Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Internet Businesses Network Networking Technology

The Great .ORG Heist (harvard.edu) 80

Sam Klein: Ethos Capital, a new commercial investment firm founded in the past few months in Boston, has 2 staff and only one major investment: a deal to acquire the 501c3 non-profit that currently runs the .org domain (valued at a few $B), for an undisclosed sum. This was initiated immediately after ICANN decided in May, over almost universal opposition, to remove the price cap on .org registrations with no meaningful price protections for existing or future registrants. This seems to violate a range of ethical, ICANN, ISOC, and non-profit guidelines. It is certainly the privatisation of a not-for-profit monopoly into a for-profit one, which will benefit ISOC and a few individuals by inconveniencing millions of others. I have questions:


1. Do affected parties have recourse?
2. Other than polite letters, is anything being done? (Maybe: Official complaints have been filed, but don't expect results.)
3. Georgia Tech's Internet Governance Project has pointed ideas for ICANN. (You can .. join ISOC as a member to take part in future decisions.)
4. Has anyone currently at ICANN + ISOC made substantive comment? (Yes: Richard Barnes, ISOC trustee and netizen, explains why he voted to sell .org.) Vint Cerf said: 'Hard to imagine $60/year would be a deal breaker for even small non-profits.')
5. How did we reach the point of Net pioneers embracing 95% profit margins?
Tim Berners-Lee adds, "I'm very concerned about the sale of .org to a private company. If the Public Interest Registry ends up not being required to act in the public interest, it would be a travesty. We need an urgent explanation."
This discussion has been archived. No new comments can be posted.

The Great .ORG Heist

Comments Filter:
  • Corruption (Score:5, Informative)

    by Anonymous Coward on Friday November 29, 2019 @06:10AM (#59468642)

    4. Has anyone currently at ICANN + ISOC made substantive comment? (Yes: Richard Barnes, ISOC trustee and netizen, explains why he voted to sell .org.) Vint Cerf said: 'Hard to imagine $60/year would be a deal breaker for even small non-profits.')

    ICANN and ISOC are corrupt organizations run by corrupt scumbags, including Vint Cerf (former ICANN Head Scumbag).

    • Re:Corruption (Score:5, Informative)

      by arglebargle_xiv ( 2212710 ) on Friday November 29, 2019 @06:58AM (#59468696)

      I particularly like Cerf's "Let them eat cake" response. USD 60 is between one week and one month's wages in many parts of Africa, exactly the sort of place where you've got many small non-profits. At the Google rate of $65/hour that's equivalent $2,600 to $10,400 in US dollars. So what he's really saying is "Hard to imagine up to $10,400/year would be a deal breaker for even small non-profits".

    • Re:Corruption (Score:5, Interesting)

      by ScooterComputer ( 10306 ) on Friday November 29, 2019 @09:50AM (#59468892)

      I jumped into this thread to see if something like this had been posted. Unfortunately, I--through experience--have to agree. Back in '96 I was working to gain control over a localized .us sub-domain for a pretty small town. I ended up having (what I at the time thought to be) a great telephone conversation with no less than Jon Postel himself! I was talking to an internet god. Or so I thought. Postel spent about half-an-hour discussing with me what the technical and obligatory requirements of my company would be to host DNS services for a localized sub-domain. I went back to my boss, made the pitch, got approval, and submitted the request less than an hour later. Two weeks go by, I heard nothing. Finally, I called Postel back, inquiring about the status of my request submission and he tells me that, unfortunately, another entity had submitted a request for that locality just prior to my request and that we'd lost out. (sad trombones)

      Only, there was NO WAY that had happened. This area barely had any kind of broadband access beyond dial-up and we were the biggest technology company in a pretty large geographic area and the first to have a direct T-1 connection into the area (partnering with a larger ISP). It was beyond impossible. As I was on the phone with him, I started doing WHOIS searches for other tiny tiny areas around me, and sure enough all of these "villages" were being gobbled up by the same company (who was in Kansas, IIRC). The only explanation was that Postel had "tipped" this company, who was seemingly in the business of picking up localities and then charging $50/ sub-domain for registration, even though the .us rules at the time were to favor local businesses as registrars with the price only to cover costs, and our requests would have had to have been under consideration at the same time which means we should have gotten the nod due to being the local entity. This company had started gobbling up all of the locations around my town, which was the county seat and the largest town in several counties in the area, and it started--according to the IANA records I was pulling--the day I had first called. I accused him of the corruption, and he promptly hung up on me.

      Even a wizard can be corrupted. And ICANN/IANA seems to have been rife with this kind of corruption from the very start.

      • My bet - at hundred to one odds - is that you mentioned it to someone local. Postel didn't need the money, someone else did. You blabbed, not him.

        Of course we'll never know.

      • > Only, there was NO WAY that had happened.

        While I don't want to claim innocence of someone I don't know personally, it's easy for such information to slip. For example, there are the professional cybersquatting companies who make their profit from pre-occupying an unused DNS domain and charging quite extortionate fees to turn that tomain over to the people who want it. And they do this investment essentially for free, because they release the domain within the 3-day return window if no one pays their ex

    • all your TLDs will be assimilated.

    • by Paul Fernhout ( 109597 ) on Friday November 29, 2019 @12:17PM (#59469172) Homepage

      https://en.wikipedia.org/wiki/... [wikipedia.org]
      "Self-dealing is the conduct of a trustee, attorney, corporate officer, or other fiduciary that consists of taking advantage of their position in a transaction and acting in his own interests rather than in the interests of the beneficiaries of the trust, corporate shareholders, or their clients. According to the political scientist Andrew Stark, "[i]n self-dealing, an officeholder's official role allows her to affect one or more of her own personal interests." It is a form of conflict of interest. Self-dealing may involve misappropriation or usurpation of corporate assets or opportunities. Political scientists Ken Kernaghan and John Langford define self-dealing as "a situation where one takes an action in an official capacity which involves dealing with oneself in a private capacity and which confers a benefit on oneself." Examples include "work[ing] for government and us[ing] your official position to secure a contract for a private consulting company you own" or "using your government position to get a summer job for your daughter." Where a fiduciary has engaged in self-dealing, this constitutes a breach of the fiduciary relationship. The principal of that fiduciary (the person to whom duties are owed) may sue and both recover the principal's lost profits and disgorge the fiduciary's wrongful profits. Repeated self-dealing by a private foundation can result in the involuntary termination of its tax-exempt status."

      Is this .org selloff a case of self-dealing?

      See also: https://www.irs.gov/charities-... [irs.gov]

      Although, as I wrote almost twenty years ago, given the post-scarcity potential of modern technology and sharing information through the internet at little incremental cost, most of what many non-profits do these days may be self-dealing if you think deeply about it:
      https://pdfernhout.net/open-le... [pdfernhout.net]
      "Consider this way of looking at the situation. A 501(c)3 non-profit creates a digital work which is potentially of great value to the public and of great value to others who would build on that product. They could put it on the internet at basically zero cost and let everyone have it effectively for free. Or instead, they could restrict access to that work to create an artificial scarcity by requiring people to pay for licenses before accessing the content or making derived works. If they do the latter and require money for access, the non-profit can perhaps create revenue to pay the employees of the non-profit. But since the staff probably participate in the decision making about such licensing (granted, under a board who may be all volunteer), isn't that latter choice still in a way really a form of "self-dealing" -- taking public property (the content) and using it for private gain? From that point of view, perhaps restricting access is not even legal?"

      So, ironically, are many non-profits about to suffer under related logic of rent-seeking through creating artificial scarcity as may fund their own operations (if they create copyrights and patents and then sell them)?

    • by rastos1 ( 601318 )
      I'm glad to hear that so clearly spelled out. Especially after /. discussions arguing that internet governing bodies SHOULD be based in most democratic (and profit-seeking) country in the world.
    • When can we get rid of dns and replace it with an open alternative? We've been needing one for a very long time and while there is plenty to complain about with dns ownership the conversation remains on the existing system and not how to abandon it and leave it behind. This sounds like a good time to try again. Maybe mozilla could lead something, they seem well positioned to do so. Or....?
  • by Qbertino ( 265505 ) <moiraNO@SPAMmodparlor.com> on Friday November 29, 2019 @06:23AM (#59468666)

    ... fix and/or replace DNS.

    Let's move to namecoin or some other distributed thing that no one controlls. Maybe force encryption and/or redo EMail along the way.
    This is overdue.

    • by Chrisq ( 894406 ) on Friday November 29, 2019 @06:50AM (#59468682)

      ... fix and/or replace DNS.

      Let's move to namecoin or some other distributed thing that no one controlls. Maybe force encryption and/or redo EMail along the way. This is overdue.

      This may well happen if organisations are priced out of the domain. The problem is that it needs OS support (though implementation in a browser might be a good interim model) and some sort of control to prevent homograph attacks and support by TLS Certification Authorities to make it work, so it isn't going to happen on a whim.

    • by AHuxley ( 892839 )
      P2P instant sites, created as needed?
    • by Megane ( 129182 ) on Friday November 29, 2019 @08:01AM (#59468756)
      We can't even get IPv6 going after 20 years, and you think we can replace DNS without even a spec on what to replace it with?
    • by brunes69 ( 86786 ) <slashdot@nOSpam.keirstead.org> on Friday November 29, 2019 @08:07AM (#59468766)

      The idea that this is an easy solution is ludicrous, because someone *has* to control DNS, namely, to settle trademark disputes.

      Trademark law is important, to not only companies but also the general public. I want to know that when I visit coke.com, it is actually owned by Coke, not some random person who squatted on the domain.

      • That's how TLS Certificates work, not DNS. DNS doesn't give any guarantee about who owns a domain.
        • by guruevi ( 827432 ) on Friday November 29, 2019 @09:10AM (#59468830)

          Neither do TLS certificates. TLS certificates can only certify the connection between you and the primary endpoint is encrypted to some degree but gives no guarantees on identity or whether they continue to route your traffic over insecure links.

          • Learn more about TLS certificates and get back to us.
            • by jythie ( 914043 )
              Ahm, TLS is no more verified than DNS in terms of actual ownership of the intellectual property associated with the name.
              • It depends upon the certificate type and the trust of the certificate authority. While not all TLS Certificates do so, some can whereas no part of the DNS Specification handles this problem. Your mistake was in assuming I was claiming all TLS Certificates do this ... and not knowing what you are talking about of course.
                • and the trust of the certificate authority.

                  tbh this should probably be set at zero by default

                • by jythie ( 914043 )
                  Thing is, if some do and some do not, while the end user experience does not differentiate between them in a meaningful way, then functionally they do not. Optional verification is not really verification, no matter how fancy the technology behind it is.

                  Thus., TLS is no more verified than DNS.
          • EV certs do, but they are on the way out.

      • What about the guy who's name is Coke and he owns a commercial company? He is just as entitled if not more so, since it is his proper name.
        First come,first server. You don't get a domain on the web just because you're bigger. That's exactly what the free intarweb is all about.

    • by jythie ( 914043 )
      Would that really help any of these issues though? A distributed system just becomes a pure 'first come first serve', so you would likely end up with companies again scooping up names and selling them to people who want to actually use them, but have even less recourse for resolving disputes.
  • I say upgrade so you can have anything.anything. And no one organisation should control it! That would kill their capitalistic desires of exploiting .org.
    • The thing is, the annual fee limits any single party from getting its hand on everything.everything. If everyone.everyone was honest and only grabbed the names.names based on their needs, we wouldn't need an annual fee on anything.anything.

  • Competition (Score:5, Insightful)

    by markdavis ( 642305 ) on Friday November 29, 2019 @07:51AM (#59468744)

    >"5. How did we reach the point of Net pioneers embracing 95% profit margins?"

    By changing it to only 1 part of a free market. What is the proper "profit margin"? If there is nothing set, then it is left wide open, and there is no answer to that question. The answer should be that competition and the market sets it. But if you allow it to be a monopoly (which is what this is) then there is no competition, and there is nothing to check anything, not just profits (bad service, horrible prices, no innovation, bad behavior, bad support, etc).

    To me, there is something truly bizarre in handing over .org, a domain for non-profits, to an essentially unregulated, for-profit company monopoly.

    • Re:Competition (Score:4, Interesting)

      by 93 Escort Wagon ( 326346 ) on Friday November 29, 2019 @10:42AM (#59468980)

      To me, there is something truly bizarre in handing over .org, a domain for non-profits, to an essentially unregulated, for-profit company monopoly.

      You typed this comment on a website whose existence works against your comment. As do several other earlier comments in the thread, where people state they own .org domains for reasons having nothing to do with any not-for-profit status.

      Personally, I’d like to see .org have a very low price (or even free), coupled with some requirement for proof of actual non-profit status plus the revocation of existing .org domains which cannot meet this standard. Otherwise, it should just be treated like any other TLD and registrable by any entity that can process other TLDs. The current situation is rather absurd and ripe for abuse - at both ends.

      • >"Personally, Iâ(TM)d like to see .org have a very low price (or even free), coupled with some requirement for proof of actual non-profit status plus the revocation of existing .org domains which cannot meet this standard."

        I don't disagree with you, at least for company-owned .org domains which are not non-profit. By definition, use of .org for individuals or hobby groups and such, they are not businesses at all, so I wouldn't be in favor of revoking those.

      • by pjt33 ( 739471 )

        Otherwise, it should just be treated like any other TLD and registrable by any entity that can process other TLDs.

        Isn't this already the case? Are you sure you're not confusing registrar with register operator?

      • You typed this comment on a website whose existence works against your comment. As do several other earlier comments in the thread, where people state they own .org domains for reasons having nothing to do with any not-for-profit status.

        Many years ago, I registered a domain name for my family. My choices were .com (no it's not a family business), .net (no, we are not running an ISP) and .org (not entirely appropriate, but the closest).

        The problem is that until .name came along, there wasn't an appropriate T

      • Personally, Iâ(TM)d like to see .org have a very low price (or even free), coupled with some requirement for proof of actual non-profit status plus the revocation of existing .org domains which cannot meet this standard.

        .org is just another TLD, and it always has been. My website is a .org. It's not a nonprofit. It never was. Nobody ever asked me if it was. I just signed up for a .org, and I got one. Granted, I'm not actually charging any money, or even running ads — the closest thing to ads on my site is those little banners across the bottom that used to be common on vanity sites. Since I care little for making my site look newfangled (hell, I'm not even using downloadable fonts) I've kept them around.

    • by shanen ( 462549 )

      Deserves the insightful mod but you forgot to mention "kleptocracy", America's new system of government. Not invented here. But I think Putin has probably come closest to perfecting it.

      In terms of a solution, there is NO reason not to allow for several companies offering competing registration services for ORG domains. There only needs to be an agreed upon standard for resolving the DNS calls.

      However I also see some reasons for allowing for some part of the Internet to be oriented away from profit. In ekron

  • by rastos1 ( 601318 ) on Friday November 29, 2019 @08:08AM (#59468768)

    Vint Cerf said: 'Hard to imagine $60/year would be a deal breaker for even small non-profits.')

    I acquired my domain on 2003. In fact I won some online quiz and the price was domain registration fee for one year. So I got one. I did not want a .com nor any other generic TLD - that made no sense or was not allowed. I also did not want a national domain, because a) it hints where I'm from and b) my country is small and .org is more prestigious to international viewers/contacts than my country's TLD and c) it turned out that .org was one of the cheaper option. I never wanted to do business online. I just wanted to have a homepage (slashdot readers will know that word means) and place where I could publish some articles and code ... and not be at mercy of some hosting or advertisement platform. So I got a .org. Nowadays a .name would be more appropriate but that was not available in 2003. So, no - not all .org owners are nonprofits that will not a blink at raising the price 5-fold.

    • by markdavis ( 642305 ) on Friday November 29, 2019 @08:45AM (#59468804)

      >>" Vint Cerf said: 'Hard to imagine $60/year would be a deal breaker for even small non-profits.')"

      Not much of an imagination, then. As rastos1 posted, many are just a personal domains. But more importantly, there a zillion small groups that aren't businesses at all and not companies- computer groups, volunteer groups, clubs, public services, etc, that had no appropriate TLD other than ".org." And they now have a huge investment of time and mindshare/history in that domain. I own two for exactly that reason- one is a local computer group, and the other is just a name. To try and change those would be very difficult now.

      $60 a year is a lot of money for some individuals or for many groups that don't collect dues , don't raise money, and have no revenue. And while $60 to establish a domain might be reasonable to perform the setup, research, vetting, billing, whatever, there is almost ZERO actual cost involved for a "renewal" or to have it be 10 years instead of 1 year.

    • Same here, with the exception of the "small country" part (I'm a USian)

      And $60/yr is what it costs me for the linode that hosts my stuff. On top of that, over the past 15+ years I've acquired several other domains (including one other .org), all either being used for email, images/doc hosting, some development work, or for demo use for a class I teach every other semester.

  • by jellomizer ( 103300 ) on Friday November 29, 2019 @08:39AM (#59468796)

    Back in the old days .COM Commercial (Usually the easiest to get because nearly any entity could be considered commercial) .EDU Education (To get a .EDU TLD you needed to prove that you were an educational facility) .GOV Government (You needed to be a government institution) .ORG Organization (implied Not-For-Profit Organization)

    Getting non .COM domains normally meant some real validation on who you were and you were what you said you were. However today they mean nothing, and there is little trust behind the TLD anymore. Yes back in the early days. if you saw a .EDU or .ORG you knew you were dealing with a reputable institution, and not a fly by night scam. even .GOV can get sketchy today.

    When TLD became unreliable, we had certification companies that would give you certs that proved who you are. These Certs costed hundreds or thousands of dollars. And actually required evidence that you were who you were. Then Cert Companies made it easier to give out certs so a valid Cert goes out to anyone.

    That leads us to today. Where a typo in a search could lead us to a valid looking site say sladhtot.org vs slashdot.org can lead us to a phishing site, or some other site that may not properly represent what we want to see.

  • by Anonymous Coward on Friday November 29, 2019 @09:35AM (#59468868)

    There is really only one thing that matters in this world, and that's profit. It is the moral obligation of all peoples to generate profit.Not necessarily for themselves though, just in general.

    Being driven by profit is what has lead to huge advances in the quality of life for billions of people. Just look at America. Crime is at an all time low because of for profit prisons, while life expentancy is at an all time high because of for profit hospitals. In places like Canada or Norway, where prison systems and healthcare are considered forms of socialism, crime is rampant and life expectancy is miserable.

    • Should be modded "Funny" since this is sarcasm (look up the actual crime rate and longevity stats for Canada and Norway if you do not realize this).

  • I pay less for every dot-com than I do for each dot-org. Where is my price cap guarantee on dot-com? And let 's not forget the dumpster fire that is Verisign.

    I agree we should use something like Nakamoto Consensus instead of arbitrary monopolies (you too ICANN) but reports of this particular sky falling may be premature.

    • .com has a price cap fixed by ICANN. Verisign always asks for it to be lifted but ICANN hasn't allowed it for the original generics -- precisely because of the size of their established base and different economics and expectations. Lifting the cap on .org with deceptive arguments (first removing caps for new gTLDs, saying that would not apply to old ones, then lifting it on .info and .biz -- and throwing on .org to that discussion at the last minute!) Is the first step towards lifting the cap on all names
  • by oldgraybeard ( 2939809 ) on Friday November 29, 2019 @10:18AM (#59468948)
    the org domains to clients and buy them when I get a domain. @ $60.00 I do not need to keep doing that anymore I do not need them. An Investment firm! yea right, we will be lucky if the prices are as low as $60.00 per year. I am thinking they are dreaming of domain squatter level pricing $1,000(s) will be closer to the truth.

    In reality we need to abandon the DNS name system, let the public deal with that crap in the marketing 1st and only internet. Am thinking I need to start poking around the dark web.

    The dns system has just become a bunch of rich @ ICANN vacationing as work @ seminars all over the world.and those groups getting filthy richer for providing flat cost base services. Do they actually do anything? but charge a fee?

    Just my 2 cents ;)
  • Last I checked, monopolistic behavior was a crime. Even just the attempt.

    Sure... they will "argue" something. All criminals do.

    But fact is: It is a crime for a reason.
    This exact reason, in fact.

    • Unless you declare it your imaginary, err, 'intellectual property'. Then you can steal and gouge on prices all you want. Hell, your victims do not even have to but it. It's enough if they *could have*. ... Maybe 'Ethos' Capital (hah!) should do that! 2019 /. would love it! (Not 2004 /. though.)

    • Last I checked, there are legal monopolies everywhere for this exact sort of thing. Control of a TLD doesn't exactly lend itself to internal competition.
  • This shell company (and that's what it is, clearly) can now take an active role in who is and is not allowed to have a .org domain, according to whatever political agenda they must have. I'll leave you all to consider the overall implications of that.
  • https://savedotorg.org/ [savedotorg.org] has a public letter and a conf call [nten.org] on the topic.
  • I advised one client on a .org to simply go ahead and register for 9 years out - it's not a huge amount of money, and my suspicion about what's going to happen to pricing once the VCs are in control makes $100 now seem like a good plan.
  • 1. Do affected parties have recourse?

    You could file an antitrust complaint, esp. when a handover takes place.

    As an ISOC member you could demand the sacking of Mr. Sullivan.

    2. Other than polite letters, is anything being done? (Maybe: Official complaints have been filed, but don't expect results.)
    3. Georgia Tech's Internet Governance Project has pointed ideas for ICANN. (You can .. join ISOC as a member to take part in future decisions.)

    Run by Milton with his cold war US supremacist mindset.

    4. Has anyone cur

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...