back to article Ex-boss of ICANN shifts from 'advisor' to co-CEO of private equity biz that tried to buy .org for $1bn+

The former head of DNS regulator ICANN has been named as co-CEO of a company that launched a controversial attempt to purchase the .org internet registry earlier this year. The news has again raised concerns over the revolving doors between regulators and those who need regulation. In the past week, the website of Ethos …

  1. druck Silver badge
    Thumb Down

    It stinks...

    ...like a week old kipper hidden behind a radiator.

    1. jake Silver badge

      Re: It stinks...

      Fortunately, just like the kipper, it's not hidden very well to anyone with a nose.

      1. Kabukiwookie Silver badge

        Re: It stinks...

        And yet. Everyone with a .org domain almost had it forced down their throat.

        Instead of a tool for justice, the law seems to have devolved into a tool for the wealthy to protect and increase their wealth without the fear of any real repercussion.

        1. IGotOut Silver badge

          Re: It stinks...

          "the law seems to have devolved into a tool for the wealthy"

          Sorry to break the bubble, but been that way for a very, very long time.

          Poor person steals some food.....hanging

          Rich person rapes, pillages and murders....more land and money.

          1. KBeee Bronze badge
            Happy

            Re: It stinks...

            Bit OT but, long ago there was a childrens TV program called The Tomorrow People (sometimes credited with showing what now would be called a Tablet for the first time).

            In one episode a character says "One law for the rich, another law for the poor" but he gets corrected

            "The correct saying is "One law for both rich and poor, to prevent either from stealing bread, or sleeping under bridges"."

            Which to my mind is a much more subtle and truthful way to put it.

            1. FeepingCreature

              Re: It stinks...

              Source is:

              "In its majestic equality, the law forbids rich and poor alike to sleep under bridges, beg in the streets and steal loaves of bread." --Anatole France

      2. sad_loser
        Thumb Up

        Re: It stinks...

        Why is my moral compass spinning like that?

        The good news is that

        a) it didn't happen

        b) the close shave will wake people up to this threat.

        1. Kabukiwookie Silver badge

          Re: It stinks...

          Completely agree with your point a Point b? No. People will let these things slide up to the point where they have a boot literally on their necks.

    2. Phil Koenig

      Re: It stinks...

      What has happened to ICANN, IANA and the Internet Society over the last 10+ years is horrible.

      For example, because WHOIS records are now virtually useless due to so-called privacy provisions which are largely used by shady organizations trying to escape responsibility for their online activities, it takes me 5 or 10 minutes per domain to do research every time I see some questionable javascript that I'm trying to decide whether to let run in my browser or not.

      1. doublelayer Silver badge

        Re: It stinks...

        "For example, because WHOIS records are now virtually useless due to so-called privacy provisions which are largely used by shady organizations trying to escape responsibility for their online activities, it takes me 5 or 10 minutes per domain to do research every time I see some questionable javascript that I'm trying to decide whether to let run in my browser or not."

        Which really breaks things up from all the people who would just put in information that isn't at all connected to who they are. Which has been happening for years. It isn't new; when people realized that putting real contact information led to scammers, they started to avoid giving that out. I know of a friend who set up a site in 1998 and put in the wrong phone numbers to avoid scammers. Companies that let you replace your info with theres were easily available in the early 2000s.

        Actually, what information are you hoping for to determine whether JS is safe? All whois contains is address, phone, and email. That doesn't tell you anything about whether code is trustworthy. While you might decide to ban any code coming from a domain associated with an address in Russia, do you necessarily trust any code coming from some other country?

        1. Phil Koenig

          Re: It stinks...

          I registered my first domain in 1998 as well and the information there is complete and correct as of this day.

          Mind you, I don't put data in there that could directly endanger me or subject me to stalkers. Never had a single problem with it, maybe a dumb domain-switch solicitation mail or fax every once in a blue moon, that's about it.

          I see basically ZERO reason for any legitimate business to hide behind a 100% redacted WHOIS record. If you are a legitimate business and not a scammer, you owe it to the public who may be roped into "doing business with you" simply because you're serving some dodgy JS on thousands of webpages that people encounter every day without any warning in advance that your lousy dodgy JS is going to be trying to get into their browser.

          At the VERY least they should have their f'ing COMPANY NAME there. Would you buy stuff from an entity on Amazon that won't even tell you what the name of their company is or where they're based?? Would you buy a car or a pork loin from a reseller that won't even tell you who they are?? This is absurd.

          For individuals of course it's different, if they don't have a business or mailing service address or a phone # that doesn't ring at their house or on their mobile then yes, I understand all that. I'm not talking about such people. I'm talking about companies who you are forced to "do business with" in the form of active online code, but which REFUSE TO IDENTIFY THEMSELVES.

          As it stands today, the whole idea of WHOIS has been completely destroyed for all practical purposes. It seems that almost every new domain registered today is completely redacted by default.

          I view this as just one example of how various parasitic entities have twisted the domain and IP address-space management bureaucracy in recent years towards their own profit interests and against the interests of the public at large.

          Just like the subject of the article we are commenting upon.

          1. LDS Silver badge

            "Mind you, I don't put data in there that could directly endanger me or subject me to stalkers."

            You may not have that options. In some countries back in the early days of the Internet you had to supply your full details - including a copy of an ID document to verify them - because there were strict rules for domain assignments.

            So, if you were a company you could of course supply the company address, telephone number, etc. - but if you were an individual you had to supply your very own details - including your own complete address and personal telephone number. Not everybody is lucky enough to own more than one house and be free to register one address and live at the other, nor in those days you could get multiple SIMs and numbers easily.

            WHOIS never made a difference between the two types of users - so inevitably you're talking about them too. Meanwhile those willingly to pay *could hide already* their WHOIS details behind services built for that purpose - so spammers and other illegal activities were able to hide already.

            But would you really trust a javascript because it has a seemingly credible WHOIS record? In some countries not requiring proof of identity was very simple to fake them. Or even to use the data of someone else using stolen documents.

          2. Anonymous Coward
            Anonymous Coward

            Re: It stinks...

            I've had a domain name (a .com, though it's not actually commercial) for several years. For a while, my real contact info was in the WHOIS - and even though I fixed that several years ago, I *STILL* occasionally get unsolicited offers for SEO and other services for my website. I've never, not one single time, had someone legitimate contact me using the WHOIS record, nor have I had one single contact forwarded from the domain registration company. (No idea how many outright scams I've gotten from it; I foolishly used my personal email and phone number.)

            1. stiine Silver badge
              FAIL

              Re: It stinks...

              That's because those of us who used to use it....now just add your domain to a script that blocks your netblock...no skin off of my teeth. No offence, but fuck you if you're a company and your whois records aren't accurate and correct.

              1. Anonymous Coward
                Anonymous Coward

                Re: It stinks...

                Sorry, but wrong and being intentionally offensive to boot. If you need to contact me, you know how - use the contact info in the WHOIS, which is for my domain registrar, to ask to contact me. Or, you know, visit the website (which has minimal JS, mostly just to stop email-scrapers, and nothing else hinky) and use the contact link. Which works even with JS disabled, as it takes you to a page explaining why it didn't work and has an IMAGE of my email address. And no, it's not a company at all, just a tiny server running a few webpages.

          3. J. Cook Silver badge
            Trollface

            Re: It stinks...

            Cool, so you are just fine with people trolling through the WHOIS databases to build spamming lists, then? Or send you unsolicited junk mail? (or much, much worse)

            That's the main reason why my WHOIS info is blatently false. (I mean, my name is in there, but the email listed is fake, the physical address is also a non-resolvable, although the state and country names are correct. If someone needs to get a hold of me, there are plenty of other ways to find my legit email address if one takes a few seconds and looks at my web page...)

            1. jake Silver badge

              Re: It stinks...

              "so you are just fine with people trolling through the WHOIS databases to build spamming lists, then? Or send you unsolicited junk mail?"

              The contents of the WHOIS database has never appreciably added to my SPAM and junk snail mail load, to the best of my knowledge. All of my contact info is legit, and has lead to some rather lucrative cont(r)acts over the years.

              Somebody once said something about babys and bathwater ...

              1. heyrick Silver badge

                Re: It stinks...

                My domain contact info is legit. It's just hidden.

                I don't want to find out if it can lead to spam, junk mail, and 3am phone calls trying to sell me insurance. Why? Because it's a single click to make the information private. It's a hell of a lot more effort to deal with fallout if the information does get abused.

          4. doublelayer Silver badge

            Re: It stinks...

            "If you are a legitimate business and not a scammer, you owe it to the public who may be roped into "doing business with you" simply because you're serving some dodgy JS on thousands of webpages that people encounter every day without any warning in advance that your lousy dodgy JS is going to be trying to get into their browser."

            I completely agree. The problem is that Whois doesn't help. I don't trust code any more if it's a company name rather than a privacy organization stored there, because a) I have no proof the information in there is correct even if it looks possible, b) dodgy JS can come from any place and can be owned by any company, and c) any company can create other companies to make their origins look different, and they do that all the time. Consider what you would think if you saw this in a Whois record:

            Registrant Name: Siculus, Inc.

            Registrant Organization: Siculus, Inc.

            Registrant Street: 1700 34th Ave NW

            Registrant City: Altoona

            Registrant State/Province: Iowa

            Registrant Postal Code: 50009

            Registrant Phone: (515) 306-8507

            Do you trust this company? We can do some research and determine that that company does exist, they are at that address, etc. Do you trust them now? Well, whether or not you trust them should be the same as whether or not you trust Facebook, because this is Facebook. You wouldn't know that from Whois though. Nor would you know whether Facebook/Siculus actually registered this domain--if I was a scammer and I thought you'd trust that, maybe I put that information in when registering my domain. It wasn't hard to find, after all. Nor do you know basically anything else about the system or the people from that contact info.

        2. Phil Koenig

          Re: It stinks...

          Regarding your last paragraph, I simply want to know what entity I am dealing with.

          If Google or Microsoft sees the need to create a slew of brand-new domains like awer9u8sdlfkjsdkfjhdf.com to serve web content, I view such a decision as inherently hostile, because they are a well-known organization that has no reason to do such a thing unless they're trying to hide something.

          If I have a company name I can look up the company and decide whether their content has any use to me, is just useless/unneeded or is an actual potential threat.

          So eg if I find out that their business is "behavioural tracking", their code goes to the bitbucket. If I find out that they are providing something actually useful like a web chat client that the calling domain (a known and legitimate company that I have an existing business relationship with) uses for a legitimate purpose like customer support, then I might not send it to the bitbucket, I might enable it on a day I actually need to use their support chat. Etc.

          1. FeepingCreature

            Re: It stinks...

            Right, and I don't want you to know what entity you are dealing with, when I make a post on my personal blog that you may (violently) disagree with.

            I think that's also a reasonable interest.

            1. stiine Silver badge
              FAIL

              Re: It stinks...

              You didn't read his comment, did you?

    3. Morrie Wyatt

      Re: It stinks...

      More like Surströmming in an air conditioning duct.

  2. RM Myers Silver badge
    FAIL

    Who knew..

    That working for a nonprofit could be so profitable! This definitely is a case of "serving" the public interest, at least in the sense serving is used in tennis, i.e., whack the sucker as hard as you can!

    1. Anonymous Coward
    2. jake Silver badge

      Re: Who knew..

      Or would that be the way a bull is turned loose to service the heifers?

    3. Schultz Silver badge

      Re: Who knew..

      This whole affair shows that you cannot run the system 'on trust', once there is serious money involved. It should be obvious to anybody that the time has come to create a new and very transparent system instead. Transparency is the only protection against self dealing.

  3. oiseau Silver badge
    WTF?

    Fallout

    Ahhh ....

    We're finally starting to see the fallout of that outrageous scam.

    Sooner than I expected and there's probably more to come, just have to keep tabs on all those involved in it and see what they're up to.

    Makes me wonder what the Attorney General of California has to say about this new development.

    I wager that there's a good part of the book that can be thrown at this asshole to then string him up in some hot cell for a few years.

    I sincerely hope so, the proof is or can/will eventually be in plain view for everyone to see.

    O.

    1. Kabukiwookie Silver badge

      Re: Fallout

      Though I share your sentiment, I am almost certain that none of this behaviour was illegal and even if it was, there will be no consequences.

      Steal a bread, because your hungry gets punished right away. Using your position to extract millions from unsuspecting punters is 'good business acumen'.

  4. rmacd

    Takes "conflict of interest" to a whole new level.

    I'm glad sale was blocked at 11th hour but I suspect we haven't heard the end of this yet ...

    1. Warm Braw Silver badge

      we haven't heard the end of this yet

      Who'd have thought that a rent-seeking scheme for creating artificial scarcity in sequences of characters could possibly have a down side?

    2. uro

      The shadiness over this issue also brings into question all of the previous TLD domain sales ICANN have done.

      How long has this been going on for inside the walls of ICANN?

      How many of ICANN's staff and board members, current or former have been involved in the selling of TLDs who also have undeniable links to and vested interests in the registrars who purchased those TLDs?

      I'd say a full audit by the AG is in order and long overdue to ascertain whether ICANN is fit for purpose, whether any other shady deals have been done with insider information, how intertwined the staff & board members are with registrars, and whether they even are a non-profit anymore.

      Take for example their recent licence amendment deal with Verisign, the .COM registrar, where from 1/1/2021 Verisign will pay ICANN $4mil USD for five years, totalling $20mil, and gain the ability to increase .COM prices by 7% / year in the last 4 years out of each six-year extension, how is that non-profit? how is that in the interests of the internet as a whole?

      Without an audit there will forever be a cloud of doubt hanging over ICANN's ability to act independently, without prejudice and not for-profit.

      1. ThatOne Silver badge
        Devil

        > a cloud of doubt hanging over ICANN's ability to act independently, without prejudice and not for-profit

        I'm afraid that cloud has already cleared...

      2. Yet Another Anonymous coward Silver badge

        It's called tax-farming. You pay for the right to collect 'taxes' which you keep

        It was really popular in France upto about 1789

    3. sentientplaice

      I feel like having the management of the global utility that is the Internet based in

      a. a single country

      b. a country with an unstable internal political situation

      c. a country wherein the profit-seeking motive has been allowed to run rampant, to the point it has become a part of the culture and drives the political system

      is essentially a dead-end. I would see the management of the TLDs brought under the control of a supranational organisation, or at the very least based in a country nominated after a supranational vetting process.

  5. Anonymous Coward
    Anonymous Coward

    no jail time

    Would never have served any jail time if successful, and since they failed, still won't.

    Pass a forged 20 dollar bill, death. Steal a few hundred million, or even just attempt to, by signing a piece of paper - nothing.

  6. Big_Boomer Silver badge

    Corruption

    Too many people are getting away with too much corruption. It seems that not a day goes by without someone being caught with their hands in the till. What's worse is that it seems to be becoming the accepted norm. Yes, it has always happened, and yes I do understand that people will always be tempted to steal when confronted by huge piles of money, but succumbing to that temptation should always be punished. So far as I can tell, most people can't be bothered to hold elected and appointed officials to account for their actions and are quite happy to elect thieves, liars and con-artists to political office. :-(

  7. lglethal Silver badge
    Trollface

    I'm just curious, how does one get on the Board of the Internet Society or PIR for that matter?

    I have a desire to "serve" the community. For an appropriate fee of course...

    More seriously, if these are actual society's with members and a voting structure to get people on to the board, then the voting community needs to take a good long look at themselves, and maybe actually pay attention at the next board election. Or if everyone is suitably outraged, then a recall ballot to sack the entire board and start over from scratch sounds like it should definitely be on the cards...

    1. Anonymous Coward
      Anonymous Coward

      @lglethal

      how does one get on the Board of the Internet Society or PIR for that matter?

      There will be several methods...

      1. Careful selection of ancestors. If you are careless and do not share at least one grandparent with someone on the board, no use for this method.

      2. Go to school/college/University who will end up on the board but don't let them remember just how much more intelligent you are than them!

      3. Sleep with one (or more) of them and record things. Whether you get financial secrets or X-Rated home movies is variable.

      4. Make an 8 to 10 figure contribution to their favourite charity or pension scheme.

      1. lglethal Silver badge
        Go

        Re: @lglethal

        Thats how it works for corporations sure. But my understanding was that the Internet Society was more like a club, with members, that vote and pay their dues and whatnot. Or am i totally wrong?

        1. doublelayer Silver badge

          Re: @lglethal

          I believe you are correct and that there is some community involvement in choosing the board members in this particular case. I haven't looked that hard yet, and don't know for certain. However, the boards of charities and nonprofits are very powerful and very unaccountable. The reason for this is that a charity (most countries) is not owned by anyone. It's just controlled. There is therefore no check on the board other than laws governing what a charity is and isn't allowed to do.

          I have never worked at a charity for my main job, but I have some close friends who have and I've volunteered for one small enough that I have met their board. These people are volunteers who get to decide lots of things. Their decisions cannot be appealed. If someone leaves the board, the existing board members get to replace them. The only way to get rid of someone on the board is for the rest of the board to vote them out. The board doesn't get any money for doing this, but of course you can always find a way to get use out of some money without paying yourself, and given that the board decides who runs the charity, they have a lot of power. If it is necessary to completely remove and change the board, it can be done only by suing the charity and board for violations of some law, which are pretty forgiving in most locations. The charity is allowed to use their resources to defend themselves in that lawsuit. So unless you already have a bunch of money or are a government, you face a tremendously difficult uphill battle.

  8. poohbear

    "audit the notoriously secretive non-profit organization based in Los Angeles" ... do it anyway.. for all of us.

  9. Pen-y-gors Silver badge

    Well, just goes to show

    that massive corruption isn't limited to Trump and the Tory party.

  10. goodjudge

    "I'm shocked, shocked to find that gambling is going on in here!"

    "Your winnings sir"

    "Oh! Thank you very much"

  11. Anonymous Coward
    Anonymous Coward

    an unexpected web of connections

    no one to match that elsewhere. Unless you look closely at the web of connections run by the uk gov.

    ...

    yeah, ok, ok, make it ANY gov :(

  12. Mike 137 Silver badge

    "Ethos Capital refused to divulge who all the directors of those companies actually were"

    Only in the USA could this be taken as a normal state of affairs. In most countries there are laws mandating disclosure of directorships. Yes, there's a lot of fiddling (witness some of the more interesting entries in the UK companies register), but the principle stands and mostly works.

    1. DevOpsTimothyC

      Re: "Ethos Capital refused to divulge who all the directors of those companies actually were"

      I hate to burst your bubble there, but the USA learn that from the UK. Just look at places like the Cayman Islands, Isle of Mann, Gibraltar (almost every British Over Seas territory) have quite favourable company laws from either 0% corporate tax to hidden ownership.

  13. steviebuk Silver badge

    You just

    need to read the first part and straight away it shows how fucking bent it all is.

  14. sitta_europea

    Twenty years ago when this sort of thing was happening at Nominet, I couldn't get anybody interested.

    I'd paid the fee to be a registrar.

    But they didn't like what I was saying, so they just deleted my account and tag, lied about what I'd said, and kept the fee.

    Four hundred quid I think it was, was back then.

    I bet I still have the emails somewhere.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020