> Unfortunately, their operation inadvertently flagged my domain name as one of the domain names to be sinkholed because it matched the pattern of command and control (C2) domain names generated by a malware family named Nymaim, one of the malware families hosted on Avalanche. Although, they had validity checks to avoid sinkholing false-positives, my domain name unfortunately slipped through those checks. [...]
That's incredible. That "[the domainname] matched the pattern of command and control (C2) domain names generated by a malware family named Nymaim" was enough to get it sinkholed is nuts. There should be a fair bit of manual checks here before applying this sort of death penalty.
Take my username. I actually got targeted by my bank some years ago for a similar reason: "crypto" surely means you're doing crypto-currencies, right?, so you must register as a money services business (MSB)! Uh, no, nothing of the sort, and thankfully I was able to disabuse them of the notion that I had anything to do with crypto-currencies. (Indeed, I'm vehemently opposed to proof-of-work currencies, and as for proof-of-stake, why not just do double-spend detection and leave it at that?)
My impression was that, when botnet sinkholing was first practiced, a lot of care was taken over avoiding collateral damage, but if so, then the standards seem to have decayed.
This might have been a consequence of frustration - effective action seeming to be just out of reach - but I have also seen the fallacy that goes "we are the good guys, so therefore what we do is for the good." See also "normalization of deviance."
This is why I suspect that, if the AI Apocalypse is technically possible, it is inevitable.
Like anything else, when it’s new, the A-team people are working on it. When changes slow and products or services move to steady state, care and feeding moves to dollar focused app teams.
I've used a domain with "uber" in it for over 20 years, and since the ride sharing service started I have quite a few issues pop up. At least people know how to spell it now.
Über, with an umlaut like the original German word? Or do you spell it Ueber, where the "ue" stands in for an umlaut in character sets which are incapable of reproducing the glyph?
Or do you spell it Uber like the American ride-sharing service, ignoring niceties of pronunciation and trading those for convenience by people who only speak English and don't know German phonology?
As someone who has a name containing a non-ascii letter living in the US, I greatly prefer simply removing the dots or apostrophe or whatever and just use the ascii version. Those transliterations like ü->ue or ø->oe cause much more problems than they solve. Yes, there are lots of letters for where this doesn't work at all, but for the ones that do, the principle of least surprise is better than phonetical correctness, imo. I pick my battles with Anglo- and US-centrism and this one isn’t worth fighting for, imo. “Whatever the letter looks closest to” has a much higher chance of a consistent interpretation. This isn’t even the fault of anglocentrism – it’s an issue between any languages with different alphabets. Heck, I don’t know Cyrillic, but at least with say Vietnamese i can go from ê->e without even turning on my brain.
EDIT: oh, and reconstructing a word or sentence with missing umlauts etc is very easy to do, at least in my language. You can infer by context if there are ambiguities in 99% of cases.
The word Uber has existed in English speaking countries for much longer than the ride sharing service. Using that spelling doesn’t affiliate you with the company. The opposite actually as the company used a common word.
Arguably, Uber is different from uber, meaning outstanding or supreme, and the former has only existed since 2011 due to a complaint from San Francisco taxis causing a rename from Ubercab.
That's incredible. That "[the domainname] matched the pattern of command and control (C2) domain names generated by a malware family named Nymaim" was enough to get it sinkholed is nuts. There should be a fair bit of manual checks here before applying this sort of death penalty.
Take my username. I actually got targeted by my bank some years ago for a similar reason: "crypto" surely means you're doing crypto-currencies, right?, so you must register as a money services business (MSB)! Uh, no, nothing of the sort, and thankfully I was able to disabuse them of the notion that I had anything to do with crypto-currencies. (Indeed, I'm vehemently opposed to proof-of-work currencies, and as for proof-of-stake, why not just do double-spend detection and leave it at that?)