I had the exciting chance to visit the great city of Nottingham on Friday. Turns out that my employer also employs a bunch of people based there, who write lots of software. As part of an awareness and education drive, a few of us visited to tell lots of coders what the term ‘security’ is meant to mean.
I digress slightly from reality - it was actually a pretty useful day and a good amount of valuable work was done. I do need to rant about train fares however. I turned up at St Pancras on Thursday to catch the fast train up to Nottingham. Having frequently visited Stockport from London, I was expecting to pay about £40 or so. So I was slightly surprised to find that the cheapest fare was an open single at £63 and that if I wanted a return, I would need to hand over about £120. Thankfully, I was going on to Stockport on the Friday, so I bought a single. When I came to buy my ticket to Stockport, it came to £14. That’s 20% of the price to go basically half the distance. I know people like to think Londoners are rich, but that’s capitalising on it a bit far.
And in true spirit of being h’up norf, it started pouring with rain the instant I left London.
I feel I must comment on this story about how Icann hopes to allow anyone to buy a TLD. One the one hand, this is a genius move. Make tonnes of money by selling something that effectively costs nothing to manufacture and allow companies to release themselves of the pesky naming restraints imposed by those silly .com, .uk or whatever domains. However, I foresee two problems. Firstly, what stops me buying .bank, then buying SSL certs for natwest.bank, barclays.bank, hsbc.bank etc. etc. and firing off a bunch of emails to the rest of the world inviting them to log into the brand new internet banking site? The domain will look like the bank, the user won’t get any SSL warnings in their browser and everything will look just fine. Of course, Icann could always decide to not issue me with .bank on the basis that I might abuse it, but I’m sure someone will think of a way around that.
The second problem I predict is that it just won’t work. There were a number of TLDs that were made available a few years back (.mobi, .travel, .name I think) and you hardly see any high-profile sites using these. In fact, I saw one commentary that hypothesised that people were swayed away from sites using these TLDs on the basis that the company behind them couldn’t afford a ‘real’ .com domain. And even if there is takeup of the new TLDs, I don’t see companies abandoning their existing domains. So maybe this problem will sort out the phishing problem. See someone using a non-traditional TLD, and they’re probably trying to take all your money.