Itch.io Taken Down by Funko

1197 points
1/21/1970
17 days ago
by spiralganglion

Comments


leafo

I'm the one running itch.io, so here's some more context for you:

From what I can tell, some person made a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game. The BrandShield software is probably instructed to eradicate all "unauthorized" use of their trademark, so they sent reports independently to our host and registrar claiming there was "fraud and phishing" going on, likely to cause escalation instead of doing the expected DMCA/cease-and-desist. Because of this, I honestly think they're the malicious actor in all of this. Their website, if you care: https://www.brandshield.com/

About 5 or 6 days ago, I received these reports on our host (Linode) and from our registrar (iwantmyname). I expressed my disappointment in my responses to both of them but told them I had removed the page and disabled the account. Linode confirmed and closed the case. iwantmyname never responded. This evening, I got a downtime alert, and while debugging, I noticed that the domain status had been set to "serverHold" on iwantmyname's domain panel. We have no other abuse reports from iwantmyname other than this one. I'm assuming no one on their end "closed" the ticket, so it went into an automatic system to disable the domain after some number of days.

I've been trying to get in touch with them via their abuse and support emails, but no response likely due to the time of day, so I decided to "escalate" the issue myself on social media.

17 days ago

vasco

Hope you have money to fight them. I stuck to my guns on a wrongful one like this and while Digitalocean and Cloudflare both had my backs (surprisingly before I even asked, both of them got a lot of good will on that - they informed me they already checked and it was spurious!). Google didn't have my back though and immediately caved when they upgraded their sham copyright infringement claim to money laundering and fraud based on nothing - a fully static website with no backend calls. Good luck! I still have the sites exactly as they were just to spite them and will keep running them at a loss until I'm dead. Copyright infringement my ass. This abuse has got to stop sometime.

17 days ago

latexr

> I still have the sites exactly as they were just to spite them and will keep running them at a loss until I'm dead.

https://en.wikipedia.org/wiki/Spite_house

https://en.wikipedia.org/wiki/List_of_Curb_Your_Enthusiasm_e...

17 days ago

araes

Many of the spite houses were entertaining (the Alameda and Tyler spite houses were probably some of the best).

However, nothing compares to the George Lucas saga down in Marin County. Was worth it just for the read about Lucas' fight with the county. Nigh incomprehensible.

[1] Forbes Summary, 2012: https://www.forbes.com/global/2012/0507/companies-people-geo...

[2] NYTimes Summary, 2012: https://archive.is/7iSSE

[3] CNET Summary, 2015: https://www.cnet.com/culture/george-lucas-to-build-affordabl...

[4] Pacific Research Institute Summary, 2021: https://www.pacificresearch.org/george-lucas-reluctant-yimby...

> submitted a so-called precise development plan in 2009 [for a] 269,701-square-foot digital studio [2]

> Lucas’ company says it spent “tens of millions” on engineering and environmental reviews and fees since its master plan was approved in 1996. [1]

> The association and others sent a letter to Mr. Lucas requesting that he find a “far more appropriate location for the development.” The project, the letter said, would “pose a serious and alarming threat to the nature of our valley and our community,” “dwarf the average Costco warehouse” and generate light pollution so that “our dark starry skies would be destroyed.” [2] In 2012, Lucasfilm announced that it had scrapped the 263,701-square-foot project. [3]

> "The level of bitterness and anger expressed by the homeowners in Lucas Valley has convinced us that, even if we were to spend more time and acquire the necessary approvals, we would not be able to maintain a constructive relationship with our neighbours" [3] “We were offering to shut down at 11 p.m. and spend $70 million to restore creeks ravaged by erosion and farm debris. Nothing we offered to these people was ever going to be enough. And so we were facing death by delay.” [1]

> In 2012 Mr. Lucas said he would sell the land to a developer to bring “low income housing” here. [2] there was a predictable backlash from residents, who believed that affordable housing would bring crime into the area and lower property values [3] “It’s inciting class warfare,” said Carolyn Lenert, head of the North San Rafael Coalition of Residents. [2]

> That has created an atmosphere that one opponent, who asked not to be identified, saying she feared for her safety, described as “sheer terror” and likened to “Syria.” [2]

> Carl Fricke [...] said: “We got letters saying, ‘You guys are going to get what you deserve. You’re going to bring drug dealers, all this crime and lowlife in here.’ ” [2]

> After three years in stasis, working with the regulations that govern affordable housing grants, George Lucas now plan[ed] to foot the bill himself, to the tune of upward of $150 million (circa 2015). This not only allows the project to proceed without jumping through those hoops, it also means that the housing can be allocated to specific groups, such as seniors, nurses and teachers. [3]

> The plan called for 224 apartments, along with generous residential amenities and a new bus stop [4], situated over 52 acres just north of San Rafael. This consists of 120 two- and three-bedroom workforce residences, and 104 one- and two-bedroom residences for seniors. [3]

> neighboring property owners quickly threatened Lucas with a $70 million environmental lawsuit if the filmmaker didn’t pull back his housing plans. True to California planning tradition, the project remain[ed] in limbo five years later. [4]

[5] https://www.thethings.com/george-lucas-billion-net-worth-spe...

> Lucas and the residents continued to battle over the property for several years until Disney eventually bought the property as part of purchasing LucasFilm. [5]

And the final piece of the story, perhaps the worst:

[6] Daily Mail Summary, 2023: https://www.dailymail.co.uk/news/article-12063777/These-form...

[7] Google Maps View, Binford Rd, 2023: https://www.google.com/maps/@38.1221805,-122.5651918,3a,75y,...

> A line of RVs, trucks, and trailers stretches for nearly 2 miles along Highway 101 in north Marin County

> More than half had lived in Marin County for over a decade, and a further 13% for at least five years.

> 'I've been here four and a half years. I was one of the first here. When I came in mid 2018 there were three motor homes. Now there's over 80.' Sherry and Lyness said they can't afford a normal home any longer, and low-income housing is in short supply.

16 days ago

joseda-hg

If they are fully static couldn't they probably be run at close to 0 cost from you?

17 days ago

vasco

Yes I'm not the pope, it's a cheap server. Still doesn't make any money.

17 days ago

SparkyMcUnicorn

If it's a static site, you could move it to Cloudflare Pages to reduce the cost to zero.

17 days ago

vasco

And make my story worse? I feel like to optimize for spite I need to pay a little as well. You made me laugh though - have a good day :)

17 days ago

anitil

> I feel like to optimize for spite I need to pay a little as well

A fantastic sentiment, I do exactly this as well

17 days ago

registeredcorn

spite^fake-DMCA-claim

17 days ago

pabs3

What are the sites called? Would like to get them saved to archive.org :)

16 days ago

RestartKernel

This issue aside, thanks for doing what you do. I was kind of expecting Itch to get sold to some holdings or casino company at some point, as good things tend to go, but I've been happily surprised to see it mature independently throughout the years.

17 days ago

Tepix

I agree itch.io is awesome!

Edit: And i'm happy to see that it's working again as of 2024-12-09 12:27 UTC+1

17 days ago

raxxorraxor

And compared to that brandshield users should be branded by their business practices. Also the hoster as well.

Seems to be a difficult time for hosters and also again a demonstration that copyright law is deeply flawed, even if using stolen assets is a rising problem.

17 days ago

saghm

I don't disagree that copyright law is deeply flawed, but even with the current law, it seems like this situation could easily have been avoided. The issue is one malicious private company (Brandshield) taking advantage of the negligence of another private company (the registrar) by claiming that a site was being used for "fraud and phishing". If anything, the parent comment from the person running the site makes me think that the situation would have been _less_ messed up if Brandshield had correctly asked for the offending copyrighted content to be taken down rather than falsely alleging something more severe. I understand that Brandshield probably has been incentivized to act this way due to copyright law, but I'd argue that even reasonable laws will sometimes cause bad actors to try to take advantage of things, and the easiest way to fight back against this isn't to try to change laws to avoid this but for non-malicious entities like the registrar not to allow their customers to get exploited by this sort of behavior.

Unfortunately, domain registration is an industry with so many of its own problems that I'm not sure "vote with your wallet" would be an effective strategy for changing things here. I honestly wonder if domain registration might be the more fruitful target for legislation protecting customers if the goal is specifically to avoid situations like this one, but even as someone who's usually unabashedly in favor of consumer protection regulations, I can't say I have a high degree of confidence that any changes here would be done effectively.

17 days ago

raxxorraxor

A bad law is bad if it leads to injustice even beyond its original scope. We have seen numerous problems with DMCA abuse and copyright strikes in other forms. We have patent trolling and this abuse artificially feds a whole industry of dubious lawyers. I think this is not even a small problem and all these factors combined does make it a bad law, even if it would still protect innovation like it once was to meant to do, which is questionable as well.

Of course services like the registrar need protection here too. And certain false copyright claims probably need consequences as well. The legal industry servers no function here.

Also, it would be legally trivial to make the user accountable for the offense, not the whole of itch.io. Sure, there would be problems here as well, but there is not large barrier to not have a parasitic legal industry and have those responsible that actually commit the offense.

The problem of enforcement cannot be put on the back of the platform itself.

17 days ago

saghm

I'm not sure how you came away from my comment with the idea that I disagree that the DMCA is a bad law. My argument isn't that that the law is good, but that I don't think it's anywhere close to the primary cause of this incident, and that there's much lower hanging fruit that could stop stuff like this. I'm also not sure why the _registrar_ needs protection in the case we're talking about; no part of this happened because the registrar needed protection, but the main cause of pain was that the registrar completely trusted a false third-party report that alleged _fraud_, not copyright issues.

To be honest, I'm not really sure what point you're trying to make at all with your comment. None of it seems to address anything that I said, and if anything, it almost sounds like you managed to infer the opposite of what I meant in most cases.

17 days ago

salawat

The platform will always be preferentially targeted because the larger you are the more you have to lose, the more likely it is you actualy have assets to go after if you don't deal with the alleged noncompliance.

How have y'all not realized that's how all this works?

It's why DNS is an anti-feature. As long as registrar's exist, it'll be an active lever utilized for basic deplatforming. Until everyone can host their own stuff, and networking is de-hub-and-spoked, this type of behavior will continue.

17 days ago

ikiris

How do you expect people to find things without an authoritative lookup database?

17 days ago

registeredcorn

>the easiest way to fight back against this isn't to try to change laws to avoid this but for non-malicious entities like the registrar not to allow their customers to get exploited by this sort of behavior.

Easiest? Perhaps. Nothing around law is particularly easy (except breaking it, of course!) :) So, not altering existing laws, or not making new ones, would absolutely be the easiest method to that desired outcome. Many things would be easier to do if they were simply done how they were described, in a manner in which they were excepted, under the terms which they were agreed to. However, can we expect that a lack of laws/codes/statutes could ever result in effective or consistent behavior? Sadly, no. At least, not based upon historical experience. Perhaps the disposition of man will change one day - who knows what the future holds, but God!

Negligence is a thing that is bred in indifference and grown through a lack of consequence. Law and reform is the sole remedy.

Consider this: It would be far, far safer and more profitable for owners, employees, and customers of restaurants if the restaurant kept their cooking areas clean and tidy. Yet, even with unannounced and routine health inspections, various licensing requirements, annual training & education certifications, and massive fines...in spite of all of that, absurdly high numbers owners can't meet the bare minimum. People still somehow die from unsanitary food every year!

The best we can do then to combat the disposition of disconnected employees, and the blasé, checked-out business owners is to crush their skull. It is a judicial vengeance, a constant protector for all the people who had been abused unfairly; the ones who were discounted as "unimportant nobodies". Law is what gives the common man a temporary illusion of equal treatment. And when that illusion is chipped and broken from time-to-time, well, at least we can put another head up on the spike outside our walls.

It's certainly not quick, or easy, or even preventative(!), but it is the kind of response that is owed to the victims of incompetence and indolence.

17 days ago

saghm

My main point probably got muddled a bit, but the main argument I was trying to make was that copyright law, however bad it might be, wasn't why the registrar acted the way it did (because it was acting on a false report of fraud and phishing, not copyright infringement), and ultimately even with a troll trying to get the site taken offline, the registrar could have acted responsibly, and there wouldn't have been any significant downtime.

From the timeline of the incident given at the top of this thread by the maintainer of the site, it sounds a lot more like the registrar was lazy about investigating whether the report of fraud/phishing was valid than that the registrar was fully aware that the actual intent was to take an entire site offline due to an allegation of a singular user infringing copyright. It sounds like the issue with the registrar could happen just as easily even if we magically waved a wand away and eliminated copyright law; if someone made an allegation of fraud and phishing, it sounds like the registrar might act the exact same way it did in this incident and take the site offline. That's why I'm arguing that copyright law isn't the primary cause of what happened here, and why reforming it seems pretty orthogonal to stopping this specific thing from occurring regardless of its merits as a goal in general.

17 days ago

[deleted]
17 days ago

TheEnbyperor

I run a domain registrar. "serverHold" is not a status that iwantmyname could've set. If they had suspended the domain it'd have "clientHold" set. Server Hold means the registry (i.e. .io directly) has suspended the domain. Your best bet would be to contact the Internet Computer Bureau Ltd who run .io at admin@icb.co.uk, or the registry technical support provider Identity Digital at techsupport@identity.digital.

17 days ago

leafo

Interesting, this morning I got a response from a staff member of the parent company that owns iwantmyname saying they didn't get my response with regards to the abuse notification they sent and that's why they took the domain down.

17 days ago

nicolas_17

Are you sure you got a serverLock and not a clientLock?

17 days ago

braiamp

I don't think anyone went and checked the whois database at that time that can corroborate the story.

16 days ago

kj4ips

I've heard a ton of stories about .io, IMO, they play fast and loose in a space where that isn't okay, and they get away with it mostly because they are a ccTLD.

The last time someone I knew had an issue, they had to get a senator to make waves to get anything resolved.

17 days ago

0x38B

I regret going with .io for my personal domain name. At the time I thought it was cool, but they've since raised prices and hearing things like this doesn't instill confidence...

17 days ago

sigio

That, and the Indian Ocean territory will cease to exist in the (very) near future, so the .io domains might be going the way of the dodo. I won't be registering any new ones at least, and recommending everyone to stay away from them.

17 days ago

qingcharles

And isn't .io on borrowed time, since the country will soon no longer exist?

17 days ago

Suppafly

Do they get rid of TLDs once the country they are assigned to goes away? I assumed they'd sell them to someone or something.

17 days ago

foobarchu

Nobody really knows. There are only a few precedents, i.e. the old Soviet Union .su tld being kept around, or the 2 letter country code that I can't recall which was reassigned to a new country after the old one went out of existence.

There isn't really a precedent for a tld with as many domains under it as .io, it's a very strong possibility it will be kept around and given to a private entity or even to GB.

17 days ago

hungariantoast

.cs for Czechoslovakia lasted from 1990 to 1995.

.yu for Yugoslavia ran from 1989 to 2010.

Wikipedia has comprehensive articles on both of those ccTLDs, if you're interested in learning more

17 days ago

unanimous

They might not have much of a choice but to shut down all .io domains. This video explains a little: https://www.youtube.com/watch?v=1yJ6AZsUlpc

17 days ago

account42

Who is "they".

14 days ago

TheEnbyperor

Yes, it will be deleted; see: https://www.iana.org/help/cctld-retirement

15 days ago

loeg

.su is still around.

17 days ago

Vilian

That's why they are shutting .io to not make the same mistake again

16 days ago

apitman

What registrar do you run?

17 days ago

TheEnbyperor

15 days ago

duggan

iwantmyname was bought out by a conglomerate, “Team Internet[1]”, a few years ago.

Prices went up, service went down. I’d recommend moving your domains when you can (Porkbun have been good, though I haven’t had any incidents like this).

Best of luck!

1: https://en.m.wikipedia.org/wiki/Team_Internet

17 days ago

betteryet

Same thing with Gandi, which is a shame. Domain renewal price silently went up 3x or so last year after getting acquired.

17 days ago

colejohnson66

Check out Porkbun.

https://porkbun.com/

17 days ago

bovermyer

How is Porkbun compared to Namecheap?

17 days ago

no_wizard

Porkbun is best on the market at this point.

Namecheap I find is less easier to use and sometimes higher cost over time. I also haven’t had reliable domain renewal service from them when I used them.

Granted this is all a few years back. I was at Cloudflare until this year when I switched to Porkbun and I’ve been very happy

17 days ago

pengaru

I tried porkbun after comments like yours when one of my domains needed renewal, but had to transfer out after one year when their payment gateway refused to work and was very poorly handling the situation while my domain risked expiration.

dynadot.com has been superior in my experience.

17 days ago

derefr

Why'd you switch away from Cloudflare['s registrar]?

17 days ago

no_wizard

Nameserver lock in. While I use Cloudflare right now for most things, I value the decoupling. Cheap way to make sure that my services aren't in total control of my domain.

17 days ago

qingcharles

I use Spaceship now for everything, which is actually Namecheap but cheaper.

17 days ago

username135

I like namecheap. It serves its purpose.

17 days ago

adastra22

I also like supporting a Ukrainian company. Only downtime I had was when their offices were being bombed, and they were quick to both restore services and make their infrastructure resilient to future such… interference.

17 days ago

xproot

Which company?

16 days ago

franciscop

Yup, I've been migrating out of Gandi because of this, I was okay with up to ~50% over the base price but I'm seeing 100%~200% overcharge. I did have to let go of one domain though since Cloudflare doesn't support .jp yet

17 days ago

robin_reala

In the same way that “Don’t be evil” has disappeared, Gandi’s “No bullshit!” is no longer a thing.

17 days ago

kmlx

does anyone here use cloudflare as a registrar?

i’m interested in any potential negatives.

17 days ago

thomasfortes

You're stuck with cloudflare nameservers¹, so if you want to change nameservers you need to transfer them to other registrar, how much of a deal breaker this is is up to you, to me is project dependent.

1. Section 6.1 of https://www.cloudflare.com/domain-registration-agreement/

17 days ago

red-iron-pine

> 6.1 Nameservers. Registrant agrees to use Cloudflare’s nameservers. REGISTRANT ACKNOWLEDGES AND AGREES THAT IT MAY NOT CHANGE THE NAMESERVERS ON THE REGISTRAR SERVICES, AND THAT IT MUST TRANSFER TO A THIRD PARTY REGISTRAR IF IT WISHES TO CHANGE NAMESERVERS.

there are very few parts of that contract in all caps, but that's one of them :/

17 days ago

iosjunkie

That's annoying. For some use cases, not a big deal. But I have used the AWS Route 53 'alias' functionality on a number of occasions and that requires the use of Route 53 nameservers.

16 days ago

seanwilson

I've helped move a few domains from Gandi to Cloudflare. The move was relatively straightforward (couldn't get the Gandi records export to import into Cloudflare so had to do it manually...), and the new domain and renewal prices are lower.

To replace Gandi email (that Gandi went from free to ramping up the pricing for when they were taken over), Cloudflare offer email forwarding so you can receive incoming mail from a custom domain to e.g. a gmail account, and for sending mail you can pair this with a custom SMTP service like https://www.smtp2go.com (1000 emails/month on the free tier).

Apart from that, DNS is something I barely touch for years sometimes so I don't find much difference between registrars beside their pricing and how much you can trust them.

Being able to point your Cloudflare nameserver records would be nice though, so worst case you'd need to move everything if another registrar had some services you were interested in? Would be curious to know more about how common this scenario comes up and why.

17 days ago

atkailash

You should check out something like DNSControl. Makes switching or having multiple easy. I have mine going to a bind zone file and cloudflare, and use the bind file for Unbound

17 days ago

gregoryl

FYI, you are hellbanned (your comments are auto [dead], very few people will see them). Email hn@ycombinator.com to fix it :)

17 days ago

technotarek

I’ve got about twenty domains listed with them. No problems after 2-3 years, but I do wonder whether it’s a good idea to use the same vendor for DNS and domain registration.

17 days ago

indigodaddy

Normally a registrar isn't going to have top tier DNS infra so you may as well separate, yes. Exceptions might be CF/Google/AWS/DO, but personally I don't like to use the big guns as registrars in any case. I use Namesilo and never had any issues but on the other hand have never run into any of these sorts of issues either..

17 days ago

xnyanta

I am happily using them for all of my domains they support. The problem with Cloudflare registrar is that they flat out don't support many domains/tlds.

17 days ago

funkdude

Gandi's prices rose, which sucks, but they were great when I had a dispute with AFNIC over a blocked domain. They won brownie points with that.

17 days ago

LeftHandPath

Would you / do you still use them? I like their branding more than PorkBun.

17 days ago

bambax

Yes it's despicable. I'm moving my domains from Gandi one at a time and the cost is 4 times less!!

17 days ago

spondyl

Oh damn, I didn't know this!

I've used their services for ages and even got to briefly meet the founders once in Wellington who gave a talk on Erlang.

Ah well, while it sucks that the good times may be over, I'm glad the founders got their exit :)

17 days ago

kaoD

> I'm glad the founders got their exit

I'm not.

I mean, I am happy for them but this concept of growing a business to an exit is not going well for society as a whole (at least the exits that are in my areas of interest, so I assume it extrapolates to all exits).

Every single business that gets bought out gets instantly enshittified in one way or another, always to the detriment of the customer. Depending on how entrenched it was it takes a different amount of time for people to move on as the new shareholders extract its economical value, but it almost always destroys societal value in the process as the company becomes a shadow of its former self (and hopefully dies, leaving way for the cycle to start again).

I wish there was a way for founders to get rich without the need for an exit, so the business could keep running... but I guess ruthless enshittification is the only way to get rich?

Apologies for the tangent, this is something that's been bouncing in my mind for a while...

17 days ago

ChrisMarshallNY

I know that I'm basically being trollbait (around here), by saying this, but I personally believe that the very existence of an "exit plan" is a problem.

A business is supposed to be an ongoing, perpetual enterprise. Maybe it grows, maybe it stays the same, but it isn't something that should (in my opinion) be designed as a product, in itself, with a "sell by" date. If it gets brought up, then that's [maybe] good, but it shouldn't actually be in the business plan. It's just a random lifecycle event. We can plan to be ready for it, but it shouldn't be a corporate goal.

It's quite possible to do that. I worked for nearly 27 years, for a company that is over 100 years old. I think the world's oldest company is over 1,400 years old, and just got brought out, for the first time, about 10 years ago.

17 days ago

babuskov

Agreed. Promising stuff like "Hey we built this because everything else is bad" and then years later selling it to a company that turns it bad is somehow even worse than classic bait and switch.

17 days ago

kiba

Sell it to the employees? It won't be lucrative to selling it to someone with more cash than sense, but it may be more likely to preserve the value. There's no guarantee of course, and there's so little experience societal wide in running an employee co-op.

17 days ago

robertlagrant

There are a few employee co-ops, but I don't know how good they are. Over here in the UK we have the Co-op[0], which is a national chain of small local shops. It's a consumer co-operative rather than a workers' cooperative, though. I don't know how well it works, or what its challenges are, but it definitely exists.

[0] https://www.co-operative.coop

17 days ago

bluehatbrit

The Co-op (referred to in [0]) is also a bank, funeral directors, insurer, and solicitor! They're really quite successful to be honest.

Nationwide is another example of a successful cooperative as well (large UK bank, particularly in the mortgage space). They're customer and employee owned I believe, my wife and I got £200 last year as a profit share for being customers.

I'm a huge fan of the model, but it's difficult to get going. I think they're also more expensive to run as their operations tend to be a little more complex.

17 days ago

Angostura

Don’t forget John Lewis/Waitrose and the excellent Richer Sounds:

Richer Sounds boss in £3.5m staff giveaway https://www.bbc.com/news/business-48269171

17 days ago

fallingknife

Every time that happens it just makes an opportunity for someone else to start a new competitor

17 days ago

Nullabillity

It's absolutely tiresome having to keep up with that rat race for everything. And if that principle actually worked then enshittification wouldn't be profitable to engage in to begin with.

17 days ago

[deleted]
17 days ago

justsomehnguy

> I mean, I am happy for them but this concept of growing a business to an exit is not going well for society as a whole

The last thing I want is to be a 70 y/o still supporting a registrar. Especially considering the margins.

17 days ago

dartos

You can be responsible with an exit and sell to someone you’d believe will keep the company’s mission.

17 days ago

justsomehnguy

And what if I can't find anyone? And what if they do 180 a week later?

And it's not like running a registrar is something what can even have a mission other than earning money.

17 days ago

dartos

> And what if I can't find anyone?

I would honestly be surprised if that was the case, but if you really tried, then you tried.

You pick who you’d hope would continue the mission OR you try to sell to employees.

> And what if they do 180 a week later?

Then you picked wrong, but the risk of picking wrong is not a good reason to not try to pick correctly.

17 days ago

fwip

You can retire or quit, like a normal person. I'm sure you can find a new CEO.

17 days ago

popcalc

The Alands Island .AX TLD allows anyone to be their own registrar for free. Only 20euro/year for domains.

17 days ago

spondyl

> I mean, I am happy for them but this concept of growing a business to an exit is not going well for society as a whole

Oh yeah, I fully agree with the enshittification sentiment.

Admittedly, a DNS registrar for me personally is something I'd just swap without much thought but I can think of a few services I use where I wouldn't be so loosely coupled from the product if those founders were to exit.

It's a bit paradoxical on my part I think and I do wish we had more lifestyle businesses that don't have to become massive.

Mind you, I would have put iwantmyname in that basket now that I think about it.

16 days ago

travisgriggs

Bonus points for using “enshittified”.

17 days ago

duggan

Yeah I was a fan, had every domain with them that I could! But once they were acquired their .org renewal prices just did not make sense any more, and they were missing some functionality that I thought was crucial and didn't seem inclined to add it (can't remember what it was now, maybe MFA).

Domains are like car insurance – there's no reward for loyalty, so makes sense to shop around come renewal time.

17 days ago

thomasfromcdnjs

aw I've always loved iwantmyname, I haven't noticed any issues other than the price increases.

Though it was the indie/personal feel they had as a registrar, I might look for alternatives.

17 days ago

donohoe

+1 for Porkbun

17 days ago

internet101010

After so many people in this thread recommended them I decided to make the switch from hover. Their renewal rates have gotten wild.

17 days ago

raverbashing

Pro-tip: raise your prices before you need to sell your service to cover expenses

17 days ago

johnnyanmac

https://domainincite.com/24614-centralnic-to-pay-3-4-million...

I appreciated the indie feel as well, but I can't blame someone for selling out to the tune of 7 figures when the opportunity arises.

17 days ago

jen729w

I see you’re being downvoted on Hacker News for what appears to be an expression of support for founders selling out for millions of dollars.

We have arrived at peak hypocrisy.

17 days ago

foobarchu

HN is just a news aggregator. Being a participant does not mean one agrees with YCombinator's business practices, nor does it imply any other requisite opinions.

So I don't see the hypocrisy

17 days ago

FunnyLookinHat

Came here to recommend Porkbun - I've had great experience with them and so have all of the friends and family I've recommended.

17 days ago

esskay

Another vote for porkbun here. By far one of the best registrars out there right now.

17 days ago

CaptainFever

I really wish BrandShield didn't use AI as a marketing term. It just looks like it's doing a generic ctrl-F on webpages?

Then things like this happen, and people think "ooh AI is bad, the bubble must burst" when this has nothing to do with that in the first place, and the real issue was that they sent a "fraud/phishing report" rather than a "trademark infringement" report.

Then I also wish that people who knew better, that this really has nothing to do with AI (like, this is obviously not autonomously making decisions any more than a regular program is), to stop blindly parroting and blaming it as a way to get more clicks, support and rage.

17 days ago

pdpi

I find that businesses that bill themselves as ${TOOL}-users instead of ${PROBLEM}-solvers are, as a general rule, problematic. I couldn't possibly care any less whether a product is built on AI or a clever switch statement or a bazillion little gnomes doing the work by hand. I care that it solves a problem.

AI does need to die. Not so much because LLMs are bad, but rather because, like "big data" and "blockchain" and many other buzzwordy tools before it, it is a solution looking for a problem.

17 days ago

7thaccount

The AI hype is annoying in my field as well. AI can have its uses, but we already figured out where to use it in my field ages ago. That doesn't stop people from hyping nothing though.

17 days ago

CobrastanJorji

Yes. If your business solves a real customer problem and uses "blockchain" to do it, that's great, but you should describe yourself as a tool to solve the problem. If you mention blockchain on the homepage of your product at all, it should be treated with suspicious. It's a sign that you're speaking to investors and fools and not to savvy customers.

One exception: personal projects. "This is an NES emulator that is built in Rust, and it uses Rust because I wanted to learn Rust" is a perfectly good description of a project (but not a business).

17 days ago

pdpi

> This is an NES emulator that is built in Rust, and it uses Rust because I wanted to learn Rust

Arguably, in this scenario, learning rust is the "business need" and the NES emulator is the tool :)

But yeah, exactly. A blockchain is, technically, just a content-addressable linked list. A Merkle tree is the same, as a tree. Git's core data structure is a DAG version of this. These things are useful. Yet nobody calls Git "blockchain technology", because what we all care about is Git's value as a version control tool.

17 days ago

johnnyanmac

> and people think "ooh AI is bad, the bubble must burst" when this has nothing to do with that in the first place

That haphazard branding and parroting is exactly why the bubble needs to burst. Bubbles bursting take out the gritters and rarely actually kills off all the innovation in the scene (it kills a lot, though. I'm not trying to dismiss that).

17 days ago

kombookcha

Exactly this, if you give a hoot about actual useful applications for AI, there is a great need to clear out all the grifters and scammers attracted by the initial hype cycle.

17 days ago

CaptainFever

It's possible they were using LLMs (or even just traditional ML algorithms) to choose if a certain webpage was fraud/phishing instead of mere trademark infringement, though. In this case it makes sense that one would be angry that a sapient being didn't first check if the report was accurate before sending it off.

17 days ago

acka

More than the hypothetical risk of Earth being consumed by a paperclip-making machine, I believe the real and present danger in the use of ML and AI technology lies in humans making irresponsible decisions about where and how to apply these technologies.

For example, in my country, we are still dealing with the fallout from a decision made over a decade ago by the Tax Department. They used a poorly designed ML algorithm to screen applicants claiming social benefits for fraudulent activity. This led to several public inquiries and even contributed to the collapse of a government coalition. Tens of thousands of people are still suffering from being wrongly labeled as fraudulent, facing hefty fines and being forced to repay so-called fraudulent benefits.

17 days ago

stevoski

They’re talking about Australia, and the robodebt scheme.

Read the Wikipedia article and you’ll probably feel outraged.

https://en.wikipedia.org/wiki/Robodebt_scheme

17 days ago

shakna

Unfortunately it seems that the thinking is more farspread, and this was the Netherlands [0].

[0] https://news.ycombinator.com/item?id=42365837

17 days ago

[deleted]
17 days ago

CaptainFever

Perhaps in certain cases requiring someone to sign off, and take the blame if anything happens, would help alleviate this problem. Much like how engineers need to sign off on construction plans.

(Layman here, obviously.)

17 days ago

jerf

If the legal system is not itself either fundamentally corrupted or completely razzle-dazzled by the AI hype... and I mean those as serious clauses that are at least somewhat in question... then there are going to be some very disappointed people losing a lot of money or even going to jail when they find out that as far as the legal system is concerned, there already is legally speaking some person or entity composed of persons (a corporation) responsible for these actions, and it is already not actually legally possible to act like a bull in a china shop and then cover it over by just pointing to your internal AI and disclaiming all responsibility.

The legal system already acts that way when the issue is in its own wheelhouse: https://www.reuters.com/legal/new-york-lawyers-sanctioned-us... The lawyers did not escape by just chuckling in amusement, throwing up their hands, and saying "AIs! Amimrite?"

The system is slow and the legal tests haven't happened yet but personally I see no reason to believe that the legal system isn't going to decide that "the AI" never does anything and that "the AI did it!" will provide absolutely zero cover for any action or liability. If anything it'll be negative as hooking an AI directly up to some action and then providing no human oversight will come to be ipso facto negligence.

I actually consider this one of the more subtle reasons this AI bubble is substantially overblown. The idea of this bubble is that AI will just replace humans wholesale, huzzah, cost savings galore! But if companies program things like, say, customer support with AIs, and can then just deploy their wildest fantasies straight into AIs with no concern about humans being in the loop and turning whistleblower or anything, like, making it literally impossible to contact humans, making it literally impossible to get solutions, and so forth, and if customers push these AIs to give false or dangerous solutions, or agree to certain bargains or whathaveyou, and the end result is you trade lots of expensive support calls for a company-ending class-action lawsuit, the utility of buying the AI services to replace your support staff sharply goes down. Not necessarily to zero. Doesn't have to go to zero. It just makes the idea that you're going to replace your support staff with a couple dozen graphics cards a much more incremental advantage rather than a multiplicative advantage, but the bubble is priced like it's hugely multiplicative.

17 days ago

wholinator2

[flagged]

17 days ago

jcranmer

The comment you are replying to is using commas correctly: it's partitioning off a clause of the sentence as a side phrase that can be removed, and the resulting sentence is a fully grammatically-correct sentence. If you really hate commas, you can replace the commas here with parentheses, but honestly, I prefer the commas here.

17 days ago

BalinKing

I agree with the parent that in formal written English, the comma would be incorrect—cf. the "In compound predicates" section in [0]. But I disagree that the sentence is hard to parse as a result, and I doubt many would think twice about it given that we're on an informal internet message board.

[0] https://www.grammarly.com/blog/punctuation-capitalization/co...

17 days ago

adastra22

Language is descriptive not prescriptive.

17 days ago

BalinKing

True, but I'm pretty sure this is the majority usage for commas in formal written English.

16 days ago

adastra22

The comma is a soft pause. We do this all the time in spoken language in order to break up an otherwise potentially ambiguous or hard to understand utterance, but it is basically dialectal. In writing that purposeful pause because a comma.

You can then analyze when such pauses are used in formal language, and infer rules for their use. But those rules aren’t going to be 100% consistent, and a violation of those rules is not a grammatical error in the sense that subject-verb disagreement would be.

TL;DR you said “majority” not “every.” That distinction is key.

16 days ago

rjmunro

Please say something like "here in [insert country name]", or "back home in [insert country name]" intead of "in my country", otherwise we have no idea what you are talking about.

17 days ago

acka

Unfortunately I can no longer edit my original comment. It is about the so-called "Toeslagenaffaire" (childcare benefits scandal)[1] in the Netherlands.

Also, here is a blog post[2] warning about the improper use of algorithmic enforcement tools like the one that was used in this scandal.

[1] https://en.wikipedia.org/wiki/Dutch_childcare_benefits_scand...

[2] https://eulawenforcement.com/?p=7941

17 days ago

jandrese

When AI is being used as a cover for the bad/questionable behavior the company was already doing then there is no bubble to burst. The performance of the "AI" doesn't matter, only that it throws up a smoke shield in front of the company when people call to complain about the abuse.

17 days ago

oneeyedpigeon

I fear that ship has already sailed. I think the grifters and scammers have already abused the term enough that even decent uses of it are now tainted. I know that the two aren't strictly the same, but I would suggest using "Machine Learning" instead, which I think has more respectable connotations.

17 days ago

rsynnott

AS IS TRADITION.

(After the previous AI bubble, no-one mentioned the dread term for about 20 years, instead using the safely ultra-broad umbrella term.)

17 days ago

rsynnott

I mean, whether this has anything to do with AI or not (I’d buy that they’re using LLMs to write abuse letters or similar) it fits very nicely into the general pattern of AI breaking the internet through an endless deluge of worthless misleading spam. So, perhaps call it honorary AI?

17 days ago

oneeyedpigeon

I noticed that iwantmyname has very little presence on social media: no bluesky account and a twitter account that posts once or twice a year. That wouldn't necessarily be a problem if they responded to emergencies like this promptly, but they clearly don't so it is.

I also wonder if their "automatically disable" policy takes size/importance of site into account. Is this how they would treat all their domain owners, regardless of significance?

17 days ago

clarionbell

The significant ones have lawyer writing them letters.

17 days ago

npteljes

Brandshield is bad for overreacting, and iwantmyname is very bad for hosting such a crucial infrastructure, and having not responded to a paying customer with a good track record. I honestly don't think time of day matters, as long as the nature of the service is that it's provided and used 24/7, support staff should also be there 24/7.

17 days ago

paxys

> Because of this, I honestly think they're the malicious actor in all of this.

While I agree, the people who hired them are equally culpable. You don't get to wash your hands of the mess just because someone else is doing your dirty work.

17 days ago

breakingcups

Filing false reports like this should count as fraud.

17 days ago

terminalbraid

I'm in the outraged crowd and there should be pretty serious consequences, but it is important in the interest of justice to differentiate between fraud, negligence, and gross incompetence.

17 days ago

ndsipa_pomu

Whilst I agree in principle that deliberate disruption of other people's websites/serivces should be more harshly punished, I don't think it's particularly practical. There's so many ways that modern companies can obfuscate the reasoning behind what they do, so I've come to the conclusion that if they're causing harm to someone else, then they should be punished/made to pay no matter their excuse.

If companies hide behind negligence/incompetence, then we need to make it costly for them to be negligent/incompetent.

17 days ago

joquarky

Discerning intent is a waste of time and resources in cases like this.

17 days ago

Gigachad

As long as you have some automated AI bot sent all the reports. It’s never fraud, you couldn’t have known it would do that.

17 days ago

babuskov

Looks like AI is becoming a perfect excuse to do whatever you like.

It's like having a dangerous dog that usually doesn't bite, but you really cannot know if it will change its mind one day. Do you just let such dog walk the streets without owner supervision?

17 days ago

Sohcahtoa82

> It's like having a dangerous dog that usually doesn't bite, but you really cannot know if it will change its mind one day.

In other words, a pit bull.

17 days ago

nkrisc

Which is why anyone deploying AI solutions should be held accountable for whatever the AI does, as if they had done it personally and intentionally.

It’s irresponsible to deploy AI if you don’t know what it will do, especially when there are actual stakes.

Maybe we’ll have less AI bullshit then.

17 days ago

concerndc1tizen

I.e. as a crime rather than just a civic tort? I agree.

17 days ago

pdpi

As general rule, I find that sort of thing to be an over-reaction, but submitting a complaint for phishing instead of a plain old DMCA takedown does warrant it.

17 days ago

kevingadd

It does but there's no actual way to get legal recourse for false DMCA notices or anything similar. The legal system is stacked for the abusers to have their way and the victims to have no recourse, regardless of how egregious the abuse is.

17 days ago

[deleted]
17 days ago

Suppafly

>Filing false reports like this should count as fraud.

It does, but they never mess with anyone with big enough pockets to get sued for it.

17 days ago

RobotToaster

Isn't it already classed as perjury?

17 days ago

plorkyeran

No, the perjury aspect of a DMCA takedown (which isn't even applicable here as that's not what they did) is if you don't actually represent the person that you claim to be filing a takedown on behalf of.

17 days ago

Cthulhu_

I've had the same thing happening; I run a simple forum, and some years ago people were discussing a manga, posting images of fan translated pages.

My hosting party (Hetzner) forwarded the emails and / or put it in their own system, I removed the offending images / page, replied to the email, and done, right? Wrong, the email said I had to fill in a statement through some online form somewhere; I did that too late and got more and more threatening emails like "pack your shit we're evicting you in 24 hours". Nobody seemed to actually read my replies / explanation, probably because this is so routine for them.

And I get it, nobody can be arsed to read longwinded explanations and the like for routine operations. I hope AI assisted tooling will help the overworked support employees with making decisions in favor of giving people the benefit of the doubt and the help they need; for them it's routine, but for me it was the first time I got anything like that.

17 days ago

hresvelgr

It's surprising that this happened at all. Isn't it in most business's best interests to be aware of their most high-profile customers? If this was an automatic process, it's pretty disappointing that it even occurred. If I was running a SaaS, I'd probably want to mark my important accounts so an actual human has to investigate any raised alerts instead of being dealt with by a cron.

17 days ago

cipheredStones

Something being in a business's best interests is very far from a guarantee that it'll happen.

I've worked on a team in a household-name big tech company where our mission was almost exactly "make sure we're not blowing up our most important customers for no reason". It's not nearly as easy as it sounds: defining who's important is hard, and defining what should and shouldn't be allowed is hard, and then implementing that all correctly and avoiding drift over time is tricky too.

17 days ago

Scramblejams

Sounds like you could write a series of blog posts I’d like to read!

17 days ago

paxys

Domain names themselves are a loss leader for registrars. They make money by upselling customers on hosting, email, certificates, analytics etc. So if you are just paying a couple dollars a year for a domain name and nothing else, your profile doesn't really matter. You are in the lowest tier of customers.

17 days ago

jeremyjh

It still matters who your customer is if your mistreatment of them drags your own brand name through the mud in a front page Hacker News story.

17 days ago

account42

> Domain names themselves are a loss leader for registrars.

Doubtful. Registrars have almost no costs - any markup over the registry fees is almost pure profit.

13 days ago

Razengan

Lemme use this opportunity for having your attention to suggest some form of collaboration or even a merger with the Godot game engine:

• itch.io users could launch the Godot Web Editor to quickly make prototypes or simple games right on itch

• Publish from the native Godot editor directly to itch.io

• Godot adopts itch.io as the official asset store for art packs etc.

• Introduce social features for devs and artists to collaborate with each other:

• A publisher could choose to add a “Fork” or similar button on their itch.io game page that downloads and opens the project source in Godot. • All "forks" published that way would include a link to the original game's page, and so on.

I think Godot+itch could/should become the Github of Games :)

17 days ago

egorfine

> I had removed the page and disabled the account

Did this account violate your ToS or the actual law? While I totally understand where are you coming from and I would probably be forced to do the same, I still tend to believe that closing a fan account is exactly the same thing that your registrar did to you.

17 days ago

0x073

It's not optimal, but he must choose between every published game there and one fanpage.

Besides that, there are so many websites with copyright content that never changes the domains, is just the domain registration bad or why they just disabled the domain?

17 days ago

egorfine

It's not optimal, but the registrar had to choose between every registered domain there and one business.

But yes, no doubt, that system is broken and the registrar should have known better.

17 days ago

0x073

I don't know the company size, but as a paying customer I expect them better support and more time.

If they have a customer like steam would they just cut off the domain? Probably not.

Other domain registrations would just ignored this and nothing would happened.

17 days ago

egorfine

> I expect them better support

I expect total ignorance from a typical domain registrar.

> If they have a customer like steam would they just cut off the domain? Probably not.

Take a look who is they registrar and then look their prices up.

> Other domain registrations would just ignored this and nothing would happened

Yeah, they would totally ignore their customer just like that one did.

Unfortunately, providing proper support and protecting own customers in digital realm is an unsustainable business practice for most registrars.

17 days ago

Sebb767

> Take a look who is they registrar and then look their prices up.

So, in case anyone is interested, their registrar is MarkMonitor Inc., with a pricing of "contact us". The only pricing info I could find [0] said that it's 20$/yr for a .com, but with a minimum spend of 10k$ (probably reached by using their other services, such as the stated purpose of monitoring of trademarks).

[0] https://news.ycombinator.com/item?id=18063232

17 days ago

egorfine

Last time I have heard about them it was $5k/y.

17 days ago

TiredOfLife

It's not optimal, but the domain registrar must choose between every domain they have and one that is causing trouble.

17 days ago

codatory

Smells like tortious interference to me... and likely some form of perjury. I'd probably stop talking to them now that service is restored and get in touch with legal representation.

17 days ago

rpastuszak

Is it possible/worth to hold them financially accountable for this? (them being IWMN or BrandShield)

17 days ago

andrewmcwatters

You really need to get off both .io and this no-name registrar.

17 days ago

thn-gap

I wanted to take the time to thank you for the service you provide. itch.io is unvaluable to the indie community, and I'm perplexed when I see some devs complain about issues like this. Thabks for all your work.

17 days ago

Arch485

I smell a class action lawsuit. That's a whole lot of lost revenue and time for you and itch.io's creators.

Godspeed!

17 days ago

nstart

For what it's worth, I know Namecheap gets a meh rep, but we've been on the receiving end of several phishing/copyright reports and have responded across the spectrum in terms of time span. We've responded immediately. We've responded with an hour or so to go. In all cases, Namecheap has somehow responded quickly and resolved the issue.

17 days ago

rexreed

I coincidentally just this past week ran into a major issue with Namecheap on a fraudulent domain marketplace sale that they did not resolve properly or in a timely manner. They deserve their meh reputation. They were decent about a decade ago. Come renewal my domains up for sale are moving to Dynadot. Was considering porkbun but I sense they are heading the namecheap way.

17 days ago

Sindisil

> but I sense they are heading the namecheap way

What makes you say that?

17 days ago

rexreed

Some of the comments and feedback I'm seeing in the reddit: https://old.reddit.com/r/PorkBun/. But then again I don't have any firsthand experience with these issues, so who knows. Are you having good experiences with Porkbun?

17 days ago

xinayder

You should change registrars. Sort the situation and move to a better one.

17 days ago

oneeyedpigeon

(FYI, if you didn't already notice this, you're probably far too busy anyway, but still: https://bsky.app/profile/botherer.bsky.social/post/3lcuitcck...)

17 days ago

jaromiru

Hey, perhaps you can mediate the impact by providing an alternate way to access the site (IP, alternative domain) and posting it somewhere people will see it (bsky, here, ...)? Realistically , this may take days to resolve.

17 days ago

safety1st

So it sounds like this was DMCA abuse by Funko, aided and abetted by BrandShield, and it resulted in damages to you. Also sounds like iwantmyname just went along with it, they are probably conditioned to do so by the rules.

I would write up a complaint and send it to the incoming FTC Commissioner. Yes, I'm serious. From the signals Trump is sending if there is ever a time when Republicans may support some form of DMCA reform, it's now. He's on record talking about punishing Big Tech and supporting "Little Tech." You're Little Tech. Send copies of your letter to Funko and BrandShield. Also reach out or at least send a copy to Matt Stoller, the guy who publishes a very popular newsletter about monopoly, anti-trust and corporate abuse in America, he will be interested. Go for the throat.

17 days ago

Mindwipe

Given the OP and admin in the comments explicitly say that this wasn't a DMCA claim it would rather hurt any campaign to lie and say it was.

17 days ago

tremon

But the DMCA is the only legal mechanism for demanding swift action from a registrar/hosting party without the involvement of a judge, at least FAFAIK. So if this wasn't a DMCA takedown, then the registrar was acting completely of their own volition and should be liable for all fallout.

17 days ago

qingcharles

No, sadly it's not. These are private companies.. if you write to them and tell them to take a site down for "reasons" and they think the "reasons" are good enough, they'll do it.

17 days ago

tonygiorgio

Unfortunately "serverHold" goes above registrars. I learned this the hard way. There's a variety of watchdogs that false flag things all the time, and a handful of tld's that will blindly obey these orders. I'm guessing io is one of these. You'll have to escalate it with them, though I was never successful. Good luck.

17 days ago

antihero

Can you transfer the domain out?

17 days ago

leafo

Unfortunately the domain has a hold placed on it by the registrar, so I believe transferring is disabled. I also wouldn't want to risk doing a transfer at an hour when their staff aren't available to help with the current issue.

17 days ago

antihero

Hopefully once they release the hold another registrar will be sought immediately.

15 days ago

nonplus

I hope you come out of this in good shape. I try to get all my (digital) TTRPGs and indie games through your platform.

17 days ago

meaydinli

Behavior from "iwantmyname" doesn't sound like they deserve your business anymore.

17 days ago

[deleted]
17 days ago

derefr

> The BrandShield software is probably instructed to eradicate all "unauthorized" use of their trademark, so they sent reports independently to our host and registrar claiming there was "fraud and phishing" going on, likely to cause escalation instead of doing the expected DMCA/cease-and-desist. Because of this, I honestly think they're the malicious actor in all of this.

I feel like there's also some missing layer of infrastructure here.

itch.io, like a lot of sites (HN being another), is meant to act as a host of user-generated content, over which the site takes a curatorial but not editorial stance. (I.e. the site has a Terms of Use; and has moderators that take things down / prevent things from being posted according to the Terms of Use; but otherwise is not favoring content according to the platform's own beliefs in the way that e.g. a newspaper would. None of the UGC posted "represents the views" of the platform, and there's no UGC that the platform would be particularly sad to see taken down.)

I feel like, for such arms-length-hosted UGC platforms, there should be a mechanism to indicate to these "brand protection" services (and phishing/fraud-detection services, etc) that takedown reports should be directed first-and-foremost at the platform itself. A mechanism to assert "this site doesn't have a vested interest in the content it hosts, and so is perfectly willing to comply with takedown requests pointed at specific content; so please don't try to take down the site itself."

There are UGC-hosting websites that brand-protection services already treat this way (e.g. YouTube, Facebook, etc) — but that's just institutional "human common sense" knowledge held about a few specific sites. I feel like this could be generalized, with a rule these takedown systems can follow, where if there's some indication (in a /.well-known/ entry, for example) that the site is a UGC-host and accepts its own platform-level abuse/takedown reports, then that should be attempted first, before trying to get the site itself taken down.

(Of course, such a rule necessarily cannot be a full short-circuit for the regular host-level takedown logic such systems follow; otherwise pirates, fraudsters, etc would just pretend their one-off phishing domains are UGC platforms. But you could have e.g. a default heuristic that if the takedown system discovers a platform-automated-takedown-request channel, then it'll try that channel and give it an hour to take effect before moving onto the host-level strategy; and if it can be detected from e.g. certificate transparency logs that the current ownership of the host is sufficiently long-lived, then additional leeway could be given, upgrading to a 24-72hr wait before host-takedown triggers.)

17 days ago

robertduncan

There is a parallel to the public suffix list, which domains like github.io are listed on: https://publicsuffix.org/list/public_suffix_list.dat

17 days ago

nguyenquocthao

So Linode hosts your server, and iwantmyname provides your domain? If they want they can take down your server and your domain? Is there any server provider / domain provider who doesn't hold that kind of power?

16 days ago

[deleted]
17 days ago

JosefAlbers

It's working again now.

17 days ago

seanthemon

man, this shit is ridiculous.. now we can't even make fan pages?

Will you be moving away from this registrar? It seems like it could very easily be abused again.

17 days ago

jeroenhd

Some companies have always been terrible about this. Fan projects involving companies like Nintendo or Take Two Interactive (GTA) are like lawyer bait. Disney has hired lawyers to sue a daycare center that had (clearly unofficial) character art painted on the walls. It's dystopic, but it's the world we live in.

I didn't really expect Funko or 10:10 Games to be like that, but then again I didn't expect anyone would like Funko enough to make a fan page about their dolls.

Other companies allow fans to do pretty much whatever you want with their IP as long as you don't turn it into (too much of) a business. Sega has even hired a fan for their remasters rather than DMCA his project into oblivion.

When companies do this, I interpret this as the company giving a clear message: "don't be a fan of our work or we may apply legal pressure".

17 days ago

willis936

It's just so surprisingly tone deaf when things like this are done by companies that exist purely within the goodwill of their customers. Nothing that funko brings to the table has inherent value. If they have any world outlook other than to love their customers as much as they can, then they will fail in a time measured in quarters.

17 days ago

jeroenhd

I'm pretty sure Funko used their service in good faith and didn't know it's based on over-aggressive AI bullshit. They're still on the hook for picking a bad company to partner with, but I don't think they intended to take down the entire domain.

17 days ago

Rotundo

I don't see a large message on the Funko site with a profuse apology for taking down Itchio. This indicates to me they fully endorse their action and are not willing to make amends.

17 days ago

BehindBlueEyes

Former employer worked a little with Funko and Disney, and it was pretty comparable. I don't see what Funko has to offer other than Licensing IP and strictly enforcing their own. Based on my (limited) experience, I doubt they chose this service by accident.

15 days ago

CM30

Just gonna point out that the Nintendo going after fanworks bit is a tad blown out of proportion, especially online. They're definitely known for being way too heavy handed (especially compared to the likes of Sega), but they're not exactly going after every fan project they see on the internet. Large sites whose entire purpose is to host fan games and mods for the Mario, Zelda, Pokemon, etc series have been up for decades without any issues, and most mods and homebrew projects for consoles older than the Wii U or Switch are going fine.

Unless a project is going viral in the media, raking up in a significant amount of money via a paywall or is directly competing with a current game, the chances of it getting shut down are incredibly low.

17 days ago

multimoon

Nintendo just finished killing both major switch emulators.

17 days ago

mrguyorama

Nintendo also is responsible for keeping Dolphin off of Steam. Dolphin wanted to get on steam for improved steam deck integration and Valve reached out to Nintendo who said, essentially : Lol fuck no we will ruin your life

The courts have told Nintendo numerous times that they are in the wrong in this behavior and outlook. They have no legal means to keep Dolphin off Steam and it is a matter of judicial record that emulators are not an infringement of your IP on their own. Nintendo doesn't care and openly discusses their intent to make you suffer through lawfare. A just system would smack them down with a vexatious litigant label, but our system gives businesses infinite benefit of the doubt.

17 days ago

gcr

Not true. Nintendo is notoriously litigious in the fan games community.

17 days ago

oneeyedpigeon

After this, everyone will be moving away from this registrar...

17 days ago

npteljes

You'd think, or hope, but GoDaddy and other actors proved over the years that this is not the case. I think that the kind of site most impacted by an event like this are social sites, where if people leave, they might take their networks with them. But a normal b2c service provider just needs to update their PR and prices and business will be back to usual.

17 days ago

PostOnce

Not only that, I'm moving a domain to a local registrar so I can get legal redress here if I need to.

Not from iwantmyname, never heard of them, but of course now that I have, I couldn't do business with them in light of the situation.

17 days ago

TiredOfLife

And itch.io who removed that page.

17 days ago

crtasm

>a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game.

I'd expect them to remove that, they're not a host for fan pages.

17 days ago

SunlitCat

I never understood that urge of people to do "fan pages" (or fan anything, without the permission of the original creator) while at the same time blatantly ripping content.

17 days ago

account42

Not everyone agrees that remixing and building on your cultural artifacts should require permission from third parties.

13 days ago

Hamuko

Fan anything has always been at the mercy of the trademark owner.

17 days ago

seanthemon

there was a time where the internet wasn't a corpo hellscape.

17 days ago

throw_m239339

> there was a time where the internet wasn't a corpo hellscape.

DMCA passed in 1998. it was short lived.

17 days ago

johnisgood

Not that short-lived in practice, because it may have been passed but it was not enforced to oblivion like it is now.

17 days ago

johnnyanmac

This kind of impersonation/defamation is one of the edge cases where its good to have a DMCA process. You want to quickly take down something like this and then deal with the slow legal stuff over time.

17 days ago

Kye

They have a DMCA process. As far as I know it only helps in a case like this if they sue Funko or the brand management service. Itch is a small indie operation funded by actual commerce, so might not be able to afford it.

17 days ago

BehindBlueEyes

How much would be needed to afford it? Is it a fundraisable amount?

15 days ago

Suppafly

I wish brandshield would pull this shit with someone that was large enough to sue them for fraud or tortious interference.

17 days ago

mort96

That's extremely disappointing from iwantmyname. While I haven't used it, it was always on my mind as a potential registrar when buying a domain. I think I'll have to reconsider.

17 days ago

pessimizer

[flagged]

17 days ago

lxgr

> it's no one's fault and no one's to blame

There's obviously somebody to blame. Somebody getting a legitimate domain taken down for hours should have consequences, if only to make mistakes more expensive for trigger-happy automated "IP protection" services (the only signal they'll probably understand).

The question is just if itch.io has the funding and energy to actually pursue the matter legally, now that it's technically resolved. I couldn't blame them for just changing registrars instead.

17 days ago

jamessbutler322

[flagged]

17 days ago

KingOfCoders

"Phishing report to our registrar, iwantmyname, who ignored our response and just disabled the domain"

One registrar off the list of registrars you wanna use.

17 days ago

jamil7

They used to be really good, independent registrar from New Zealand but I think got acquired sometime a few years ago and went down hill.

17 days ago

BrandiATMuhkuh

Yes that's true. Just yesterday I bought a new domain through them.

I'm surprised about their slowness. Again, 2 days ago I sent a request via their web-form and less than 24h later it was resolved.

Disclosure: I know the founder (Lenz).

17 days ago

MortyWaves

Is Lenz happy with how he operates his company?

17 days ago

willvarfar

The GP says they were acquired a few years ago.

So the question should be if Lenz is happy with how those who brought his company are now running it?

Of course that is not the kind of question that a founder should ever answer candidly on the internet :)

17 days ago

BrandiATMuhkuh

Correct. The company was sold many years ago. So I have no idea if he is happy

17 days ago

[deleted]
17 days ago

jomar

As noted above, what used to be a cool little Wellington-based company got bought by some offshore conglomerate. Lenz himself left about five years ago.

17 days ago

conradfr

The same thing happened to Gandi.

17 days ago

Algent

It's crazy how downhill Gandi went in 2 years. Went from decently priced French registar to basically asking for 70€ a year for a mailbox and lately asked me for over 40€ to renew a dot dev domain. I ended up transferring all my domains due to this.

17 days ago

officialchicken

Gandi went sour when the original French company was forced to open a separate company for the US several years before being sold. IIRC it was related EU privacy but they publicly stated it was about credit card processing.

17 days ago

KingOfCoders

Didn't know, could you explain how a French company is forced to open a US company because of EU privacy laws?

17 days ago

em-bee

interesting, do you have a link to more details on why the split company was needed and how it affected using them?

17 days ago

sureglymop

A similar thing has happened to me before. There is a company with the same name as my surname with a trademark for it.

When I registered a domain with my surname in it, the registrar had an automatic process in place that checked for this trademark and took away access of the domain. So far so good. The problem was that the registrar and its support then ghosted me and also never refunded me for the money already paid to lease the domain for a year. Overall it was a bad experienced with bad communication that made me switch registrar (note: this was a different registrar than mentioned here).

I think one of the problems is that as more and more individual consumers buy domains, certain legal processes and automation are not ready for that. A good registrar should anticipate that an individual private consumer may not have the legal experience or knowledge to deal with just being hit with something they were never explicitly warned of.

17 days ago

lolinder

> When I registered a domain with my surname in it, the registrar had an automatic process in place that checked for this trademark and took away access of the domain. So far so good.

I don't think this is good.

Trademarks are country-specific, not global like domains. Further, within a country trademarks are only valid within the scope of certain classes, which means:

* There will often be more than one trademark holder of even non-surname trademarks.

* You can't trademark a surname to prevent its use generally, you can only restrict its use in a narrow sphere.

I understand why domain registrars automatically overenforce their country's trademark laws (they can't deal with the legal complications that will result from them not doing so), but it's very much not good that someone like you can get to a domain for your surname first and be told you can't have it in case the trademark holder (for which class???) might want it.

17 days ago

lxgr

> Trademarks are country-specific, not global like domains.

Domains are also subject to local law! For ccTLDs, it's usually that of the country in question; for gTLD, to my knowledge the US has effective jurisdiction (through ICANN) over at least some of the popular gTLDs such as .com and .net.

"Local law" in this case doesn't just include actual laws on the books, but also the risk and cost of getting sued by either a trademark holder or a non-trademark-infringing domain owner.

This is exactly the type of issue that people usually don't consider when picking a TLD, vanity or otherwise.

17 days ago

hobofan

> I think one of the problems is that as more and more individual consumers buy domains

Huh, I was always under the assumption that the percentage of domains bought by individual consumers is shrinking. As in, in the early days of the internet until ~2010 where commercialization was only slowly picking up (or only concentrated to a few domains), the majority of domains were personal websites and blogs.

17 days ago

ivanmontillam

> Huh, I was always under the assumption that the percentage of domains bought by individual consumers is shrinking.

Yes, but a segment of the domain market still buys their name domains and defends them on the Internet.

I bought my fname+lname domain a few years ago, but I'm not planning to surrender it to a random conglomerate.

> As in, in the early days of the internet until ~2010 where commercialization was only slowly picking up (or only concentrated to a few domains), the majority of domains were personal websites and blogs.

A deep part of me hopes this part of the market never dies, for the good health of the Internet's sovereignity.

17 days ago

djsnoopy

The percentage share of personal domains doesn’t tell you everything. More and more consumers probably are buying personal domains just by the nature of it getting cheaper and easier to host and there being more people on the internet year over year. Could be proven wrong though because I don’t know how to get the numbers.

17 days ago

moralestapia

Trademarks are country specific while domain names are not. Would be interesting to know what happens if they took this to trial (in which country though).

17 days ago

lxgr

Of course domain registrations are also subject to national law. .io in particular is (currently) under UK jurisdiction.

17 days ago

moralestapia

Hmm ... you're right, I could have worded that differently to help people like you understand the point being made.

s/domain names are not/DNS is not/

17 days ago

lxgr

I still don't get the point (presumably due to being in the set of "people like me") – could you please elaborate?

And I don't get what DNS has to do with any of this; this is a registrar/legal dispute, not a nameserver/technical one.

17 days ago

moralestapia

>not a nameserver/technical one

Of course I'm not talking about the DNS implementation!

But you're right, I could be more concise with my words, in the interest of making this a more inclusive forum.

First things first:

>I don't get what DNS has to do with any of this

DNS means Domain Name System. Domain names are resolved to IP numbers (think of that like the unique phone number of a particular computer in the internet) using DNS. Registrars manage what entries go in/out of this DNS. Registrars are a player in this whole technical/social system we agreed to follow called DNS.

With regards to intellectual property and domain names, consider all of these scenarios:

A. Someone owns trademark.com, somebody else owns "The Trademark" in the US. Is there copyright infringement?

B. Someone owns trademark.com, somebody else owns "The Trademark" in Vanuatu. Is there copyright infringement?

C. Someone owns trademark.de, somebody else owns "The Trademark" in the US. The site is overwhelmingly accessed by people who reside in the US. The site provides a service identical to the one provided by "The Trademark" in the US. Is there copyright infringement?

D. Someone owns trademark.de, somebody else owns "The Trademark" in the US. The site is overwhelmingly accessed by people who reside in Germany. The site provides a service identical to the one provided by "The Trademark" in the US. Is there copyright infringement?

E. Someone owns trademark.de, somebody else owns "The Trademark" in Germany. The site provides a service identical to the one provided by "The Trademark" in the Germany. Is there copyright infringement?

F. Someone owns trademark.de, somebody else owns "The Trademark" in Germany. The site provides a service completely different to the one provided by "The Trademark" in the Germany. Is there copyright infringement?

Can you see now, how domain names and trademarks are naturally decoupled?

Edit: Sorry! On a 2nd read I caught myself making the same mistake again. By "naturally decoupled" I mean that effects (set of rules, jurisdiction, law, etc...) that apply to the first entity (domain names) do not necessarily apply to the other one (trademarks).

16 days ago

will5421

Which registrar was this? I’d like to avoid them.

17 days ago

Modified3019

“iwantmyname”, from leafo’s post here: https://news.ycombinator.com/item?id=42364033

17 days ago

lxgr

I find it curious that this (purely factual and correct) comment got downvoted/flagged into oblivion.

17 days ago

Modified3019

Now that it’s morning, I realize that the comment I was replying to wasn’t asking about itch.io’s registrar, but was actually a reply to a post by sureglymop.

Basically I didn’t notice the very slight indentation on my phone. Whoops.

I don’t know who sureglymop‘s registrar is. I’d encourage them to name and shame, refusing to refund is unacceptable.

17 days ago

roryokane

How would you know whether Modified3019’s comment is factual and correct? sureglymop wrote “note: this was a different registrar than mentioned here”, and they haven’t written any other comments in the thread that might identify the registrar.

17 days ago

lxgr

> How would you know whether Modified3019’s comment is factual and correct?

By following the reference they provided, which is to a post by the person running itch.io stating just that.

I don't know if the linked comment is actually correct, but the link to a comment plus quoteof the relevant part seems as factual as it gets.

17 days ago

lxgr

Update: Turns out GP simply replied to the wrong thread, so it was just a typical case of "downvoting takes less effort than pointing out a mistake", I suppose.

17 days ago

rf15

Brand Shield and other AI slopware needs to be sued to death for all the damage they cause, including their customer's reputation and bottom line

17 days ago

paxys

Even if the suit is 100% justified (which it is in this case), and you can show damages, the problem will usually be of jurisdiction.

Funko Pop is an American Company.

BrandShield, the "Brand Protection Software" they used, is based out of Israel.

iwantmyname, the registrar, is from New Zealand.

They got bought out by Team Internet, which is British.

And who knows where all of them are actually registered.

They are all going to point the finger at each other for the problem. Who do you sue, and where?

17 days ago

latexr

The chain of culpability, in my view as an outsider, goes iwantmyname > BrandShield > Funko Pop.

Funko Pop hired BrandShield, but from what I understand they did so exactly because the latter does all the work without you having to intervene. Kind of like you hiring a lawyer and them using ChatGPT to present the case, full of errors and non-existent sources. The lawyer might have been acting on your behalf, but they didn’t really do so according to your intentions and their fuck up isn’t your fault. On first view I’d say BrandShield is a culprit here, but can’t be so sure about Funko Pop yet.

On the other hand, iwantmyname is absolutely at fault. They took down a client’s website without asking or recourse, then sat on their asses. That’s who you sue, because they’re the ones who ultimately had the power and made the decision that affected itch.io. If iwantmyname wants to sue BrandShield and/or Funk Pop or whatever else in turn, none of your concern. The one’s who hurt the business were iwantmyname by not doing due diligence or contacting the client but just automatically bending over.

Now if they should be sued in Britain or New Zealand, that’s for the lawyers to know.

In fact, all of this is for the lawyers to figure out. I’m not one. I’m merely expressing what makes logical sense to me, which could be incredibly wrong.

17 days ago

YetAnotherNick

If you hire the bad lawyer and loose the case, the lawyer won't serve your penalty. If Funko authorizes anyone to represent them, they are responsible.

17 days ago

Etherlord87

You sue the registrar, because you have the contract with the registrar.

17 days ago

toast0

You also sue the others, because they interfered with your contract with the registrar.

17 days ago

lxgr

You don't necessarily have to sue them in their place of registration if they're doing business elsewhere. "Defending trademark rights" probably counts as that.

17 days ago

kvdveer

Of course the problem is that legally speaking, they don't cause any damage - service providers they target cause the damage. BS have no true authority over these service providers, just the threat of some legal claim. The service providers comply voluntarily as they don't want to spend time checking if the claim is valid.

17 days ago

PostOnce

I don't think this is the kind of advice a good lawyer would give.

BrandShield, Funko, and iwantmyname all caused serious financial harm through, at a minimum, tortious negligence.

I'm not a lawyer, but even a yokel like me knows there's more to this legally than a shrug and "the software did it".

17 days ago

jcranmer

IANAL either, but my guess is that itch.io has precisely 0 plausible legal recourse here.

The strongest case would be something along the lines of breach of contract via the domain registrar, but your standard internet contract has a term in it that amounts to "we get the right to fuck you", so I assume that applies here, so no breach of contract actually exists. This also kills every claim that's dependent on breach of contract, so tortious interference is also dead.

Fraud will fail because itch.io itself isn't being defrauded at the very least. Business disparagement, and anything else along the lines of defamation, is going to fail because you need something like actual malice--specific knowledge of falsity--there, and that's essentially impossible to prove, not without somebody admitting that they knew all along everything was false.

Tortious interference is dead for several reasons. First, you need an underlying tort, which, as detailed above, probably doesn't exist. Next, you need specific knowledge of the contract being broken. Finally, you need intentionality here: it's not "I did something that caused the contract to be broken", it's "I did something to cause the contract to be broken." Outside of somebody jumping up and down shouting "I'm tortiously interfering with your contracts," it's basically impossible to prove tortious interference.

17 days ago

amyjess

> you need something like actual malice--specific knowledge of falsity

IANAL, but as I understand it the definition of malice also includes "reckless disregard for the truth". I'm sure a good lawyer can argue that not having human lawyers review, investigate, and confirm computer-generated abuse reports before sending them to outsiders constitutes a reckless disregard for the truth.

17 days ago

jcranmer

A lawyer might argue that, but it's not going to be a compelling argument. Recklessness is generally a conscious disregard of the consequences; as applied to defamation-like claims, it's generally seen as "you specifically voiced doubts about the truth". Failing to vet automated abuse reports is going to be at best negligence (and I'm dubious of even that, because given the nonbinding nature of abuse reports, it's not clear there is even a duty to candor in abuse reports that one can be negligent of), absent internal complaints about "the accuracy of these things is total shit".

17 days ago

gopher_space

Knowing that you'll absolutely generate false positives and not providing a method of automatically fixing those would be a deliberate action, not recklessness or negligence. I wouldn't be surprised to find code that pings staff based on account size.

It seems like providers could remove themselves from the situation by just giving their clients a "fair use!" response button?

17 days ago

RichEO

It’s clear that you’re not a lawyer, because if you were you’d know that there’s no established duty of care between BrandShield and web masters.

17 days ago

klez

Clearly I'm not a lawyer either, but isn't accusing someone of doing something that is not true and that can have legal ramification a suable behavior in the US?

17 days ago

pera

According to this no one has ever been prosecuted just for sending false DMCA takedown notices:

https://law.stackexchange.com/questions/51541/has-anyone-bee...

They do mention a case where the defendant acted in bad faith and was found liable for damages though.

17 days ago

pdpi

It's a good thing it's not a DMCA takedown notice, then. They reported itch.io for phishing.

17 days ago

pera

Sorry you are right, somehow I'd missed that part

17 days ago

pdpi

Sounds like a pretty straightforward case of tortious interference, actually.

17 days ago

rsynnott

Eh, dunno about that. They made what would appear to be a false complaint; hard to really consider what was going on here ‘fraud and phishing’!

That the magic robot perhaps did it for them matters not at all, in terms of whose fault it is, though a proliferation of magic robots does make junk services like this more of a problem, in that they can flood the internet with nonsense more effectively.

17 days ago

lxgr

Then there needs to be some cost associated with sending a completely false claim.

Doesn’t need to be huge – just enough to cover their cost and thereby make it uneconomical to outsource the work these companies are charging their customers for to their targets.

17 days ago

raxxorraxor

Yes, but also you need to bring your legislators to heel. It is entirely their fault.

That you have grifters like brandshield is a symptom. Although you should never employ their lawyers for anything either of course. Make the taint stick to them.

17 days ago

[deleted]
17 days ago

bpye

The registrar in question is iwantmyname, so I guess you can add them to your "do not use" list.

17 days ago

paxys

I feel like it's better to have a "do use" list for something as important as a domain name registrar.

- Namecheap

- Cloudflare

- Route 53 (if on AWS)

Any others?

17 days ago

koito17

Personally use Porkbun since Namecheap's API is poorly-documented and they attempted a KYC audit for purchasing a $100 domain.

I am fine with the identity verification, but their ticketing system seems to have sent all of my e-mail to their spam box, because they would never respond. I attempted opening tickets explaining the e-mail situation, but they wouldn't listen. In the end, I gave up and let them deactivate the account.

Moved to Porkbun, purchased the exact same domain (no KYC required!), and have been a happy user of their API for about two years now. They also have much more lax requirements for API usage compared to Namecheap. Porkbun also supports WebAuthn and logging in with a security key. It's overall a much nicer service than Namecheap.

17 days ago

yorer

That kyc thingy is icann requirement, its how domain registration works. Icann require every accredited registrar to verify registrant details so registrar would randomly ask for id, passport etc. That include porkbun, they're bound to their contract with icann as an accredited registrar too. They probably won't ask today but maybe tomorrow, or next week, or next month, or next year, or never.

17 days ago

eps

Other registrars just send an annual email asking to verify your contact details. Done. Icaan satisified. No need to actually harass your clients.

17 days ago

yorer

They already got your details from your card details and decide its enough. Something like vpn, using niche browser, details on card not tally with registration details etc etc would throw off their threat mitigation system. Also different business operated differently, their payment gateway behave differently etc etc. Too many random factor to avoid xxx specific registrar because they ask for kyc when the kyc itself is a requirement.

17 days ago

egorfine

> That kyc thingy is icann requirement

Is it really? Or just contact info is enough?

17 days ago

rdl

The requirement in the contract is nowhere near that specific. Contact info validation is sufficient for almost all registrars. It's possible a given registry has higher standards, or maybe one registrar got some order to be more thorough, but great reason to avoid given this is a commodity and there are actually good alternatives. (I broadly like Tucows and Cloudflare)

Namecheap is on my NO NO NO list, along with GoDaddy (and a bunch of others). Google Domains was also on this OH GOD NO list, but thankfully Google did the Google thing and killed the product.

17 days ago

egorfine

Most of my domains are on Namecheap since the times when wikipedia's domains were there. Hopefully, my low-key personal domains are of no interest to anyone...

17 days ago

aviraldg

What's the problem with Namecheap (I have my domains there right now)?

17 days ago

antihero

Do porkbun have a terraform provider?

E: https://registry.terraform.io/providers/cullenmcdermott/pork...

Not sure if it works though

17 days ago

adhamsalama

I bought a domain on Namecheap instead of Porkbun for the exact same reason!

17 days ago

kallistisoft

I've been using IONOS (formerly 1und1) for the last 20 years for all of my DNS and hosting needs and couldn't be happier. Their uptime, non-obtrusive policies, and customer support have all been top notch. Can't recommend enough.

As an example; I had a dedicated server that I was leasing that I wanted to upgrade, the sales tech noticed that the plan I was currently on had been retired/replaced and credited my account with difference of what I had payed vs the new payment tier which amounted to six months of billing on the upgraded server. You can't really put a price on that kind of honesty!

17 days ago

MortyWaves

Their extremely weird and annoying adverts in the UK have ensured I will never use any of their services.

17 days ago

sli

Back when I was using them, their ToS disallowed a whole lot of perfectly benign content, like pictures of celebrities. If you had a blog about movies and posted a picture of an actor, your account would get deactivated and your data simply deleted. I wouldn't ever trust them for anything I care about.

17 days ago

supermatt

I read this as you having to contact them in order for them to credit you for overcharging you for a retired product when the replacement equivalent was priced lower.

Why didn't they proactively inform you that your service was retired and there was an alternative available?

It sounds like this must have been going on for a while to be worth 6 months of service in difference alone.

I left 1and1 close on 2 decades ago. If you consider this a story of good service, then I would suggest you try some other provider.

17 days ago

terminalbraid

IONOS requires you to make a phone call to talk to their retention reps before you can cancel anything

17 days ago

lxgr

Isn’t that illegal in several markets at this point (unless you also initially signed up via a phone call)?

17 days ago

antifa

1and1 would call my house trying to sell me shit.

17 days ago

soulofmischief

Namecheap is terrible and cannot be trusted, you can google tons of horror stories.

Without a doubt, Porkbun is one of the best. Their staff is knowledgeable, helpful and efficient. Highly recommend them.

17 days ago

JimDabell

Namecheap is definitely on my “never use under any circumstances” list for reasons I outlined in this comment: https://news.ycombinator.com/item?id=18091287

The full thread is worth reading for more feedback on a range of registrars, particularly Namecheap: https://news.ycombinator.com/item?id=18086522

I strongly encourage people to only recommend domain registrars if they have verified that customer support won’t completely fuck you over when something goes wrong. Recommending registrars when you’ve only experienced the happy path is doing a disservice to the people you are trying to help out.

17 days ago

forgotpwd16

Namecheap gave me a quick response and help when requested support regarding a DNSSEC issue. So not everyone has bad customer experience when they needing it.

17 days ago

doublerabbit

I use namecheap too.

Apart from their UI being, huh, I've had no problems.

17 days ago

xoa

easyDNS still seems good for those who want a more old style "full fat" registrar like gandi was? I know some folks I respect who have long used it alongside Route 53. Though they don't appear to support hardware tokens which is a major black mark in my book in 2024.

As well as Gandi, DNSimple was another higher service one I really liked that went crazy on pricing. Agreed the registrar scene nowadays seems like a quite small "do use" list vs a couple of "don't use" :(.

17 days ago

mech422

I've been using easyDNS for 5(10?) years... Never had a problem with them and highly recommend them. I do 'hobby stuff' - nothing fancy, but it always just works. One time I called to ask if they support wildcard sub-domains (www..example.com or whatever..example.com) and actually had a real engineer pick up the phone :-) (btw - it did work, very well actually :-) )

The backup mail spool is nice too...

all in all - not the cheapest - but worth the piece of mind in my book :-D

17 days ago

teitoklien

Route 53 is outrageously expensive for domains, one should only use it, if they need AWS’s DNS product.

17 days ago

nucleardog

For .com as of Aug 2024, Verisign says they charge $10.26 wholesale, and ICAANN charges $0.18/domain for a total of $10.46/yr wholesale.

Route53's .com is $14/yr. So the three year price is $42.

Three year prices from a few registrars (there's so many pricing games the "per year" price is nonsense in most cases):

    Cloudflare: $31.32 (-0.06)
    GoDaddy: $46.93 (+15.55)
    Namecheap: $41.24 (+9.86)
    Namesilo: $51.87 (+20.49)
    Porkbun: $29.61 (-1.77)
    Route53: $42 (+10.46)
    Spaceship: $28.98 (-2.40)
All diffs given against the $31.38/3yr wholesale price from Verisign+ICAAN.

Not sure how that qualifies as "outrageously expensive".

You can make your own trade-offs, but for something that's literally the foundation of my online identity, business, etc I'm willing to pay $3.50/yr over wholesale for a company with a reputation, support, and generally aligned incentives.

You may choose to instead tie your online identity and business to someone charging less than cost to save half the price of a big mac a year. But I will find it hard to dig up much sympathy when we all find out _how_ they're planning to make money doing that.

17 days ago

pfoof

You can use any registrar with R53, so it's more like: if you really need to have domain registration written in Terraform and the other registrar doesn't provide it

17 days ago

bpye

Porkbun seem popular, I do use them for a couple domains. I haven't heard of anything egregious.

17 days ago

spiffotron

I use porkbun for all my domains, I’ve never had any issues and they don’t seem to gouge you on price for the smallest things.

17 days ago

kuon

I use infomaniak from switzerland. Mainly because I can physically go to their office and discuss in person if there is a problem.

17 days ago

cachedthing0

I used infomaniak once, I'm sure you spended quite some time at their office.

17 days ago

kuon

Joking aside, why?

15 days ago

Luker88

Any recommendations for people looking for a strictly European registrar?

17 days ago

conradfr

Infomaniak

Netim

17 days ago

bondant

I'm also looking to move my domains out of gandi but stay with a european registrar. Did someone try netim customers' service? They say on their "about us" webpage that the company is still owned by the founders, so I would think the enshittification hasn't started yet. But if some have experiences to share it would be nice.

17 days ago

conradfr

I went to Infomaniak when moving from Gandi because at the time I found the text contrast too light on Netim ahah, seems better now.

But they seemed quite proactive on Twitter around the time people left Gandi en masse.

17 days ago

astrange

Hover is fine. Never had a domain shut down though.

I have one on dynadot because Hover doesn't support the TLD, and the website sure is a lot more awkward.

17 days ago

freedomben

Another happy Hover user. Been using them many years. Not the cheapest, but a reasonable markup and works well, and hasn't shown signs of enshittification. Knock on wood.

17 days ago

astrange

Well you're not going to get reliable service if you want to know which one is cheapest. You want the professional registrar large corporations use if anything.

17 days ago

latexr

I’ve been using Hover since they advertised on 5by5 a decade and a half ago, and never had a single issue. They never bother me nor do I need to remember they exist. I only hear from them when they need ICANN contact confirmation or to remind me a domain is expiring.

17 days ago

TurtleStacker

INWX

17 days ago

zeeZ

I'm very happy with INWX, but their API is a bit lacking when it comes to limiting the potential blast radius.

It's either full access to everything or, thanks to their support for creating a special account on request, only full access to DNS management.

17 days ago

cybrox

Been with INWX for >10y, never had an issue.

17 days ago

sebmellen

INWX is really great and they also support just about every TLD.

17 days ago

thequux

I've used Register4Less for over a decade and I've been thrilled with them. They're slightly more expensive than the cheapest options (by a buck or two), but this is more than made up for by the fact that they're the only registrar I've ever used who have proactively reached out about minor issues. Every time I've needed to email them, I've gotten a response from somebody who can fix the problem within minutes.

17 days ago

norman784

Can you elaborate on Cloudflare?

I currently have some domains there (moved a few years ago from Godaddy), so is there something I need to worry about?

17 days ago

beAbU

Cloudflare is on the GP's "do use" list, not the "do not use" list.

I think the HN consensus is that Cloudflare is a reasonably safe bet.

17 days ago

jsheard

Though keep in mind that domains registered through CF must use CFs nameservers, you can't point them elsewhere if you need to. They sell domains at cost so of course they want to keep you in their ecosystem so you might pay for something else.

17 days ago

beAbU

That's true. I have my domains on Namecheap and my DNS on CF. I think it's just that little bit of extra safety to spread the risk a little.

17 days ago

[deleted]
17 days ago

framapotari

This is a "do use" list, so recommended services.

17 days ago

orphea

Namecheap is on my personal "never use; fuck them" list. I moved my domains to Cloudflare, and I am happy since then.

Porkbun is great.

17 days ago

pfoof

I use Namecheap and sadly still Gandi for old domains.

The only issue I experience with Namecheap are included redirects which have something like 90% uptime.

Route53 domains is seriously not needed for anything - just add zone in AWS and point your registrar to new NS.

17 days ago

weberer

>Route53 domains is seriously not needed for anything

If you're already hosting on AWS, then you'd only have one potentially hostile company to deal with instead of 2.

17 days ago

KingOfCoders

Namecheap has horrendous billing UI with their products, also not PDF so makes it hard for freelancers when you have many domains and your accounts want an PDF. Easiest is a registrar that mails you invoices in PDF.

17 days ago

teitoklien

their billing works just fine, i pay with it all the time.

They support credit/debit cards, bitcoin, and Paypal. I went with Namecheap especially because of their seamless payment method, Used to struggle at times paying for my domains with Gandi, etc.

Namecheap payment system works just fine.

17 days ago

KingOfCoders

Me: "Namecheap has horrendous billing UI"

You: "their billing works just fine" [then talking about payments, when I wasn't talking about payments but billing, "The process of sending an invoice (a bill) to customers for goods or services" -Wikipedia]

They have their billing for domains and products spread over several pages, there is not one place in the UI where they have all payments/billing combined, they don't have PDFs as I've stated and they don't sent invoices by email. Their billing UI is horrendous.

17 days ago

Ylpertnodi

I'd prefer a 'do not' list, because 'experience quoted'. Any one of the names you mention could be bought/ new CEO etc tomorrow and start the turdification (tm) slide.

17 days ago

midasz

I'm with Namecheap and they're decent but one big minus is how inaccessible their API is, would put them on the bottom of the "do use" list.

17 days ago

RobKohr

I have used dreamhost forever and have had a lot of domains through them for over 20 years. Never had a hitch and excellent customer service.

17 days ago

itscrush

Namecheap's been out a while, I'd drop them from your list too. Porkbun's in for now.

17 days ago

[deleted]
17 days ago

spariev

I use pananames.com, they for sure won't do things like OP described

17 days ago

poincaredisk

OVH is pretty good

17 days ago

nicoloren

Yes, never add a problem here (in France).

17 days ago

bb010g

I've had great experiences with NameSilo.

17 days ago

smitelli

Another happy customer of NameSilo here. A handful of .com, .net, and a .org domain registered with them, and I've never been personally irritated by anything they've done.

17 days ago

f33d5173

The upper two have had several known issues with them. I haven't heard anything about the latter one, but that doesn't mean they're free of issues.

17 days ago

gcr

Namesilo?

17 days ago

tucnak

Gandi?

17 days ago

trissi1996

They hiked prices massively so I wanted to transfer away, it was a massive shitshow.

Auth-codes given on the website were expired and they took 2 weeks to give me the correct ones near the end of the registry period.

Support was extremely unresponsive. As this this was a side project I couldn't spent time on every day my domain went into quarantine for a short time. They answered 2 days before the end of the rental period, when requesting the auth codes ~2.5 weeks before.

Will never use them again after this experience.

Porkbun is my new home for most stuff and domains.lt for .lt which porkbun doesn't offer yet sadly.

17 days ago

tucnak

Wow, I never knew that to be the case! How would I find a registrar that supports .at LTD? Cloudflare, AWS, Google—neither supports it.

17 days ago

trissi1996

From looking through https://www.nic.at/en/my-at-domain/at-partnerfinder the only one that I knew and did not hear shit about seems to be OVH.

Others might be good, but no idea who exactly, many small unknown companies in the list that could be either great or shitty.

17 days ago

tucnak

Thanks for Porkbun suggestion, I'll keep that in mind; it doesn't support .at but I'm now tempted to move my other domains there. Gandi used to be good, it's a shame what it's become.

17 days ago

nouryqt

I'm using dynadot for my .at domains

17 days ago

tucnak

Dank

15 days ago

eps

Bought by a private equity company.

Went back on their contract obligations already, hiked prices, etc. Will be milked to death.

Best to consider them dead.

17 days ago

supermatt

god no - gandi absolutely suck now for both service and price. I moved all my domains to netim.

17 days ago

jarofgreen

They were sold to another company a year or two ago and now some people are a bit wary

17 days ago

em-bee

i just moved all my domains off gandi because they doubled or tripled the renewal prices.

i am guessing they are milking their existing customers who don't notice or don't have the knowhow or resources to move their domains, and once those wise up to that they will lose a lot of them

apart from prices their operation didn't seem to change after the sale. although i only have a few domains so i probably didn't interact with them enough to notice anything else

17 days ago

InsideOutSanta

Damn, that's good info. I have all my domains on Gandi and noticed the pricing changes, but I just stupidly assumed that it was something the registry operators were causing. Sucks to have to leave Gandi, their UX is great, no stupid upselling, very clear website.

17 days ago

buro9

I've been doing this too, every time a renew comes around I shift it to Namecheap.

17 days ago

NetOpWibby

I've noticed that Gandi has become SUPER expensive as opposed to Hover lately as well. I'm just letting domains expire instead.

17 days ago

input_sh

One of my domains on Gandi was up for renewal. I've noticed they charged ~$140, while Namecheap charged ~$35. Easiest transfer decision I've ever made.

17 days ago

em-bee

wow that's 4 times as expensive!!

seems like gandi didn't just multiply the prices but raised them exponentially.

beware of namecheap though. see https://news.ycombinator.com/item?id=42364240

17 days ago

input_sh

I've read my fair share of Namecheap criticisms over the years and remain unconvinced.

I point my nameservers somewhere else and then forget about Namecheap for a year.

17 days ago

weinzierl

easyDNS (not to be confused with DNSEasy or DNS Made Easy). Very happy customer for many years and there are not many companies I can say that about.

If you are in Germany donaindiscount24.com is good option too.

17 days ago

clan

Beware! The OP was originally at a good provider which got bought out by Team Internet. See:

https://news.ycombinator.com/item?id=42364033

If you take a look at:

https://www.domaindiscount24.com/en/about-us

You will see that Team Internet owns them as well. So I would personally bve on the fence if I would consider them good or not.

17 days ago

weinzierl

Thanks! I did not know that. I mentioned them because I have never had trouble with them over some decades.

They were my second registrar. In fact more like the first "real" registrar, because before and in the 90s I registered via a one-man show.

But of course things can change. Let's see how this develops.

16 days ago

TZubiri

What's wrong with aws lmao

17 days ago

bigstrat2003

Nothing. He said that they are one you should use.

17 days ago

seanthemon

I've been using namecheap for over a decade and have had zero issues with them.

17 days ago

drusepth

We actually had almost the exact same thing happen to Notebook.ai last month:

- automated notice of trademark infringement from some posted user content, accusing us of "fraud and phishing" (filed by a third party on behalf of Meta)

- that user content was immediately deleted upon receiving the notice

- exactly a week later, our host (Heroku) banned our account with a generic no-reason "Your account has been banned."

Total downtime of about 24 hours until it was resolved; luckily, Heroku's support simply unbanned the account whenever I reached out to ask why we were banned. Migrating to another host wouldn't have taken much longer, but would have been a pain.

Goes to show layering a couple automated processes together can have pretty devastating false-positives. I'm glad there was a human in the loop at Heroku I could reach to get things sorted out relatively quickly; also glad to see Itch.io is back up and got it sorted out relatively quickly as well.

17 days ago

Animats

Hm. So Funko sells merchandise related to the Jurassic World franchise.[1] But, according to Licensing International, Mattel licenses the toy rights to that franchise from Universal Products and Experiences, the merchandise arm of Universal Pictures. [2] Also, Funko sells Disney Princess dolls.[3] Mattel announced a multi-year licensing deal with Disney to license the doll rights for Disney Princess dolls. “The courage and compassion found throughout our Disney Princess and Frozen stories and characters continue to inspire fans around the globe,” said Stephanie Young, President of Disney Consumer Products, Games and Publishing. “By furthering our longstanding relationship with Mattel, we look forward to expanding the worlds of Disney Princess and Frozen, introducing an innovative new era of these beloved franchises through captivating products and play opportunities.”

Might be useful to send letters to Disney's and Mattel's legal departments. Mattel paid a lot of money for that Disney license. Disney is very protective of those licenses. Mattel lost the Disney license to Hasbro for a few years due to overproduction of low quality dolls. I'm surprised to see Funko selling low-quality Disney dolls. They degrade a Disney brand.

[1] https://funko.com/pop-tyrannosaurus-rex-fossil/80225.html

[2] https://licensinginternational.org/news/mattel-and-universal...

[3] https://funko.com/fandoms/animation-cartoons/disney-princess...

[4] https://corporate.mattel.com/news/mattel-and-disney-announce...

17 days ago

Freak_NL

Why on earth would you send letters? These are all huge corporations with sizeable legal departments. They either know or they should, and most importantly, are paid to handle this. Moreover, you're not likely to be heard or understood by the first line of customer care there, even if this was something they weren't aware of (quite unlikely) but wished they were. It's a waste of time, and something even the biggest altruist would find hard to defend as a sensible effort.

Besides, Disney is perfectly capable of degrading their own brand.

17 days ago

OrangeMusic

I think OP's plan wasn't to help Disney, but to hurt Funko?

But I agree this is most probably futile :)

17 days ago

therealcamino

I think Funko's products are classified as collectibles, not dolls. I am sure they have licenses from Disney.

17 days ago

jerf

Funko still exists, ergo, they have licenses from Disney.

Disney chases down little daycare centers: https://www.snopes.com/fact-check/daycare-center-murals/

They would not miss Funko.

17 days ago

dawnerd

Disney and Universal license and even sell Funko in their parks. But what you did discover is why some are bobble heads.

17 days ago

[deleted]
17 days ago

Jdfmiller

I sent a request to the registrar, and they emailed with this response. They're claiming it wasn't their fault.

--------

  Your request has been updated. To add additional comments, reply to this email.

  9 Dec 2024, 10:57 UTC

  Hello and thank you for your message.
  The domain name was already reinstated earlier today after the registrant finally responded to our notice and took appropriate action to resolve the issue
17 days ago

KerrAvon

The registrant is itch.io. Sounds like victim blaming.

17 days ago

nicoloren

I've experienced the same thing: a YouTube channel deleted without any explanation (the email from Google mentioned spam, even though I filmed all the videos myself), Facebook preventing me from sharing posts from a website (without any explanation), and of course, domain names that get deindexed from Google without any reason (no message in Google Search Console).

I believe we've reached a point where any activity on the web can vanish overnight due to an AI or an algorithm making decisions based on obscure criteria.

17 days ago

subarctic

I mean at least those are walled garden platforms where this sort of thing we've come to expect. An independent website as big as itch.io going down because of a bogus complaint is a big surprise

17 days ago

Aachen

That's what I thought. Last week, two of my domains were frozen by the TLD owner without notice, and they'd take them offline altogether in 7 days if I didn't supply some paperwork to my registrar

I've had these domains for ten years, now all of a sudden this is super urgent and if I'm on holiday that'd be a real shame I guess

So I contact the registrar and a link to the relevant legislation was sufficient to send them a perfectly agreeably censored version of my identity document (removing just irrelevant information they can't use or verify anyway), but apparently all they do is forward it to support@afnic.fr and not actually mark the domain holder as verified. So AFNIC, predictably, rejects it because GDPR doesn't exist in France

I saw no other choice but to send everything into AFNIC's email inbox / support system, which famously never get leaked and they assured me was "highly" secured when I asked to at least remove it after verification

With just 7 days' notice and half of that going to the distraction of a registrar, there's also no way to figure out what's even going on or have any sort of conversation. They hold all the cards and you jump when they say hop

I'm considering my options for any TLDs owned by AFNIC... evidently .io isn't better, but how to know who is

17 days ago

nicoloren

I am French, so GDPR exist in France. But AFIC has some rules for the domain names you can, or can't buy: https://www.afnic.fr/en/observatory-and-resources/documents-...

Maybe your domains are affected buy a new or old policy?

16 days ago

Aachen

I am; I can't buy <firstname>.<anything> because it's a municipality or something in France and so I can't have the domain name for one of their overseas islands like Pierre et Miquelon (.pm). My registrar gave a refund for that one after the registration failed

But that's not the case for the domains AFNIC did grant. They registered successfully and I can still use them, also after this verification sham, AFNIC just insisted that I confirm immediately that I e.g. live where I said I live over ten years ago

I'm well aware that GDPR exists in France btw, but AFNIC is not — or at least has a different interpretation of what "not processing data unnecessarily" and "treating racial, biometric, and gender data as extra sensitive" means (they insisted I send all of these categories over plain email to a helpdesk system; I tried giving them an https link to a .jpg on the domain in question instead, but that was rejected with a "please attach to the email")

16 days ago

CM30

It should be illegal for any company to rely on AI or automation to handle legal risks, especially without any human driven support to fall back on. The fact we're handling over things this serious to unreliable and poorly configured systems feels like absolute insanity to me.

Also, why is the domain registrar even being contacted here? I thought the general idea was that you'd first contact the site owner and wait for a response, and if there's no response in a certain amount of time, then you might contact the registrar or something. No one should be going over the heads of website owners and creators for matters like this, especially not as their first resort.

In a logical world, they'd contact Itch.io and Itch.io would take down the page (which they did), and that would be it. No need to involve the registrar at all in a case like this one.

17 days ago

lxgr

I don't think it needs to be illegal – it should be enough to just hold companies responsible for the consequences, just like they are for using any other kind of technical system without appropriate supervision.

17 days ago

CobrastanJorji

Question to lawyers: is there a colorable lawsuit against Funko and/or Brand Shield if itch.io can demonstrate quantifiable lost revenue for those N days of being offline?

17 days ago

lmm

Given that this was apparently a false (and recklessly so, though that's going to be the hard part) report of fraud/phishing and not a DMCA takedown, yeah that sounds like tortious interference.

17 days ago

[deleted]
17 days ago

haunter

Slight off topic but interesting that the post has similar interaction stats (replies and reposts/quotes) between Twitter and Bluesky except the likes which are 3x higher on the former https://files.catbox.moe/82x7ue.jpeg

17 days ago

huhtenberg

BlueSky seems to be far less like-oriented. They aren't just a good metric of engagement there. People read and move on. If it might be helpful to others, they will repost, and that's it.

Besides, with 26K followers on BlueSky vs 173K on Twitter, I'd say the engagement on the former is significantly higher any way.

17 days ago

robin_reala

Luckily with Bluesky you can link to a post and everyone can see the replies.

17 days ago

Retr0id

For now! The bluesky URL contains "itch.io" (their handle), and under atproto, DNS name resolution is actually an integral part of handle resolution. It will start 404ing if/when relevant caches expire.

This one uses the "DID", not the handle, and will not 404: https://bsky.app/profile/did:plc:oy37ivqnriw6nx3lrbcht2u3/po... (cc dang)

Open issue regarding making bsky URLs less fragile while also not looking ugly: https://github.com/bluesky-social/social-app/issues/1221

17 days ago

peckemys

I think GP comment meant that when you link to a Twitter thread, logged-out users will only see the single post without any replies. On Bluesky, you can see the whole thread.

17 days ago

Retr0id

Right, and I meant that in the near future you may see no thread at all on bluesky, depending on when the relevant caches expire.

17 days ago

oneeyedpigeon

Interesting - most Bluesky accounts, especially those related to gaming, are reporting higher engagement stats on Bluesky, at least relatively if not absolutely.

17 days ago

blitzar

[flagged]

17 days ago

Etheryte

Well of course, your bot is having a wonderful time interacting with other bots. A whole bunch of resources wasted while making everything worse for real humans.

17 days ago

tbatchelli

This is a fair description of our future. I’m stealing it

17 days ago

Etheryte

See also: the Dead Internet Theory [0].

[0] https://en.wikipedia.org/wiki/Dead_Internet_theory

17 days ago

rsynnott

Oh, they've made it to bluesky now as well, unfortunately.

(Though, if you use a moderation service which flags/hides accounts with AI generated imagery, that's close to 100% effective for catching crypto scam stuff. Apparently, your average crypto scammer just can't resist a bit of AI-generated banner.)

17 days ago

MortyWaves

Thanks for making the internet shittier

17 days ago

smitelli

Odd flex but OK.

17 days ago

rsynnott

I don’t think it’s that surprising; Bluesky is quite big amongst the audience who cares about this sort of thing, and the author isn’t a bluetick so will have visibility relatively suppressed on Twitter.

17 days ago

gcr

I heard about this incident from a link shared from Bluesky first, which is significant because most of my social circle tends to use twitter

17 days ago

leonard-somero

I am Leonard Somero, I run verysoftwares.itch.io. I have over 300 followers and a game with 20k+ plays that has been repeatedly featured on the front page.

This certainly changed my morning routine! I am glad to hear that the reason wasn't me deleting my Twitter from my page. My first panic reaction was thinking it was me who's caused it, due to some kind of ad revenue conflict.

Ever seen the movie Summer Wars? I felt like the protagonist for a moment there, but glad it turns out it was just some 2020s AI nonsense.

Either way, there's surely an engineer somewhere who's very busy right now.

17 days ago

Shank

> Ever seen the movie Summer Wars? I felt like the protagonist for a moment there, but glad it turns out it was just some 2020s AI nonsense.

Love Machine was a rouge AI in Summer Wars, though.

17 days ago

gessha

Rouge or rogue :D

17 days ago

juped

Everyone involved in this is terrible except itch.io; it's a shame litigation, the available method for redressing this, is often avoided due to the high expense.

17 days ago

zo1

As a naive and new adult entering the world, I would have assumed that all you need to do is report this to your police/government, and they'll start a case, preliminarily determine that "Yeah, some sort of fraud happened" and then proceed to start a court case against the accused party so that a jury/judge can determine it's validity.

The fact that lawyers and the "lawyer system", in conjunction with prosecutorial offices and the police, has made this expensive and pretty impossible for 99% of people and companies is a huge problem. It basically nullifies the whole point of government as protector of people's rights and enforcer of laws.

17 days ago

oneeyedpigeon

It's very unlikely that anything criminal has happened here, so government is irrelevant. I'm not even sure we're seeing any malevolence, just rank incompetence.

17 days ago

zo1

Maybe not "criminal", sure. But even us thinking "oh it's a civil matter, not criminal one" is something conjured up by the lawyers in conjunction with government. It's such a convenient excuse, basically making it so that you as the injured party need to prove something at your own expense - expense that is directly funneled to the lawyer class.

At the very least what happened here is lying in a commercial context. Arguably something that should be illegal, and sometimes is illegal under the banner of "fraud". Again, the definition of fraud is not obvious (despite them arguing it is super explicit in the laws) and we have to rely on the lawyer priesthood to determine what the "sacred texts" say about it. Maybe even rolling some conjured up lawyer-dice and seeing what the Oracle at the Court says about it after they convene a little "ritual" known as a court meeting or deposition.

17 days ago

will5421

You don’t have to go through a lawyer, ie represent yourself, afaik.

17 days ago

jmholla

This is not a good strategy. You're almost guaranteed to lose being pro se against corporate lawyers.

17 days ago

soulofmischief

Negligence at scale is malevolence.

17 days ago

runevault

Not Criminal but invalid DMCA takedowns do open you up to lawsuits. I'm curious if both sides (aka the registrar and Funko) are liable or only Funko.

17 days ago

masklinn

> invalid DMCA takedowns do open you up to lawsuits

Invalid takedowns don’t open you up to anything. The only risk to takedowns is misrepresenting the purported owner but that’s not the case here and the risk would be from Funko not Itch.

Much of the reason for DMCA abuse is that beyond the notice being assumed legitimate there is basically no risk to the complaining party until they dispute a counter-notification.

Not that this is relevant in this case, as it was not a DMCA takedown. A takedown notice would have been addressed to Itch.

17 days ago

pjc50

This stuff would be civil jurisdiction in most countries. The Internet adds an extra layer of problems: the registrar, complainant etc may be in different countries, making it practically very hard to get anything done.

17 days ago

[deleted]
17 days ago

Sophira

It feels like Linode did a good job, too.

17 days ago

TiredOfLife

itch.io removed the fanpage (that didn't break any rules) that caused the takedown.

17 days ago

teddyh

Like I frequently¹ advise²:

Don’t look to large, well-known registrars. I would suggest that you look for local registrars in your area. The TLD registry for your country/area usually has a list of the authorized registrars, so you can simply search that for entities with a local address.

Disclaimer: I work at such a small registrar, but you are not in our target market.

1. <https://news.ycombinator.com/item?id=32095499>

2. <https://news.ycombinator.com/item?id=32507784>

17 days ago

remram

How do you monitor for when they inevitably get acquired?

17 days ago

teddyh

That’s a very SV view on things; i.e. that small companies inevitably get acquired. Most small companies don’t actually get acquired, and are not looking to be acquired.

The simple answer is: Choose a registrar without significant external investors.

17 days ago

timvdalen

I got a "cease and desist" type email from one of these (Tracer AI) last week. Really annoying, but I guess spam is a prime LLM use case...

17 days ago

rsynnott

Spam is, when it comes to it, basically the only proven LLM usecase at this point. Everything else is all a bit 'jam tomorrow', "doesn't really work now, but it'll be magic soon, we promise!", but it has very much revolutionised the spam industry.

17 days ago

disjunct

Funko as a brand exists entirely on derivative content, albeit licensed. Seems like exactly the sort of brand that would trip auto-DMCA software.

17 days ago

YurgenJurgensen

It also works out pretty well for them, as they’re basically /the/ symbol of soulless commercialism, sanding down everything distinctive about characters and producing a cuboid of concentrated Brand. Anyone who voluntarily looks at that and decides they want to be a part of it is already on board with the corporate hellscape, so nothing they do could possibly harm their reputation among their customers.

17 days ago

ivanjermakov

Since when it is registrar responsibility to take down domains based on third-party reports? I would think to do it registrar needs at least a warrant from officials, and not without a notice of domain owner.

17 days ago

6bb32646d83d

One of my .xyz domain was taken down because one it somehow ended up on a single spam list as Phishing (it was not hosting any phishing, and all the code is actually open source).

I never was able to get it cleared. It's crazy the power that those spam list can have and they care very little about false positives

17 days ago

slippy

How many other domains were knocked off by this AI reporting? Seems to me that if you make claims that have business repercussions, you need to be suable for fraud and face civil and possible criminal complaints.

17 days ago

rsynnott

Criminal seems like a stretch (at least for this sort of damaging-a-business stuff), but making false claims can absolutely have all sorts of civil consequences.

17 days ago

cherryteastain

How are all these "DMCA Ignored" domain registrars? Do they actually send all DMCA requests to /dev/null? Sounds like using one of those would have "fixed" the problem here.

17 days ago

qingcharles

I used to host my TV torrent tracker with one of these that would ignore literally everything. Was expensive, but was factored into the costs.

17 days ago

ailurooo

ugh this kind of stuff just makes me wish DNS was less centralized, even though it's already incredibly uncentralized.. of course it's just all registrars just being a weak point.. as always

17 days ago

TZubiri

It is as decentralized as you can get. Dns is the entire foundation of decentralization, any more and you get into schizo hyperprivacy protocols.

17 days ago

viraptor

It's federated, not decentralized. For decentralized you need something like https://ens.domains/

17 days ago

TZubiri

Are there any well established definitions for these terms as separate?

17 days ago

viraptor

Yes? Basically half of them? Some people put federation in decentralised group, some say only distributed is decentralised.

In short: centralised = 1 owner/operator, federated = many semi-autonomous operators to choose from, decentralised/distributed = everyone's an operator on the same level.

With DNS you still have groups of operators who can tell you what to do and they have the main agencies on top of that. I subscribe to the "it's not really decentralised" view.

17 days ago

TZubiri

Source: It came to me in a dream.

17 days ago

viraptor

Alternatively, do a quick search for "decentralised vs federated" yourself. People here don't owe you basic explanations.

17 days ago

TZubiri

It's not that I am dumb and I am asking for help with info. I'm questioning the existence of this, there is no reliable source because these are not standard terms in any discipline.

It's not that you are not giving me source because your time is valuable and I'm dumb. It's because there is no source and these concepts don't have any standard rigorous definition.

https://www.google.com/search?q=decentralized+vs+federated

Google gives me trash. These are trash concepts, nothing written by academics or professionals or standard textbooks, or proceedings of magazines or publications.

Just blogs and cryptonerds (with different definitions).

16 days ago

remram

The network is decentralized, but each domain still has a single registrar, making the service you (domain owner) receive very centralized. If that one registrar misbehaves or is unresponsive, you're out of luck.

17 days ago

TZubiri

You can switch registrars if you want.

17 days ago

remram

This requires cooperation from your current registrar, and involves the registry operator for your TLD which is again a single entity.

17 days ago

TZubiri

You are consistently objectively wrong on the facts. So your subjective take that dns is decentralized is again wrong.

You can choose different TLDs. Don't like VeriSign's .com? Go with a country tld or make your own tld. Also tld are regulated it isn't even an independent private entity.

Finally switching registrars does NOT require cooperation of the losing registrar, but of the upstream DNS.

The sane take is just don't chose a meme registrar from a bullshit country just because it sounds like something else.

16 days ago

[deleted]
16 days ago

jstanley

So, it's not as decentralised as you can get, you just personally don't like decentralisation?

17 days ago

TZubiri

*Without descending into a madness that decentralizes your very thought process and identity

17 days ago

josefritzishere

It may ultimately be lost revenue and lawsuits that protect us from the tidal wave of AI garbage.

17 days ago

TophWells

It's back up now!

17 days ago

ChrisArchitect

Some followup/developments (Dec 9th):

Itch.io: "This is not a joke, Funko just called my mom"

https://news.ycombinator.com/item?id=42371481

16 days ago

[deleted]
17 days ago

HelloNurse

Congratulation for the return of the site!

17 days ago

StuntPope

easyDNS here. Our ears were burning as multiple people have mentioned us in this thread.

If you want to get with a registrar who is actually clueful about takedowns, we can help you out.

17 days ago

Beijinger

There are some recommendations of registrars here in the chat. Let me recommend two:

1. internet.bs No Bullshit Domains. I am using them since 10 years, and I am very happy. Email is comparatively expensive, but you can buy this separately from infomaniak.com for 18 EURO a year.

2. If you need country TLDs, this may be a good option: inwx.com

17 days ago

[deleted]
17 days ago

[deleted]
17 days ago

tekknik

who exactly is taking bluesky seriously? what’s their moderation policy?

16 days ago

przmk

What does that have to do with the official itch account posting there? How would your seemingly personal beef with Bluesky impact the credibility of that?

16 days ago

mrdoe

[flagged]

17 days ago

Duralias

It is the same info, you don't need to be logged in to see it (including comments) and can directly verify that it is someone with control over the domain who controls the account.

I think that sounds like a good source.

17 days ago

rsynnott

I mean, with Bluesky you can see the replies; with Twitter if you're not logged in you either get _just_ the post, or you get an error message, depending on phase of the moon. For this sort of thing, Bluesky's clearly more user-friendly.

17 days ago

HelloUsername

17 days ago

jerrre

[flagged]

17 days ago

kobalsky

> Isn't insane that many of the comments are linking the CEO of Funko,

I'd say that it's normal on this site. You are misintepreting the intentions of commenters. No one is doxxing the CEO of a public company by posting a link to their profile.

People should be telling them they screwed up when their corporate behemots run over a small village and they don't notice. Any good CEO can capitalize on that.

17 days ago

[deleted]
17 days ago

oneeyedpigeon

Of course, any threats etc. are appalling and personal stuff should be totally left out of this. On the other hand, we should be able to call out the CEO of a company when they behave like this, regardless of what has happened to other CEOs.

17 days ago

tgv

> Am I the crazy one for seeing that in relation with the recent Health Care CEO events?

Crazy? Idk. Overreacting, perhaps. Surely the risk of someone planning an assassination over a bit of internet outage is negible. It isn't even clear who the culprit is.

17 days ago

Dansvidania

I am pretty disturbed by the same as well.

I am hoping it's all internet machismo. Not that it makes is any better..

17 days ago

CaptainFever

Same. It's a normalization of murder as a way to seek redress.

17 days ago

oneeyedpigeon

You've seen death threats on Bluesky aimed at the CEO over this?

17 days ago

nicwest

https://bsky.app/profile/karmn.bsky.social/post/3lcuc4dqudc2...

It's hard for me to read this any other way.

17 days ago

oneeyedpigeon

I saw that too. While the jury's out, this is clearly not an obvious "call to arms" or any kind of threat. It may be read that way, so I'd prefer not to have it, but if even stating the name of a CEO is off the table, then that's far too much 'protection', IMO. But, yeah, "fix this" isn't great wording to be using.

17 days ago

paxys

So one post with 3 shares. Humanity is doomed!

17 days ago

jen729w

Easy to say when your name isn’t Cynthia Williams.

17 days ago

malermeister

[flagged]

17 days ago

seabass-labrax

I feel that it's been coming for a while though - the first time I noticed this sentiment was when a businessman drowned after his luxury yacht sank in in a storm[1], and there were comments on social media celebrating the event. Whatever you think of the individual or millionaires in general, I wouldn't wish that fate on my worst enemy.

[1]: https://www.theguardian.com/uk-news/2024/oct/04/mike-lynch-d...

17 days ago

SuperHeavy256

Yes, I feel the same way. Internet machismo is a fairly appropriate term for it.

17 days ago

[deleted]
17 days ago

malermeister

[flagged]

17 days ago

steve_taylor

It's not insane at all. Funko unalived itch.io and its entire ecosystem.

17 days ago

jojobas

>unalived

Go to the nearest mirror and take a good look at yourself.

17 days ago

jamessbutler322

[flagged]

17 days ago

edent

[flagged]

17 days ago

javawizard

You probably want to read this: https://news.ycombinator.com/item?id=42364033

I've never heard of itch.io before but from what I can tell:

- Itch.io is a platform where people unaffiliated with itch.io can create pages and sell video games

- An itch.io user created a game that used Funko's brand without authorization

- Itch.io (correctly) removed that page when they were made aware of that by their registrar and server host, then responded to both letting them know they'd taken care of it

- The server host (Linode) said that was great and closed the issue. The registrar (iwantmyname) did not respond, then a few days later yanked the domain.

This is exactly the sort of thing the DMCA exists for (assuming itch.io is located in the United States) and it's exactly why the safe harbor provisions exist.

It's like if someone posted a copyright-infringing picture to Facebook and Facebook's registrar responded by taking down the entirety of facebook.com.

So no, this is not on itch.io's shoulders, this is on iwantmyname's (for disabling itch.io's domain even after being made aware of the circumstances) and Brand Shield (for not submitting a complaint to itch.io first and waiting to see if they'd take down the infringing user's content before escalating to itch.io's ISP and server host).

17 days ago

edent

I have read that.

Itch Corp might be in the USA - but their registrar is in New Zealand. That seems like a poor strategic choice for both customer service reasons and legal compatibility reasons.

I never said this was Itch's fault. But I do wonder how many takedown requests iwantmyname received, and whether that caused them to drop their customer. E.g. https://duckduckgo.com/?q=%22tagged+marvel%22+site%3Aitch.io...

17 days ago

N-Krause

It seems like the owner of the domain received notice from the registrar 6 days ago and immediately took action by removing the content referenced in the trademark claim and notifying the registrar.

But they got no response and instead the domain went down today.

17 days ago

oneeyedpigeon

Going directly to the registrar in response to an issue on a handful of pages is akin to getting the wrong change, saying nothing to the person on the checkout, then seeking out the store manager to get them fired.

17 days ago

steve_taylor

It's like going straight to the police, who then charge the employee. The employee is convicted and can't get a job because of the criminal record.

17 days ago

rsynnott

> I'm not trying to be a corporate bootlicker

Perhaps it comes naturally ;)

No, but seriously, you may be giving them a bit too much benefit of the doubt.

There's a little more context here: https://news.ycombinator.com/item?id=42364033

Note the "fraud and phishing" complaint. Like, I don't see _any_ way to get to that from what's going on, and of course registrars (correctly) take such complaints far more seriously than DMCA complaints (which shouldn't really be going to the registrar in the first instance, of course).

I wouldn't particularly blame the registrar here, though now that 'AI' spamware is doing this, registrars will presumably have to take fraud complaints a lot less seriously, and the internet will get a little bit worse. But certainly this isn't itch.io's fault; the blame lies squarely with the spamware, and with Funko for using such spamware in the first place.

17 days ago

edent

If the page said "Enter your Funko details to unlock…" or "Give us your credit card details to buy exclusive…"

Then I think it would be pretty reasonable to ask for it to be taken down.

But none of us know what was on that page or whether it was an overreaction.

17 days ago

rsynnott

> But none of us know what was on that page

I mean... we do? It is described here; top post: https://news.ycombinator.com/item?id=42364033

To be clear, there is no issue with them making a DMCA takedown. This should be made to the operator (ie itch.io). They _did not do this_. Instead they complained to the registrar of phishing/fraud. Registrars, not unreasonably, take complaints of fraud seriously, and many will nuke first and answer questions later. However, clearly, no fraud was involved.

(I'm not sure if you're being wilfully obtuse, or if you suffer from the ol' Hackernews "reading the linked material is forbidden" problem, but I just don't see how you can defend the false complaint of fraud.)

17 days ago

edent

No, we know what Itch say was on there.

You and I have know knowledge of what was actually on there. Neither of us have seen the complaint nor the page itself.

17 days ago

rsynnott

... Ah, I see, you're speculating that itch is _lying_ about it? Why would they? Like, what they describe is the sort of thing you'd expect to find on itch.

Occam's razor very much says that they are not lying, and that this is simply a false report by 'AI' spamware.

17 days ago

edent

I'm not speculating about anything. They made a claim and provided nothing to evidence it.

Similarly, the other side have made a claim which - apparently - was accepted by the registrar.

Why does Occam's razor not say that the claimant isn't lying?

FWIW, I think Itch are probably right. But there is a lot of IP infringement on there. Is it unreasonable to think that one of those page might have a phishing form on it?

17 days ago

SuperHeavy256

I appreciate you trying to be an unbiased voice of reason in this time.

17 days ago

Citizen_Lame

Corporate bootlicker alert!

17 days ago

totetsu

Is it possible for itch.io to follow the advice of putting user generated content onto a seperate domain from their main one?

17 days ago

gsck

The entire site is user generated content

17 days ago