I found a good article on the subject, How to Snatch an Expiring Domain, from which I refreshed my memory on how the crazy business known as “Drop Catching” works. When a domain expires, it is marked as expired in VeriSign’s database. It remains in that deactivated state for forty days, unless the owner pays the usual fee to renew it. After that initial forty-day period is over, the owner still has a final chance to save the name before it is deleted, but they have to pay a $100 fee to do so. Seventy days after the expiration date, it’s status is changed to “locked” and it will be deleted from the ICANN database five days later during a three-hour window between 2:00pm and 5:00pm EST. As soon as it drops from the database, the name is available for registration.

Unfortunately, snatching a domain isn’t always a sure thing. Previously-owned domains are often snapped-up right away by squatters who hope to resell it. I didn’t want to risk that happening, so I decided to hire a Drop Catcher to snipe the domain as soon as it became available.

I went with SnapNames, who charges a minimum of $69 upon delivery. If you don’t get the name, you pay nothing. If SnapNames is able to acquire the domain after it drops, they schedule it for auction. Your $69 fee is the starting bid, and if anyone else joins the battle, you’re going to have to pay more. It uses a proxy bidding system like eBay, where it ups the current bid until either you’re the high bidder or you hit your maximum. SnapNames collects the money from the high bidder, and sends you login details for the domain’s registrar.

After days of impatient waiting, with much checking of my SnapNames account on the Saturday of the auction, I found that I had won while getting a mint milkshake at McDonalds. I only ended up having to pay the $69 minimum, as nobody else had bid on the unusual domain. SnapNames sent me the login details for a Moniker account that holds the domain, and that was the end of the hard part. All that was left was the usual boring wait for the DNS to update.

I finally am in possession of Harzewski.com, and have moved my much-neglected personal blog over to matt.harzewski.com. I intend to revive the blog, after a hiatus of more than two years, now that I have a fresh theme and a spiffy new URL.

Polis pointed out that SOPA and Smith’s amendment already excluded certain operators of sub-domains, such as GoDaddy.com, from being subject to shutdowns under SOPA.

Even with that lesser-publicized fact aside, GoDaddy’s support of SOPA has spurred a large boycott, which they have met with a cavalier attitude (“we have not seen any impact to our business”) and some fuzzy PR-speak leading people to believe that they no longer support the bill, while they still do.

If you are looking to leave GoDaddy, or someone you know is, there are plenty of alternatives.

Domains: Name.com, Moniker, Gandi.net, Hover (Tucows), 1and1

Shared Hosting: HostGator, Media Temple, Site5, WPWebHost, A Small Orange, Nearly Free Speech

VPS Hosting: VPS.net, Linode, Media Temple, Rackspace

About one day later, the same thing happened to Chris Coyier’s CSS-Tricks.com. Someone gained access to his GMail and GoDaddy accounts and moved the domain to PlanetDomain. From his detailed chronicle of the events, it’s a possibility that he may have a keylogger on his computer, as the miscreant has been able to get around password resets of the GMail account, and may have even accessed the Media Temple server CSS-Tricks is hosted on. Coyier also received the impeccably-penned threat “pay 2k to get ur domain back.”

This has recently happened to a few other big-name sites in the same field, including Abduzeedo, Kirupa, Design Shack and InstantShift. Abduzeedo was able to catch the transfer and stop it, though. (Interestingly, it has been almost exactly four years since the same thing happened to logo designer David Airey.)

Just to be on the safe side, you might want to do a quick WHOIS search on your own domain and make sure it’s still on your registrar.

Update, Dec 5: Planetdomain is reversing the transfer, and moving the CSS-Tricks.com domain back to Chris Coyier’s GoDaddy account.

In their latest dubious management move, AOL corporate commandeered WoW Insider’s first-rate domain name — WoW.com — and used it to launch a Groupon clone.

WoW Insider now resides at wow.joystiq.com.

If you’ll pardon the pun, wow. I can hardly believe that anyone would think that a good move. It will hurt WoW Insider — in terms of possible search engine penalties, dead links, and confused users wondering why the domain stopped working with little or no warning — and there will be little advantage.

Someone at AOL obviously heard about the strange success of Groupon, and figured it would be easy to emulate it. Frankly, I’m surprised Groupon managed to do as well as they have been, monetarily. I highly doubt that, despite the simplicity of the service in itself, AOL will be able to replicate it. And it’s really dumb to re-purpose a domain like that. It reeks of bait-and-switch, like their plan to market the new Wow.com service is to trick a bunch of World of WarCraft fans into accidentally visiting it.

The Queue: Why did WoW Insider switch domains, again? [WoW Insider]

Normally I wouldn’t be too worried about the high pricing. After all, .FM (Federated States of Micronesia) domains run in the $70-$100 range. The problem with .CO is the cybersquatters.

How many people prematurely tap the Enter key when typing youtube.com, resulting in youtube.co, in one day alone? It’s a very common typo, and cybersquatters will start snapping up .CO domains for everything. People running moderately-sized websites will have to choose between dropping $30 every year for typo protection or letting domain vultures pick it up. Behemoths like YouTube and Yahoo will be okay, since $30 is nothing to them, but what about everyone else?

I highly doubt that .CO will be used legitimately for much other than name protection for a similar reason. It looks like a typo. If you see a business card with www.shawnspencersdiscountpineapples.co on it, is it really “.co” or did the designer make a mistake that somehow wasn’t caught? This is particularly bad when the masses still seem to expect everything to be a .COM.

The .CO push is going to make some people a lot of money, but it’s going to cause a lot of problems for everyone else.

Wordoid.com is a website that hopes to help you solve that problem. Enter a word, set the language, maximum length, and a few other options, and out comes a list of “wordoids.” Wordoids are, as the name suggests, made-up words that sound just like they could be real words. Words like underful, intendings, outwittery, or, conspiffy. It’s an easy way to find suggestions for a catchy domain name. (Outwittery sounds like it should be some sort of Twitter-connected word game…)

I wonder how they generate the words. My best guess is some sort of Markov text generator.

If the domain, created using Cyrillic scripts “raural.com” was registered, the way that Unicode-browsers will actually render that domain in latin is as “paypal.com.” In theory, phishers could pass around that link and set up a fake version of the PayPal site to harvest logins and credit card data.

It is impossible to tell the difference visually. It’s pretty scary. At least, I thought it was until I realized two things:

1. You shouldn’t click links in emails claiming to be from PayPal or your bank anyway. Just don’t. Type the address in manually.
2. Websites dealing with money, or other things that require a higher level of security, generally have an SSL certificate signed by a reputable third party.

So if you don’t click links in emails, and make sure that the SSL certificate checks-out, you’ll be safe.

It’s not that big a deal for those of us who have a good general knowledge of computer security, but it still is worrying that phishers are gaining this tool. I’m sure you know plenty of people who could easily fall into this kind of trap.

According to a group of disgruntled registrars, the whole situation is an antitrust nightmare, one allegedly perpetuated by lobbyists, astroturfers, planted news stories, and “stacked” public meetings.

Ars Technica has the full story: Paying too much for .com domains? One group blames VeriSign.

I remember a few years ago, when control of the .com registry was handed to VeriSign, thinking it was a bad idea. I still maintain that it should be the responsibility of ICANN, and that it shouldn’t be thought of as a source of profit, but as an essential service that should be subsidized by the bare minimum fee required to keep the system afloat.

The “2-5″ option recieved the most votes (35%), and “20+” was the second most popular option (23%). After that came “6-9″ (18%), “10-15″ (10%), and “1” (8%). The least-voted options were “Do I have to count them all…?” and “16-19,” with 5% and 3% respectively.

I particularly found it interesting that the most popular choices were two to five domains and more than twenty. They do seem to add up though, don’t they? After you start a couple of websites, you kind of become addicted to domain registration. You start to think all the time “Hey, that sounds cool; I wonder if it’s available as a domain…”

I’m somewhere in the middle. (They sure add up over time, don’t they!) I have a grand total of 13 at the moment. Most of them are in active use, or had been at some point. A few others I have plans for. Only one is just a domain I registered because I liked the sound of it, but didn’t have any real plans for it.