Tag Archives: .IO

UK Child Protection Agency Finds 5 TLDs Account For 80% of Child Porn

Five top level domains accounted for 80% of all webpages identified as containing child sexual abuse images and videos, according to the 2016 annual report from the UK’s online reporting hotline for child sexual abuse, the Internet Watch Foundation, released today, with 57,335 URLs containing child sexual abuse imagery and these were hosted on 2,416 domains worldwide.

The 5 TLDs are .com, .net, .se (Sweden), .io (British Indian Ocean Territory) and .cc (Cocos (Keeling) Islands). Verisign is the registry operator for .com and .net, the largest and fifth largest TLDs globally, with 126.9 and 15.3 million registrations respectively, according to their latest quarterly Domain Name Industry Brief, as well as the backend registry operator for .cc. On a per domain basis, it’s clear the operators of .se, .io and cc need to do much more.

Criminals are increasingly using masking techniques to hide child sexual abuse images and videos on the internet and leaving clues to paedophiles so they can find it. IWF has identified commercial child sexual abuse websites which only display the criminal imagery when accessed by a “digital pathway” of links from other websites. The pathway is like a trail of breadcrumbs; when the pathway is not followed or the website is accessed directly through a browser, legal content is displayed. This means it’s more difficult to find and investigate the illegal imagery. It also means that criminal enterprises online are receiving legitimate banking services, as checking their website won’t automatically reveal the criminal content.

When IWF first identified this technique, they developed a way of revealing the illegal imagery, meaning they could remove it, and the websites could be investigated. But the criminals continually change how they hide the illegal imagery, so IWF’s expert analysts adapt in response.

Europe now hosts the majority of child sexual abuse webpages (60%), with North America moving to second place (37%). In contrast, UK now hosts less than 0.1% of child sexual abuse imagery globally, and this is due to the zero tolerance approach the internet industry in the UK takes. Breaking this down further, 92% of all child sexual abuse URLs identified globally in 2016 were hosted in five countries: Netherlands (37%), USA (22%), Canada (15%), France (11%), and Russia (7%).

Unsurprisingly, the criminals behind child sexual abuse online have also taken to the new gTLDs. Registration numbers in the new generic top level domains have jumped almost 8-fold to 29.034 million today from 3.722 million on 1 January 2015 and 2.6-fold from 11.230 million on 1 January 2016. And so has the child abuse that has used new gTLDs. In 2015, the IWF took action against 436 URLs on 117 websites using new gTLDs. In 2016 they took action against 1,559 URLs on 272 websites using new gTLDs – an increase of 258% from the year before, or 2.3-fold. Of these 272 websites, 226 were websites dedicated to distributing child sexual abuse content.

Recognising that new gTLDs are also used for hosting child sexual abuse, the IWF has partnered with leading registries to help prevent the use of gTLDs being used to show children being sexually abused. They utilise Domain Alerts to help their members in the domain registration sector to prevent abuse of their services by criminals attempting to use domains for websites dedicated to the distribution of child sexual abuse imagery. Several registries and registrars are members of IWF, including Rightside and Nominet.

Rightside has been particularly active and playing their part, becoming an IWF Member in September 2015. The IWF annual report gives as a case study the work Rightside, registry operator for .ninja, in attempting to take down domain names that host child abuse content. In 2016 Rightside received Domain Alerts relating to two .ninja domains. These domain names were found to be associated with 138 items of content depicting child sexual abuse material.

Rightside considers the IWF as a trusted third party notifier; this simply means that given the IWF’s unique mandate from the UK authorities, to actively seek and take action on criminal online content worldwide, any Domain Alert report received from the IWF, is taken at face value. Rightside’s Abuse Team can proceed, confident in the knowledge that the IWF’s trained analysts, have investigated, evidenced, and reported all findings to the relevant law enforcement authorities.

Rightside has implemented rapid internal processes for best managing IWF Domain Alerts. They are especially sensitive to the possibility of hacked websites, or situations where their domains are being used by legitimate businesses who may have thousands of users, with any one of these users being potentially responsible for the illegal content. As a registry, Rightside wants to ensure their actions don’t cause further harm, working quickly and decisively to identify the best way to remove illegal content, with the least impact to those not responsible.

“We believe that the IWF partnership provides an important protection, not only for all of Rightside’s registrants, and the general internet user, but protects the well-being of Rightside’s own Abuse Team in processing such reports,” said Alan Woods, Rightside’s Registry Compliance Manager.

“Rightside, as one of the first new gTLD registries to partner with the IWF, sees the benefit of membership in establishing gTLD best practices to protect all web users worldwide from malicious actors. Working with the IWF has been a great partnership in notifying us immediately when a site, using one of our domains, is being abused so we can take action to disable the domain in question.”

“Criminals will attempt to abuse new technologies for their own gain – in this case it’s using new domain names,” said Susie Hargreaves OBE, IWF CEO.

“As a Member of IWF, and the registry for .NINJA, we’ve seen first-hand how Rightside shares our zero-tolerance of child sexual abuse material. We appreciate their commitment and hope the rest of the industry steps up to ensure that criminals distributing child sexual abuse material can find no refuge in gTLDs, only swift and immediate action to stamp out these channels.”

The IWF Annual Report 2016 is available here:

Risks In Using Obscure, Small ccTLD For Domain Registrations

Priceonomics logoIn recent years there has been a small but significant number of registrants choosing ccTLDs such as .ly (Lybia), .sy (Syria) and io (British Indian Ocean Territory). But there are risks in using some of these.

The Priceonomics blog has outlined some of these in a recent post. A few examples of registrants having problems with their ccTLDs as outlined are:

  • Art.sy – a social platform for sharing and purchasing art. The .sy domains, the article says, “are ultimately registered with and purchased from a Syrian Internet authority. Although Artsy had registered Art.sy in 2011, before sanctions were imposed, Artsy’s annual payments to maintain the domain meant they were breaking sanctions.”
  • Vb.ly – Violet Blue used this domain but “in 2010, vb.ly — a domain owned by ‘sex-positive url-shortener’ Violet Blue — was removed from the .ly registry, on the grounds that it had violated Libyan law and the terms of its registration.”
  • .io – the .io ccTLD has gained popularity with start-ups in recent years given it’s “for the British Indian Ocean Territory – and thus under stable British rule.” But there are questions over “Britain’s history of colonialism over the 1,000+ tiny islands that make up the British Indian Ocean Territory is complex, and it isn’t clear where the registry money is going nor whom it benefits. The native population was ‘evicted’ in the 1960s and 1970s, and remained exiled despite continuous efforts to return. Right now, the only people who live there are a couple thousand British and US military personnel.”

So choose carefully when looking for a little known ccTLD. Your choice may cause problems if it’s seized and you lose your web presence, costing customers. Or if your ccTLD gains a bad reputation, people may think twice about visiting your site.

To read the Priceonomics blog post in full, go to:

Big Domain Sales Take a Break In Weekly Chart

Domain Name Journal logoThe biggest reported domain sale for the week ending 12 April wasn’t… very big! It was the $49,000 sale of rizk.com in a private sale. And yes, while not a big sale, I’m sure the seller was still quite happy.

Coming in second was kelepir.com, selling for $40,000 through AlanAdlari while hse.com continued the strong three-letter .com sales of recent months coming in third, selling for $34,000.

There were nine three-letter .com sales in the top 20, two four letter .com sales and two five-letter .com sales.

Sedo was the biggest aftermarket outlet in sales with 11 while Flippa had four AlanAdlari had two.

And on the TLD side of things, there were 18 .com sales including the top 16 sales and one each for .co.uk and .io.

To check out the Domain Name Journal chart of top reported sales for the week ending 12 April in more detail, go to:

HOMECARE.COM Tops Weekly Chart In Six-Figure Sale

Domain Name Journal logoThe sale of homecare.com was easily the biggest reported sale in the week to 25 January, selling for a very healthy $350,000 through the NamesCon/RightOfTheDot auction.

The sale was almost six times the second biggest sale – spanien.se, which sold for $60,000 while se.se was third, selling for $52,000, with both domains sold through Tradera. The two domains follow the sale of tv.se for SEK2,180,500 ($265,149) which topped the chart in the previous week. The sales are part of the .se registry’s release of previously unreserved domains.

For the week, Tradera, the Swedish online commerce site, was responsible for six .se sales, but they were pipped for the most sales in the top 20 by Sedo with nine sales.

On the TLD side of things, there were ten .com sales, six .se sales and one each for .nl, .com.au, .io and .eu.

To check out the Domain Name Journal chart of top reported sales for the week ending 25 January, go to:

British Government Continues Appalling Treatment Of Chagos Islands, Taking .IO Profits

The .io ccTLD has become popular among start-ups, but little do registrants know that the British government, who has forcibly removed the archipelago’s inhabitants from 1967 to 1973 to make way for the US military’s air strip at Diego Garcia, takes a cut of the profits from registrations.The islands are now formally known as the British Indian Ocean Territory (BIOT) and have no permanent residents apart from British and American military personnel, reports The Independent. Domain names for the islands have been available from a UK-based company called the Internet Computer Bureau for around £60 to £70 each, depending on registrar. Or around twice that if the registrants is outside the European Union. The former islanders though have no idea of the deal.”Profits from the sale of each .io domain flow to the very force that expelled the Chagossian or Ilois people from their equatorial land just a generation or two ago: the British government,” reported GigaOM who broke the story.Allen Vincatassin, president of the Diego Garcia and Chagos Islands Council, told The Independent: “We do not know what sort of income is being received from the sale of these internet domains and to what use it is being put. This another example of money being behind the backs of Chagossians.”The Government should disclose how much money it has received and provides assurances that it will be used for the islands, including the resettlement that so many Chagossians want to see happen.”Revenue from registrations though has the potential to benefit the islands, or at least the islanders should they ever be able to return following their shameful expulsion. Examples of ccTLDs becoming lucrative earners for countries or territories are .tv (Tuvalu), .me (Montenegro) and .co (Colombia).”The British government granted these rights to ICB chief Paul Kane back in the 1990s. ICB gets to run .io ‘more or less indefinitely, unless we make a technical mistake,’ Kane told GigaOM. (ICB has so far run a stable .io namespace. It should be noted that Kane is a respected veteran of the infrastructure scene, and has been entrusted by ICANN with one of the 7 so-called “keys to the internet”.)For more on this story from the original reports, go to: