Damien Allen: Good afternoon, and welcome to Cybersquatting Law Radio. My name is Damien Allen, and today joining me on the phone is John Yunker of
Byte Level Research. John authored the first book devoted to the emerging filed of web globalization called “
Beyond Borders: Web Globalization Strategies”. Welcome to the program, John.
John Yunker: Thank you, Damien. Glad to be here.
Damien Allen: It’s a pleasure to have you today, sir. You recently did a blog on the most dangerous country code top level domains, and that’s what we’re discussing today. John, what are the world’s most dangerous country code top level domains and why?
John Yunker: Well, first off, I’ll just give you the top five, and I should preface this by saying this is based on a report that the security software company, McAfee, does every year for the past three years, and what they do is they go and scan a number of the world’s URLs and domains and look for malware and phishing sites and spam and sites that are phishing websites, all the nasty sites out there, all the nasty domains, and then they weigh it and they compile a list of bad and good country codes. Actually, it’s broader than that, but here are the top five most dangerous country codes. Then Number One most dangerous is Cameroon. That’s .cm, and I can explain why that is, but I’ll just go down the list first. Number Two is China, .cn. Number Three is Samoa, .ws. Then Philippines, .ph. Then the former Soviet Union, .su.
Damien Allen: What makes them so problematic?
John Yunker: Well, Cameroon is an interesting one. It is, .cm, you can easily, in fact I’ve done this many times myself if I’m in a rush to enter a URL, I will leave out the “o” in .com, and I’ll end up at .cm. If anyone has done that, they might have encountered a website that’s waiting for them at that address. There are three main criteria. Obviously, that one is uniquely suited for bad guys, but this to also happen, every country code is managed by it’s respective country. Some countries make it easier for individuals or companies to register domains. There are really three criteria that come into play in terms of why one’s domain might be more susceptible than others, and obviously price is one of the key drivers. If it’s very cheap to register a country code, it’s going to be attractive to phishers than other country codes. Also, lack of regulation by the registrar, the company that provides that domain to you. Finally, the ability to register these domains in bulk, because often they’ll register thousands of domain names at a time under a .cm. Cameroon is definitely one of those domains where that’s possible. China is Number Two, and China, I would say, is probably, next year, I would guess that China is going to drop out of the Top Five, and I don’t know if anyone’s been following the news, but over the past year, China’s really cracked down on .cn, and they said it’s because of pornography, but it’s pretty well known in the industry that there’s a lot of phishing going on as well. There’s also a human rights angle to that. There’s been concerns that they’re also cracking down because there’s a lot of people posting blogs and trying to say things that might be critical of the government. There’s a lot of angles to that, but I would suspect that next year .cn becomes a little bit more stable. I mean, at the end of the day, what’s driving it, you know, ultimately every registrar’s responsible for who it registers domain names to, and it’s their responsibility to kick off the bad guys if they get a report that there is somebody up to no good, and some registrars are more vigilant than others.
Damien Allen: Is there anything in effect that helps level the playing field and gives a solid list of rules that the registrar should follows?
John Yunker: The parent, if you will, and it’s not a true parent-child relationship, but
ICANN is the regulating body. It’s an international body that regulates all domains, that would go for .com as well as the country code, top level domains. I think what’s important too, my blog post just focused on the country code domains, but according to McAfee’s Report, .com also rates very highly for having a lot of phishing websites, as well as sites that send spam. It’s not just a matter of worrying about certain countries. It’s also a matter, it could be .com as well, and also a country specific domain may not actually, the organization that sends out all that nasty email may not be based in China or Cameroon. In many cases they most definitely are not based in Cameroon. They’re just registering it and using that. They might host that site elsewhere. But in terms of leveling the playing field, there is definitely rules that every registry, which is the parent, every country has a registry that is generally a government organization that’s in charge of that country, so they in turn license out the ability to sell that country code to registrars. It’s their responsibility to police it to some extent, and in fact, ICANN will step in and they do this with regularity. They will actually kick out registrars if they find that these folks have not been living up to their Code of Conduct. You know, it’s a cat and mouse game obviously. It’s impossible to police everyone at all times. It’s kind of a … there’s an interesting dynamic here as well because on one hand, you’d want to make domains affordable enough that anyone can be able to register and have their own website, but the more affordable you make it, the more open you make it, you also make it a little easier for folks that are not going to use these domains for good causes. It’s kind of a catch 22. I can give you the top five safest country codes, and Japan is one of the safest, actually the safest according to McAfee, and if anyone’s tried to register .jp, it’s quite expensive. In fact, you actually have to have an office or physical location, physical address, to register it in. That’s the trade off for having a really, really safe country code sometimes is creating some very high hurdles for actually registering the domain.
Damien Allen: Now besides the government agencies that own these country codes, policing internally, and ICANN policing over the top with complaints and such, are there any other things that can be done to address these problems?
John Yunker: I think it’s important to definitely, as you come across these domains, you can obviously raise it to ICANN directly. They need to be made aware. The registries need to be made aware. As individuals, that’s what we can do. And they are aware. It is a tough thing to manage, and some countries do view these country codes as revenue strands, and they can make a good amount of money. You’re effectively asking these countries to make less money. It’s kind of a challenging situation, and ICANN is not actually … ICANN can revoke a license. ICANN has a great deal of power, but it’s a non-governmental entity now and it is an international organization, so they use a little bit of carrot and a little bit of stick. Many people will say they have a long ways to go, and I will agree. With some of these domains, they absolutely do, but I think they are trying to, I know they’re making progress. I don’t know if they are moving quickly enough to stay ahead of all the bad guys.
Damien Allen: Is technology helping to deal with the phishing scams and stuff like that that’s being generated by the CC TDLs?
John Yunker: The technology is helping. If you look at what Microsoft is doing with Internet Explorer, they have something called
Smart Screen, which actually if you opt into it, you have to opt into, but if you do, it will actually warn you. If you click on a link that they’ve determined could be dangerous, they will actually give you a warning page ahead of time. Google actually does the same thing through
Google Chrome. These are two instances of companies actually stepping in because they also are able to scan all these domains and filter out the bad ones and protect you. Technology absolutely can play a role. In the case of Google and Microsoft, they probably have a much greater role to play in the years ahead, and to what extent they can work more closely with ICANN and the registries, there could be potentially create a much safer internet.
Damien Allen: Now we’re looking at the coming of IDNs or Internationalized Domain Names. What’s this going to mean when added to the mix?
John Yunker: Well, it’s going to be interesting. This year, 2010, we could actually see some of these IDNs go live, and IDN basically is a non-Latin based top level domain, so you would have, for example China, instead of .cn, you’d have two Chinese characters. That would allow these countries to support URLs in the native scripts, native languages of their users, of their citizens, which is a very positive thing, but clearly there’s a lot of concern that potentially more dangerous websites that could be perpetrated because right now you could conceivably, the thinking goes if you click on a link that’s in Chinese characters or Arabic, you’re potentially at more risk. I think there’s going to be a lot of hype about that. Personally, I don’t think that there’s necessarily any risk here because some of the riskiest sites are based purely on Latin characters, ASCII characters that look safe. You know, you could have PayPalsafe.com as the URL, and the user might very well think that’s a safe website, or PayPal.com/safe or something that’s created to look that way that they click on. Of course, .cm, the Cameroon, is something that doesn’t use non-Latin characters as well. It can be quite effective in taking people to the wrong website. I don’t think it will be any more, any greater risk. I think the risk is here. We’ve seen the enemy, and they constantly change tactics. We need a combination of technology, as well as regulation, and more importantly enforcement of that regulation, to help stay ahead of that. I think we are making progress. I think ICANN is more engaged now than they have been in years past. It’s going to be interesting. I think it’s also healthy to have these surveys done like McAfee’s doing because it just makes everyone aware that these domains are out there and you just have to be vigilant when you surf the web. It’s just a fact of living in the modern age.
Damien Allen: Any advice for those of us traversing the net with all these new codes coming in and all these new domains? What should a person be doing to make their experience and their use of the web safer?
John Yunker: Well, I can tell you I’ve fallen victim to phishing myself, and I spend my days studying these country codes and what not. I can tell you these scams are very sophisticated. If you just wake up one morning and you’re half awake and you click on a link in the Inbox, that to me is one of the most dangerous things you can do. What I always tell people is don’t click on links in emails. If you get an email from your bank and you think it’s from your bank, don’t click on the link. Actually go directly to your browser and input the URL directly. That is by far the safest way to go. Use the current browsers so you’re not using legacy browsers that don’t have all the security features built in. Just be very careful. Use good passwords. Don’t use one password across all of your bank accounts, all of your website accounts. Just be very vigilant.
Damien Allen: Thank you very much for joining us today, John.
John Yunker: Well, thank you, Damien.
Damien Allen: You’ve been listening to Cybersquatting Law Radio. My name is Damien Allen. Everybody have a good afternoon.
Announcer: This netcast is powered by Vertio.net. Vertio.net. Optimizing your brand and web presence worldwide. Vertio.net. Be heard, be seen, be found.
Great blog, a very interesting read. It's weird thinking about certain domains being "dangerous". A brave new world!
Posted by: Dave | 2010.04.14 at 04:49 PM