sites.. In fact, they favor the squatters that bring them thousands in annual revenues.
--
Keep your domain ides safe from squatters. [purewhois.com]
Re: (Score:2)
Which is under assault by mass domain registrations and re-registrations. The very topic of the Slashdot article. Or do you imagine that those DNS zone databases, which are now heading towards 90% spam contents, reside on a magical cloud and update by magic? Not to mention that cost-free, completely magical little winged fairies are involved in retrieving useful data out of heaps of spam every milisecond of every day, no?
Re: (Score:2, Insightful)
Which is under assault by mass domain registrations and re-registrations. The very topic of the Slashdot article. Or do you imagine that those DNS zone databases, which are now heading towards 90% spam contents, reside on a magical cloud and update by magic? Not to mention that cost-free, completely magical little winged fairies are involved in retrieving useful data out of heaps of spam every milisecond of every day, no?
Obviously you're still not getting how this works. No.. it's not little fairies that are involved in updating and maintaining the zone files.. Nor is it a magical community of poor, overworked volunteers. For ".com" DNS it's Verisign. The DNS system is only communal at the root level. You run a query for any .com domain and the root servers are going to refer to you VeriSign's DNS servers. The root servers do not have to handle all the updates for these domains being tasted, they only have to know wh
Re:WTF??? (Score:5, Interesting)
My point is that the system is failing miserably, although most head-up-the-ass promoters of "unrestricted capitalism" probably haven't figured it out yet so the social unrest which is on its way will be a real surprise to them.
Probably because they think of watching 24/7 "news" of Paris Hilton while cherishing their ability to buy truckloads of useless plastic crap from China for their "interest-only" financed 6000 sqft paper and sticks house, while having no savings and a negative net worth in general as "success".
Communism is alive and well in many places where it was always alive and well: Quaker and Mennonite communes. Oh you meant the State Capitalism / Totalitarian Governance combo which the Soviet Union practiced? That one croaked indeed. But not because because it could not out way desire for "extraordinary success". One set of supreme jerks simply lost to another set of supreme jerks. Oligarchs replaced Politburo appointees and then got replaced by ex-KGB "businessmen" who conduct business via 9mm pistol rounds.
I have news for you: the governing principle of our supposed Capitalist society, the very reason it appears acceptable for the general populace, is that one's wealth is supposed to be proportional to one's merit to society. You break that rule badly enough, long enough and you will end up with Feudalism, Corporatism or some other Fascist abomination.
No I am "shooting" for proportionality of reward to merit. That is all.
No man or woman is 1000 times (or more) "smarter" then even the dumbest of janitors. No fashion model is more meritous then a productive cancer researcher or an accomplished researcher in quantuum physics. No CEO is worth 400 times the average worker in salary and 1000 times in bonuses when the very company he is heading is going bankrupt. No trust fund kid is "better" then that of a minimum-wage diner waitress just because he inhereited $2 billion from papa. And so on.
Re: (Score:3, Insightful)
About proportionality you are talking ab
Re: (Score:3, Insightful)
The problem, which you obviously have missed from my previous post, is that there appears to be no relationship between the transferring and the "capability".
Re: (Score:2)