[SecurityRatty] tag: tasters

A Less Tasteful Internet

Fri, 14 Nov 2008 04:59:47 +0000

It may take awhile, but ICANN can change things for the good. The public comment period is still open on the formal policy on AGP DELETEs, but the stopgap budget measure in place seems to be very effective. ICANN announced that AGP DELETEs declined "... from approximately 17.6M in June 2008 to 2.8M in July 2008." 2.6M of the 2.8M were subject to the fee, so it would seem that even those would continue to decline as the people paying them realize they're wasting their money. AGP DELETEs are the mechanism used by "domain tasters" who register a domain, throw PPC ads up on it and DELETE the registration before five days are up for a full refund of all fees. Under the new budget policy, registrars who exceed a certain threshold of DELETEs as a percentage of total registrations can no longer refund the 20 cent ICANN fee. This alone has led to the massive decline in DELETEs, showing how little margin is involved in each domain. Let's hope that ICANN keeps the policy at least as restrictive as this. Domain tasting may no longer be a problem. ICANN has placed the EstDomains registrar back on death row. Read about it here.

Report: Google To Kill Off Domain Tasting

Thu, 24 Jan 2008 16:56:15 +0000

Domain Tasting is a practice whereby someone registers a domain and immediately begins monetizing it. If the results are good, they keep the domain. If not, they delete the registration before the end of the 5 day grace period. But tasters make a lot of money even on the domains they end up deleting. A recent ICANN report indicated that the majority of domains registered these days are for tasting purposes. Domain Tasting has been controversial for some time now, especially since Network Solutions began employing it, allegedly in order to stymie tasters. Now DomainTools, a blog popular in the "domainer" business, is reporting that Google will stop monetizing domains for the first 5 days of their registration period. Since Google is so dominant in the search business this move, if confirmed and followed through by Google, would seriously impair the whole model of domain tasting. Without advertising, the incentive to engage in domain tasting withers away. Google has been quietly facilitating the tasting phenomenon for years now and profiting off of it, so they could see some revenue loss from such a move.

Report: Google to Kill Off Domain Tasting

Thu, 24 Jan 2008 16:56:15 +0000

Domain tasting is a practice whereby someone registers a domain and immediately begins monetizing it. If the results are good, that person keeps the domain. If not, he or she deletes the registration before the end of the five-day grace period. But tasters make a lot of money even on the domains they end up deleting. A recent ICANN report indicated that the majority of domains registered these days are for tasting purposes. Domain tasting has been controversial for some time now, especially since Network Solutions began employing it, allegedly in order to stymie tasters. Now DomainTools, a blog popular in the "domainer" business, is reporting that Google will stop monetizing domains for the first five days of the registration period. Since Google is so dominant in the search business, this move, if confirmed and followed through on by Google, would seriously impair the whole model of domain tasting. Without advertising, the incentive to engage in domain tasting withers away. Google has been quietly facilitating the tasting phenomenon for years now and profiting off of it, so it could see some revenue loss from such a move.

Who's Selling Front-Running Data?

Fri, 18 Jan 2008 08:15:55 +0000

In their explanation for why they engage in front-running in order to protect against it, Network Solutions says: "Front Runners may get access to these searches through Internet Service Providers, Spyware, or registries. " I asked Network Solutions if they had any evidence to back this statement up or if it was just speculation. Personally, I've never seen any hard evidence for where front-runners get their tips. They said "We have enough evidence to back up what we've said." I guess the word "may" can make the statement mean anything, so nobody's lying. But do registries actually and provide data on domain searches to front-runners? I've spoken in the last couple of days to the CEOs of Afilias and PIR, which operate ,ORG, .INFO and some lesser domains. They swear up and down that they never sell this data, and I believe them. Of course, tasting and front-running are overwhelmingly .COM issues. I haven't spoken to VeriSign, but I don't believe for a second that they're involved. First, I just can't see them selling such data to these two-bit criminals. Second, when you do a whois request on .COM, it doesn't even usually make it to the registry. It's usually satisfied at some server further up the road. My own command line whois searches whois.internic.net. So VeriSign doesn't necessarily get access to the data in order to sell it. And don't even think of suggesting that the Internic.net, run by the IANA, is selling whois searches to domain tasters. How would ISPs get this data? Presumably by spying on your communications. Sorry, I think this would have shown up and been a scandal through other means long ago if it were true. Spyware is a plausible option; if a user, unbeknownst to them, is running a keylogger, and they do a whois, the spy can see this and jump the claim on the domain. I know of no direct evidence that this is happening, but I can see it happening. When I've heard of front-running cases, I've always been told that the domain was registered the day after the search, which is pretty fast turnaround for the spyware method. So this is possible, but count me skeptical. Where do most people go to search for domains? They don't go to registrars, unless the registrar is (like GoDaddy) also a major hosting service. They go to the hosting service and search there. These services have a web form which proxies a whois request behind the scenes. My money is on one or more of these hosting services, or some disloyal employee at them, selling the search data, especially for searches that don't covert to sales within some short period of time. When I was researching this subject heavily there was one hosting service name that came up more than once, but I couldn't ever nail them down or even get them on the phone. So it's not fair to name them. But anyway, that's what I think is happening, not that I have proof. Network Solutions' explanation doesn't persuade me.

Who's Selling Front-Running Data?

Fri, 18 Jan 2008 08:15:55 +0000

Network Solutions Frontrunning And Tasting, Version 1.1

Wed, 09 Jan 2008 19:21:14 +0000

After a round of bad publicity they had to be unhappy with, Network Solutions has announced modifications to their domain "protection" scheme. Under this new feature, about which I wrote extensively earlier today, they registered any available domain name you search for using their facilities. They did this purportedly to protect you from frontrunners and domain tasters, but of course the practice is, itself, a form of frontrunning and domain tasting. A statement was sent out to a number of venues on which complaints were heard, including CircleID and DomainNameWire:

Throughout the launch of this effort we have made, and continue to make, improvements to our protection measure. I want to update you on some of the improvements we are implementing in the near term:

We have changed the current webpage to which reserved domain names resolve to a general under construction page. Additionally, all new reserved names after tonight will not resolve to any page at all.

This week, we will be making enhancements that will address the concerns related to disclosure of zone file and DNS server information of the reserved names. This should address some of the concerns recently raised.

Very soon we will remove our customer protection measure from our WHOIS search page, so that no domains searched on this page will be reserved. We will continue to reserve, however, domains searched from our homepage.

The new page says, as point 1 indicates, that the site is under construction and that it is registered with Network Solutions. A box in the middle cycles through this explanation in a variety of languages: This is definitely an improvement, although it doesn't get Network Solutions off the "monetization" hook. Number 2 they just had to do. It was a major blunder. The fact that they released this feature before getting this part of it right reflects quite badly on them. Number 3 is just plain weird. Why bother? If someone wants to check a domain without running the risk of having Network Solutions grab it, they should take the obvious step of checking somewhere else. For Windows users, I'm a big fan of the Sysinternals (now Microsoft) command line whois tool. Nowhere in this does it say that they will disclose to users of their site beforehand that any searches of available domains on the home page will result in those domains being registered by Network Solutions (for their own benefit of course). So clearly they're still trying to feel out how much they can get away with.

Network Solutions Frontrunning and Tasting, Version 1.1

Wed, 09 Jan 2008 19:21:14 +0000

After a round of bad publicity the company had to be unhappy with, Network Solutions has announced modifications to its domain "protection" scheme. Under this new feature, about which I wrote extensively earlier today, the company registered any available domain name you search for using its facilities. It did this purportedly to protect you from frontrunners and domain tasters, but of course the practice is, itself, a form of frontrunning and domain tasting. A statement was sent out to a number of venues on which complaints were heard, including CircleID and DomainNameWire:

Throughout the launch of this effort we have made, and continue to make, improvements to our protection measure. I want to update you on some of the improvements we are implementing in the near term:

We have changed the current webpage to which reserved domain names resolve to a general under construction page. Additionally, all new reserved names after tonight will not resolve to any page at all.

This week, we will be making enhancements that will address the concerns related to disclosure of zone file and DNS server information of the reserved names. This should address some of the concerns recently raised.

Very soon we will remove our customer protection measure from our WHOIS search page, so that no domains searched on this page will be reserved. We will continue to reserve, however, domains searched from our homepage.

The new page says, as point 1 indicates, that the site is under construction and that it is registered with Network Solutions. A box in the middle cycles through this explanation in a variety of languages: This is definitely an improvement, although it doesn't get Network Solutions off the "monetization" hook. No. 2 the company just had to do. It was a major blunder. The fact that Network Solutions released this feature before getting this part of it right reflects quite badly on the company. No. 3 is just plain weird. Why bother? If someone wants to check a domain without running the risk of having Network Solutions grab it, they should take the obvious step of checking somewhere else. For Windows users, I'm a big fan of the Sysinternals (now Microsoft) command line whois tool. Nowhere in this does it say that the company will disclose to users of its site beforehand that any searches of available domains on the home page will result in those domains being registered by Network Solutions (for their own benefit of course). So clearly the company is still trying to feel out how much it can get away with.