Re: ICANN Approves Non-Latin Domain Name Characters

[Rich Kulawiec <rsk () gsp org>]

On Mon, Nov 02, 2009 at 12:49:52PM +0000, Florian Weimer wrote:
> * Rich Kulawiec:
>
> > So of course they're in favor of .mobi and .info and .pro and
> > as many more variations as possible, because every time another
> > one is launched, they get to do this all over again.
>
> But this whole thing only works if new TLDs are relatively rare.  If
> they aren't, the whole scheme breaks down.

I don't see that at all.  If 100 random gTLDs were created tomorrow,
then abusers would try to do the same trick in every single one of them.
There's no reason for them not to: it's cheap (especially if they're
running a registrar or have a deal with one), it's easy, and they only
need to succeed a fraction of the time for it to pay off.  And *of course*
the registrars will fall all over themselves to accomodate them: all they
care about is their profits, absolutely nothing else.

This is why I permanently blacklisted .info a long time ago, and consider
it a best current practice in anti-spam engineering.  The FP rate is far
below that of costly, inferior and obsolete methods like content scanning.
(And yes, of course it's always possible to whitelist for the poor chumps
who wasted money on .info domains.) Same for .mobi, same for .pro, same
for others: blacklist and forget.

---Rsk

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.