NamesCon Global has grown over the years to become the
largest annual domain-industry conference. Itâs gone from being a domain investor-centric
gathering to an event for everything domain-related, from channel providers and
software vendors to domain investors and end-customers. And now as part of that
growth theyâve moved to crowdsourcing for submissions for some of their
sessions for this yearâs theme: 360 Degrees Around the Dot.
The move from Las Vegas is also a reinvention of sorts: theyâre
going to Austin to establish the Domain Economic Forum,
taking a broader and deeper look at the ecosystem in which we work and strive
NamesCon is not looking for pitches of specific products or
solutions but rather they want to see an industry overview, surfacing potential
large-scale opportunities over the next decade. Successful submissions will
round out the current programme.
NamesCon explain theyâre looking for submissions in the
following three clusters:
Quantifying the Domain Ecosystem
What is the true size of the domain industry? They explain
that several parts of the ecosystem are not quantifiedâat least not yet. In
particular weâre thinking of the secondary domain market: the opacity here is
due to the fact that, for several reasons, most secondary-market transactions
are not reported.
Theyâre seeking session ideas that will help a broader
audience to understand the size and scope of the domain industry as a whole,
and specifically in the secondary marketâand the opportunities that lie within.
Big-Picture Market Opportunities
They want to dig more deeply into liquid domains as digital
assets or a store of value, such as long-tail registrations for brand
protection. They also want to explore the future of identity management, as
well as next-generation DNS services as a driver for the domain industry: Right
now, email and websites are based on domains, but what comes next?
The Buyerâs Perspective
NamesCon want as many buyers as possible at the Domain
Economic Forum, and this means a diversity of needs and use cases. Theyâre
looking for buyers from various backgrounds and industries to talk about the
experience buying domains from investors; as well as how they approach brand
protection. They want to learn more about real-life buying behaviour,
budgeting, and other factors that make or break a deal.
NamesCon Global have announced a slight change in the dates
for their 2020 event to be held in Austin, Texas, for the first time, from 29 January
to 1 February, a 3 day delay on the previously announced dates. And the reason
for the change, in part, is partly because of a day at the beach.
âOur NamesCon Europe 2019 Beach Day was such a huge success
that we knew we had to do a dedicated fun day in Austin,â said NamesCon CEO
Soeren von Varchmin. âSince our program for that day can only be done on a
weekend, weâve had to shift the event dates to 29-February 1. So it starts a
few days later than before.â (Also, they say they canât mess with Super Bowl
NamesCon will kick off on Wednesday the 29th with Beginner
and Expert tracks as well as the opening reception. Then NamesConGlobal moves
into two action-packed days of programming. These will include the exhibition
hall and the famous live domain auction. It will wrap up with a day of fun and networking
âout of the officeâ, so to speak.
âI canât tell you yet what the fun day will be,â said Head
of NamesCon Helga Neumer. âItâs still a surprise!â
âThe date change also allows us to better realise our vision
for NamesCon Global 2020, which weâre calling âThe Domain Economic Forumâ,â
says von Varchmin. âNamesCon has evolved from an investor-focused event into
the central event for everything domain-related. Weâre happy to bring in domain
name investors, registries, registrars, internet service providers, attorneys,
brand managers, affiliate marketing companies, domain marketplaces, parking
companies, financial service providers, and individual end-users. Weâre looking
beyond the right or left of the dot: now weâre taking you 360 degrees around
âOur team has been going back and forth between Cologne and Austin to get things ready, even though the event is six months away,â said Neumer. âItâs a lot of flying, but itâs worth it!â The team has scored a new partnership with the Omni Hotel Austin Downtown: itâs described as a cool, chic spot with a rooftop pool. The special NamesCon rate is $200 less than the OMNIâs average price per night.
Since its founding in 2013, NamesConâs flagship event has been held in Las Vegas.
The United Arab Emirates has launched its official
government website, its official portal that provides public access to
information, services, projects, strategies and laws in the UAE using the u.ae
The new domain name, developed in cooperation between The
Prime Ministerâs Office at the Ministry of Cabinet Affairs and the Future and
the Telecommunications Regulatory Authority (TRA), is composed of the initials
of the United Arab Emirates (u.ae). The first letter is the domain name, while
the second and third letters form the UAEâs country code Top Level Domain
The official portal of the UAE Government is a comprehensive
platform for all government services and information, as well as important data
and information related to vital sectors in the UAE, including education,
economy, business, infrastructure, residency regulations, health, national
policies and strategies, and others.
“The new domain name of the UAE Government portal
embodies the meaning of innovation, which is simple and easy to remember,â said
Commenting on the new domain name, Hamad Obaid Al Mansoori, TRA Director
General. âIt also reflects the centrality of the people in the government’s
concerns with its various projects, programmes and plans. The adoption of the
new domain name comes at an important stage of the digital transformation, in
which we enter the era of the Fourth Industrial Revolution, the smart city, and
the government of Artificial Intelligence. We are guided by our wise leadership
directives to adopt a culture of innovation and creativity as a way to assert
our nationâs leadership and our communityâs happiness.”
“The most important message of the new domain name is
the focus on people. It is a message from the UAE leadership that you are the
goal, you are the purpose, you are the bet, you are the government, and you are
the United Arab Emirates. We enter the digital age through the u.ae portal, to
tell the world that the people are the ultimate goal of the UAE Government. The
people in the broad sense of participation, tolerance, peace, prosperity,
happiness, wellbeing, and sustainable development. The “u.ae” mission
is that we are all our partners in future making. “
The informative side of the portal includes facts and
figures on the UAE Government organisational structure, the Founding Fathers,
the UAE strategies and initiatives, and development goals and plans. The portal
also includes an e-participation platform that contains an online forum, blogs,
surveys, polls, Chatbot, and links to the mGovernment pages on social medial
such as Facebook, Twitter, YouTube and others.
In the latest Domain Pulse Q&A, we talk to Karn Jajoo, Head of Premium Portfolio at Radix, the registry behind successful new domain extensions such as .TECH, .STORE, .ONLINE, .SPACE and .SITE. Radix is one of the worldâs largest nTLD portfolio registries with over 4M domains under management.
Jajoo discusses Radixâs impressive growth in 2018, the positive impact of the EUâs GDPR has been itâs spawned privacy discussions in developing countries with local data privacy laws, how registries should be deploying a long-term strategy now and keep away from the practice of trying to sell as many names as possible and instead focus on sustainable growth and usage and that the wider industry is developing products to support. Not unsurprisingly, Jajoo is excited about the prospects for the new generic top-level domains.
Pulse: What were the highlights, lowlights and challenges of 2018 in the domain
name industry for you?
Karn Jajoo: 2018 was a great year for new domains with some solid
premium sales across top nTLDs, and two premium name sales over $500,000 that
have set a new benchmark. Good meaningful names in suitable extensions will
continue to find end users willing to pay a premium price.
Many globally popular brands warmed up to using new
domains with the industry experiencing increasing adoption across different
There was also a 25% YoY growth in overall new domain registrations from registrars outside China; in fact, there were a total of 10 million registrations in 2018 vs 8 million in 2017. Specifically for us, it was a great year as Radix grossed $16.95M in total revenue in 2018, a 30% rise over its revenue in 2017. Radixâs net profit also grew by 45.6% in comparison to last year.
One of the biggest challenges for the new domains industry still remains to be the mindset within the domain industry. While there has been a gradual but definite shift in the perception of nTLDs within the domain industry, I think for many folks, an inherent conflict of interest leads to skepticism. Such biases need to be checked given the success of so many good nTLDs and plenty of use cases that continue to thrive.
â good, bad and/or indifferent to you and the wider industry and why?
KJ: Much like others within the domains industry as well
as other industries across the globe, the exercise to implement these changes
in processes was challenging, and often confusing. Although, I donât think we
could classify it as good or bad. Instead of a binary judgment, we should look
at it as a welcome change as far as the protection of private data is
On one hand, the domain industry seems to have coped well
with the regulations that came into effect last year. On the other hand, DNS
security agencies and counter abuse efforts have suffered a setback with
redacted WHOIS information. The one positive effect of GDPR has been that data
privacy discussions have spawned in other developing nations leading to the
formation of local data privacy laws.
are you looking forward to in 2019?
KJ: As Radix, we are looking forward to becoming the biggest nTLD operator globally, and at the current growth pace, that could happen soon! We are already the only nTLD portfolio registry that has two of its TLDs with over 1 million domain registrations each.
We are also excited about the increasing number of startups that are
investing in and using new gTLDs. Owing to the booming startup ecosystem
globally, we can expect a lot of room for growth in new gTLDs in 2019. Our
Startup League initiative now has 300+ startups that we are actively
As top nTLDs get
more mainstream, their usage and acceptance would steadily increase, and so
will the value of premium domains on nTLDs. We expect to make some big-ticket
sales in 2019 and beyond.
challenges and opportunities do you see for the year ahead?
KJ: Registries should be deploying a long-term strategy
now and keep away from the practice of trying to sell as many names as possible
and instead focus on sustainable growth and usage.
A big positive for this industry is that partners such as
domain marketplaces, brokerages, etc. are building more products and allocating
time and resources towards marketing and selling new TLDs. Site builder SaaS
platforms of all sizes are also starting to enhance their domains play and are
understanding the importance of domain names as the gateway to more sales of
will mark 5 years since the first new gTLDs came online. How do you view them
KJ: Most extensions have been active for 2-4 years now and there is adequate channel and customer feedback on various aspects such as market segmentation, geographies, pricing etc. There has been considerable consolidation in the industry and many extensions that shouldnât have existed in the first place are either declining in registrations or have ceased to exist, while meaningful extensions that offer customers genuine value have continued to grow.
Customer awareness and acceptance continues to be a challenge and an opportunity. We will continue to see a growing number of new domains spotted âin the wildâ. We have a high decibel digital marketing campaign targeting end consumers running through various media channels for our flagship generic TLD, .ONLINE. We did similar campaigns for .STORE and .TECH last year and we can see their impact on the business.
feel registries should be doing as much as possible to increase the pace of
building awareness by communicating their value proposition.
domain names as relevant now for consumers â business, government, and individuals
â as they have been in the past?
KJ: I think domain names are more relevant now than ever. Trust between social media and consumers was shaken many times in the last couple of years and businesses realise that they need to âown their propertyâ i.e. their touchpoint with their customers or followers. If they only rely and build upon the property of someone else, they will always risk losing control of that relationship. Such dependence on social media has impaired many businesses which relied heavily on them for revenue or growth of the community. A good domain is an investment into your own brand and thus the best names will continue seeing higher valuations and interest in the coming years.
DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage to brands, according to a report released last week by Neustar, Inc.
The first quarter 2019 Cyber Threats and Trends report highlights
new areas of growth in Distributed Denial of Service (DDoS) attacks over the
past year. One issue the report highlights is that while volumetric attacks
over 50Gbps remain a relatively small segment of the overall threat picture at
only 12% of attacks, their frequency has grown enormously when compared to the
same period in 2018. The latest attacks morph over the course of the attack
using a variety of ports and protocols to locate and exploit vulnerabilities.
In Q1, 2019, over 77% of attacks used two or more vectors.
In particular, the trend of targeting subnets and classless
inter-domain routing (CIDR) blocks to slow or stop network traffic across the
internet is a disruptive DDoS threat, identified in the report. By using DDoS
methods aimed completely at subnets, rather than specific IP addresses, an
attack is often more difficult to detect and mitigate. These attacks often
feature multiple vectors, and will switch between them as they migrate from
subnet to subnet.
Neustar handled a mitigation for just such an attack in an
around-the-clock collaboration between SOC engineers and a new customer who was
quickly onboarded by Neustar after being dropped [during the attack] by their
Tier 1 Internet Service Provider (ISP).
âTodayâs artificial intelligence and machine learning
technologies enable us to identify anomalous traffic and patterns, correlate
data across systems, and perform behavioral analytics on users and
entities,” said Rodney Joffe, Neustar Senior Vice President, Technologist
and Fellow. âBut none of these systems function without professionals who know
how to deploy them, interpret their data, identify the existence and location
of problems, and mitigate them.â
Such immediate personal involvement with expert engineers is
a significant benefit in working with an estab-lished firm such as Neustar,
particularly when under attack. âNeustarâs 10+Tbps of scrubbing capacity and
variety of offerings are world class, and we have more power than ever to
defend against the range of DDoS attacks,â said Michael Kaczmarek, Neustar Vice
President of Security Products. âBut itâs important to remember our most
powerful defense: people.â
Neustar provides its customers with the resources and
assurance that are needed to ensure data and infra-structure is continually
protected against any type or size of DDoS attack. Neustarâs DDoS Mitigation
Solutions offer the largest dedicated global network with over 10Tbps + of
scrubbing capacity in North America, Europe, Asia, South America, Africa,
Australia and India.
A free copy of The Neustar Q1â19 Cyber Threats and Trends Report is available here.
The seventh Domain Stammtisch MÃ¼nchen is coming next month
and will be held on 18 May in the Hopfengarten in Munich, a popular beer garden.
The event, which is privately organised is described as a
loose meeting of the domain industry where the organisers want to have some fun
and talk about the good old days, but also about current domain topics.
Participation is free of charge, but every participant has to pay for their own
food and drinks.
The event has some of the leading players in the
German-language domain name industry including Andreas Schreiner (CEO tamiva
Ventures), Tobias Sattler (CTO united-domains), Richard Wein (CEO nic.at), Jochen
Kieler (CSO BrandIT) and Stefan Panten (Managing Director DACH Gandi).
Policy changes proposed an auDA Panel have been slammed by
the Internet Commerce Association who have said they should âembrace domain
investingâ, âthe Panel has found solutions in search of a problemâ and it âhas
not engaged in evidence-based policy makingâ and that the Panel has âcreated
equally or more unclear policies which are impossible and costly to effectively
In late March, auDA, the policy and regulatory body for Australiaâs country code top level domain (ccTLD), released a report compiled by their Policy Review Panel (PRP) who is inviting feedback from the Australian community on its final recommendations to the auDA Board. Itâs turned out to be just another sad and sorry chapter since a cabal associated with the right-wing political party of Australian politics took control of auDA in 2016.
Over the last 3 years this cabal has seen the founding CEO booted out, referred allegations of impropriety against former employees and directors to Victorian state police that have predictably come to nothing, overseen around one thousand people from outside Australia joining as members within a few weeks when only a handful of new members ever join every month to ensure they get constitution changes, seen multiple staff and directors bullied and harassed into leaving the organisation including one being given notice while she was on sick leave having cancer treatment and who later died, likely deliberately leaked a confidential report to discredit agitators against the direction of the organisation, been the recipient of an Australian government review that said the organisation was âno longer fit-for-purpose and reform is necessaryâ, seen Members agitate for 2 Special General Meetings that saw a Chair resign before being booted out, undertaken a dubious Registry tender and spent A$4.247 million in the year to 30 June 2018 on consultants and advisers to further their objectives, up from $1.783 million in the previous financial year.
So itâs hardly surprising a Panel appointed by auDA has come
up with a list of policies that defy evidence, are likely unworkable and seeks
to alienate the registrants of what is probably a significant part of the .au
In their submission responding to the public consultation
period auDA is currently undertaking on proposed changes, the ICA summarises
their problems with the auDA Panel proposals as follows:
1. auDA should reconsider its approach to domain name
investing and should embrace it as a beneficial and important part of the
domain name ecosystem;
2. The Panel has found solutions in search of a problem;
3. The Panel has not engaged in evidence-based policy
4. Rather than clarifying the policies, the Panel has merely
created equally or more unclear policies which are impossible and costly to
It should be noted that under rules for .au, domain
monetisation is allowed, but the registering of domain names for the sole
purpose of sale is not. Sales of .au domain names happen every day in Australia
through expired domains via dropcatchers and aftermarket sales. auDA themselves
sold many generic domain names for a windfall back in 2002.
In their submission, the ICA defends the role of domain
investors, or domainers, as a legitimate activity and they âwould have expected
that the experiences of other countries such as the UK, Canada, United States,
and New Zealand would have been examined and considered. In each of these
aforementioned countries, domain investing contributes positively to the
overall domain name ecosystem and helps ensure the success and viability of the
The ICA believes âthe primary beneficiary of the optimism of
domain investors who register in bulk domain names that would otherwise sit
unregistered is auDA itself. auDA likely receives millions of dollars in
revenues from such registrations and renewals. From a public policy
perspective, the question arises as to what harm is caused by the optimism that
results in the bulk registration of otherwise unregistered domains when
balanced with all the worthwhile initiatives that auDA could fund with the
revenues from such registrations and renewals.â
The ICA also wonders what problem auDA is trying to address
with their policy recommendations.
âThe Panel however stated in the Final Report, that âon
balanceâ it âbelieves that the resale and warehousing prohibition should be
retained and strengthenedâ. From our review of the Final Report however, it is
entirely uncertain and undocumented as to what extent there is any genuine
âproblemâ existing in the Australian namespace arising from the current rules
as drafted, rather than an assumption by the Panel.â
The submission raises plenty of issues such as what
constitutes the business of a domainer, what constitutes a âcomputer generated
websiteâ which the auDA Panel report proposes as a means of determining if the
domain name used is intended for domaining. Additionally, the report contends
that if a seller lists multiple domain names for sale, then this is an
indicator of a domainer. And as the ICA submission notes, thereâs no
information provided by the auDA report as to how many domain names are listed
for sale and sold, nor how many domains are warehoused.
The ICA also notes an âindicator proposed by the Panel for
determining the âprimary purposeâ of the registration is whether more than six
domain names were sold or transferred during the previous six months except in
relation to a business.â The ICA then asks âwhat constitutes a business? Who
investigates how many domain names were sold or transferred by a registrant?
How does the registrant prove that the domain names were transferred for a bona
The ICA also raises concerns about the introduction of
second level registrations, whose introduction this writer has long supported.
However the proposals suggested by the Panel add complications. There are also
proposed changes to domain monetisation. The ICA wonders what the problem is
that the auDA Panel is trying to address as there is no problem that has arisen
either in practice, or that the Panel has been able to identify. The Panel
identifies anecdotal problems, but nothing that is substantiated.
According to the FBI, U.S. businesses alone suffer from nearly $343k
in damages every hour from phishing â and this number has been rising
year over year for the last five years. Join Ben April, Chief Technology
Officer at Farsight and Corin Imai, Senior Security Advisor at
DomainTools for this 30 minute webinar on a real-world DNS forensic
investigation. Starting with a single IOC (indicator of compromise),
they will step through how to pivot through domain infrastructure to
build intelligence of associated malicious activity.
March 26, 2019 at 10 AM PT/1 PM ET
In this webinar, you will learn:
How to take an IOC and pivot on supporting threat intelligence
Where pDNS can uncover cybercrime forensics data
When to leverage DomainTools and Farsight to build an investigation
In a letter from the Independent Compliance Working Party to
ICANN by a number of technology companies in February 2018 it was claimed there
was a problem with âone particular partyâ: AlpNames. AlpNames it was claimed,
among other problems, was responsible for over half the ânew gTLD domains that
have been blacklisted by Spamhaus.â
The members of the Independent Compliance Working Party, Adobe
Systems, DomainTools, eBay, Facebook, Microsoft and Time Warner, asked ICANN to
resolve problems they identified, with AlpNames the only registrar named.
âTroublinglyâ, the letter notes, âthere also is a clear problem with one particular contracted party:
We find distinctive common patterns in domain name registration further suggesting malicious registrations. For example, we find 9,376 .link domains of which 9,256 were created in the first quarter of 2016 and 9,253 were registered with Alpnames Limited registrar.
…for 37.09% of the abused new gTLD domains reported by StopBadware, the sponsoring registrar is located in Gibraltar. Almost 195 abused new gTLD domains per 10,000 located in Gibraltar are abusive. (Note: Alpnames is located in Gibraltar.)
…we find that the abuse is driven by a single registrar: Alpnames Limited. For example, during the study period this registrar has acted as the sponsoring registrar for 53.97% (59,044) of the new gTLD domains that have been blacklisted by Spamhaus.
… one registrar, Alpnames Limited, having a high volume of abusive new gTLD domains reported by both Spamhaus and SURBL.â
The letter also notes there are problems with various generic
top level domains, both legacy (in particular .com although it does have 137.3
million domain names, ten times the size of the next biggest gTLD, .net, with
âAdditionally, according to the [Statistical Analysis of DNS Abuse in gTLDs (SADAG)] report:
The number of abused phishing domains in legacy gTLDs is mainly driven by the .com gTLD and at the end of 2016 represents 82.5% (15,795 of 19,157) of all abused legacy gTLD domains considered in this study.
…the five new gTLDs suffering from the highest concentrations of domain names used in phishing attacks listed on the APWG domain blacklist in the last quarter of 2016 collectively owned 58.7% of all blacklisted domains in all new gTLDs.
…we observe as many as 182 and 111 abused .work and .xyz domains, respectively. The results indicate that the majority of .work domains were registered by the same person. 150 domains were registered on the same day using the same registrant information, the same registrar, and the domain names were composed of similar strings. Note that only 150 abused domains, blacklisted in the third quarter of 2015, influenced the security reputation of all new gTLDs.
…the overwhelming majority of malware domains, which were categorized as compromised, belong to one of four new gTLDs: .win, .loan, .top, and .link (77.1%, which represents 19,261 out of 24,987 domains).â
There are also “regrettably stark increases and serious concentrations of abuse across legacy and new gTLDs, registries and registrars, and in the proliferation of spam, malware, phishing and other harms. For example, according to the Domain Abuse Activity Reporting (DAAR) System report:
the 25 most exploited TLDs account for 95% of the abuse complaints submitted to DAAR.
Five TLDs alone are responsible for more than half of abuse complaints.
The letter says âYouâll agree these are troublesome
statistics, and are antithetical to a secure and stable DNS administered by
âWe are alarmed at the levels of DNS abuse among a few contracted
parties, and would appreciate further information about how ICANN Compliance is
using available data to proactively address the abusive activity amongst this
subset of contracted parties in order to improve the situation before it
In his reply, Hedlund notes there are limitations as to what
ICANN to do. He notes the current Registry Agreement âdo not authorize ICANN
org to require registries to suspend or delete potentially abusive domain names.
Similarly, the RAA does not authorize ICANN org to require registrars to
suspend or delete potentially abusive domain names. Instead, under RAA Section
3.18, registrars are required to take reasonable and prompt steps to
investigate and respond appropriately to any reports of abuse. Registrars are
also required to review well-founded reports from law enforcement and other
similarly designated authorities within 24 hours of receipt. There is no
requirement in the RAA that requires registrars to suspend or delete reported
Hedlund writes that âto terminate registrars with high rates
of abusive domains under management … a âcourt of competent jurisdictionâ
must judge against the registrar prior to ICANN org taking action.â
Farsight Security announced a new grant programme last week
that provides free access to their DNSDB, which they describe as the worldâs
largest passive DNS database, for investigative reporters.
Farsight explains that the Domain Name System (DNS), as the
infrastructure of the Internet, records every action online and this leaves
behind a digital trail of DNS assets. Starting with a suspicious IP address or
domain name, leading news organisations use DNSDB to uncover and confirm
previously hidden or known information for stories about disinformation campaigns,
fraud, election security, and other breaking news.
âThis DNS tool is astounding,â an anonymous investigative
reporter, for a national broadcast network, said in a quote used by Farsight. âItâs
a powerful tool thatâll help me keep people accountable.â
Internet pioneer and Farsight Security CEO Dr. Paul Vixie
will conduct a hands-on training class entitled, âFinding the story: Using DNS
Search for Investigative Journalismâ at the 2019 Computer-Assisted Reporting
Conference (CAR) Conference, an annual conference devoted to data journalism that
will take place in Newport Beach, California, March 7th â 10th, 2019.
To honour its commitment to making the Internet safer for
all users, Farsight Security has always offered grants for DNSDBÂ® and other DNS
Intelligence solutions to vetted researchers, law enforcement, and other
non-profits. As part of its new Journalism Grants programme, Farsight will
offer qualified investigative reporters free access to Farsight DNSDB. Among
the grant requirements, reporters must:
Work for a major print, broadcast or online news organisation
Work as an investigative reporter, editor or data journalist
Attend a two-hour media workshop DNSDB training course
More details on the programme and to apply for a grant to use DNSDB, visit here. The program is available now and is free for qualified journalists.