354 comments

[ 4.7 ms ] story [ 293 ms ] thread
Again why does ISOC feel they have to do this? Are they starved for funding? This sale directly contravenes several of the founding ideals of the Internet.
Why did it happen entirely behind closed doors? No way they got this deal together just after price caps were removed. Was this orchestrated beforehand? Domain registrations for Ethos Capital pre-date the change and timing coincides with proposed contract change to remove price caps.

What does Andrew Sullivan get for this move? Is Jon Nevett connected as well considering his ties to Donuts which is connected to Abry Partners which was managed by now Ethos Capital CEO?

So many questions, all this happening in shadows means we shouldn't give any benefit of the doubt.

People. We are losing the Internet that we all love and care for so deeply. We all need to rise up to fight for the freedom the Internet gives us.
This is essentially a hijacking of the DNS as far as I’m concerned. The sale of .org is heinous; And I’m an unabashed capitalist.

There is absolutely nothing defensible about this move that I can see.

Is there any argument that this is beneficial to anyone except Ethos and Internet Society? Is it even clear they have the right to sell it?

Has every person at ISOC submitted conflict statements? Are they willing to commit to never benefit financially from Ethos controlled entities for 10+ years?

> The sale of .org is heinous; And I’m an unabashed capitalist.

It's fascist, if anything.

The system was built by governments and government organizations. It is operated (milked) by the private sector.

There are hundreds of crypto currencies. Each works well for someone, some work great for many. All are private. A capitalist DNS system could work without state interference.

"This is essentially a hijacking of the DNS as far as I'm concerned."

At the last NANOG, the keynote speaker described three instances where companies have "hijacted" the DNS.

https://blog.apnic.net/2019/11/04/dns-wars/

The first "hijack" was Versisign wildcarding unregistered .com and .net domains (https://en.wikipedia.org/wiki/Site_Finder). The second was OpenDNS redirecting Google searches to an OpenDNS proxy (http://web.archive.org/web/20120518025819/http://www.opendns...).[1] The third is the EDNS client subnet extension.[2]

1. Acording to the keynote this led to the creation of Google Public DNS "within 45 days".

2. If I am not mistaken, OpenDNS was an early proponent of EDNS client subnet adoption.

The entire domain system is a racket.
It always astounded me that for the longest time until only recently, you were expected to pay additional money, more than the domain cost itself, for HTTPS security (and if you wanted a wildcard certificate, substantially more money.)

I guess when the gTLD explosion didn't result in massive new profits for the new TLDs (some are $100+/year!), the powers that be decided to focus on existing TLDs instead where there's extensive decades-long lock-in effects at play. No one needed company-name.ninja, but good luck giving up your company-name.org to a squatter or worse, your competition.

How much does it actually cost to run a TLD?

Even with the usual governmental bureaucracy overhead I bet it’s be a rounding error. Seems a good fit for something like the UN to take over.

No! I agree with you that it seems like it should be cheap but imagine the UN ran it. China would veto ".tw" as just one example of the many problems with government type entity in charge.
Now China can simply buy Ethos Capital and run it. It's way cheaper than the UN.
I'm not arguing having Ethos Capital is good. I'm arguing the UN running it is not a solution. (nor any likely government body for that matter who will likely take down any organization they don't agree with)
A couple additional things: EFF blog post on the topic: https://www.eff.org/deeplinks/2019/11/nonprofit-community-st...

Here's the initial letter being sent from EFF & others to ICANN and the Internet Society: https://www.eff.org/document/coalition-letter-sale-public-in...

(Disclaimer: I work for the Internet Archive, and we are one of the initial signatories to this letter.)

Has the broader group thought about just buying their own tld?

With a better governance model.

Would it matter? You're already locked into years, maybe decades, of brand building. You'd still need to redirect your old .org indefinitely.

.ORG should be properly managed and regulated, we shouldn't need to attempt to rebuild something because ICANN is corrupt and Internet Society is selling out non profits they promised to serve.

Not just brand building. How many accounts are linked to your email, and how many of us have had that email on a .org for 10, 20, even 30 years in some cases.

Do you even know how many accounts have that email address as either the primary, or backup/recovery email?

An email address is central to identity management these days.

Lose a long established domain, and you might lose access to most of your other internet accounts, especially the ones you don't use every day and are hard to remember.

This feels unreal! How is this even happening? Domains are more like the airwaves than a commercial product. How can they do this??
Just wait until you see what they have planned for the airwaves next!
TBH I’d be happy for the (AM/FM radio) airwaves to be privatized if it meant getting rid of the absurd, antiquated rules about not being able to say certain words in song lyrics.
That shouldn’t be necessary though, better regulation of a limited resource is preferable to no regulation.
That problem is microscopic compared to the problems you would invite.

Bad at math.

Anyone freely interfering at high power would be dangerous for everyone.
It doesn't actually mean that. Look at censorship that Facebook implements for an example of what you can expect. Sure, there might be some obscure stations that wouldn't have such rules... and nobody would know about them.
Lots of distros are in .org aren't they? I see Arch, Debian, Gentoo, Fedora, Centos, OpenSuse, Raspbian, Damn Small Linux, Linux From Scratch, NixOS, Guix, OpenWRT, PfSense, FreeBSD, OpenBSD, NetBSD, OpenSolaris, Illumos, and probably lots, lots more.

GNU is also on .org.

Also languages, at least Python, Ruby, Haskell, Rust, Go, Clojure, Racket, Zsh, etc.

.org seems to be the go-to TLD for open source projects.

".org" is almost the standard for all community projects, there will be huge impact if the management went wrong.
What will be the impact?
I run a tiny carpooling site (not for profit) snowpool.org . If they turned around and upped the fees to 3K a year or something, it would basically force me to shut the service down.

This is an incredibly awful move, I'm completely astounded that it was allowed to happen.

if there's money to doing something, it will happen.

Why not just move to a different domain, and while your old one is still "cheap", do a redirect etc?

Because I've built up a presence over 10 years of running the site, so, I'm not just about to move! It'd be a huge pain to move probably hundreds of email addresses over to a new domain etc too (I sign up with [domain]@snowpool.org)

It completely depends on what they do, I've renewed for 10 years so I have time now, if they put the fees to >500 a year then I'll definitely move.

Do you own a domain yourself that people have been using for 10 years? You might feel differently about the ease of "just moving"

Projects losing their ability to run their existing site because money, losing it to <whatever> and significantly losing in visibility e.g. python.org or freebsd.org now advertising spyware or some shit with the historical ranking of a trusted and respected source.

Or these project having to plonk a significant amount of money in paying for their domains rather than <insert thing which is actually useful>.

Serious question, what are the actual downsides of this, if any? Or is the backlash due to the "private equity" being associated with evil? Doesn't seem like anything is actually changing other than who issues .org?
Evil or not, Private equity by definition is focused on maximizing profit.

You can do the math.

Serious question, did you even read the page? Specifically, the part where it makes specific complaints about the 2019 .org registry agreement, such as the ability to raise registration fees without ICANN approval?
So it goes up by $1 or $15, how does that hurt non-profits? They aren't going to out price other TLDs, the market isn't that elastic.
If you have already owned your .org, have used it in publicity materials, use it for all of your emails etc. then yes you are pretty much stuck with that domain no matter how much they jack up the price. So the domain is inelastic, that is a change in price will not significantly change demand for those who already own them.
Exactly. As a community, we have routinely given the advice to “own your identity” by buying a domain. Since most of the good com domains are long bought, someone newer to the internet is likely to have looked at org. If someone took us up on our advice in, say, 2014 that means that he or she has had a domain for five years. Five years to integrate that into a life in various ways, remembered or not. And now, that thing could cost $75/year with no recourse.

Then there are people like me. My org domain is so old it can legally drink and soon be able to run for Congress. What is it worth to me? $200/year? $500? $1,000? I don’t know and it sucks to have to consider yet another astoundingly high cost of “living” in a world that keeps going up in cost.

> So it goes up by $1 or $15, how does that hurt non-profits?

In the aggregate, that's many, many millions of dollars going into Ethos Capital's pockets at the expense of charities and other non-profit organizations.

Who says it stops at $15, too?

It doesn’t have to be fair.

They could charge x.org $15 and y.org $150,000.

Registry can set prices for individual domains as well (see what Donut is doing). This means that a new domain could be priced $1, and renewal of WordPress.org set to $50, and npr.org to $50 million. What are you gonna do? Change your domain to something else? Yeah good luck.
We can expect every .org owner, most of them non-profits and many not well-funded, to be squeezed and then shaken down for money. Not tomorrow, but it will start as soon as they think they can get away with it.
Challenging to imagine any potential downsides of granting the management of a commons devoted to nonprofits to a profit-driven monopoly.
Uncapped fees that can be raised arbitrarily.

The few other types this happened, it has resulted in exorbitant prices across the board.

It costs like 3$/year (or less probably) to register a domain name. But once you build your brand/website/etc you are tied to your domain name, which is tied to that registry.

This gives the registry huge leverage over you. That 3$ that it actually costs them to run it can increase to whatever price they think you will be willing to pay and you can't not pay it...you would lose your spot and identity on the internet. Its not like with registrars, like godaddy, ghandi, bluehost, etc... that you can switch between in like 24 hrs.

IIRC .orgs were price controlled, so the price couldn't rise, but with this takeover, the price controls have gone away.

PIR currently charges registrars about $9/year per domain, with registrars allowed to mark that up however much they want without restrictions-- AFAIK neither the "wholesale" price nor the actual price from registrars is currently price controlled by ICANN.

Regardless, I don't see how moving .org's operations from a non-profit (PIR) to a private equity firm benefits anyone, except the owners of said private equity firm. You're basically taking something that could operate at-cost and giving it a mandate to turn a profit-- the only way that happens is if prices go up. Likely a lot.

> AFAIK neither the "wholesale" price nor the actual price from registrars is currently price controlled by ICANN.

Important point: just before this rigged bid went through, ICANN conveniently decided to remove the price cap for .org registry prices.

PIR is already a rent-seeking organization designed to fund Internet Society. They don't actually handle the registry at all. It's outsourced, they put it out to bid. If you look at financials, they are paying <$2/domain.

Yes, ICANN granted a monopoly to ISOC in the form of PIR, who have been allowed to increase prices consistently for years but at a capped rate. And they wanted more. As costs have gone down.

Then everyone at ICANN talks about not being a price regulator and free markets. Ignoring the fact it's a monopoly, and not one ISOC/PIR played any role in creating, it was a gift from ICANN. A perpetual, no bid, contract with ever increasing prices on a decreasing cost monopoly good.

This is an example of rent-seeking.
I haven't read the 2019 rules, but if the letter is to be believed, the new rule creates:

> The power to implement processes to suspend domain names based on accusations of “activity contrary to applicable law.” The .ORG registry should not implement such processes without understanding how state actors frequently target NGOs with allegations of illegal activity.

Under the previous rules, the registry level could (more or less) resist being bullied into taking down a domain due to government pressure, though the government could implement a firewall and threaten other service providers. Now, though, a large country could say "we will block .org domains, or .org DNS resolutions, if you don't suspend an activist organization's domain globally," and there would then be a PROFIT MOTIVE to take down the domain GLOBALLY, as the value of the registrar would decrease if .org domains were blocked in that country. And this would be permitted by the 2019 rules. This gives censors tremendous leverage to implement censorship around the globe.

I'm all for the role of private equity in helping companies to grow - while there are certainly firms that operate in bad faith, the PE industry overall doesn't deserve the bad rap it gets in the media.

But IMO this sale should absolutely be disallowed from a humanitarian and international security perspective. The incentives are just too badly aligned.

"issues" == "controls".

The worldwide non-commercial Internet being controlled by an unaccountable private corporation is evil on its face. Burden is on someone to prove otherwise.

I've been thinking a lot about the sheer downsides of DNS overall. We need something different. Something decentralized, encrypted, something not reliant on a protocol that hasn't kept pace with security and privacy and we need something verifiable that provides accountability. As others have said TLDs have become a racket. Only the priveleged and nation states have the authority to use the system as a funnel of ridiculous revenue and rate manipulation. We don't need DNS anymore. It's become more of a lynchpin to bottleneck and advance control of the few and continues to erode our privacy as it stands today. What's next?
The problem is that DNS powers the internet as we know it, getting everything ever to switch over is at least another 30 years after you make a protocol (that would also need to have literally no downsides).
Not sure I agree. If FF & Chrome both supported it...it'd be in effect in < 5 years total.

Just look how quickly DoH is being rolled out, or Google's QUIC.

Realistically if Google, Mozilla, Cloudflare, Apple, Microsoft, and a few others agree that this move is bad, and wanted to stand up a new .org TLD...they could, and I don't believe it'd be illegal (IANAL).

Web is only small part of internet
Yes, but most of the internet is exposed to users via the web anyways. OSs would need to follow suit, sure — to make everything that’s not a browser work so that the alternative lookup mechanism is used instead of traditional DNS. How long do you think that would take? Not too long methinks.
We don't want DNS anymore, but we don't have a replacement. It's the same as Facebook->Diaspora, Twitter->Mastodon. The non-centralized versions are too hard to deploy to all the non-techies out there, despite being the "morally" correct architecture.
The only thing wrong with DNS is that we entrust it to a corrupt government. It's time another country step in and take control and replace ICANN.
> It's time another country step in and take control

What's to stop them from being just as corrupt? It's too much for any one country to have control over. It'd be far better to come up with a way to take the power out of the hands of any one entity so that we don't have to keep moving it around when the people holding all the power are inevitably corrupted by it.

Abandoning the whole idea of gTLDs and using only ccTLDs kinda accomplishes that, each country would control only their part.
ICANN is a non-profit organization, not a government entity.
I can't speak for Diaspora, but Mastodon isn't any harder to use than Twitter. It's mostly network effects that keep people there.
Namecoin did this, and I think there are similar efforts on Ethereum, but it turns out that the tyranny of the installed base is a real thing.
If you decentralize, you don't end up with something equivalent to "the internet" anymore -- you end up with several islands of things that (to varying degrees) resemble "the internet", and run on the same layer 4 fabric, but are largely isolated from one another.

I think we actually experience a mild version of this today, where entities publish their all their Twitter/Facebook/Instagram/Snapchat/Whatsapp/Linkedin etc profiles.

I can't help but see whatever this distributed DNS replacement is as basically being this situation but without the backstop of globally-accessible websites and e-mail addresses. You should have no doubt that, for example, Facebook would make a "the internet" which was 100% Facebook-operated sites.

Islands already exist, with national firewalls, corporate networks, dark nets, etc. Decentralization of DNS would just take middlemen out of the picture. A dominant decentralized system would probably handle most requests if one were to ever get off the ground, making it equivalent to what we have now.
Why?

DNS worked just fine with nonprofits and government entities who weren’t leeches.

But it no longer works fine. If there is money or power in something, it will inevitably get corrupted if it can be centralized or captured.
Why? Because even you are using the past tense. The genie is out of the bottle.
Because centralized power run by people gets corrupted and bogged down by special interests.
> Islands already exist, with national firewalls, corporate networks, dark nets

And you don't see companies posting their addresses on those things. They still advertise "example.org" not "if you're in {county} use {county-specific address}, or on Tor use {onion address} or using {decentralized DNS} use example.com".

> A dominant decentralized system

How does this result in a different situation then the "centralized" DNS we have today?

> How does this result in a different situation then the "centralized" DNS we have today?

If, for instance, the DNS entries were tied to entries in a blockchain, such as namecoin, then no 3rd party would be involved in a transaction to transfer the domain, no annual fees would be required, and no one could block or remove an entry.

> You should have no doubt that, for example, Facebook would make a "the internet" which was 100% Facebook-operated sites.

AOL already tried that back when they were still sending floppies through the mail. They were the largest ISP on earth and couldn't keep people in their little walled off corner of the internet. I don't think anyone else is going to be more successful.

They were probably more successful than you'd like to acknowledge. And the modern companies do have a fair bit more power.
They might not have been able to keep people there forever, sure. But their walled garden was “the internet” to a major chunk of people in the US for quite a long time.

Remember when TV commercials would tell you a company’s AOL keyword?

Yeah, that was around the time the internet wasn’t even relevant to the majority of the first world population. Trying to make comparisons to how it might look today is pointless.

At AOLs peak, it had about 35 million subscribers. Comcast alone has nearly that many.

Or when people would tell you their ICANN domain?
Looks likes you’re wanting the decentralized web [0][1][2].

The DNS equivalent technology there is DHT(distributed hash tables) [3] which was used in torrent technology for a few years. Ever wondered about how you can find the torrent seeders without a centralized entity? The Bittorrent DHT is the underlying tech.

[0] https://ipfs.io/

[1] https://dat.foundation/

[2] https://www.scuttlebutt.nz/

[3] https://en.wikipedia.org/wiki/Distributed_hash_table

> Ever wondered about how you can find the torrent seeders without a centralized entity? The Bittorrent DHT is the underlying tech.

The Bittorrent DHT is not fully decentralized, it needs a list of hardcoded bootstrap nodes. https://stackoverflow.com/questions/1181301/how-does-a-dht-i...

Which can easily be changed. The bootstrap nodes don’t hold any special power.
Well, it's for ease-of-use. Anyone can make an alternative DHT with their own bootstrap nodes, but the Bittorrent main one is the biggest, therefore most programs have that one hard-coded.

Anyone can make an alternative client that uses the exactly same tech with different bootstrap nodes, and once they gain popularity, there will be people using that.

Democratic, I would say.

Yes, sort of. That's one way to get peers, but clients support other ways to peers.

So in practice you can get peers from the list of previous peers, PEX (peer exchange), or a tracker for a given torrent.

So in practice once you talk to a few bittorrent peers (of millions) you likely are talking to another DHT peer and can bootstrap. Also given that there's typically millions of peers in the DHT, even brute forcing it by search IPv4 (4 billion addresses) for a few million peers is likely to only involve a few 1000 UDP packets or so.

GNS from the GNUnet project is the most interesting alternative to DNS that I've come across, and is orthogonal to projects like IPFS and Scuttlebutt (although I don't know much about Dat). It's basically DNS with DHT and some very cool crypto.

https://gnunet.org/en/video.html

I'm not convinced we are talking about a decentralization issue.

We could achieve the same result with laws. Just make what is happening illegal, corruption is already illegal.

Furthermore, decentralization won't solve the basic economy rules of offer/demand. Even with a decentralized system, website will still be referenced by natural words ("domains"), which can be owned by only one site-owner at a time, which means there will always be people ready to spent a lot of money to acquire a domain/reference.

I'm for decentralization in general, but in the current case I fail to see how decentralization alone will make domain owning fairer

In this particular case, the problem is not that individual domains can be traded at market prices though.

The problem is that organisations have to rent their domains from a central authority that can hike the rent for an entire TLD to some fantasy price.

So the hierarchical structure of DNS is clearly what creates an opportunity for corruption and extortion.

And let's not forget that DNS is ultimately a global issue, which means that the rule of law cannot be taken for granted.

Laws have to be part of the solution. But it's easier to legislate effectively if the underlying structure doesn't invite corruption, authoritarian abuse and market dysfunction in the first place.

> And let's not forget that DNS is ultimately a global issue, which means that the rule of law cannot be taken for granted.

I think this strongly points towards ccTLDs being the best solution. It is very difficult to get all the different countries to agree on common rules/governance for the legacy TLDs, but if everyone gets their own independent corner then that should be easier to get agreements on.

Dividing the control by country also conveniently avoids any single one being able to cause as much damage as ICANN now is.

I think ccTLDs don't work so well in a globalised world. Many internet services are not country specific, and ccTLDs sort of put you in the local business category.
> Many internet services are not country specific

The companies and/or owners of those services do operate under a certain legal aegis, though. It’s not like they are stateless.

I just happened to read the text on a food product; it had text in three languages, and the www.* domains listed in the three texts were in the ccTLD for each country. No .com was mentioned anywhere.

Domain names should never change and be easy to remember whereas legal ties to countries are often complex (i.e not 1 to 1) and subject to change.

Should I really have to remember going to apple.ie because that's where the Apple shop happens to be legally based at the moment? Or should it be apple.eu because consumer protection is an EU matter? Or apple.us because that's where Apple's headquarter is located?

And when a company gets sold to a different country, should all their URLs have to change?

Multinational companies should be the exception, not the rule. “Designed by Apple in California”; will Apple ever stop being a U.S. company? Why would “apple.us” not be appropriate?

A company is an entirely legal construction, and, as such, is entirely bound to the laws of a certain country.

It is amusing that you believe government would stop corruption.

History proves that to be false

Further "just make it illegal" under which nations laws? That was the problem ICANN was suppose to solve, no one wanted the internet to be operated under the Laws of the US, which is why in 2016 the US removed itself from Internet Governance.

So do we put the Internet under the laws of China? or the EU both of which have Free Expression issues....

Which nation? or maybe the UN which has Dictators and human rights abusers in positions of power...

Decentralization is far far far better than looking to a government resolution

All these Ethereum/Namecoin/Whatever solutions aren't really solutions. They're subject to namesquatting, arbitrary prices, arbitrary decisions regarding TLDs and they end up being centralized in the end for various reasons.

I think a good solution is to switch to using petnames instead of global names.

https://www.schneier.com/blog/archives/2006/02/petnames.html

Some further background on what happened. I don't see how this can be interpreted as anything other than corruption, plain and simple.

https://www.theregister.co.uk/2019/11/20/org_registry_sale_s...

"Former ICANN CEO Fadi Chehade personally registered the domain name currently used by Ethos Capital in May and it was registered as a limited company in the US state of Delaware on May 14. That date is significant because it is one day after ICANN indicated it was planning to approve the lifting of price caps through its public comment summary.

As such it appears that the plan to purchase the .org registry was predicated on the price caps going ahead and that those behind the deal had intricate knowledge of ICANN’s internal processes."

The whole deal smells of self dealing, why was Ethos Capital selected to buy the .org registry versus an open bidding process?
Posting from a throwaway account.

I worked at one of the main TLDs for years and was on one of the ICANN boards and got to know the industry well.

It is well know amongst the domain name community that ICANN is a poorly run organization, whose directors have in recent years have used their position of leadership to lead decisions from which they are afterwards benefiting themselves economically, in many cases by rushing decisions such as in these case.

Peter Dengate Thrush was famous for pushing for the new domain extensions (.anything) as chief executive of ICANN and quitting a month later to become the CEO for a company that was the main bidder for a large number of extensions. Fadi Chehade is doing the same with .ORG by lifting the price cap on the prices of an established domain name and then gobbling up the company that sells those domains.

Sadly, ICANN has little oversight and since its kind of in the air and doesn’t report to anyone, the directors get away with what would be legally considered corruption in most of the world. The fact that the internet community and most Internet companies have never care about it makes doesn’t help, since a lot or times the “multistakeholder” model that they claim to use in reality doesn’t work.

Ultimately, this is why the DNS and domain name industry feels so shady in general and why for most companies getting a name on the internet is a tortuous process that feels very scammy, which is unfair and costs more than it probably should. But so far we don’t have any good alternatives to the current system.

ICANN having little oversights is not an accident. It’s corrupt current and past leaders have ensured that. This organization is supposed to be non-profit international organization. If you ask me “who controls Internet”? it’s these guys. They have managed to convert ICANN into a perpetual personal wealth fund for friends and families.
The writing was on the wall when the board decided they weren't getting what they wanted from the at-large constituency & direct elections and shut them down, in doing so completely blowing off the Memorandum of Understanding. It's a bit surprising that it's taken so long to hit .org directly, it's a really obvious target if you want to find ways to turn an ICANN position into cash.

Full disclosure, I was one of those at-large members and they made it very clear that we weren't being good little peons.

To me, this seems like a good case for government intervention. Domain names are critical infrastructure at this point.
Which government? Critical to whom?
It possibly fits within the portfolio of the ITU (although I guess the UN is intergovernmental, rather than a government).
That has been proposed for as long as I can remember. The result would be that dictatorships and authoritarian governments control the internet, because they make up the majority in the ITU. I don't think we want that.
Can you explain this a bit more? Afaik the ITU does a good if boring job. I can phone about anybody in the world. The system works.

Now ICANN? They seem a bad choice, as this story demonstrates. Tolerable as long as the internet wasnt very important, but today, a UN international body seems the obvious choice.

They would only control the assignment of TLDs, whereas all the stuff that's actually interesting from a censorship perspective happens on much lower levels than that.

For example, ITU also controls country code assignment for phone numbers. Does that translate to any meaningful capacity to censor? So far as I know, the only practical restriction that comes out of it is that unrecognized states don't get one assigned, but that's also generally true with TLDs.

No, Hell no. The UN should not be involved in the Running of the Internet. That would be worse than ICANN by far
Each one for its ccTLD. I don't think anything can be done about generic TLD without a democratic world government.
How is it “in the air”? It is a non-profit registered in California.
It may be useful to note that the US government transferred control of DNS to ICANN in September 2016. I searched HN, and this seems to be the biggest thread from back then: https://news.ycombinator.com/item?id=12612033

At the time, consensus in the media seemed to be that this would have little effect. However, the debate was quite politicized, as the transfer to ICANN occurred towards the end of the Obama administration, with fruitless opposition from high-profile Republicans.

>>consensus in the media

There is a reason for this, the American media is laregly Anti-American today. They believe in idea of "American Imperialism" and that America is the cause of most of the worlds problem. Thus they believed anything was better than "Corrupt American Control" over the internet.

There were many many people that predicted bad outcomes from this transfer, most are starting to come true

It seems to me that running an NIC for a major TLD almost has zero marginal cost: for each domain, you automatically interface with ICANN once in a while to update registration info, then serve some NS and associated A/AAAA records. So it’s kind of surprising to me that $10/yr is already a non-profit price. Am I missing something?
The $10 a year includes the markup of a profit making domain registrar which has marketing and support costs.

This article suggests Public Interest Registry's costs for third party technical services were about half their revenue, with the beneficiary of the rest of the funds being the Internet Society https://domainnamewire.com/2019/10/28/pir-org-slashes-regist...

Still, you can see why those kind of margins and the ability to raise prices were an attractive combination to private equity

> The $10 a year includes the markup of a profit making domain registrar which has marketing and support costs.

I use Cloudflare Registrar these days for .com and .org. They claim to offer wholesale prices. My last .org bill was $9.90 + ICANN fee. And according to [1], Cloudflare directly work with PIR to offer .org, so unless they're lying, they are actually charged $9.90 per domain per year by PIR. Now, the article you linked to claims that PIR paid less than $2 per domain to the for-profit contractor who did everything technical for them (what's left? PR?). I wonder where the remaining $7.90 went...

[1] https://www.cloudflare.com/tld-policies/

Edit: Apparently overlooked the beneficiary part. Not a fan of mandatory donations but at least the numbers sort of add up now.

The process of mapping name=IP is not remotely technically difficult, and I'd dare say most people reading this message could implement the backend to such a system in a few days.

Setting up the peering replication and nameservers around the world is considerably harder, but it's definitely not a $10 billion+ problem (the current value of registrars and certificate authorities.) A startup funded by YC could handle that easily.

Dealing with all the companies trying to sue you over others squatting their domains and having to decide who has the better claim would be the most expensive part.

I really hate to say it because it's so cliche and overused, but a blockchain-like system could remove the central authority, the server costs, and the lawsuit risks. But it would introduce concerns over trust, most likely.

The really hard, unsolvable part is the unwillingness of the browser vendors to support an alternative domain name system. If Chrome, Firefox, and Safari all supported a new TLD outside of ICANN's control as a public service (let's call it "Let's Resolve" which would offer free domains and would be funded through donations), it would be very successful. If even one of them didn't support it, nobody would ever consider using it for their websites. Browser extensions, even if they allowed access to intercept domain name lookups, would not work. It would have to be supported out of the box in every major browser, and well, good luck with that. Anything failing to herd those three cats right out of the starting gate is absolutely dead on arrival.

Who knows though, maybe they'll raise .org prices just a bit too much, and piss off an established non-profit enough to start a huge campaign to create an alternative. But probably not.

> The really hard, unsolvable part is the unwillingness of the browser vendors to support an alternative domain name system. If Chrome, Firefox, and Safari all supported a new TLD outside of ICANN's control as a public service (let's call it "Let's Resolve" which would offer free domains and would be funded through donations), it would be very successful.

Not sure I understand your proposal. Say every single browser in the world supports Let's Resolve. byuu.org is registered with ICANN; but someone now wants to register byuu.org with Let's Resolve. Do you let them? What about the other way round? And what if someone attempts to register byuu.org with ICANN, while another attempts to register byuu.org with Let's Resolve at the same time, causing a race. Who wins?

Also, unique, meaningful and memorable identifiers are a scarce resource. Offering free domains just open up the floodgate of squatting and hoarding (at unprecedented ease).

Edit: Parent suggested a new TLD; I read it as a whole alternative system. Well, the new TLD idea was already implemented as .bit AFAIK, and it's pretty crap.

You probably need a system that allows both roots to function together. Maybe a different URL scheme:

http: and https: use ICANN, httplr: and httplrs: use LR

If not specified, browser tries LR first, then falls back on ICANN.

Doesn't feel as solid to me, but they could also register a placeholder TLD that would be use for redirecting requests to LR, or the other way around:

google.com.lrns would tell the browser to resolve google.com in the LR root (hardcoded), or google.com.icann would tell the browser to resolve google.com in the ICANN root. When falling back from one to the other, the browser would display the hostname with the fallback TLD on it.

Just some ideas off the top of my head, I haven't fully considered the implications yet.

Phishers would love that.
I think by "TLD outside of ICANN's control", GP meant a unique TLD that (currently) does not exist under ICANN. So it's not going to be byuu.org under ICANN vs byuu.org under LR, it's going to be byuu.lr (under LR) versus byuu.org (under ICANN)?
Yeah I misread. Then it's gonna be subject to good old squatting and hoarding (vastly more so if free) as I mentioned, and not really solve anything.
I agree. As long as there's scarcity, there's someone trying to exploit it.

I think it could be better to just accept that unique global names are not a great idea, and start identifying parties by certificates rather than name. Various chain of trust & reputation type arrangements can be used to ensure people won't confuse Their Bank (certificate issued by/for Their Bank) for Their Bank (certificate issued by & for scammer in Ukraine). Legit entities will have every reason to include information that minimizes likelihood of confusion.

Come on, I can have more than one James Smith in my phone's contact book too.. let's stop fighting over names.

> Various chain of trust & reputation type arrangements

The problem of course is that as you said, you still need authorities or a chain of authorities to tell you which one is the genuine Debian and which ones are trying to shove malware onto your machines. Today we go to debian.org, see the valid TLS cert, and assuming there’s no fraudulent issuance of debian.org cert and no attacker injected their cert into our device CA store, we can be reasonably sure the PGP key listed there is genuine.

You only need to look at .onion to see how well the keys without authorities idea turned out.

I don't have a problem with having authorities as long as we can choose which ones to trust (and have limitations on the scope of their authority), and form our own as necessary.

For example, I'll be happy to add and pin my government's authority for the services that they control. I'll be happy to add a group of FLOSS hobbyists issuing certs for open source projects, as long as they are transparent and can demonstrate that they have a handle on security. In both cases, there must be some way to limit the scope of their authority, and ideally do things like pinning the authority so that one can't sneakily take over the other in an attack that results from e.g. misconfigured scope.

I think establishing identity is something that we should learn to do. When John Smith gives me his phone number, I'm probably looking at his face and I know which John it is that is giving me their number. I should also be able to go to my bank and get their cert when I sign up for an account & credit card. I'd like to have additional confirmation of their identity (-> reputation) e.g. from my government, but I don't know if I want them to be automatically trusted just because there happens to be a chain that checks out.

If I'm looking at some entity that I cannot meet in person, I should be able to see who have vouched for their cert and make a judgement based on that.

Kinda like PGP I guess, at a larger scale and with better infrastructure (geek signing parties and wide open keyservers are not good enough). The system does not need to be centralized.

It should be possible to have certs signed by multiple parties, to help establish trust without having everyone agree on a single source of trust. (At this point, I'd like to use a term that sounds smaller and less powerful than authority)

I'm not particularly happy with the model where the chain of trust in every case is established starting at some international megacorps that do who know what, and countless issuers are directly or indirectly "trusted" from the get-go until someone points out their abuse and removes their certs.

The hope is to get a non-corrupt TLD in place that won't raise prices on you with no caps (and if possible while we're at it, won't charge you for certificate signing.) Ideally, a real winner would be a pay-once, own-for-life (say 100 years) TLD. I might be willing to drop $500 on a domain I know I'll never have to remember to renew.
As stated by another person, yeah I'd want it to not overlap with the existing ICANN TLDs. Not too hard to do, and we could fix one of the bigger annoyances of DNS and correct the ordering: bsnes.byuu.org -> #newtld.byuu.bsnes, for example could work, or even just #byuu -> #byuu.bsnes and only have a sole TLD for it.

I don't know how we stop squatters, maybe a one-time registration fee would be reasonable, but that would be discriminatory as $100 would be trivial for developers in the US, and impossible for service workers in Mozambique that just want a personal website.

It's not as though .com/.net/.org (and heck, even a lot of the new gTLDs) aren't absolutely filled to the brim with squatters already.

I mentioned Handshake in another comment. It has a good method for mitigating squatters. Names are won through a vickrey auction so they go to the highest bidder, and your funds are locked up for the duration of the auction (2 weeks) so it inhibits squatters from bidding on all the good names at once.
Still gives those with the most money the most domains...
Wait til you find out who gets the most IPv4 addresses!
The simple answer to that is prices based on the country's GDP.

us.whatever: $100 mz.whatever: $0.80

brb gonna go buy a bunch of mz's for my botnet clusters
Browsers shouldn't be the entity deciding on address resolution, a domain system bound only to the web/httpx would be a huge leap backwards. This should be up to the os and whatever names resolution the os provides should be happily accepted by any network program, be it a browser, email client, ssh, irc or something completely different.
Unfortunately, with at least Chrome and Firefox moving to DNS-over-HTTPS, they are the entities deciding on address resolution for 99% of average-user requests.

I would agree with you in principle however, in which case there's an even more impossible goal: get Microsoft, Apple, Google, and every Linux/BSD distro to agree to a new OS-level alternate domain name resolver that functions out of the box. And also stop Google and Mozilla from rolling out browser-level DoH.

Wonder if this means Cloudflare - and/or the other termination points for DNS-over-HTTPS - could be an interesting place to start adding an alternative DNS resolution system?

Then it wouldn't need to be done by any browsers... if the DNS-over-HTTPS end point provider does the additional name resolution, it should "just work".

Yes because that is what the internet needs, to have CloudFlare in control over more and more of it
We’re here because a private company has taken over .ORG

I see what you’re saying in theory, but it can’t be cloudflare or a private company or else it’s more of the same.

If it's done as a coalition of the places which provide DNS-over-HTTPS, it might work. :)
Negative. Private equity has billions to pay with. Everyone has a price.
The OSes appear to be signing up for DoH as well.
Browsers are the only ones actually willing to allow any change. If we wait for OSs to change nothing will ever happen. If it works well in browsers first then the OS will pick it up.
That's because there's no need for change. DNS works pretty well. There are various options to secure DNS, so that part of the DoH is also moot.

Browsers should respect the OS instead of trying to circumvent it.

Lastly, DNS is properly decentralized out of the box. I don't get that some people who argue for a decentralized internet also argue for DoH.

Similar to how email works and has various options to secure it but the reality is no end users were benefiting from it. How many OSs have enabled by default encrypted DNS? Browsers should primarily focus on providing the most secure and private browsing experience.

DNS is also not decentralized. It's centralised on ICANN and whatever company owns your TLD which is why this thread is here.

> Browsers shouldn't be the entity deciding on address resolution

Someone tell the guys pushing DNS over HTTPS that.

I may be mistaken, but I always thought DNS resolution was handled by the underlying OS, and not by the browser through HTTP. Support from browser vendors would probably matter a great deal for this, but not at a technical/implementation level, right?
Conventionally, yes, but that's changing somewhat with the deployment of DNS over HTTPS.
Chrome already ignores OS-level name-resolution in favor of phoning home directly to Google DNS unless you block their IP#s at your border. I see it daily in etherape. Side-effect: Chrome users on my LAN have to type in IP#s to browse local resources because their browser ignores my dnsmasq, which resolves the split horizon.
Do you mean Chrome or the Chromecast? The Chromecast totally ignores network-configured DNS and uses 8.8.8.8. The Chrome browser has its own DNS client, but it doesn't phone home to Google DNS - it still uses the DNS servers configured by the OS.
Ah perfect, not your keys, not your domain. I mean now domain jackings can be permanent and irreversible! Apple.com can literally be stolen by Tim Apple and there’s not a thing anyone could do about it. Another clear win for the blockchain. Resolving this kind of dispute is why we have central authorities in the first place.
The dispute process is there to solve the kind of issues that do not exist in a fully automated domain name assignment systems.

Fully automated system will only care about keys and cannot hand apple.com over from Apple Inc to Tim Apple because of his name.

You’ve got it backwards. When the keys are lost or stolen you’re SOL. The dispute resolution process would restore proper ownership via existing legal frameworks like it’s been done for hundreds of years.
> The dispute resolution process would restore proper ownership via existing legal frameworks like it’s been done for hundreds of years.

Not if the owner lost all proof of ownership, which is the assumption your argument is based on.

You don't need proof of ownership to obtain a judgement in your favor. It would make the process easier to be sure but you can make the case based on historical ownership and other indirect proof that a judge will accept.

You don't walk into a court and have the judge say "what you don't have the receipt?! case dismissed!!" -- the judge isn't a parking meter.

Handshake is trying to do exactly what you’re describing. It’s an alternative root of trust for DNS that uses a blockchain to secure names. One of the non-obvious security benefits is that you can store certs on the blockchain instead of relying on CAs, which is a source of failure in the security of the Internet today.

Browsing adoption is tricky, but people can point their DNS to Handshake resolvers pretty easily — it’s equivalent to switching to ‘S 1.1.1.1 service which many people already do.

How could free domain names possibly work? Good domain names are scarce so of they were free someone could just write a script to register every good domain and then resell them. The yearly renewal fee means people tend to let go of domain names they no longer and never will use.

The blockchain idea could work. There is a coin called namecoin which attempts to do this. I think on end user devices we should still use DNS so you don't have to store a 1tb blockchain on your device but the blockchain could be what the DNS servers source their data from.

(1) There exists a blockchain-based, decentralized DNS lookalike: https://handshake.org/

(2) Every major OS has has a way to plug an alternative DNS resolver (except maybe iOS), and every major browser has a control to switch off the DNS-over-https resolver. With any goodwill from the major mobile OS vendors, a new resolver could be rolled out to 99% of consumer devices or so, and work transparently.

(3) A new name resolution system should not clash with the DNS namespace. It could allow to copy established DNS domains (not parked) to the new namespace for a nominal fee.

(4) Many DNS tricks, like load-balancing, could go away. Running your own name server can become harder. The transition, should it occur, would not be fast.

Anything that doesn't work out-of-the-box is dead on arrival, though. I would never be willing to move my domain from .org to a system that people couldn't get to without installing additional software (eg OpenNIC.) But if every OS and/or every major browser supported OpenNIC, then I'd be willing to make the switch.
Indeed. My point is that supporting an additional name resolution system is mostly a political problem, and technically doable.without forcing people to even upgrade their OS, phone, or browser.
"but a blockchain-like system could remove the central authority, the server costs, and the lawsuit risks" This already exists, check out [ENS domains](https://ens.domains/) running on the Ethereum blockchain. They can be mapped to [IPFS](https://IPFS.io) hosted sites
In case anyone is wondering there is a blockchain that was made for such a reason. It's called namecoin. It spawned a project called chimera which was renamed xaya. In xaya the idea is you can reserve a name and the name has an alterable 2048 byte space for json data that you can update every block if you wish.

Namecoin though has always been around to reserve names and in particular domain names.

You're right that the technology is the very least of the difficulties. And that's the reason it won't change: nobody's going to do all the work of replicating all that bureaucracy just so there's even more organizations involved.

The only way I can think to end the corruption is to take away the financial incentive, and AFAIK that would mean either the government runs anything that makes a profit, or to remove price completely.

Who'd have thought unaccountable private companies would act in their own best interest?
Corruption and causing financial damages intentionally for having personal benefits on it - especially by abusing a position against the very community they represent - is punishable by law in most country. Aren't they subject of legal proceedings now by violating the law?
Yeah this movement shouldn't just be "Save .org" but also specifically "Prosecute Fadi Chehadé", who is a criminal.
At the risk of being overly-nationalistic, this is exactly the sort of scenario that many were worried about when the rest of the world demanded that the US hand over control to an international governing body. Just as you see with - for example - the IOC, many international governing bodies have a dangerous tendency to devolve to the ethical standards of their most corrupt members.
> Ultimately, this is why the DNS and domain name industry feels so shady in general and why for most companies getting a name on the internet is a tortuous process that feels very scammy, which is unfair and costs more than it probably should.

Shady is putting it lightly.

I once tried to register a nice .wiki domain in order to host a wiki for myself. Those domains weren't available anywhere. I had to "request" one from the company that managed the TLD. So I emailed them and they asked me about my "plans" for the domain. Eventually they just said they'd host it on my behalf. They created a wiki on the domain I wanted, threw ads around it and told me to start contributing.

It's not really an equal playing field where anyone can buy a domain. They gatekeep not only by charging huge prices but also by simply refusing to sell the domain if they think you're not important enough.

People should start making more onion services.

Onion services don't have human readable namespaces. Independently of using onion services, whatever services we run should probably be registered on Namecoin and/or Ethereum Name Service. That's how we get out of the DNS cabal's grasp.
ENS is more focused on wallet naming than DNS. Have you checked out Handshake? It’s aiming to create a more secure root of trust for DNS that’s resistant to seizure and censorship. We (namebase.io) are building on it ourselves.

https://handshake.org

> People should start making more onion services.

A practical DNS replacement would be nice. Something not amenable to governmental or legal attacks, or straight-up corruption like this.

You highlight an interesting point which made me realize that no one actually owns their domain names on the Internet. We’re all just renters.

You might be interested in checking out https://handshake.org which is trying to create an alternative to the existing ICANN system that is resistant to censorship and seizure. The technology is really interesting and we’re building on it ourselves.

We[1] are building on a new project called Handshake[2] which is trying to create a more secure (alternative) root of trust for domain names. It does so by storing certs on a distributed ledger instead of relying on CAs. Though this isn’t the main goal of the project, one of the benefits is that anyone can register their own TLD through a vickrey auction which is much more fair than the current ICANN system.

[1]https://namebase.io [2]https://handshake.org

> It does so by storing certs on a distributed ledger instead of relying on CAs.

When you remove/replace the buzzwords that sounds exactly like a CT log, which is also a Merkel tree.

>>>Sadly, ICANN has little oversight

This is why the US Dept of Commerce should have never given up control

It's funny because every defence I've heard about ICANN is "why did you not participate in the governance meetings?".
If we in the United States had a forceful, competent FTC or FCC, perhaps this would be investigated. I don't think a Sanders or Warren administration would ignore something like this entirely.
The SEC are both competent and forceful, and this smacks of self-dealing, which is within their remit.
ICANN is a "non-profit". They do not issue a publicly traded security, and so they are not subject to the SEC's jurisdiction. The FTC is probably the best hope for intervention in a matter like this.
> ... corruption, plain and simple.

That's right but the right to get rich by corruption is the most important and most appreciated unalienable entitlement of US weenies, even more important than food or shelter or life itself. After all, in a thoroughly corrupt system all of those can be bought. Only corruption itself cannot be bought if the system doesn't already have the necessary level of corruption. It is the US's holiest mission to convince the rest of the world of the fundamental importance and indispensability of our way of corruption.

Is $10 the magic number for 'orgs'? Say the PE raised it to $20, how bad would that be? If it were $5 and doubled to $10 still as bad? Why is $10 the just amount? What about orgs that can't afford that?

How high is it ok for the PE to go on fees? Why? (Tone is to point out how arbitrary this all is, genuinely curious otherwise)

Given the history of private equity in hiking up drug prices, I'm guessing the answer to "what is the magic number" is whatever number generates the most profit, regardless of what is just or whether small organizations can afford it.
They can raise it as high as they want. Yes, it is bad.
They can hike without limit, and they can target the hike. So they could make wikipedia pay 10000 a year when they need to renew.

If they had all domains at the same price, price hikes would be much less of an issue.

There is no added value to justify doing this to .org.

It is rent seeking.

I happen to live down the street from the Internet Society.

What could I do in person to emphasize the point?

paint something with chalk on the pavement before their entrance? Harmless and gets attention
(comment deleted)
I think it's fair to see private equity as red-flag, and I feel ideologically aligned with the folks raising the alarm here. OTOH, the concerns raised include a lot of speculation (in the form of "could do bad" or "has the power to do bad"), and that's also a red-flag.

It's interesting to compare ISOC's blog (https://www.internetsociety.org/blog/2019/11/the-internet-so...) and the followups like EFF's blog (https://www.eff.org/deeplinks/2019/11/nonprofit-community-st...) and SaveDotORG (https://savedotorg.org). They touch on a lot of similar themes of community and transparency - which, on paper, makes it sound like there's some meeting-ground.

As an outsider to the discussion, questions would be:

1. What are some specific problems facing the ".org" registration process for which capital/investment would be helpful? (Obviously, there's no perfect answer. But as an outsider, it looks like ".org" registration already works about as well as anywhere else, so one needs some examples to animate the problem.)

2. Would any of these folks care to improve their engagement/trust with each other? Talking more specifics about "Stewardship Council" and "Community Enablement Fund" might help. Or is some reason for bad blood?

3. What kind of track record does this private-equity shop have? Have they worked with other non-profit or socially-oriented endeavors? Maybe some founders/staff/customers can give some positive or negative testimonials?

A downed power line or gas leak only "could" do bad, but that's not a reason to dismiss them.
the concerns raised include a lot of speculation (in the form of "could do bad" or "has the power to do bad"), and that's also a red-flag.

I'm not really sure how to address the idea that we shouldn't attempt to understand and interpret what things happening now might mean for the future.

I saw this logic coming from a lot of people trying to push these changes through. They've been good so far, we should just trust them. They stick their heads in the sand and pretend we don't need rules because organizations, people, societies follow norms and that's enough. Until someone shits all over them, which is why we make rules in the first place. This whole nothing bad has happened yet, we shouldn't consider a bad outcome as a real possibility is ignorant and dangerous. The same people who if you look at ICANN mailing lists are still trying to play both sides, with whataboutism type arguments in an attempt to discredit people against .ORG being sold to a private equity company. I've dug into those people a bunch too, they're pretty much all connected to registry interests (https://reviewsignal.com/blog/2019/06/24/the-case-for-regula...)
They lied to get price caps removed on .org and then sold it amongst themselves to profit. I'm not sure how you trust people that start with a lie. Look into the history of how shady this really was.
Yeah, this comment https://news.ycombinator.com/item?id=21612033 links to an article on the Register which gives a lot more substance to the concerns/reactions. That deeper story helps to show where the mistrust comes from.

From the peanut gallery, it looks like the ball is in ISOC's+Ethos' court to demonstrate their good faith as stewards...

As if this couldn't get crazier:

> Goldman Sachs & Co LLC. is serving as financial adviser to both the Internet Society and PIR.

https://www.bizjournals.com/washington/news/2019/11/15/resto...

This is what they do - finance deals. This is as notable as saying Wells Fargo issued their home mortgage.
Wells Fargo, eh? Your example is apt, but perhaps not for the reason you intended (unless you're making a subtle joke, in which case I apologize for not catching it.)

> This timeline charts the most significant events in the sales scandal that erupted at Wells Fargo [in 2016]

https://www.fool.com/investing/2017/09/24/a-timeline-of-well...

> Wells Fargo(WFC)charged customers a monthly service fee to maintain a checking account that many customers assumed was free and the bank is mulling how to respond to people who feel cheated, according to the bank and sources familiar with the accounts.

https://thecapitolforum.com/wp-content/uploads/2019/09/Wells...

> Wells Fargo and an insurance company it worked with have agreed to pay $432 million to settle a class-action lawsuit brought by customers who say they were charged premiums for auto insurance they did not need.

https://www.newsobserver.com/news/business/article237666879....

IMO only fools and masochists would continue to bank with Wells Fargo.

Anyhow, Goldman Sachs have no business being anywhere near DNS or ".org" at all, at all. They're a bunch of crooks who make Monty Burns look sympathetic in comparison.

https://en.wikipedia.org/wiki/Goldman_Sachs#Controversies_an...

Whenever there are politicans robbing those who they claim to serve, Goldmans are there advising anc charging huge fees.

Whether it is this, Greece debt, 1MDB in Malaysia. Goldmans have no regard for their own reputation so we should assume anytime Goldman are advisors that the deal is a massive ripoff for which people should be going to jail. Goldmans may not have always been this way but they sure are now! They're a leading indicator of gross corruption.

I think I give up on the Internet that we know today. I'm too tired to fight anymore. Monopoly ISPs with data caps, DNS rent seeking, the walled gardens, the internet of shit where I cannot walk down my street without getting recorded by every house with a "ring".

I'm done with it. I don't want to partake anymore, I don't want to fight it anymore, I don't want to care anymore.

Let the Google's and Facebook's have the old Internet. I'm done with it.

The dream is over. The magic is gone for me. The old Internet is gone. Let them have the rest.

Maybe then, and only then we will rise up like a Phoenix, with a solution that cannot be stolen out from under us.

Ah man.... the exhaustion I feel... is summed up so well by this comment.
> stolen out from under us.

Who is "us"?

The internet is available to more people in more countries than ever before. There's more content on the internet than ever before. It's a part of every day life for nearly everyone in the world.

That's what's happening to the internet. It's no longer a corner where quirky tinkerers were the only ones who could access it.

And the promise of the internet was never to be just that.

It was meant to be a vehicle for humanity (along with all it's warts). That's what you're seeing. The rest of humanity coming on-line.

The attitude of "this isn't what it was meant to be" presumes that it was meant to be anything at all. Similar to a kid that doesn't want to share their legos with the rest of the class.

They can have my last two Legos, these blocks are no longer useful to me. They already have most of the blocks under their control anyways.
I think the sentiment was regarding the democratization of knowledge and access, which is shifting more toward an oligarchy. True, more of humanity is coming online. However, they can only participate if they can be monetized and controlled by those with all the wealth and power.
The internet was and remains the most democratic knowledge dissemination engine in several thousand years of recorded history. It is substantially more democratic than it was in the 90s and 2000s because there are more people accessing it now.

It isn't shifting towards an oligopoly unless you count things like Wikipedia as a monopoly. Which it isn't, Wikipedia is probably about as close to an ideal democracy as any human project ever attempted.

(comment deleted)
Wikipedia is a great example of a web site that has resisted the trend! It is a pretty ideal democracy for those of us whose ISP or nation-state[0] doesn't prohibit us from viewing it.

There was a project similar to Wikipedia, but for semantic data. It lasted for a little while before being swallowed up by Google and shut down[1]. Granted there are some alternatives, but after investing some time working with freebase data, I should be allowed to hold a grudge.

Google played a key role in muzzling more widespread usage of RSS[2], along with Twitter and Facebook discontinuing support for it. Similarly, jabber[3], XMPP[4].

These days it's risky to even host your own mail server, since most people you correspond with are likely to use one particular email service that may arbitrarily block messages from lesser-known mail services[5].

[0] https://en.wikipedia.org/wiki/Censorship_of_Wikipedia

[1] https://groups.google.com/forum/#!topic/freebase-discuss/WEn...

[2] https://www.fastcompany.com/3013890/reader-may-have-died-to-...

[3] https://blog.twitter.com/en_us/a/2006/use-twitter-by-instant... (couldn't easily find press of the discontinuation of this service)

[4] https://news.ycombinator.com/item?id=9266769

[5] https://www.tablix.org/~avian/blog/archives/2019/04/google_i...

And Wikipedia is hosted on... a .org. Great!

Why not shake them down for those sweet donations?

And now we have https://wikidata.org

Im saddened by the death of rss too, but i think its a lot to blame that soley on google. If the rss ecosystem was so weak, that shutting down a single rss client killed it, it couldn't have been long for this world anyways.

Imagine if google said tomorrow that email is dead and that they are closing down Gmail... This is basically what google did to RSS. They promoted it, adopted it.

Google made it impossible for existing solutions or upstarts to compete with their free tools, then slowly killed off marketing it and supporting it. The final straw was when they killed their reader.

Google killed RSS and they are actively killing other vital parts of the Internet in favor of their tech (forcing the use of their AMP tech for the best spots on their search engine results is anti competitive, Their web browser Chrome has saturated the market and is also making decisions which will undermine the Internets open protocols, but literally hiding the protocol in URLs, hiding the path in URLs, thus forcing people to search more).

Google is not alone in using it's capital as a destructive force on open protocols and standards. Facebook, Amazon, and Twitter are the same way.

> Wikipedia is probably about as close to an ideal democracy as any human project ever attempted.

wikipedia has their own drama. it has contributors who shape the content into what they want the world to see instead of staying objective on certain topics. often articles on simple topics are so complex because they are written by enthusiasts and aren't trying to inform beginners or curious.

we need better!

I'm not sure about the internet but...one MUST share Lego with any and all who want to play.
> Similar to a kid that doesn't want to share their legos with the rest of the class.

You're being disingenuous and needlessly insulting.

We wanted to bring the freedom and egalitarianism of the early internet to everyone. Instead we got the jaded, corporate internet, but at least it's available to everyone. The GP is obviously mourning the quality, not the exclusivity.

Thank you for this comment.
How about we just use different domains?

.org is gone, use .com or .net or any of the other hundred of domains.

Difficult to do for a nonprofit with a history. This is extortion.
As the article points out, .org is the for non profits like .gov is for governments. It adds legitimacy.
(comment deleted)
When you have a site you want to keep it at that same domain, otherwise all the links to your site around the internet will break.
> How about we just use different domains?

> .org is gone, use .com or .net or any of the other hundred of domains.

What about all the broken MX records?

Any worthy .org's name will be domain-squatted on the other good TLDs, so they couldn't move it over.

Changing the domain of a site is very effective at killing a site, and a business or organisation, because all existing links to it break, emails to it break.

And if you give up the domain, it will usually get squatted quickly, so the links and emails carry on working - they just go to the squatter's site instead.

There is no way to update the majority of links to your site, if it's been around for a while. You can search for links and ask other site operaters to update, but it just doesn't happen much, and it's also extremely expensive to do when measured in time to write to thousands of site operators individually.

And when you have to change the name at the same time (because your name is squatted on other TLDs), you're effectively deleting the name recognition, literature, old podcasts, matching name you already have on Twitter, etc.

If you had a good name for a long time, chances are you will struggle to find another one like it, and even if you do, most people will think the new name is something else.

On top of that, your email is probably linked to your .org, and people aren't going to stop sending to that for years, no matter how much you tell people to via other channels. You can't know everywhere your email address and main web address are being kept by someone to use later.

And wherever there is a long-standing email domain, there are probably thousands of internet accounts that have that email as their primary or backup/recovery, which you will need to keep if you don't want to start losing access to other accounts. Updating those is very difficult unless you have been extremely diligent at keeping a database of every account you ever created. In practice, even very diligent organisations who attempt to do this don't succeed because accounts tend to be created bydifferent people.

Perhaps in extreme startup land where people start a new business from scratch every couple of years, and pay a lot in SaaS costs so hiked domain fees may sseem relatively cheap, this might not seem to matter.

But many .orgs have been around for decades, and are low budget but very well esablished.

Any many other .orgs are individuals, with email and thousands of online accounts linked to their domain.

There is no "just" to a domain name change.

I've been using the same email address, at my own .org domain for 20 years now.

Changing that would be a proper PITA, and I'd hate to have to do it just because ICANN sold out in such a transparently corrupt way.

Same. Time for a completely different stack / protocol? Like a cloud that is actually a cloud rather than corporate centralization with a side order of surveillance?
More likely, time to move to governed cyber communities, where taxes will go towards providing infrastructure and maintaining rights.
Asking for more government (analog in this case) is just kicking the can down the road.

Your tiny cool self-regulating community, will either die, be eaten by Facebook or become Facebook.

I think the point was that there basically is no fully technical solution. Regulation has to come from the society in question.

Granted, I'm holding out hope that someone surprises us with a technical solution. I just don't have high hopes there.

It’s not about about being cool or making a hip new website. The point is that people won’t choose to pay for services when free ones exist. It requires a monetary obligation in the form of taxes. Countries don’t function because everyone decides they’d like to pay for the infrastructure that benefits everyone. They function because that money is collected in the form of taxes.
x.25 was my favorite
Haven’t seen that in awhile. Used to help run some EDI and PPP services hung off an x.25 node right down the road from CompuServe in Ohio. The PPP router didn’t even authenticate the user lol, just welcome to the network! I bitched about it for a long time before a demo changed minds.
Host your own website? I have a web server, I manage a VPN for myself (good for traveling and questionable wifi points). Much of the joy of the early internet came from the small groups and light website's. Website's at scale gave a want hard time being small. Share what you care about on your own platform.

Ignore everyone's ring. If you aren't hosting a part of the internet you want. Why would you expect others to?

I host various things at my house even though my ISP prohibits it... We lost that battle a long time ago too.
Sorry, you're not allowed to leave.

Earlier today I was trying to Google a website I found on my PC a while back. (Backing up its disk atm, and don't use Chrome sync.)

Clicked on an unrelated link, and was already in the process of reaching for the Back button when I realized I was looking at a cert failure (wrong domain in certificate). Heh. Idly curious I hit Continue... And was presented with my first

> Content Denied

> Access to this website has been disabled by an order of the Federal Court of Australia because it infringes or facilitates the infringement of copyright.

> 1800 086 346 for information.

https://i.imgur.com/fwXRlTN.png

After recovering from the shock - this sort of thing only happens in 3rd world repressive countries, right??? - I went back and tried the domain referenced in the cert.

Haha I've probably lit a billion lists up like Christmas trees now... I got this: https://i.imgur.com/w37jfFt.png

Here's the cert error, for reference: https://i.imgur.com/dZmEcnd.png

What website?
The initial one I was visiting purported to host various cartoons (and probably other TV shows).

I have no idea what the second site was.

Australia implemented anti piracy dns blacklisting in 2016, and had an additional dns filter for highly illegal content significantly before that.

I’ve never heard of anyone get arrested for low level piracy here, so I wouldn’t be all that concerned with requests that hit the piracy filters.

> DNS rent seeking

Domains registrars?

> Monopoly ISPs with data caps

The fact that data caps ever gained traction doesn't reflect well on the old timers ability to explain and protect the true value of their creations for the wider public.

Which is weird because they were obviously able to do that with cryptographic algorithms which are way more esoteric.

It's like teaching a generation of craftspeople to build all the intricate parts of a piano but never noticing nor caring that for some reason they're all selling pianos that have a single key.

What? Data caps had a very good reason to exist. Back in the 3G days if everybody would be online all the time the whole machine would just grind to halt. Nowadays the data caps are (in Europe at least) only a formality.
Some of us are trying to keep it alive.
You mean the death of the nerds-only Internet (a different kind of walled garden). There is so much creativity shared via the Internet by non-tech-savvy people that just wouldn't have been possible via the "old Internet".

There's certainly many problems with something this gargantuan, but I get very skeptical when people nostalgize and eulogize "the good old days" of anything.

I'll add, I say this with empathy to your feelings. I regularly feel a very strong nostalgia for those late nights of discovery on the Internet. But I do recognize that Internet involved a fraction of a fraction of the people using it today who are discovering and creating and sharing all kinds of stuff with greater ease than ever before.

Is what they are sharing worth anything or is it just crap?
That is entirely subjective.
I can't even imagine being small-minded enough to think that only tech-savvy people have anything interesting to express (and I say that as someone who thinks pretty highly of internet culture prior to its mainstreaming)
> There is so much creativity shared via the Internet by non-tech-savvy people that just wouldn't have been possible via the "old Internet".

Could you explain how you got to that conclusion?

It would be impossible for non-tech-savvy people to share things on the internet if there were no omni-present surveillance, manipulation, and centralization, because ... ?

I think their point was that "old internet" was harder to use as a publishing platform than the new one, not necessarily that what we got was the best evolution, but that it has enabled non-techies to publish more.
Which then would be completely besides the point?!

"It's bad that X has happened!"

"But Y has happened, too, and that is good!"

Yeah, so what? Unless Y happening is predicated on X happening, that is just completely irrelevant to the discussion?

> I think their point was that "old internet" was harder to use as a publishing platform than the new one

harder to use as publishing platform by who? don't you mean businesses & corporations?

people have always been fine. myspace anyone? geocities? irc? icq? aol? msn? yahoo? the list goes on... also the remarkable thing is that people just move to newer and better back then.

I agree that "Internet" today is full of creative expression of millions of people able to do that mostly due the expansion it has seen into non-technical crowd. And that's brilliant.

Unfortunately, getting to their creations is ultimately harder: eg. searches for anything will now throw you at some lame stuff on pinterest, which will attempt to lure you into signing up just to find out if they have what you are looking for.

Basically, ability to really "browse" that humongous web is now gone. And most of those creations never reach their intended audience.

You captured my thoughts perfectly.
Can we not do this sensationalist rhetoric on this forum?

If you feel like you got a bone yo pick with a current state of internet, post about a technology that addresses the problem so that people can become aware of it. And save the virtue signaling for reddit/facebook.

I can’t visit the site. First there’s an SSL cert problem and when I bypass that Verizon blocks it as malware.
Not sure why this is getting downvotes. I'm seeing the same - Chrome blocks it, then my work VPN does, with the following error:

"This site is blocked due to a security threat that was discovered by the Cisco Umbrella security researchers."

Same here, cisco firewall blocked it
Done. I own a org site myself.
I also think ICANN is a very corrupt entity now, with very bad governance at the moment.
Watch the new private group that controls .org revoke their right to this domain.
Time to have a collectively funded .ngo TLD?
(comment deleted)
Already owned by PIR (which runs .ORG and is being sold to Ethos Capital). Sorry, it's a group domain fucking. You're welcome - Ethos Capital, probably.
> This article was brought to you by the domain squatters lobby

But seriously I don’t see what’s wrong with this sale. There are no restrictions on who can use a .org domain anyways, and the only people price increases really affect are domain squatters (real organizations can afford 10x the current price without batting an eye). I don’t see what’s wrong with this sale

What exactly are "real organizations"? I can think of two long-lived NFPs in my life that can barely afford hosting & domain registration right now.