Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Wednesday September 02 2015, @02:00AM   Printer-friendly
from the web-browsers-need-an-avoid-ghetto-setting dept.

Both Reuters and the CNBC are reporting on a study performed by security company Blue Coat that explored the most dangerous top level domains.

[The study] found the most dangerous top-level domains (TLDs) were .zip, .review and .country, while the safest new ones were .london, .tel and .church.

Researchers looked at web requests for more than 15,000 businesses and 75 million users. They found that most of the dangerous domains were used for less than 24 hours, in order to avoid countermeasures, and that most of the domains were used for phishing or delivering some type of malware.

The report puts part of the blame back on the TLD operators who, through ICANN's generic Top-Level Domains (gTLDs) initiative, can become administrators if they can prove that they have the proper infrastructure and pay the $185,000 evaluation fee.

Ideally, TLDs would all be run by security-conscious operators who diligently review new domain name applications, and reject those that don't meet a stringent set of criteria. The reality for many of these new neighborhoods is that this is not happening.

Link to the original study [PDF].


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Touché) by Anonymous Coward on Wednesday September 02 2015, @02:05AM

    by Anonymous Coward on Wednesday September 02 2015, @02:05AM (#231094)

    because i'm a freeloading open source weenie

  • (Score: 2) by GungnirSniper on Wednesday September 02 2015, @02:05AM

    by GungnirSniper (1671) on Wednesday September 02 2015, @02:05AM (#231095) Journal

    Somewhere Ethanol-Fueled is off transferring his bitcoin botnet farms to report back to imnotanalcoholic.church.

    I'm so old domain names with dashes in them look scary still.

    • (Score: 2, Funny) by Anonymous Coward on Wednesday September 02 2015, @02:18AM

      by Anonymous Coward on Wednesday September 02 2015, @02:18AM (#231100)

      Are you kidding? I'm so old domain names that begin with a numeral just look wrong to me. 3com.com always gave me the willies. I'm glad it's gone.

      • (Score: 0) by Anonymous Coward on Wednesday September 02 2015, @02:38AM

        by Anonymous Coward on Wednesday September 02 2015, @02:38AM (#231105)

        3Com corporation is defunct (now part of HP) but the domain name is still registered.

        Domain Name: 3COM.COM
              Registrar: MARKMONITOR INC.
              Sponsoring Registrar IANA ID: 292
              Whois Server: whois.markmonitor.com
              Referral URL: http://www.markmonitor.com [markmonitor.com]
              Name Server: NS1.HP.COM
              Name Server: NS2.HP.COM
              Name Server: NS3.HP.COM
              Name Server: NS4.HP.COM
              Name Server: NS5.HP.COM
              Name Server: NS6.HP.COM
              Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited [icann.org]
              Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited [icann.org]
              Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited [icann.org]
              Updated Date: 08-nov-2014
              Creation Date: 11-dec-1986
              Expiration Date: 10-dec-2015

      • (Score: 0) by Anonymous Coward on Wednesday September 02 2015, @03:10AM

        by Anonymous Coward on Wednesday September 02 2015, @03:10AM (#231112)

        > I'm so old domain names that begin with a numeral just look wrong to me. 3com.com always gave me the willies.

        Ironic since Metcalfe invented ethernet and went on to found 3com to commercialize it (because PARC couldn't get their head out of their butt).

        On the other hand he thought wireless would never take off, that open source was better named "open sores" and that the internet would "collapse." So, kind of a one-hit wonder.

        • (Score: 0) by Anonymous Coward on Wednesday September 02 2015, @04:36AM

          by Anonymous Coward on Wednesday September 02 2015, @04:36AM (#231129)

          Mockapetris wrote the specification for DNS and if you check RFC 882 Appendix 1, you will see that the "preferred syntax of domain names" indicates to start with a letter A-Z. RFC 882 is dated November 1983.

      • (Score: 1) by Francis on Wednesday September 02 2015, @04:47PM

        by Francis (5544) on Wednesday September 02 2015, @04:47PM (#231340)

        I remember going to www.com one time and it took a clearing of the history before I could browse the internet again.

        Certain domain names are abominations and the owners should be burned at the stake.

    • (Score: 2) by hemocyanin on Wednesday September 02 2015, @05:16AM

      by hemocyanin (186) on Wednesday September 02 2015, @05:16AM (#231138) Journal

      Fuck. porn.church is already taken.

  • (Score: 0) by Anonymous Coward on Wednesday September 02 2015, @03:13AM

    by Anonymous Coward on Wednesday September 02 2015, @03:13AM (#231114)

    This is just an advertisement for this company. Who seem kinda shady themselves with respect to names since they call themselves "Blue Coat" and stylize the 'o' to look like a shield in order to visually link them to the blue-cross/blue-shield health insurer.

    Plus they don't actually give a total number of domains in each TLD - so for all we know the ones that are 100% 'shady' have just one domain in them...

  • (Score: 0) by Anonymous Coward on Wednesday September 02 2015, @10:47AM

    by Anonymous Coward on Wednesday September 02 2015, @10:47AM (#231189)

    FTFCO [bluecoat.com]:

    Blue Coat is a leader in enterprise security, providing on-premise, hybrid and cloud-based solutions for protecting web connectivity, combating advanced threats, and responding to security breaches. Blue Coat is the global market leader in securing connection to the web and counts nearly 80 percent of the Global Fortune 500 as its customers. Blue Coat was acquired by Bain Capital in March of 2015.

    In short, Bain Capital found a large portion of their investment came from the owners (and their customers) of the 'safest', and have no use for (or 'disapprove' of or place pressure on, for whatever reason) the 'shady' domains. ('Shady'? Handwavy.)
    Why yes, this does read like a press release.

  • (Score: 3, Insightful) by morgauxo on Wednesday September 02 2015, @03:39PM

    by morgauxo (2082) on Wednesday September 02 2015, @03:39PM (#231304)

    I think they are seriously underestimating the number of scams with .church domains!

  • (Score: 1) by unzombied on Wednesday September 02 2015, @06:39PM

    by unzombied (4572) on Wednesday September 02 2015, @06:39PM (#231385)

    Maybe .church rates better than you'd guess from this 2011 Symantec study [symantec.com] (PDF), which says religious web sites are worse than porn for delivering malware.