undefined | Better HN

0 pointsceejayoz1y ago0 comments

Probably the entire .zip TLD.

0 comments

Yeah. To be honest, I kind of setup this blog as a joke when the dot zip gTLD came up, as an inside joke with a few fellow security people who (rightfully) are against the ever expanding list of TLDs we have to deal with.

Mystery-Machine1y ago

What's wrong with ever expanding list of TLDs? Is there a security threat or you just don't like it or?

gepeto421y ago

Some of them make it way easier for threat actors to obtain large amounts of domains for cheap or free, without fear they'll disappear right away.

Paul Vixie had a great talk and research about this ~2018: https://www.youtube.com/watch?v=nkoNjntc5Lw

billpg1y ago

Because of the risk of auto-linkification, I'm of the opinion that browsers should put the entire dot-zip domain into the this-is-dangerous realm with big scary warnings if anyone follows a link. (Or at least any file downloads.)

j / k navigate · click thread line to collapse

0 comments

gepeto421y ago

Mystery-Machine1y ago

What's wrong with ever expanding list of TLDs? Is there a security threat or you just don't like it or?

gepeto421y ago

Some of them make it way easier for threat actors to obtain large amounts of domains for cheap or free, without fear they'll disappear right away.

Paul Vixie had a great talk and research about this ~2018: https://www.youtube.com/watch?v=nkoNjntc5Lw

billpg1y ago

j / k navigate · click thread line to collapse