Domain Hijacking and Metafilter
May 31, 2002 1:26 PM   Subscribe

If you read it more carefully, you'll learn that it has more to do with the auto spam filters employed by mac.com's email service - which was the address supplied to dotster - filtering the renewal notice out because dotster.com has been identified, randomly, as a spam source by mac.com email service.
posted by gsh at 2:19 PM on May 31, 2002

Though the outright theft of a domain is uncommon, from past discussions on MetaFilter, it seems like some registrants are losing domains because the the registrar they used is a mom-and-pop reseller that doesn't even give them a chance to renew the domain when it comes due, so it expires and is snapped up by one of these domain-eating companies.
posted by rcade at 2:19 PM on May 31, 2002

mmmmmmm... domains.
posted by crunchland at 2:34 PM on May 31, 2002

The thing I can't understand is why people who work so hard on their websites won't write their domain's expiry date on a sticky note and paste it to their computer monitor. If your phone bills get lost in the mail, do you have the right to complain when you phone gets cut off?
posted by timeistight at 2:44 PM on May 31, 2002

I think I did a slightly better job explaining what happened, at least insofar as I understand it from what I've read, on my own weblog than I did in the Mefi thread.

"Domain hijacking" seems to be the phrase used when someone wakes up one morning and says, "Dude, where's my web site?" However accurate the term, I think rcade nails it on the head. Registrants are not getting a fair chance to renew their domains, or can too easily lose control of them, and the domains are damned hard to regain when lost. It may not be the most accurate phrase, but it's definitely spooky stuff.

[on preview] timeistight: I was wondering about that myself. July 13, 2003 for my principal domain, and with all that's happened I'm not likely to forget that! And just to be sure, where's my damn Palm . . .
posted by mcwetboy at 2:48 PM on May 31, 2002

You better watch your domain close Timeistight, because I am gonna take it from you if I can. ^_^
posted by thirteen at 2:54 PM on May 31, 2002

The thing I can't understand is why people who work so hard on their websites won't write their domain's expiry date on a sticky note and paste it to their computer monitor. If your phone bills get lost in the mail, do you have the right to complain when you phone gets cut off?

Oh come on. I buy domains at two years each. I won't have this monitor in a year. The phone bill analogy doesn't because being cut off doesn't mean that someone else is going to take your name and phone number 8 seconds after they disconnect you. Not to mention you don't get disconnected after one missed bill, but after a few and something like 2 or 3 snail mail mailings.

Yes, we should all be more careful in life when it comes to things we consider important, but at the same time there's nothing wrong with complaning and demanding better service especially when it is well known that domain hijackers (or whatever the proper term for them is) are out there.

Expired domains kill any legal recourse these people might have had, but it doesn't change the fact that this is an alarming failure of customer service and customer trust which as rcade suggests is not only harming the old domain owners but the lousy registrars too.

posted by skallas at 3:23 PM on May 31, 2002

Please don't think I'm defending the slimy lowlifes who snap up popular domains as soon as they expire. They're nasty people. I'm just saying they aren't thieves.

One reason I posted this was to see if anyone knew of other domain thefts like Leslie Harpold's. The Harpold case seems like a personal attack: two of her domains disappeared within a week. Everything else just seems like sleazy businesspeople.

And no, thirteen, I'm definitely not looking for anyone to hack or spoof my registrar to "show me what it's like." I think I can imagine how heart-breaking it is.
posted by timeistight at 3:23 PM on May 31, 2002

There probably are some things that ICANN can do to make this particular problem a little less likely to happen. Harvard Student Ben Edelman wrote a couple of articles on the subject in an effort to convince ICANN to adopt a grace period for after a domain name expires. In those articles, he stresses that they were written to help groups make policy decisions and asks that they not be used in other ways. So, I'll link to them, and if the articles convince you and you feel like acting on a policy making level, send a comment to ICANN on the subject. Ben Edelman's articles are: Domains Reregistered for Distribution of Unrelated Content: A Case Study of "Tina's Free Live Webcam" and Large-Scale Intentional Invalid WHOIS Data: A Case Study of "NicGod Productions" / "Domains For Sale".

I came across his name again in an article yesterday called Porn-napping is rubbing users the wrong way which also includes some quotes from a spokesperson from ICANN. One of the things suggested in that article is a grace period after a domain name expires.

In addition to a grace period, I also think that the registrar should redirect the domain name to a page that gives notice that the domain has expired and the registrant needs to take action during the grace period. This would overcome the possibility of bad contact information listed in the whois information. It would also give people who visit the site warning that its content may soon change. That could be important if the site previously contained content for children, or was a church or civic association site, and the new owners want to make it a pornography site. (I'm not saying anything bad about pornography sites - just that you shouldn't "accidentally" find one when trying to surf the web with your children.) Search engines and directories could also take advantage of that notice page, and remove soon-to-be-expired domains from their indexes.

The grace period, and an expiration notice page wouldn't overcome unauthorized transfers of ownership, but they would make it more likely that there wasn't an unintentional transfer because of a inadvertent failure to renew.
posted by bragadocchio at 3:54 PM on May 31, 2002

Thanks, bragadocchio, those are great links. Edelman has put an amazing amount of work into this.

Instituting your proposals would decrease porn-napping, etc. And if they caused a price increase for domain registrations, well that would hurt the porn-nappers and viagra sellers more than anyone else.
posted by timeistight at 4:23 PM on May 31, 2002

You're welcome, timeistight. I can't take complete credit for those proposals - as you said, Ben Edelman has done a tremendous job of pulling together information. Those links address the failure to re-register timely. You were also asking about situations involving transfers without the approval of the original registrant. Another page that deals with topics like fradulent transfers of ownership or fradulent change of contact information, on the ICANN site also recommends a grace period, and some other steps. The idea of online notice at the page during that grace period might be something worth suggesting to them, since they don't include it in their proposals.
posted by bragadocchio at 4:59 PM on May 31, 2002

According to e-mail I received from Apple, Dotster was indeed spamming; they weren't blocked "randomly" from the mac.com domain.
posted by kindall at 5:43 PM on May 31, 2002

You're too modest, bradocchio. Without the expired domain notification page the grace period could slip by unnoticed. I'd certainly notice if my domain resolved to a "This domain has expired page."

Any tips for making a proposal to ICANN? I'm going to be out-of touch for the next week, but I'd like to get something going on this after that. Maybe we need a slogan and some graphics like the Free the Mouse thing.
posted by timeistight at 8:04 AM on June 1, 2002

This is why I like my registar: On my control panel page, they have a little section that says "# of domains expiring in... 1 month (#), 2 months (#), 3 months (#). I log in regularly just to verify expirations.
posted by benjh at 5:53 PM on June 1, 2002

Arthur, I'm interested in sending a comment to ICANN telling them that their idea of a grace period after expiration sounds like a great idea, and suggesting a notice page during that period. I haven't done so yet, but I will.

ICANN would probably give more weight to a suggestion like that if they received it from more than one person, but if everyones' comments were worded exactly the same, they may discount the value of additional comments. So, if a grass roots effort was made to encourage people to send comments to ICANN, I think those would best be in their own words.

People should write how it might help them personally to have a notice page like that:

As a web user, concerned that kid-safe sites might become adult content sites overnight.

As the owner of a personal web page, fearful that they might lose their domain name through their own mistake, or through an error on part of the registrar, or by the actions of some third party.

As the owners of a civic association or church site, who might feel that their reputations may be besmirched by an overnight change.

As a business owner, who lost their domain name because of "mistake, inadvertence or fraud" might be required to change business cards, letterhead, promotional items, registrations with search engines and directories, and contact all of their known customers to inform them of the change of address.

They could mention that they saw the ICANN page, "Redemption Grace Periods for Deleted Names" and submit their suggestions to the email address listed at the bottom of that page.

Getting other people interested in submitting comments might be aided by someone setting up an information page on the subject. I think that it's important that the page is presented as a sincere effort to improve the ICANN system, and to avoid mistakes and abuses that result in inadvertent transfers of domain names. The idea behind it wouldn't be to point out "bad" registrars or past abuses, but rather to build something better for the future. That would help to avoid any loss of credibility that might result if it were viewed as a personal vendetta on someone's part. A better web is one where unintentional transfers of domain names are less likely to happen.

As for a slogan, the only thing that comes to my mind right now is "saving grace." Anyone else have ideas regarding an information page or a slogan or graphic?
posted by bragadocchio at 8:36 PM on June 1, 2002

You already have a grace period for renewing your domain. It lasts from the day you make your payment until the domain expires.
posted by kindall at 11:34 PM on June 1, 2002

kindall, while not technically a "grace" period, you're right. In a perfect world, everything should work fine and the only reason why a domain name should expire is if someone didn't want to renew a name. And the only time that would happen is at the end of that period.

But that's not necessarily when a domain will expire - or should I say, be cancelled. An example from ICANN's redemption grace page of when that doesn't happen:

Another class of "inadvertent" deletions arises from the actions of domain-name hijackers. Hijackers have been known to compromise a registrant's account at a registrar, modify the registrant's contact information, request a transfer of the registration to another registrar, and then issue a request to the registrar to delete the registration. The hijacker or a third party can then register the domain immediately through some other registrar.

If a grace period and notice page were required when that first registration was deleted, the original owner of the domain could contact the original register, and try to have the problem resolved before someone new took over, and transfered the domain name through a number of other registrars.

Registrar error could also result in an earlier-than-anticipated expiration. Without a grace period, the name may be immediately be available for resale, and before the original person who registered the name had any idea, the owner of the name, and the registrar handling the name could be someone different:

Yet another category of unintended domain registration deletions arises from registrar mistakes, including those caused by registry/systems-related confusion. There is a provision in the current version of the Registrar Accreditation Agreement that is meant to address mistakes of this type (specifically Section 3.7.7.11), but in practice this has proved to be less-than-fully effective. The current procedure is not mandatory – it requires voluntary cooperation by registrars to correct mistakes. In many cases, registrars have been reluctant to assist in correcting mistakes, especially when the correction would require taking away a domain name from the registrar's paying customer and handing it back to some other registrar and its customer.

When a registration expires at the time that it should, and someone misses re-registering because of their own mistake, what's wrong with giving them a grace period too? Utilities often do that before they terminate service.

There's even a benefit to having a grace period and a notice page when someone intentionally lets a name expire. It would act to warn visitors to the site that the name is being taken over by someone else. It would give people a chance to remove bookmarks to sites that are going to expire. And, it would give search engines and directories a chance to remove expiring sites.
posted by bragadocchio at 8:11 AM on June 2, 2002

This page from ICANN probably should also be looked at before sending comments regarding a grace period and notice page to ICANN: Supplemental Discussion Paper: Redemption Grace Periods for Deleted Names.
posted by bragadocchio at 8:24 AM on June 2, 2002

ewwgene.com got snatched up by netster.com when the renewal from dotster went to an old email address that i no longer checked because it was a spamtrap.

It was my fault for not updating the contact info, but i have to admitt that i never remembered to do it. :P

I hope they might drop the domain in a year. though i doubt it.

posted by ewwgene at 5:10 PM on June 2, 2002

http://www.macslash.com now has a link to http://www.macslash.org

So whoever cruelly hijacked the domain is pointing to the new location. What's up with that?
posted by mecran01 at 6:10 AM on June 3, 2002

One thing we can and should do is apply for trademark status for our URLs and site names. If you own the trademark for your domain and someone else hijacks it, you'll have strong legal recourse for reclaiming it.

I'm going to explore this soon, although I recently renewed my domain for five years, so I'm not that worried about basic expiration.
posted by werty at 6:51 AM on June 3, 2002

« Older Last year and the year before,...   |   interview of a nice young man ... Newer »