back to article Almost all dot-science malicious, dot-cricket rigged, researchers find

Almost every one of the hundreds of thousands of websites in 10 top level domains including all under dot-review and dot-zip are malicious, according to research. More than 95 per cent of the hundreds of thousands websites in each of ten top level domains (TLDs) including dot-country, dot-cricket, dot-science, and dot-party …

  1. Anonymous Coward
    Anonymous Coward

    It's All Creaking Under the Strain...

    This kind of thing illustrates just how bad the Internet's systems of regulation are. It's just too easy to get onto it anonymously, rip people off, and get away with it whilst running almost no risk of being caught.

    It's about time we solved the identity problem properly, but I don't think anyone has had any good workable ideas for that.

    1. Jack of Shadows Silver badge

      Re: It's All Creaking Under the Strain...

      Identity isn't the problem exactly. It's the consequences to individuals and/or groups that are the problem. Lethal consequences far too often. And coming from a 'Free Society' near you, of late. That's one of those things that our Supreme Court gets right. Anonymity must exist in order for the right, among others, of 'Free Speech' to exist.

      1. Anonymous Coward
        Anonymous Coward

        Re: It's All Creaking Under the Strain...

        It's the consequences to individuals and/or groups that are the problem.

        There's often no consequences for the perpetrators because all to often no one has any idea who they are. If it were impossible to run a web service or whatever without inevitably giving away your name/address then the problem would go away.

        That's one of those things that our Supreme Court gets right. Anonymity must exist in order for the right, among others, of 'Free Speech' to exist.

        Except that's nuts. There's no such thing as free speech as people commonly percieve it ("I should be able to say absolutely anything"). "Free Speech" does not mean that you are allowed to say absolutely anything and get away with it. Say something antisemitic / racist / etc. and you should face the consequences demanded by society and law.

        Yet "free speech" and anonymity are far to often used as a smoke screen for saying things that, if openly published or said to someone's face, should result in prosecution and personal consequences.

        The ideas of "free speech" were developed back in the day when it was impossible to say or communicate anything without somone somewhere knowing who it was doing it. The original ideas behind protecting "free speech" were that you be able to openly criticise the the government and authorities without fear of arrest, etc. No one back then ever said that you should be able to say something illegal and get away with it. Everyone then said that you should be able to openly criticise without having to resort to anonymity to preserve one's personal liberty.

        Of course in contrast in countries where the original idea of free speech is not enshrined in law (dictatorships normally) anonymity on the internet does serve a purpose. But that's a completely different use case for the network. I don't believe the two use cases are compatible.

        1. Destroy All Monsters Silver badge
          Thumb Down

          Re: It's All Creaking Under the Strain...

          There's no such thing as free speech as people commonly percieve it ("I should be able to say absolutely anything").

          Thanks for the strawman.

          Here's penny. Go buy yourself a whistle but the magic president of freedom may well come after you.

          1. Graham Marsden

            @Destroy All Monsters - Re: It's All Creaking Under the Strain...

            > Thanks for the strawman.

            The AC also goes for a nice example of Special Pleading:

            "Of course in contrast in countries where the original idea of free speech is not enshrined in law (dictatorships normally) anonymity on the internet does serve a purpose. But that's a completely different use case for the network."

            In other words "It's different in this case, because *this* is the one I approve of"

        2. Dan Paul

          Re: It's All Creaking Under the Strain...

          The rights to free speech in the USA are incontrovertible and undeniable.

          You just don't like the opinions being offered. Tough, you don't get to tell me that I can't state my opinion or it's subject, tone or content. At all, ever. And neither does ANY state or government entity.

          Everyone has a right to their opinion here and YOU don't get to be the arbiter of what is right or wrong

          The mere fact that you used the cover of "Anonymous Coward" means you know your comments will be a lightning rod. You don't get a pass. As far as I am concerned, you are hypocritical by using the "AC" option and don't have any idea why our founding fathers instituted the first amendment.

          Take a second to read below since you obviously don't have any grasp of the US Constitution.

          First Amendment - Religion and Expression. "Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances."

          Nowhere in that paragraph does it say that "Mr. High and Mighty" has any right to tell us what to say or what is "acceptable" free speech. If his pets at "Black Lies Matter" can publicly advocate the killing of police officers like the several murdered in cold blood over the last two weeks, then his detractors can say anything they want.

          What part of "Congress shall make no law", "Free Exercise" or "Abridging the freedom of speech" do you not comprehend?

          You act the same as all these effeminate, pandering, waffling, politicians we have today. They are unwilling to understand that many unpopular opinions that people espouse today are not illegal in this country. And these politicians have no right to "create laws" to prevent them from being offered. That reality doesn't jive with their self righteous ignorance.

          I don't care that you don't like what I have to say. I still have a right to say it. And so do you.

          1. LDS Silver badge

            Re: It's All Creaking Under the Strain...

            Just remember that being free to say whatever you like doesn't make you not responsable of what you say...

            1. DougS Silver badge

              Re: It's All Creaking Under the Strain...

              The Constitution prevents laws that stop you from saying whatever you want, but does not prevent laws that make you face the consequences for what you say. If you yell "fire" in a crowded place and cause a stampede that injures a dozen people, or tell someone you are going to assassinate the president and they report it, you will find there are consequences for what you say. Your speech may be protected, but you are not protected from the consequences of that speech.

          2. Mark 85 Silver badge

            @Don Paul -- Re: It's All Creaking Under the Strain...

            Don, I agree that what you say is intent. However, AC is exhibiting the same behavior as the PC types who are notorious for getting more and more "free speech" banished. It may not be outlawed, but there are penalties for using the "n-word", waving a Confederate battle flag (those are current hotspots). The PC types all seem to think that the world should see and act as they would like us to believe that they actually think and do this stuff. It's either "free speech" for everyone or none.

            I note that "free speech" is becoming imperiled more and more as you point out by politicians. Removing the Confederate Battle Flag is a good example. The intent may be good, but the slippery slope is getting steeper.

          3. Anonymous Coward
            Anonymous Coward

            Re: It's All Creaking Under the Strain...

            unless you are a commie / pinko / etc.

      2. LDS Silver badge

        Re: It's All Creaking Under the Strain...

        Registering a domain is not "free speech". It's a commercial transaction. Using stolen credit card numbers is not "free speech". Ignoring NIC rules is not "free speech"

        Then what you write on a web site may be protected by "free speech" laws. Unless it's a crime, unless you believe delivering ransomware, for example, is another form of communication that should be protected by "free speech". Is a blackmail or treat letter "free speech", i.e. "Send $10,000 to Moldova via Western Union if you don't want to be killed"?

        Should a commercial transaction like registering a domain allowed to be anonymous? Why? There are many commercial transactions that are subject to regulations because they imply someone needs to be accountable for. And no one claims "free speech" rules should apply.

    2. channel extended

      Re: It's All Creaking Under the Strain...

      Thus written as an AC.

  2. Anonymous Blowhard

    ICANN makes bucks and passes the buck

    "TLD operators need to pay the Internet Corporation for Assigned Names and Numbers US$185,000 for the privilege to operate"

    "There are no requirements to impose the scrutiny on domain buyers"

    1. Bronek Kozicki Silver badge
      Pint

      Re: ICANN makes bucks and passes the buck

      If a proof was needed that ICANN does not care about Internet but only about its pocket, this is it.

      1. Pen-y-gors Silver badge

        Re: ICANN makes bucks and passes the buck

        If ICANN weren't just concerned about the cash, they wouldn't have enabled all those new TLDs in the first place. Now they exist the least they can do is pull the plug on the ones which are ALL dodgy!

  3. TheOtherMatt

    Don't rely on this so called "report"

    This report has gaping huge holes in it. It claims that 100% of .science is a scam, even though at the time the report was written it only had one registered domain; nic.science, i.e. the only domain required by ICANN, the registry's own website. On top of this .science isn't even in available to the general public! (yet). This report was poorly researched and for anyone who is at all associated with the industry knows as such.

    This is not to say that scams aren't out there, or that ICANN does enough to force registries to comply with common sense anti-scam policies and procedures.

    The take away is if you don't like what ICANN is doing then please don't use this report as either sole or supporting evidence because this so called "report" is, sadly, very lacking in rigour.

    1. Destroy All Monsters Silver badge
      Paris Hilton

      Re: Don't rely on this so called "report"

      Just another undeclared ad, then?

      Why should the new TLD be particularly prone to exploitation anyway? More than, say .cc, .cx or any other fast domains? Is it just because the total numbers of users is very low and the scammers move in first?

      Almost all .science malicious, .cricket rigged, boffins find

      It's also not likely to be "boffins". More like the people in the office next to the joss-stick department.

      Keep you NoScript, Ghostery and patches dear and near, run your browser in a VM and think before you click. This message brought to by Internet Drama Anonymous.

    2. eesiginfo

      Re: Don't rely on this so called "report"

      I just did a quick search on .science domains.

      Heres an example of the search returns:

      https://uk.godaddy.com/tlds/science

      "Available now £19.99"

      Another:

      https://register.science/

      $16.48

      Neither site lists purchase criteria.

      So it looks like .science is available to the public.

    3. John H Woods Silver badge

      Re: Don't rely on this so called "report"

      "On top of this .science isn't even in available to the general public! (yet)" -- TheOtherMatt

      I think it is - I registered one just to get an email address @itsnotexactlyrocket.science. I'm not flinging any malware (or anything at all) from the address though.

    4. Conrad Longmore

      Re: Don't rely on this so called "report"

      Don't a Google search for "site:.science" shows a LOT of sites, and you can tell straight away that a large quantity of them are complete crap.

      There is of course a caveat with just counting the number of bad domains.. if you take a worthy domains such as theregister.science then it counts as just one good domain, but obviously the value of that domain is much greater. Thus you can have 99% crap and 1% of actual value. Yes, I'm still minded to block some of these.. but you need to be aware of collateral damage.

  4. Ole Juul Silver badge

    This is good news

    More than 95 percent of the hundreds of thousands websites in each of ten top level domains (TLDs) including .country, cricket, .science, and .party are flogging spam, …

    If ever there was a short and concise filter for spam, this is it.

  5. Graham Marsden
    Holmes

    "The completely unsurprising findings...

    "...published by security firm Blue Coat"

    FTFY!

  6. Tannin

    I'd like a magic tool to auto-block all domains outside of the traditional .com, .net,. .co.uk, .org.au, .gov.nz, and so on. Frankly, I remember seeing sites that were actually worth visiting even once on weird TLDs (and I count .biz, for example, as another "weird" one) possibly as often as twice. Ever. Wouldn't miss any of them in the slightest.

    1. John H Woods Silver badge

      "I'd like a magic tool to auto-block all domains outside of the traditional .com, .net,. .co.uk, .org.au, .gov.nz, and so on." - Tannin

      No magic required, dnsmasq will do what you want.

  7. Loyal Commenter Silver badge

    Some TLDs are considered safe, including .sucks which demands up to a $2000 annual registration fee, something that prices scammers out of the market.

    Sounds like the scammers are the ones running that particular registry...

  8. lukewarmdog

    .kim

    sadly there is a "kanye.kim"

    "mynameis.kim" has expired

    there isn't an "everyonehates.kim".. missed opportunity

    "northkorealoves.kim" would be excellent propaganda

    the reason for making the .kim domain seems to be "there are a lot of people called kim so um.. that's a good enough reason"

    With reasoning like that there should be way more ridiculous domains out there

    none of which I'm going to suggest here as I want to keep .deadbaby to myself.

  9. Mike 16 Silver badge

    Security conscious Register Readers

    Should keep in mind two things:

    1) PDF has been used as a malware vector several times now.

    2) Blue Coat devices have been used by e.g. Syria (under arms embargo), although Blue Coat says they have no idea how they got there from Dubai. "Once the rockets go up..."

    Also, don't walk around the S.F. Tenderloin at night with $100 bills hanging out of your pockets.

    1. Anonymous Coward
      Go

      Re: Security conscious Register Readers

      or any thing else hanging out, you know, dude

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019