Feeds

Thousands of gb.com sites go dark

Domain fight claims UK small biz victims

Internet Security Threat Report 2014

Thousands of UK small businesses woke up this weekend to find that their websites had become collateral damage in a legal fight between a domain name company and its founder.

Sites using .gb.com addresses all went dark on Saturday, after the former boss of the registry, CentralNIC, took control of the whole extension without warning.

No websites resolved, and it was not clear where emails sent to .gb.com addresses would arrive.

The .gb.com space is sold as an alternative to .co.uk by London-based CentralNIC. It is not an officially recognised top-level domain, but it has proven to be attractive to a relatively low number of small UK companies which couldn't get the .uk address they wanted.

CentralNIC sells domain names at the third level under about 20 such pseudo-extensions, including .us.com, .ru.com and .uk.com. But in the case of .gb.com, the domain appears to have been in the nominal control of a third party, CentralNIC's founder Stephen Dyer and his company GB.com Ltd, since at least 2004.

Anyone visiting a .gb.com site yesterday was greeted by a message from GB.com, encouraging the site's owner to sign up for a new account if they wanted DNS service restored.

It is like having a long lease on an office (our business) and another party coming along and erecting a fence around it, demanding money to get back in...

"GB.COM Ltd will not provide a service that you have paid others for, unless they have an arrangement with GB.COM Ltd," the statement said, on a page so amateurish in appearance that some users at first thought it might be a phishing attack.

The sudden switch came completely without warning to .gb.com domain owners, which has left many irate and others contemplating legal action.

"We will be talking to lawyers in the coming week," one registrant wrote on a LinkedIn group. "In our opinion it is like having a long lease on an office (our business) and another party coming along and erecting a fence around it, demanding money to get back in."

No warning

According to CEO Ben Crawford, CentralNIC was also caught off-guard. "The other party pulled this tactic with no notice. There was no indication given that this type of action would occur, and we have absolutely no idea why it did," he said. "We received no advance notice. We established what had happened on Saturday morning, and we have been working non-stop since then to resolve the situation."

But gb.com appears to have been disputed since at least 2004, when CentralNIC's current owners bought out its founders. According to CentralNIC, the domain gb.com was part of that acquisition.

However, historical Whois records archived by DomainTools show that ownership of the domain transferred from CentralNIC to Dyer in September that year. "Although the domain gb.com was one of the portfolio of domains so purchased and belongs to CentralNic, it remained registered to a third party that holds it on trust for CentralNIC," Crawford said.

CentralNIC is now also considering its legal options against GB.com, he added.

Some customers say the firm should have warned them that the domain's ownership was contested and that this weekend's outage was a possibility.

This morning, .gb.com sites appear to be coming back online, after CentralNIC went to extraordinary lengths to help restore DNS service.

The company seems to have submitted its entire database of domain records to GB.com, using a basic screen-scraping script to upload details one at a time via GB.com's web form. "We in no way endorse GB.COM Limited or recognise any of its claims, but our immediate priority is to ensure that resolution returns to .gb.com domains," Crawford said. "So as a short term measure before we resume control of the domain, we have registered customer domains with the gb.com Limited service in order to mitigate loss but without prejudice to our case and the legal action we shall be taking."

This appears to mean that CentralNIC's .gb.com customers are, at least temporarily, customers of GB.com, whether they like it or not.

GB.com Ltd owner Stephen Dyer is also listed at Companies House as the director of Snappy Designs Ltd, which owned the now-defunct photo-hosting website Fotopic.net.

According to a March report in Amateur Photographer, when Fotopic abruptly went into liquidation early this year it left thousands of photographers without access to potentially millions of their images.

Of the 20 pseudo-extensions CentralNIC operates, at least three others – us.com, us.org and gr.com – are registered in the names of third parties, according to Whois records.

However, Crawford said that these domains are safe, "locked in escrow accounts", and that none of them have any connection to Dyer.

Strange as it may seem, this is actually the second time this kind of dispute over an unofficial domain extension has impacted UK businesses.

In 2003, the Colombian owner of uk.co took out over 8,000 websites when it asserted control of the domain, which had been licensed to a British registrar. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.