Jump to content

Search the Community

Showing results for tags 'domain'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 20 results

  1. Three domains previously operated by defunct Kodi addons site TVAddons have been transferred to a law firm in Canada. With no explanation forthcoming, the security implications cannot be ignored. According to Kodi Project Manager Nathan Betzen, a third party in control of these domains could potentially do whatever they wanted to vulnerable former TVAddons users. Formerly known as XBMC, the popularity of the entirely legal Kodi media player has soared in recent years. Controversial third-party addons that provide access to infringing content have thrust Kodi into the mainstream and the product is now a household name. Until recently, TVAddons.ag was the leading repository for these addons. During March, the platform had 40 million unique users connected to the site’s servers, together transferring an astounding petabyte of addons and updates. Everything was going well until news broke last month that the people behind TVAddons were being sued in a federal court in Texas. Shortly after the site went dark and hasn’t been back since. This was initially a nuisance to the millions of Kodi devices that relied on TVAddons for their addons and updates. With the site gone, none were forthcoming. However, the scene recovered relatively quickly and for users who know what they’re doing, addons are now available from elsewhere. That being said, something very unusual happened this week. Out of the blue, several key TVAddons domains were transferred to a Canadian law firm. TVAddons, who have effectively disappeared, made no comment. The lawyer involved, Daniel Drapeau, ignored requests for an explanation. While that’s unusual enough, there’s a bigger issue at play here for millions of former TVAddons users who haven’t yet wiped their devices or upgraded them to work with other repositories. Without going into huge technical detail, any user of an augmented Kodi device that relied on TVAddons domains (TVAddons.ag, Offshoregit.com) for updates can be reasonably confident that the domains their device is now accessing are not controlled by TVAddons anymore. That is not good news. When a user installs a Kodi addon or obtains an update, the whole system is based on human trust. People are told about a trustworthy source (repository or ‘repo’) and they feel happy getting their addons and updates from it. However, any person in control of a repo can make a Kodi addon available that can do pretty much anything. When that’s getting free movies, people tend to be happy, but when that’s making a botnet out of set-top boxes, enthusiasm tends to wane a bit. If the penny hasn’t yet dropped, consider this. TVAddons’ domains are now being run by a law firm which refuses to answer questions but has the power to do whatever it likes with them, within the law of course. Currently, the domains are lying dormant and aren’t doing anything nefarious, but if that position changes, millions of people will have absolutely no idea anything is wrong. TorrentFreak spoke to Kodi Project Manager Nathan Betzen who agrees that the current security situation probably isn’t what former TVAddons users had in mind. “These are unsandboxed Python addons. The person [in control of] the repo could do whatever they wanted. You guys wrote about the addon that created a DDoS event,” Betzen says. “If some malware author wanted, he could easily install a watcher that reports back the user’s IP address and everything they were doing in Kodi. If the law firm is actually an anti-piracy group, that seems like the likeliest thing I can think of,” he adds. While nothing can be ruled out, it seems more likely that the law firm in question has taken control of TVAddons’ domains in order to put them out of action, potentially as part of a settlement in the Dish Network lawsuit. However, since it refuses to answer any questions, everything is open to speculation. Another possibility is that the domains are being held pending sale, which then raises questions over who the buyer might be and what their intentions are. The bottom line is we simply do not know and since nobody is talking, it might be prudent to consider the worst case scenario. “If it’s just a holding group, then people [in control of the domain/repo] could do whatever they can think of. Want a few million incredibly inefficient bit mining boxes?” Betzen speculates. While this scenario is certainly a possibility, one would at least like to think of it as unlikely. That being said, plenty of Internet security fails can be attributed to people simply hoping for the best when things go bad. That rarely works. On the plus side, Betzen says that since Python code is usually pretty easy to read, any nefarious action could be spotted by vigilant members of the community fairly quickly. However, Martijn Kaijser from Team Kodi warns that it’s possible to ship precompiled Python code instead of the readable versions. “You can’t even see what’s in the Python files and what they do,” he notes. Finally, there’s a possibility that TVAddons may be considering some kind of comeback. Earlier this week a new domain – TVAddons.co – was freshly registered, just after the old domains shifted to the law firm. At this stage, however, nothing is known about the site’s plans. Article source
  2. Stanners

    Free Domain

    Hi Guys Another gem this one for a free domain name. Go to: http://www.freenom.com/en/index.html?lang=en Enter the domain name you want select check availibility. Chose what domain you want Go to checkout Use drop down to select 12 Months From here enter email address and follow the bouncing ball to checkout with your new domain. After that your good to go! Again thanks to boulawan for his post about OneDrive storage. Original site the offer was posted at is http://a.v9s.win/ I just used Chrome and translated the pages if you guys want to check it out, as they some other interesting stuff
  3. By analyzing network traffic going to suspicious domains, security administrators could detect malware infections weeks or even months before they're able to capture a sample of the invading malware, a new study suggests. The findings point toward the need for new malware-independent detection strategies that will give network defenders the ability to identify network security breaches in a more timely manner. The strategy would take advantage of the fact that malware invaders need to communicate with their command and control computers, creating network traffic that can be detected and analyzed. Having an earlier warning of developing malware infections could enable quicker responses and potentially reduce the impact of attacks, the study’s researchers say. “Our study shows that by the time you find the malware, it’s already too late because the network communications and domain names used by the malware were active weeks or even months before the actual malware was discovered,” said Manos Antonakakis, an assistant professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology. “These findings show that we need to fundamentally change the way we think about network defense.” Traditional defenses depend on the detection of malware in a network. While analyzing malware samples can identify suspicious domains and help attribute network attacks to their sources, relying on samples to drive defensive actions gives malicious actors a critical time advantage to gather information and cause damage. “What we need to do is minimize the amount of time between the compromise and the detection event,” Antonakakis added. The research, which will be presented May 24 at the 38th IEEE Security and Privacy Symposium in San Jose, California, was supported by the U.S. Department of Commerce, the National Science Foundation, the Air Force Research Laboratory and the Defense Advanced Research Projects Agency. The project was done in collaboration with EURECOM in France and the IMDEA Software Institute in Spain – whose work was supported by the regional government of Madrid and the government of Spain. In the study, Antonakakis, Graduate Research Assistant Chaz Lever and colleagues analyzed more than five billion network events from nearly five years of network traffic carried by a major U.S. internet service provider (ISP). They also studied domain name server (DNS) requests made by nearly 27 million malware samples, and examined the timing for the re-registration of expired domains – which often provide the launch sites for malware attacks. “There were certain networks that were more prone to abuse, so looking for traffic into those hot spot networks was potentially a good indicator of abuse underway,” said Lever, the first author of the paper and a student in Georgia Tech’s School of Electrical and Computer Engineering. “If you see a lot of DNS requests pointing to hot spots of abuse, that should raise concerns about potential infections.” The researchers also found that requests for dynamic DNS also related to bad activity, as these often correlate with services used by bad actors because they provide free domain registrations and the ability to add quickly add domains. The researchers had hoped that the registration of previously expired domain names might provide a warning of impending attacks. But Lever found there was often a lag of months between when expired domains were re-registered and attacks from them began. The research required development of a filtering system to separate benign network traffic from malicious traffic in the ISP data. The researchers also conducted what they believe is the largest malware classification effort to date to differentiate the malicious software from potentially unwanted programs (PUPs). To study similarities, they assigned the malware to specific “families.” By studying malware-related network traffic seen by the ISPs prior to detection of the malware, the researchers were able to determine that malware signals were present weeks and even months before new malicious software was found. Relating that to human health, Antonakakis compares the network signals to the fever or general feeling of malaise that often precedes identification of the microorganism responsible for an infection. “You know you are sick when you have a fever, before you know exactly what’s causing it,” he said. “The first thing the adversary does is set up a presence on the internet, and that first signal can indicate an infection. We should try to observe that symptom first on the network because if we wait to see the malware sample, we are almost certainly allowing a major infection to develop.” In all, the researchers found more than 300,000 malware domains that were active for at least two weeks before the corresponding malware samples were identified and analyzed. But as with human health, detecting a change indicating infection requires knowledge of the baseline activity, he said. Network administrators must have information about normal network traffic so they can detect the abnormalities that may signal a developing attack. While many aspects of an attack can be hidden, malware must always communicate back to those who sent it. “If you have the ability to detect traffic in a network, regardless of how the malware may have gotten in, the action of communicating through the network will be observable,” Antonakais said. “Network administrators should minimize the unknowns in their networks and classify their appropriate communications as much as possible so they can see the bad activity when it happens.” Antonakakis and Lever hope their study will lead to development of new strategies for defending computer networks. “The choke point is the network traffic, and that’s where this battle should be fought,” said Antonakakis. “This study provides a fundamental observation of how the next generation of defense mechanisms should be designed. As more complicated attacks come into being, we will have to become smarter at detecting them earlier.” In addition to those already mentioned, the study included Davide Balzarotti from EURECOM, and Platon Kotzias and Juan Caballero from IMDEA Software Institute. Article source
  4. ExtraTorrent, one of the world's largest torrent indexes, has lost control over several of its key mirror domain names. The site's operator says that he's been locked out of his domain registrar's control panel following an outside complaint. The site now recommends extra.to and extratorrent.site as the new official mirrors. With millions of daily visitors ExtraTorrent is the second largest torrent site, trailing only behind The Pirate Bay. The site’s popularity puts it in the crosshairs of various entertainment industry groups, who put pressure on hosting companies and domain name services to take action. As a result, over the past several days ExtraTorrent lost control of three domain names used for its official mirror sites. Following a complaint from rightholders, extratorrent.rocks, etproxy.top and extratorrent.date are no longer available. Speaking with TorrentFreak, the site’s operator points out Subreg.cz as the culprit. The Czech domain registrar allegedly locked the torrent site out of its control panel while the domains stopped resolving. The registrar reportedly said that there’s nothing it could do to resolve the situation and recommended the torrent site to take the matter to court. “We don’t have access to the three domain names anymore. Subreg recommended us to go to court to resolve this issue, and ignored our requests,” ExtraTorrent’s SaM says. While this sounds like a typical registrar domain suspension, something more might be going on. Strangely, the registrar informed TorrentFreak that they are not responsible for the domain issues. “These domain names are not blocked from our side. We got a complaint which we sent to the account holder,” a Subreg spokesperson says, noting that they operated in compliance with ICANN rules. This comment suggests that some entity higher up the chain took action. However, the domain WHOIS information doesn’t show any typical registry or registrar suspension notices. The domains have simply been stripped of their “a records,” which means that they’re not responding. We have asked the registrar for additional information about the discrepancy, but we were told that they only disclose information to the domain owner. While ExtraTorrent lost three key mirror domains, the main ExtraTorrent.cc domain is still working as it’s registered elsewhere. The same is true for several other official mirror domains. ExtraTorrent has started pointing all their mirrors to extratorrent.site and extra.to, which are now the official backups. The site’s operator recommends the latter as it’s not blocked anywhere, yet. Article source
  5. The popular movie streaming site 123movies has started redirecting UK and Indian traffic to a new domain name to circumvent local blocking orders. The site's operators are keen to keep their service accessible around the globe to the best of their ability. Taking a page from Pirate Bay's playbook, they're also considering the launch of a network of proxy sites. Pirate movie streaming sites and services continue to gain popularity, with 123movies at the forefront of this movement. Hollywood is not happy with this trend and reported the site to the U.S. Government’s Trade Representative last month, labeling it one of the most “notorious” pirate markets. “123movies is a very popular streaming website that embeds popular movie and series content from third-party cyberlockers,” the MPAA wrote. In addition, the movie industry group applied to have 123movies blocked by UK ISPs. In response, the High Court ordered the website to be blocked, alongside a dozen other streaming portals. The people behind 123movies, who prefer to remain anonymous, fear that the blockade will hurt their visitor numbers so have decided to take counteraction. A few hours ago they started redirecting UK and Indian visitors to 123movies.gs, using a TLD from the South Georgia and the South Sandwich Islands. The reason for the sudden move is clear, according to a site representative. “To give UK users a place to stream movies after the ban on 123movies.to,” we were told. The .GS domain is not an arbitrary choice. The 123movies team believes that this is a relatively safe option. However, it’s worth noting that The Pirate Bay lost its .GS domain fairly quickly last year after the registry suspended it over copyright infringement issues. With the switch, 123movies hopes to be safe for a while but they may have to relocate UK and Indian traffic again in the future. The site’s operators say they don’t have a larger goal in mind for the site. Their main motivation is to provide free video content to the public at large, and with millions of visitors per day they are doing just that. “We have no goal, we just want to provide free movies to users all around the world,” a 123movies representative told TorrentFreak. “In some countries, it’s really expensive to buy a ticket at the cinema, and not all people can afford it. 123movies will help them to be able to enjoy their favorite movies at no cost.” The Hollywood studios will cringe at 123movies’ deviant stance and are likely to take countermeasures of their own. In the UK they can request the new domain name to be blocked as well, which they are bound to do. However, 123movies is not planning to give up anytime soon. They are thinking about starting a network of proxy sites, like The Pirate Bay has, to ensure that people will always be able to access the site. And so it appears that Hollywood has another cat and mouse game on their hands… TorrentFreak
  6. FREE Services worth Rs. 7000 with your .NET domain name. .NET domain name for FREE
  7. Openload, one of the largest file-hosting sites on the Internet, has had its domain suspended. According to the site's operator, domain registrar Namecheap took action last evening after receiving "too many DMCA complaints". Openload says all complaints are actioned within 24 hours. Copyright holders know that one of the most effective ways to hinder a file-sharing site is to attack its domain. As a result, various strategies have emerged to deprive owners of their use. Those methods range from a basic complaint to registrars over incomplete or inaccurate WHOIS entries, to the more complex seizing of domains via the legal system. The amount of time spent on enforcement is often comparable with the quality of the end results. WHOIS information is quickly fixed but domains ordered seized by a judge tend to stay that way forever. Interestingly, a situation now faced by a leading file-hosting site might lie somewhere in the middle. Openload is one of the most-used file-hosting platforms on the Internet, with more traffic than 4shared, Rapidgator and Uploaded. It has a worldwide Alexa rank of 402 and millions of visitors every week but yesterday a wrench was thrown into the works. Around 18:22 Monday, Openload’s .co domain was suspended by its registrar Namecheap. As can be seen in the entry below, the reason is reported as “abuse”. Namecheap passed our request for comment to its legal department who have yet to formally respond. However, we were able to contact the operator of Openload who confirmed that there had been an alleged breach of Namecheap’s Terms of Service. “Namecheap suspended our domain for abuse according to their TOS,” Openload’s operator told TF. “Basically, they just said that they received too many DMCA reports.” It is fairly unusual for a domain registrar to be targeted with so many copyright complaints since they are traditionally directed at the site itself, its webhost, or both. In this case, however, Namecheap appears to have been overwhelmed. To get an idea of potential scale, in less than a year Google has received in excess of 450,000 DMCA complaints against Openload’s .co and .io domains. The range of entertainment companies involved is broad, from the RIAA, Netflix and Warner Bros, to various Japanese anime distributors. Indeed, a large proportion of Openload’s traffic hails from Japan. That being said, Openload says it is DMCA-compliant and processes complaints in a timely fashion. “The complaints received by Namecheap were of course all taken down within 6-24 hours, but the number of notices is too much for them,” the site told us. Copyright holders do have other options though. In addition to inviting complaints via a standard web form, Openload also offers a takedown tool. “Openload is anxious to optimize the process of taking down files that violate copyright. Therefore Openload is offering a takedown API,” the site says. But while takedowns are important, Openload does have a feature that tends to irritate copyright holders – paying uploaders for the amount of downloads they generate. “We pay a fixed amount per 10,000 downloads/streams. Each payment amount per download/stream depends on the country the actions comes from,” the site explains on its rewards page. Of course, YouTube also pays uploaders for the amount of traffic they generate but copyright holders have traditionally drawn a line in the sand when the same is offered by Openload-type hosting sites. The U.S. Department of Justice indictment against Megaupload famously paints a loosely similar scheme in a very dim light. For now, Openload has lost control of its main Openload.co domain but the site is back up and running at Oload.co, a domain that was purchased last night following Namecheap’s suspension. “Our site is reachable via oload.co which is actually a kind of read-only site. All features will return on the new domain during the next hours,” Openload’s operator concludes. Article source
  8. StartSSL faces another issue that lets attackers obtains SSL certificates for domains they don't own StartEncrypt service logo Thijs Alkemade, a security researcher for Dutch security firm CompuTest, has discovered multiple design and implementation flaws in StartEncrypt, a tool created by Israeli company StartCom for issuing free SSL certificates. StartCom, the CA (Certificate Authority) behind the StartSSL service, launched the StartEncrypt project on June 4, inspired by the success of the Let's Encrypt project. Users who want to deploy free StartSSL certificates can take advantage of their StartEncrypt offering. They only need to download a Linux client they're supposed to upload to their servers. This client performs a domain validation process, informs the StartSSL service, which then issues and installs an "Extended Validation" SSL certificate for the domain it has found running on the server it has just checked. StartEncrypt contains design and implementation flaws According to CompuTest, this validation process is flawed, and through a few tricks, it allows server owners to receive SSL certificates issued for other domains, such as Facebook, Google, Dropbox, etc., which can be sold on the black market or used in man-in-the-middle attacks. The first issue Alkemade discovered in the StartEncrypt client was a design-related problem linked to the fact that users could manually configure the folder from where the client would download a signature from the server. An attacker would only have to point the tool to a folder on their server holding the signature of another domain. These domain signatures can be extracted from any sites that allow users to upload files: GitHub, Dropbox, etc.. StartEncrypt bug combined with OAuth 2.0 protocol condition The second issue is far more serious because it enabled an attacker to obtain SSL certificates for even more domains than the ones before. According to the researcher, one of the API verification calls contains a parameter dubbed "verifyRes," which takes a URL as input. This means the client was exposed to Open Redirect vulnerabilities. In other words, an attacker could forge this request and point the tool off-domain to a server not under their control. But this feature is not that easily exploitable. The domain URL to which the attacker needs to point the tool must (1) allow users to upload files and serve them back in raw format; or (2) to contain an Open Redirect issue of its own. While the first condition was quite rare, the second was not. All websites that support OAuth 2.0, a specification that powers social login features, must allow open redirects for the protocol to function properly. A crook leveraging this OAuth 2.0 condition and the StartEncrypt client could fool the StartSSL service into issuing a free SSL service in their name for any site that provides OAuth 2.0 support, such as Facebook, Twitter, Yahoo, Microsoft, and so on. Multiple other issues discovered as well Additionally, CompuTest also found that StartEncrypt doesn't check its own server's certificate for validity when connecting to the API, meaning crooks could receive verification requests and issue false SSL certificates for users trying to use StartEncrypt. The API also doesn't check the content type of the file it downloads for verification, so attackers can obtain certificates in the name of third-party websites where users can upload their avatars. At the same time, the certificate private key, which must be private, is stored with 0666 permissions in a public folder, so everyone could read it. Furthermore, just like Let's Encrypt, StartEncrypt is vulnerable to a Duplicate-Signature Key Selection attack. "In our opinion, StartCom made a mistake by publishing StartEncrypt the way it is," CompuTest's Christiaan Ottow explains. "Although they appreciated the issues for the impact they had and were swift in their response, it is apparent that too little attention was paid to security both in design (allowing the user to specify the path) and implementation (for instance in following redirects, static linking against a vulnerable library, and so on). Furthermore, they didn’t learn from the issues LetsEncrypt faced when in beta." StartCom has released a new version of the StartEncrypt Linux client, with the same version number 1.0.0.1. CompuTest says they reported other issues to the service, which are still being corrected and will be fixed in future updates. Back in March, StartSSL faced a similar issue with its general service, which also allowed crooks to receive SSL certificates for domains they didn't own. Article source
  9. The RIAA has sent a formal letter to the Public Interest Registry, asking it to suspend Pirate Bay's .ORG domain. The registry hasn't complied with the request but has forwarded it to Pirate Bay's registrar EasyDNS who insist the domain will stay up. So the question now is will the RIAA take the matter to court? Earlier today we wrote about the Copyright Alliance’s critique of the US-based Public Interest Registry (PIR), which is responsible for .ORG domains. The group called out the registry as hypocritical, as it allows “criminal” sites such as The Pirate Bay to use its service. A few hours later it turns out that this criticism didn’t come out of nowhere. The Pirate Bay’s registrar EasyDNS reveals that the RIAA sent PIR a letter last week, urging it to suspend the Pirate Bay’s domain. The music group lists several European court decisions against The Pirate Bay, including the criminal convictions of its founders in Sweden. It states that the torrent site is clearly operating illegally, and hopes the registry will take its domain name out of circulation. According to the RIAA, The Pirate Bay violates PIR’s anti-abuse policy and terms of service. As such, it hopes that a court order isn’t required for the registry to take action. “When, as in this case, there is overwhelming evidence of infringing and abusive activity on a domain, along with court orders from several jurisdictions with well-developed copyright jurisprudence, it cannot be the ‘right thing’ or ‘in the community interest’ to hold out for those decisions to be processed before the U.S. courts before taking action,” the RIAA writes. RIAA’s letter to the Public Interest Registry The RIAA’s letter was sent last week and thus far PIR has not taken any steps against the domain. Instead, it forwarded the RIAA’s letter to Pirate Bay’s registrar, the Canadian-based EasyDNS. TorrentFreak spoke with EasyDNS CEO Mark Jeftovic, who informs us that he doesn’t want to be seen as a refuge for torrent sites. However, he is committed to protecting due process, and for now he sees no reason to suspend the domain name. EasyDNS forwarded the letter to TPB and intriguingly, the site’s operator replied that they are DMCA compliant. In addition, they waved away any concerns about malware that was distributed through third-party ads. Infringements or not, EasyDNS says its abuse policy only covers net abuse, not copyright matters. This means that in order to get a domain suspended the RIAA would need to present a local court order, or a foreign one that’s served through the Ontario Sheriff’s Office. “We would need some kind of legal finding here in Ontario, or a foreign legal finding that has been duly served to us via the Ontario Sheriff’s Office,” Jeftovic tells us. Alternatively, EasyDNS says it will accept the outcome of a formal proceeding under ICANN’s rules and regulations. However, it won’t take action against a one-sided complaint. All in all, this means that the RIAA’s letter is unlikely to achieve the result they desire. This also begs the question, what’s next? Although the RIAA would prefer to avoid a legal case against The Pirate Bay in the United States, if only to avoid the media attention, it appears that they have few other options left than to go to court. Court case or not, the TPB team isn’t worried. They are not tied to the .ORG domain and can easily switch to an alternative. “TPB is more than just a domain, it’s a movement, and taking down one domain will have zero effect on our inalienable right to share culture with our peers,” TPB’s Spud17 told us earlier today. And so the whack-a-mole game is likely to continue. Article source
  10. CloudFlare, the security-focused content delivery network, already protects its customers from DDoS attacks and other attacks, but today, the company is taking another step to ensure its customers remain in control of their sites. CloudFlare is launching a domain registry service — CloudFlare Registrar — that protects high-profile sites from domain hijackings and domain expiration (because they forgot to renew their domains). This service will be available to CloudFlare’s paying Enterprise customers. As CloudFlare argues, a domain name is only as secure as the security of the registrar that maintains it. Most registrars focus on consumers, though, and not high-profile sites — and hence their focus isn’t necessarily on security or their standards aren’t as high as you would expect from an enterprise-centric site. “By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” said Matthew Prince, co-founder and CEO of CloudFlare, in today’s announcement. “Even in CloudFlare’s own search for a high-security registrar, we didn’t find anything that met our security standard. Rather than waiting for one to come onto the market, we built our own, fundamentally changing the way Registrar security is offered today.” As CloudFlare also notes, domain hijacks aren’t just a problem for high-profile sites, but also for API providers. “While domain hijacks have historically been outright web defacements or theft, an attacker can also choose be more subtle and proxy traffic to the original server, observing every user and tampering with any target,” the company says. “This is a particular risk for API providers (such as mobile application or IoT backends), where the hijacking of a domain can remain undetected while being exploited to compromise many applications.” So how does CloudFlare secure domain names? Instead of using a single password for access to the registrar, CloudFlare Registrar users can opt to secure their domains by setting up a formal approval chain that includes multiple stakeholders who all have to agree to any change. That adds a lot of friction, but in this case, that’s probably exactly what you’d want. In addition, CloudFlare also uses two-factor authentication for accessing all accounts. The company also promises that domains registered with CloudFlare Register will never expire. Domains will automatically renew a full year before they are scheduled to expire. This mitigates the risk of missing an email your registrar sent you a month before the domain expires. In addition, CloudFlare also locks all domains to prevent unauthorized access. Article source
  11. Last month entertainment industry bodies finally succeeded in having leading Russian torrent site RuTracker permanently blocked by local ISPs. But with that ban failing to bring the site to its knees, rightsholders say they will now attack RuTracker's domain. It's unclear whether that will succeed but rightsholders remain undeterred. After years of problems with local and international rightsholders, leading Russian torrent site RuTracker received a serious blow last month. Following a ruling from the Moscow Court, the site was blocked by local Internet service providers. Almost immediately the situation became more complex. In response to this aggressive action, RuTracker broke off cooperation with copyright holders who had previously been allowed to remove infringing content from the site. “Today we put an end to these agreements, as users of the Russian Federation are now blocked from accessing our tracker. Therefore rights holders did not want to continue their cooperation, which allows us to do more and not adhere to it,” the site said in a statement. Of course, the site still had the blocking to contend with. RuTracker had been coaching its users for months on how any blockade could be bypassed so the eventual lockout was not unexpected. However, while local copyright holders hoped their efforts would fatally damage the site’s visitor numbers, the blockade has been less effective than planned. Stats obtained by Vedomosti reveal that two days after the blockade was put in place, visitors to RuTracker from Russia were down 33%. However, the numbers of visitors to the site from countries outside the Russian Federation increased significantly, a change consistent with people using proxies and VPNs to access the site. Overall, total visitors to the site fell by just 13%. While the blockade certainly won’t help the site long-term, copyright holders believe it is actually proving more effective, with their claims centering around a traffic drop of around 30%. Nevertheless, they’re already standing by to deliver another blow. According to Izvestia, record labels including Sony Music, Universal Music and Warner Music will now investigate ways to neutralize RuTracker’s domain. Leonid Agronov, Director General of the National Federation of Music Industry (NFMI), said his group is consulting with lawyers to decide the best course of action. “Our lawyers will choose a way to do it that is most convenient. For example, through the courts. We’ll choose where it’s cheaper and faster,” he said. For their part, RuTracker don’t see an attack on their domain as being successful. “We see no reason for problems with the RuTracker.org domain, it is registered in accordance with the rules of the registrar and the domain owner information is verified and confirmed,” the site said. But despite this confidence, efforts to attack site domains are gathering pace. An announcement on the website of the Association for the Protection of Copyright on the Internet (AZAPO) proposes amendments to Russian copyright law which would allow for the pre-trial suspension of domain names. “AZAPO proposes…that if a site does not show its owner information, or it is not supported by its WHOIS information, rights holders should have the right to require the pre-trial blocking of the whole site, not just the pages on which there are disputed works,” the group said. While for many Russia might seem far away, it’s certainly a battleground to watch. Initially slow out of the blocks, Russia is now increasingly quick to introduce new and aggressive anti-piracy measures. However, this enthusiasm is matched by site operators and their users who are prepared to do whatever is necessary to retain access to free content. This battle is far from over. Source
  12. The MPAA is now the owner of Popcorntime.io, the domain name which was the home of the most used Popcorn Time fork up until last November. The change of ownership suggests that the Hollywood group reached a settlement with one of the key developers, but has yet to comment on the recent developments. Late last year the main Popcorn Time fork, operating from the PopcornTime.io domain name, shut down its website unexpectedly. The MPAA took credit for the fall announcing that it had filed a lawsuit against several of the developers in Canada. In response to these legal threats several key developers backed out. Since the initial announcement there haven’t been any official updates on the case. TorrentFreak learned, however, that several of the accused developers have been negotiating a deal to settle the dispute out of court. This week came the first public signs that the case is indeed moving towards a resolution. On Tuesday the PopcornTime.io domain changed ownership from Popcorn Time developer and defendant David Lemarier, to the MPAA. This means that Hollywood is now officially in control of what was once the most popular Popcorn Time domain. Whois Popcorntime.io TorrentFreak reached out to the MPAA and Lemarier for more details several days ago, but both have yet to reply. The other defendants we contacted preferred not to comment on the case. From the information we were able to gather in recent weeks it appears that the movie studios prefer a settlement over a full court battle. Perhaps to save costs, perhaps to avoid attracting more attention to the Popcorn Time phenomenon. This would be similar to how they approached their case against YIFY/TYS, which was arguable the most prominent piracy group of the past half decade. However, instead of taking the operator to court the movie studios quickly arranged an out of court settlement. With the PopcornTime.io domain now in the hands of the MPAA it is safe to conclude that this fork is not coming back. Previously the software’s developers maintained that they were not involved in any infringing activity. Theoretically, some of the accused may still choose to put up a fight but considering the recent developments this has become less likely. Meanwhile, several other Popcorn Time forks continue to operate, launching new features and services as if nothing ever changed. source
  13. The Pirate Bay has suffered yet another setback with the suspension of another key domain. TheMobileBay.org was the domain and site layout served to users of mobile devices such as phones and tablets. But now the domain is no more, suspended by its registrar like several more before it. After many years of virtual stagnation on the development front, during the summer of 2014 The Pirate Bay announced the launch of a new site. Designed especially for mobile devices, TheMobileBay.org provided a new and clean interface rather than a simply scaled-down version of its existing site. As can be seen in the image below, the new layout got rid of the clutter and made the site much more easy to navigate on phones and tablets. Since the launch of TheMobileBay.org 18 months ago users of mobile devices have been automatically diverted to this special version of The Pirate Bay. However, this week those diversions faltered and then completely broke down. The reason, once again, is that The Pirate Bay has lost yet another domain. Like several other Pirate Bay domains in recent months, TheMobileBay.org has been suspended by its registrar. Back in December the site’s .LA, .GD, .MN and .VG domains were all listed as “clienthold” by registrar 1API GmbH, and now TheMobileBay.org has suffered the same fate. As a result of these fresh domain troubles The Pirate Bay is currently not reachable by visiting TheMobileBay.org. Additionally, those visiting ThePirateBay.se can’t access it either, unless they instruct their browsers to access the desktop version of the site instead. Sadly even this has its drawbacks as it’s the old, mobile-unfriendly version of the site that loads. While mobile users of the site will be variously denied access to the site or simply disappointed by a return to the old layout, the loss of TheMobileBay.org domain will be felt strongly in the UK. For reasons that remain unclear, since its launch The Mobile Bay has not been blocked by UK ISPs, meaning that users have been able to evade the High Court blockade won by rightsholders in 2013. Considering The Pirate Bay’s standing it’s likely that a copyright holder complaint triggered the suspension of The Mobile Bay, but that hasn’t been officially confirmed. Source
  14. This week The Pirate Bay lost use of several of its 'hydra' domain names that millions of people have become accustomed to over the past year. The great irony here is that the site is now back to using its original domains which have worked perfectly all along. In fact, it was only fear of losing these domains that caused the hopping in the first place. How time flies. Just over a year ago The Pirate Bay was going through some of the most turbulent times in its entire history. Following a raid at a Swedish datacenter the site stayed offline for several weeks, an event that fueled the rise of endless ‘replacement’ sites. While many of the sites stepping up to fill the gap left by The Pirate Bay looked like the real deal, many were simply incomplete copies. To their credit, the operators of some of these sites were upfront about their status but others did everything they could to claim their place as the real Pirate Bay reincarnated. Of course, when the real Pirate Bay returned at the end of January 2015, many of these other sites questioned their place in the market. Were they needed anymore? Were they even wanted? As time pressed on many simply dissolved but others carried on either as a clone, proxy or mirror. While this kind of behavior had previously been encouraged by the operators of The Pirate Bay, it ended up causing huge confusion among casual users who had no idea which domains to trust. As previously highlighted, it contributed to a growing branding crisis among ‘pirate’ sites. However, after returning to its full glory in February 2015, The Pirate Bay put faith in its trusted ThePirateBay.se domain and watched its users do the same. But by May the site was in trouble again when the Stockholm District Court ordered that domain to be seized, pending an appeal. In response TPB moved to a ‘hydra’ of new domains including .GS, .LA, .VG, .AM, .MN and .GD TLDs but during the months that followed problems began to eat away at them. This week came the icing on the cake when the site’s registrar disabled a batch of active domains. While it’s possible that the issues with these domains may be solved at some point in the future, The Pirate Bay needed to do something quickly to keep the show on the road. As a result the site is now mainly using its .SE and .ORG domains. The irony here is that these have worked all along and it was only the fear of losing them that prompted all the domain hopping in the first place. So where is The Pirate Bay today and how does one identify it among all the clones, mirrors and proxies? Verified Pirate Bay domains that can be trusted to link to the real version of the site are shown below. Most domains should already look familiar but for now it seems likely that of the standard domains ThePirateBay.SE will remain most stable and least likely to be taken down on short notice. ThePirateBay.org has had its own problems recently but they appear to be over, at least for now. The TOR/Onion address uj3wazyk5u4hnvtk.onion should also be fine longer term but it’s hardly the most memorable set of digits for anyone to recall. While still operational, ThePirateBay.LA currently seems most vulnerable after being given ‘clienthold‘ status earlier in the week. In addition to those listed above the TPB crew have many other domains held in backup which could be introduced should any key domains experience further issues. Most do not currently link or divert to The Pirate Bay so there’s little point in listing them right now. Overall it’s been a turbulent 12 months for The Pirate Bay and there’s little to suggest that 2016 will be any easier. While hosting has been surprisingly stable in recent times at a bare minimum one should expect more domain issues. But as history as shown us, other surprises could be just around the corner. Article source
  15. As the year-long free upgrade offer for Windows 10 nears the halfway mark, Microsoft is getting more aggressive, with new plans to begin displaying the GWX taskbar icon and upgrade prompts on business PCs that had previously been off-limits. If you thought Microsoft was getting ready to ease up on its massive Get Windows 10 upgrade campaign, think again. The company announced today that it plans to expand the program, pushing the aggressive GWX taskbar icon and pop-up upgrade notification reminders to some domain-joined PCs that had previously been exempt. Today's news did not include any plans to offer a "No, thanks" button on the GWX prompts. However, the company has finally updated its documentation for IT pros to opt out of the automatic upgrade and disable the GWX icon. As before, PCs running Windows 7 Enterprise, Windows 8.1 Enterprise, and any embedded version of those operating systems aren't eligible for the free upgrade and thus will continue to be immune from the GWX update. But domain-joined PCs running Windows 7 Professional, Windows 7 Ultimate, or Windows 8.1 Pro that are configured to receive updates directly from Windows Update will begin seeing the GWX taskbar icon shortly. Domain-joined PCs that get updates through another mechanism, such as Windows Server Update Services or System Center Configuration Manager, will continue to be off-limits. At the same time as today's announcement, Microsoft finally published updated instructions for opting out of the automatic upgrade and disabling the GWX icon. The new instructions, available in KB article 3080351, match those I published last week. (See "How to block Windows 10 upgrades on your business network (and at home, too)" for details.) To prevent the Windows 10 upgrade from being offered in Windows Update, IT pros can set a Group Policy object. Note that this policy setting is only available if the appropriate updates (first issued last July) are installed: 3065987 is the Windows 7 update; 3065988 is the equivalent for Windows 8.1. The policy is available on Windows 7 Professional and Ultimate and Windows 8.1 Pro machines using the Local Group Policy Editor (Gpedit.msc). The policy path is Computer Configuration > Administrative Templates > Windows Components > Windows Update Policy. Enable the setting Turn off the upgrade to the latest version of Windows through Windows Update. Setting that policy adds the following registry subkey and associated value: Subkey: HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate DWORD value: DisableOSUpgrade = 1 On home and core editions of Windows 7 and Windows 8.1, that registry value needs to be set manually. There's no corresponding Group Policy object for disabling the GWX notification icon. That task requires requires editing the following subkey and value in the Windows registry: Subkey: HKLM\Software\Policies\Microsoft\Windows\Gwx DWORD value: DisableGwx = 1 Those two steps are sufficient to block Windows 10 upgrades and prevent a user from accidentally clicking on one of the pop-up prompts and starting the upgrade process. There's no need to uninstall and block the original GWX update (KB3035583), nor is it necessary to use third-party software. These software policies, which are intended for business use, remain in effect until they're reversed or removed. I've created .reg files that can be downloaded and used to automate the creation of these two registry keys. The files are located here. Today's revised KB article also contains instructions for blocking the Windows 10 upgrade screen that appears when performing a clean install of Windows 8.1 that includes the KB3065988 update. Those instructions are useful for IT pros and system builders who are setting up new PCs for employees or clients and want to ensure that the system is not upgraded to Windows 10. The article also contains instructions for making the GWX icon visible for businesses that want to take advantage of the free upgrade offer immediately via Windows Update. Article source Batu69 edit: Another content has been merged & moved from technology news forum.
  16. Domain name troubles continue for The Pirate Bay this week. Just a few days after the site switched on its new .ms domain name, it's already been suspended by the Montserratian .MS registry. The torrent site now has to look out for new alternatives to keep the hydra going. The Pirate Bay has had its fair share of domain name issues in recent months. The site previously burnt through a ‘hydra’ of six domain names after it sailed away from its .se mainstay. Ironically, the Swedish TLD turned out to be more resilient than any of the alternatives. In an apparent attempt to diversify TPB switched on a new domain name last week. However, the Montserrat-based ThePirateBay.ms didn’t last long either and has already been suspended. The .MS domain now has the infamous “serverhold” status which suggests that the responsible registry interfered. The status has been used before when domain names were flagged for copyright issues, and strips the domain name of its DNS entries. “This status code is set by your domain’s Registry Operator. Your domain is not activated in the DNS,” ICANN writes. As a result of the issue ThePirateBay.ms is no longer accessible. TorrentFreak reached out to the responsible registry for a comment but at the time of writing we haven’t heard back. The suspension means that TPB is back to square one again, leaving ThePirateBay.org and ThePirateBay.se as the only stable domain names. Whether the Pirate Bay team has any plans to add any new domains is unknown at this point. The site’s operators previously informed TF that they have plenty of domain names prepared, so it’s likely that one or more will become active in the future. Article source
  17. The Pirate Bay has put a new domain name into circulation. Starting this week TPB has officially switched on the Montserrat-based domain name ThePirateBay.ms. The new addition is welcome since the torrent site recently lost control over most of its active domain names. The Pirate Bay has gone through a lot of domain changes over the past year. When the operators found out that Swedish authorities might confiscate their .se domain as the result of a legal battle, the torrent site added six new alternatives last Spring. In the months that followed this “hydra” was carefully destroyed as registrars and registries suspended the domain names in question. This most likely happened in response to copyright holder complaints. Ironically, this meant that TPB was back to square one relying on the older .se and .org domains. However, starting this week the torrent site has added a new domain option. The notorious torrent site is now also accessible from the Montserratian .MS TLD. Both the .SE and .ORG domains pointed to the new domain earlier, but this redirect has been turned off at the time of writing. With the latest addition TPB now has three generic TLDs, as well as the .onion version which is exclusively available through the Tor network. Pirate Bay’s official forum has also added ThePirateBay.ms to the list of official domains. Pirate Bay’s active domains The TPB team registered the .MS extension several years ago but it hasn’t been used as a primary domain until now. Strangely enough the domain name is linked to the same registrar who previously suspended the other domains. While TPB remains widely accessible some related issues remain. TPB’s Pirate Browser domains piratebrowser.com, piratebrowser.net and piratebrowser.org remain suspended due to an ICANN verification issue, for example. There’s currently no known alternative domain for The Pirate Browser but the application can still be downloaded by visiting the site’s direct IP-address. Adding a new domain would be relatively easy but it appears that the TPB-crew has other priorities at the moment. Time will tell how long the new .MS domain lasts. It’s expected that TPB’s operators will register additional domain names in the future to make sure that the site doesn’t run out of options. Article source
  18. On one hand, once we heard that ICANN would be selling off custom top-level domains (meaning instead of just .com, .org, or .net, you could get .anything), it was easy to assume that Google would be applying to get some of those domains. On the other hand, Google is directly responsible for the steady decline of users actually typing in full URL addresses in the first place. An annoyingly large number of users will use Google to search for "www.phonearena.com" rather than simply typing the address into the address bar. And, of course there are plenty of users who are too lazy to type the .com, and will just put "phonearena" in their Google Chome omnibox and then click away fromGoogle applies for .android, .nexus, .moto, and 98 other top-level domains there. Even so, Google has applied for an impressive 101 top-level domains. This is extra impressive because: 1) there were only 2,000 applications, meaning Google has 5% of all applications for the entire world; and, 2) the application fee alone for each of these is $185,000, meaning Google spent a cool $18.7 million just to try to obtain these domains.The list of domains that Google is applying for is varied and has the entries that you would expect, plus quite a few that are just odd. The ones you might expect include .Android, .Nexus, .Moto, .App, .YouTube, .Chrome, .Play, .Plus, .Gmail, .Google, .Search, .Hangout, and more. But, the entries you might not expect get weird and interesting very quickly, including .Dad, .Esq, .Kid, .LOL, .Meme, .PhD, and .Wow. Google hasn't really explained itself much, saying basically that it wants to "make the introduction of new TLDs a good experience for web users". It basically equates to getting more people online (so they can see more Google ads), and making them feel at home once they're on the web. Google says that it has applied for certain domains simply because of the "creative potential", like .LOL. If nothing else, this feels like Google might be building up a catalogue to sell domains like Hover or GoDaddy. Source
  19. I'm not quite sure how to phrase this query so please bear with me...?! I was using DynDNS for a hostname to map a dynamic IP for remote use for a while. Some while back I had actually paid them one time and got one of their better hostnames. Recently they changed their terms and I had to log in once a month to keep it active now that the payment is long gone. I forgot...once...it expired. The only way to get it back is to pay again and I don't want to pay them again. I know there's loads of free dynamic DNS providers and since I am far from my router I don't know which ones it will work with specifically and can't look until I visit there again. Here's what I'm curious about: I have a domain of my own - and supposing I made a subdomain of that for this=> Does anyone know if there's a way to specifically map a subdomain to another specific IP so that it could be used this way ?? I'd greatly appreciate any pointers. Thanks.
×