And you are tuned to listener-sponsored, non-commercial WBAI in New York City, 99.5 on the FM dial, streaming around the world at WBAI.org. And right now we're broadcasting from the lead-lined studio. But as David Rothenberg mentioned, we're about to take you to the Crystal Ballroom, to hear off the hook. They're not here. No, they're down the hall in the new studio. And it is 8 p.m. I'm going to hit the little chromium switch here, and we should have off the hook. Well, I don't know if we made it, but maybe we did. And if we did, welcome. That's off the hook in a brand new studio. Well, here we are. Wow, I can't believe it. We're actually in the brand new studio. This is off the hook, making the debut. The unofficial debut, by the way. We're just taking this out for a test run. The real debut is coming in a weekend or two, and it's going to be in all the papers. Yeah, it's going to be amazing. This is Emmanuel, joined tonight by Alex. Good evening from the new studio. Okay, and that microphone works. Gila. Hello. Rob T. Firefly. Good evening from a shiny new mic. And Kyle. Hello. Kyle, you're sitting right by the window. Yeah, I'm watching traffic. Tell us. Describe the traffic, because we can never do this before. We can give traffic reports on Atlantic Avenue. If you're on Atlantic Avenue, they'll be of interest to you, but otherwise they might not be. Go ahead. Currently, the light out here on Bond and Atlantic is stopped. Oh, there's a garbage truck. There's a garbage truck. Which way is it going? Is it heading east or west? I think it's going east. It's going east. Okay. So, it just turned. Now, the light is currently red for Atlantic Avenue or green? No, it just turned green. Okay. Yeah. I can see people actually typing this up for late breaking news. That's amazing. Okay. And traffic seems to be moving kind of well. I can see the traffic, too. It looks like cars are going back and forth. I see there are some stores open. I looked. There's a person walking down the street. This is amazing. This is so cool. Oh, yeah. We should be doing a radio show, too, but I love looking out the window. No. I mean, if we were taking calls, we could probably take a call if someone said, hey, yeah, I'm down on the street. We could wave, you know. We could wave. They'd wave back. And it would probably get boring after a little bit, but, yeah, it's there for us. You know what listeners can do, though? They can drive down Atlantic Avenue and lean on their car horn, and we won't hear it because this is a soundproof studio. So, go ahead. Try that. We're in a room with, like, walls that go all the way up to the ceiling. This is incredible. Yeah. I can see there's people arguing out in the hallway, and it really looks like they're shouting at full volume at each other, both at the same time, in fact. You're not going to hear what the other person's saying that way, but we can't hear them. We can't hear them at all because it's soundproof in here. Wow. This is awesome. So, never again will we hear the copier machine go off in the middle of the show. We won't hear the elevator ding. We won't hear people saying goodnight as they leave for the day, sometimes for over 10 minutes saying goodnight. I'm going to miss it. We might go back to that studio, too. It's still there. But this, this is awesome. And this is all thanks to you, listeners. Thanks to your support. Thanks for your positivity. We now have a brand new facility. Yeah. This is really the culmination of so much work and so much effort and so much support from you, our listeners, who you are the ones who made this happen. I mean, you're the ones we have to thank because we can broadcast from here. We can use this shiny new equipment. I mean, this microphone really is shiny. There's not a spot of tarnish on it. And we have you to thank, so thank you. Everyone who supported BAI in the past, everyone who's supporting BAI right now, everyone who's going to support BAI in the future. It's because of you. If I witness a crime on the street, am I obligated to report it, or can I wait till after the show? Oh, they're just fooling around. No, never mind. You know, you look out the window, you see all kinds of things. Yeah, it's really distracting, actually. Yeah. Look what they're doing in that window. What happens if I bring this up? Hold on. Distracting, actually. Oh, it's us. It's us in the past. Look what they're doing in that window. Okay, well, that's going to get very distracting. Forgive us, folks. It's like a new toy for us. I do notice my mic is kind of cutting in and out. Do you guys notice that? No. We're hearing you fine. Maybe it's my headphones. No, you sound fine. Maybe it's me. I don't know. Alex, it looks like you've got something you really want to share with us. Did you get that promotion? Is that what this is about? Well, I have been up to some interesting things, but I'm not going to talk about that on the radio just yet. You literally have rolled up shirt sleeves, so I think you're going to dive right into it. I do. I do. It's been a very busy day today. Well, can we first say, folks, if you want to support the radio station and keep miracles like this happening, please call us, 516-620-3602. We have a number of great thank you gifts that you can get if you call. Pledge any amount. We are offering the Hacker Tote Bags. We're offering the Hacker Digest full set. We're offering the 2,600 three-year subscription, and we're also offering the Hacker Portrait. We'll give you more details on those later on, but if you just want to make the call and start the pledge process, and Kyle, you've got a Hacker Tote Bag right there. Yeah. I'm actually holding it. Hold it up to the window so the people in the street can see. Yeah. I'm pressing it against the window pane here. Yeah. It's glass. I'm holding it. Yeah. So if anyone's out there and they see it. Oh, they're pointing. They'll know this is the famous Hacker Tote Bag. I would say it's really high quality as I'm holding it here. It doesn't feel like it's just a piece of paper. It feels like it's heavy. It's got some very heavy-duty feel that just tells me that it can take all kinds of items. That's what a bag is supposed to do. This bag will not let you down. But I just wasn't sure that was clear, so I wanted to make sure everyone knew. It's not made out of straw, though, so don't get your hopes up if you think that's where we're giving away here. No, no. It's not the right season for a straw bag. Yeah. Also, I'd quickly like to say thank you to Fun Socks on Twitter, who has confirmed for us that they can hear us from the UK. Everything's working. Everything's streaming. And everything is shiny. And thank you to Junson, New Jersey, who ran out through a car radio, I think, to make sure that we were on the air. It's very hard to actually confirm you're on the air lots of times because everyone's listening through some kind of wired connection through the internet or through an in-studio link. So sometimes you might not be aware if you're actually broadcasting. It's very important in this day and age, but we are. And we're thrilled. We're thrilled to be here. All right, Alex. What do you got for us? Well, firstly, to bounce off what Rob had said about Fun Socks, I mean, that's Zap over in London. And I have to say, when I lived over in London, I went to the 2600 meetings in London. He was the most welcoming guy, introduced me to everybody, and it's such a good crew that we have over there in London, really great, loyal listeners, wonderful meetups. And they do it in a very civilized way. They meet up. Well, they're British. Of course they do. Of course. Well, I mean, they meet up in a public place, and then everything migrates to a pub, which is just, you know, I think they're perfect. Well, they're British. Of course they do. What are you saying about that they're binge-drinking alcoholics? Very civilized, and they're binge-drinking alcoholics. No. It's British culture. Well, then how would you explain Brexit? I can't explain Brexit. I cannot. Just putting it out there. But these airwaves, you'll get a good chance of hearing an explanation of it on these airwaves. No doubt. I do have to say, being in the studio is very weird. I ran in here at the last minute tonight, and I went to the other studio. Well, we didn't tell you where we were. No, you didn't tell me where you were. I told you I might be late. You don't respond at all. Because we wanted you to go to the wrong studio. I went to the wrong studio. I saw nobody in there. And I thought, what the hell happened? Am I here at the wrong hour? Did I miss it? It's been such a frazzling day. Oh, mission accomplished. Yes. That's exactly what we wanted you to feel. And here we are in here. And it's weirdly quiet in here when there's no sound. Shh. You're right. It's weird. Did you hear that? Nothing. Nothing. I mean, it reminds me of my balcony when I lived in Vermont, when you would go out there in the middle of the night, and there was no sound whatsoever, and it actually hurt your ears. What's the point of having a balcony then? You can see from it. I mean, you can look down on things. You can see things not making any noise. That's right. All right. It sounds like a painting. It sort of is very much like a painting, actually. I'm actually getting a lot of work done. I find it's very quiet in here. All right. Well, I'm glad you got that term paper underway. Yeah. It's about time. No, I didn't barely notice that you were having a radio program over there. Plus, the room is so much bigger. I think we've made it clear that this is very good for us, but I want to make sure that listeners know this is very good for them as well. You'll hear a more polished sound. We'll be able to do a lot more, and we'll just sound happier, I think, for one thing. Oh, yeah. We'll be able to focus on doing the actual radio programming. It was so nice. There's a big green button here. It says Studio Switch. We pressed that button, and we got control of the studio. I realized that's the good incarnation of that. We had the bad incarnation a few weeks ago. Somebody else pressed, and I'm sure it was a red button. We pressed a green button. We're moving ahead into 2020, and stronger than ever. I want to thank those people who made it possible, and thank those of you who are even thinking of calling now. Please call. It does make a difference. Again, 516-620-3602, or you can go to the website, givetowbai.org, or I believe, Gila, we can also do something really newfangled by texting. Is that right? Yes, yes. You can text the letters WBAI to shortcode 41444. And those letters have to be in order, WBAI. I mean, yes, although I do wonder what would happen if you could try it in all its different permutations. Do let us know. You'd be texting for a while, I think, given all the combinatorics. Do it after you donate. Yes, that is very true. Can I also share the most amazing piece of fact that I learned? Yeah, go ahead. Okay. That's what we're all about, after all. Yes, this is fantastic. So one of the awesome programs that exists in terms of donation is the BAI Buddy Program, which helps give the station a reliable monthly stream of income. And once your donation total gets up to $25, you're also a member of BAI. So theoretically, check this out, a $25 donation gets you a BAI membership. You could get the Hacker Tote Bag. That's a $25 donation, right? Absolutely. Hang on, hang on. I've got to look at my papers here, but yes, I believe you are correct. I believe that is exactly what it is. That's fantastic. So you could pledge $25, get a Hacker Tote Bag, get a WBAI Tote Bag. You could double fist your way to the farmer's market. It would be amazing. But if you become a BAI Buddy, we found out today that you cannot become a WBAI Buddy with an American Express card. Wait, that's a good thing? I'm not saying it's a good thing. I'm just saying it was a fascinating piece of information that I learned just before we went live in the new studio. I wonder why that is. I also wonder why that is. There's no explanation for it. Apparently, become a BAI Buddy with Visa, MasterCard, or Discover, but not American Express. Wait, Discover, but not American Express. I've never heard that phrase before. I do not make the policies. Wow. I just report what I read. Okay. All right. Well, we'll try and figure out why that is and get back to people. You know, because inquiring minds want to know these things, and we certainly want to know. Yes. Wow. Okay. It's also amazing we take Discover. You know what? Absolutely, yes. Also, one of our supporters here at the station, when we got here earlier, there was a supporter here dropping off a check. Wow. People do that. People drop off checks. People still do that. People still write checks. To 388 Atlantic Avenue in Brooklyn, New York. You can write a check. You can come here and bring it to us. You can mail it to us. That is actually a very excellent way to donate to WBAI and help us keeping what we do. Or you could give us a phone pledge at 516-620-3602, or go to givetowbai.org. Or roll some pennies and just ship them here. Yes. Yeah. Well, speaking of community-type organizations and involvement, I mean, one of the things that if we're going to get back to the tech side of things, now that we're back on the air and we have our brand new studio, and we have thanked our supporters for all of their support. I haven't seen you since we got the station back. That's true. Kyle and I were away, and you were here, and then you were away, and we were here. That's right. But now we're both in the same room. Yeah. And last week, by the way, when I was sort of remote in D.C. Yeah. With the NSA director. That's correct. Uh-huh. It was, you guys kept me on the phone so long, and I was so interested in what we were talking about that I didn't look at the time. And I literally, by seconds, made my train back to New York, which was the last train. Wow. And it was a comedy of errors trying to get to Union Station from the National Building Museum literally in six minutes to get on the train. But thanks for that. No problem. I just have to say, it really was slightly stressful. Always happy to make your evenings more interesting. Yeah, no doubt. It certainly was. There was a situation where I took a shortcut to get to the train and then realized that, oh, yes, that shortcut worked, but the escalator is going up instead of down. Well, that's no match for you. I've seen you go up, down escalators before. I went down the up escalator and got to the bottom of it and then realized that all that effort was for nothing because there's no way to get on the train from this side. There's no stairs or anything to get on the Amtrak train. But thankfully, somebody saw me in my frantic state and said, run around, I'll hold the train, and we ran up the stairs. And that's why trains are late. Yes, that's right. All because of you and off the hook and WBAI. I totally agree 100%. Well, I like how we're being blamed for this. Are we supposed to give you a running time check? Is that how most people on the phone are checking to make sure they get on their trains? I'll accept a challenge coin, something like that. Anyway. Just hang up on us. Yeah, I could have, actually. I would have had I known what time it was, but it was interesting. But in any event, speaking of public service organizations, community type organizations like WBAI, there's been a big, I guess, hullabaloo lately about the sale of .org, which was run by the Public Internet Registry. Now, I didn't know that you could do this. Wow. Hello. I was yelling outside. I'm sorry, general manager. You were yelling outside? Yeah. We couldn't hear you at all. Wow. Okay. Yes, we used to hear Bertholdt a lot, leaving the complex in our old studios. So we won't be hearing that anymore. No. Sorry to say. But yes, I heard the story, too, that the .org top level domain or registry is being sold or given to evil people or something. What's the story? Well, it's hard to say, because we don't know a whole hell of a lot about this new company that is ostensibly going to take over .org. I mean, and I think what's really interesting about this, too, is people may or may not know, .org has been run by PIR, the Public Internet Registry. And that has essentially been operated by ISOC, or the Internet Society, since around 2002. And we know them well. They help out at HOPE. That's absolutely correct. And in fact, I'm a member of the ISOC Board of Directors for the New York chapter. I do have to say I'm not extraordinarily active in it, and in all likelihood, I'm not going to be seeking re-election to the board, because I just – it's not because I have any disagreements with ISOC, and it's not because of what's happening right now. It's just because I don't have a tremendous amount of time to devote to that, and that's a regret of mine, in fact. So the Internet Society was actually an outgrowth of sort of interactions and involvement in the IETF, or the Internet Engineering Task Force, which sets a lot of the technical standards for the internet. So that was started in and around 1992 or so, and they do various outreach type of efforts. They enhance trust in the internet by developing certain policy frameworks for openness and trust. Connectivity is very important to ISOC, you know, on a global level, and connectivity meaning they try to enhance connectivity for places where there is none or there is little connectivity to the internet. The goal of ISOC I think is very laudable, which is to have everybody who wants to be connected to the internet in the world to be connected to the internet. Security is really important. The rollout of encryption and encrypting the web has been an ISOC endeavor for many years. And of course policy development that protects and enhances the openness and stability of the internet is also another goal of ISOC. So ISOC has done a bunch of laudable things. A lot of its efforts have been funded by operating through PIR, the Public Internet Registry, .org. However, it has just come to light within the last week or so that the ISOC, the national ISOC, not any local chapters because I don't believe any of them were consulted about this, plans to sell .org to a newly known company. I don't know if it's necessarily a newly formed company, but Ethos Capital is the name of this particular entity. And they are essentially a – unlike PIR, they're not a not-for-profit. They are a for-profit investment firm interested in purchasing .org. And so this has caused quite a stir in the internet governance community because ISOC has now come under a lot of criticism for not being so open and transparent about its plans to sell .org to this other private party, which is not a not-for-profit, a for-profit entity that would then have the right to make all kinds of policy changes to the registry itself. And let me ask you a question. Do you own any .org domains? I'm sure you do. Oh, absolutely. I actually have 2600.org for one. Oh, you do? I didn't realize that. Okay. And it just redirects to 2600.com? Unless there's reason to not do that, to do something else. Well, there might be reason now. What about you guys? You guys own any .orgs? I do have a .org in my portfolio. Yeah. I mean, a lot of people do, right? And a lot of major organizations do, and a lot of major companies do. And so people have come to – EFF. EFF.org. EFF.org is one of them. And EFF, I believe, has come out in opposition to the sale because it hasn't been as transparent and forthcoming as they would like. ACLU.org? ACLU.org. Absolutely. Yep. So there's a tremendous amount of organizations that rely on the .org Internet registry. All right? And in fact, I did some analysis on this today because we obviously work with the DNS quite a bit. So I took a look at the .org zone file. The zone file, for those of you who don't live on the command line like most of us here, is essentially a list of everything that's in an Internet registry or anything that's in a list of a top-level domain. So the .com zone file would have a list of all the domains in .com. They have different formatting and whatnot. But .org, when I uncompressed it this evening before I came here, had about 25 million lines in it. That does not necessarily mean there are 25 million domains there because some records are duplicative because they have multiple name servers associated with them. Duplicative? Duplicative. Duplicative? Duplicative. Yes. You can look it up. No, it's a great word. I just never used it. You never used it? Duplicative. Sort of like swimmingly. Okay. Sorry. I don't mean to jump in. But is that like duplicitous? No. Duplicitous would mean sort of underhanded, right? Oh, okay. I've used that word many times. Duplicative. Okay. I'm sorry. Continue. No. We can go on to semantics too if you want. When I hear new words, I get excited. I know. I know. Well, you know, you work with words too. I try to. Yeah. What? It's also Italian. Oh, Italian. Okay. In any event, so .org is being sold to this company, Ethos Capital. Ethos Capital has connections to somebody by the name of Fadi Shahadi. Have you ever heard of the name Fadi Shahadi? Is that from a cartoon? No. I don't mean to be disrespectful, but a name like that, come on, you're going to have to get used to it. No, I've never heard that name before that I can remember. Kyle, are they an influencer? In certain small, I knew it, nerdy circles. I knew it. If they're an influencer, then I retract any apologies I have for making fun of the name. Right. So Fadi Shahadi was the president and CEO of ICANN, or the Internet Corporation for Signed Names and Numbers, which is a not-for-profit corporation out of California that is essentially the regulatory body for the internet. They are in charge of the security and stability of the internet, and that involves a lot of the DNS policy. Oh, nice job, guys. Yeah. It's been a real cakewalk lately. Oh, yeah. Tell me about it. So they're responsible for that. All right. Good to know. So Fadi Shahadi is an advisor to Ethos Capital. Now Ethos Capital basically claims to be this very ethical investment firm. They claim that they've made a whole bunch of investments in other technology-related companies and they do everything for the benefit of the internet and the stakeholders as a whole. But they haven't made any firm commitments about not increasing fees too much. They did mention that right now a .org registration is on average about $10. They plan to increase this most likely, but only to the tune of about 10% a year or $1 a year. Now it would not be unheard of, let me tell you, because I've been working with ICANN for a number of years now, for a potential registry operator to make certain promises before there is the transfer or the delegation of a top-level domain to the root zone of the internet, meaning it goes live, and then they do something completely different. And the big problem here, and I think this is where most of the issues arise, is that ICANN itself is a very toothless regulatory body. It is a very difficult-to-navigate, complex organization, all operating under this not-for-profit structure. There are more acronyms than you can quite literally shake a stick at within ICANN. I mean you have really opaque systems, like within ICANN you obviously have the board and then you have certain constituencies like the GNSO. Anybody know what the GNSO stands for? It stands for the Generic Name Supporting Organization. Beneath the GNSO you have the IPC, or the Intellectual Property Constituency, and the Intellectual Property Constituency is comprised mostly of lawyers who are lobbying on behalf of brand owners and copyright holders that want additional rights protection mechanisms to be put in place. So people here are thinking now that this is in the hands of a private party that wants to make money. They may enhance certain RPMs or rights protection mechanisms that could adversely affect people using .org domains for things like the hypothetical Iranian dissident who's then stifled, or people who may be using it for fair use or parody, or to make certain political statements. So there is a fear here that these private parties, much like Google and Facebook and all these other large organizations, that they may now have to kowtow to these sort of anti-democratic or autocratic regimes around the world and take certain enforcement or allow certain enforcement activities within this registry that ISOC wouldn't otherwise allow and that ISOC would not kowtow to for the sake of having access to those particular capital markets. So are you saying that those domains that are currently .org aren't privy to the same kinds of enforcement and regulations that a .com or a .net would be? They certainly are. Now, they absolutely are. .org has signed on to something called the UDRP system. That stands for – it's actually another misnomer and another crazy acronym. It should be UDNRP because it stands for the Uniform Domain Name Resolution Policy as well as the URS. I mean, this is – again, all these problems with ICANN is because everything is a damn acronym. URS stands for the Uniform Rapid Suspension System whereby you can take down a certain number of domains but they're not going to be transferred over to the complainant. The UDRP has been a system that's been in place for almost 20 years, since 1999, and that allows you to essentially take out domains that are infringing on intellectual property that were registered in bad faith and are being used in bad faith. You can certainly do that with .org but there may be – people are hypothetically afraid of these new rights protection mechanisms that may be forced in place by certain foreign regimes. But I think a lot of where this is stemming from as well, aside from the intellectual property and free speech issues and the cost issues associated because a dollar a year is not a huge amount of money for us in the United States but for others around the world, it actually might be. We have to keep that in mind as well. But I think a large part of the problem here is that this was done all behind the scenes without any of the local chapter or any of the actual ISOC member involvement. And ISOC being a multi-stakeholder, usually transparent organization, this sort of came out of left field for many, many people and they have a lot of questions about this. I'm very torn about this, to be honest with you, because I believe in .org, I believe in what it stands for but I'm also realistic about it in that .org is not just used by organizations, it's used by massive amounts of private parties as well. Yeah. It used to be that you had to fulfill certain criteria to actually get a .org domain but now anybody can get it. So I just wonder what really is changing. It seems like it's pretty much the same as any other top level like .net or .com or .anything. It's not restricted. So do most people think of .org differently? I don't think that they do anymore. I think people realize that you can be anybody anywhere. You can be a private party, you can be a private company, you can be a tenant's organization. Anybody can get a .org domain at any time of the day. So there are no registration criteria on it anymore, much like most top level domains on the internet. But I think you bring up a good point here because if a private – and this goes against I think the arguments that are opposing ISOC and what it did, is if a company like Ethos Capital is interested in purchasing the .org registry, they're going to do it on the basis of it being a good investment. And if you think let's say probably realistically about 10 million to 12.5 million or so domains exist within the .org registry, that doesn't mean that all of the registration monies go directly over to the .org public internet registry right now. But it is a very valuable top level domain. Most of the other new generic top level domains that have come out since 2014 when ICANN launched its new GTLD program don't have nearly as many registrations as .org. So it is a way to generate a certain amount of money. And ISOC has itself been funding many of its operations through the revenue that it generates through .org. So the sale of .org has got to be for a price that would account for many years of future revenue. And if this Ethos Capital is planning on making back its investment, it has to think about things like well, of course the revenue is based on a number of registrations. If .org is going to make – if Ethos Capital, running .org in the future, let's say the sale goes through, if they're going to make too many changes to the registry, if they're going to increase fees, if they're going to stifle dissent, if they're going to kowtow to repressive regimes, then there's going to be a massive migration from .org because people are not going to want to be associated with it, they're not going to want to have their domains there. And there are plenty of other top level domains where they may be able to get registrations or they may already have registrations and they might shift to them. And if those migrations do occur because there were massive changes to the registry, then that is going to mean that the revenue is going to go down. If the revenue goes down, then the registry fails. If the registry fails, then Ethos Capital loses its investment. So from a business standpoint, I don't necessarily see the wisdom in making a massive amount of changes of the sort that people are hypothesizing would be done. Simply because something could be done doesn't mean that it makes economic sense for it to be done. That's my point there. But on the other hand, I also do feel very strongly that ISOC should come out and answer a lot of the public's questions about this. Yeah. I mean, there's the sort of standard exercise of common sense, which is if this is under the control of a non-profit, one would, I think, logically expect a different behavior than if it's controlled by a for-profit. And this is very interesting to me because some of us in this room are old enough to remember why ICANN came into being, which was Network Solutions back in the 90s had a monopoly on ComNet and org, and domain names cost hundreds rather than the 10 or 15 that they cost today. Well, they used to be free. They used to be free. Then when they became a thing to charge for, they cost a pile. And the introduction of ICANN was to break up the monopoly that Network Solutions had, allow other registrars to play, and allow competition into the field. And so how does that jive with this current way things are organized, with a single organization able to just take an entire top-level domain and do what it wants with it? Well, you know, you raise an interesting point, but these registries that we have to realize are our private property, right? I mean, if we hearken back to the heady days of 2012 when ICANN was just launching its new GTLD program, I mean, there was a massive drop in generic top-level domains. So this was the expansion of the DNS, or the Domain Name System, whereby private parties could start their own internet registry. So you could start your own equivalent of .com, and a lot of people did. When I was with my old law firm, Steptoe, we represented a number of very large organizations like Google that applied for, I think Google applied for actually 101 top-level domains. And they got a massive amount of them. They were also the only applicant to develop their own back-end registry for top-level. Most people were using... But when you say they applied, you mean domain names in the top-level domain, or control of the entire top-level domain? Control of the entire top-level domain. So for instance, .google. So you know, there are top-level domains like .art now. You know, all of these generic terms that didn't exist on the top level, to the right of the dot, where there was a .com, there was an application process in 2012 that allowed you to apply for whatever you wanted. Interestingly enough, nobody applied for .hack. And this is something I mentioned at... It's not really true, because... Well, first of all, I think it was like a $10,000 fee to apply, and it wasn't refundable? Oh, no, no. And you're getting to the point that I was about to make there, too, which is most of the time you interrupt my narrative flow. Now you're actually enhancing it, which is... Well, we only have an hour, so we gotta... This is the new studio working out for us. But the application fee to apply for a single top-level domain, just to apply, not accounting, lawyers' fees, consultants, etc., was $185,000. Okay. I saw that as $10,000, because they were both equally unreachable for me, but... That's right, yeah. So if you modify... And I think ICANN had received well over $2,000 of these applications. So if you multiply $2,000 times $185,000, that's what they were all of a sudden sitting on in their bank account when the application window closed in 2013, which is incredible. That is incredible. Incredible. How do you... That is a scam like no other I've ever heard of. No doubt. That is incredible. I mean, it really was amazing. I personally worked on over 200 applications for new GTLDs. And they could just reject them all and just keep the money? Absolutely. Wow. Yeah, that's right. And then some of them went to auction, and then they would pocket the money from the auctions as well. So, I mean, it was just an incredible amount of money that ICANN is still sitting on. But to go back to Rob's point is that these are private property. People pay for them, and they generate a lot of revenue. And so just like any other private property, I believe it can be bought and sold. But I think ISOC should, in my opinion, personally, not as a member of ISOC or a member of the board, but in my personal opinion, I think ISOC should not allow the sale to go through until it answers all the questions of all of the stakeholders in the community about what kinds of checks and balances and what kind of due diligence they have done on this company Ethos Capital. Because it's associated with people like John Nevitt who runs Donuts, another registry that applied for a massive amount of generic top-level domains in 2013 during that application window. I think well over 200, and they literally came out of nowhere and applied for I think around 200 top-level domains. And they did things like increase fees after they said they wouldn't necessarily increase fees. So they're associated with them, and they're associated with Fadi Shahadi who's an advisor to Ethos Capital. And Fadi was an ICANN insider. He was in the sanctum sanctorum of ICANN. He was the president and CEO. And so it's not to say that he should be barred from having anything to do with domains or the DNS, but I think that this revolving door that seems to be revolving into lots of money has certain questions swirling around within it as well, and those questions should be answered. Wasn't Mitt Romney's name in there somewhere? I thought I saw that. I believe he was associated with some of the companies that have funded Ethos Capital. There were some Republican interests there too. So if we're looking at these domains as private property, then those of us who've been sitting on .orgs, who've owned .orgs, who've lived virtually on .orgs for years and years and years, is there any mechanism for those of us who live there to have any say, like say a renter would in a rental property, in what happens to them? Not necessarily. Not necessarily at all. They have literally I think zero say in terms of how the registry is operated and what's going to be done with the ownership there. But I think you're sort of bordering on an interesting issue here too is because Ethos Capital, this private company that again sort of came out of nowhere and wants to purchase from PIR, the .org registry, they had mentioned that they were only interested or rather they only approached ISOC about the sale of .org in September of this year, of 2019. And that was after certain restrictions on raising rates for .org domains were lifted by ICANN. So there is definitely an interest in raising the fees if you look at the timing. However, what I think remains to be seen and is also completely unanswered is was there any back channeling earlier on about the decision with respect to the lifting of the restrictions on fees for .org because that would certainly allow them to get their ducks in a row and prepare to make a bid to ISOC for the purchase of PIR on that basis. Now here's something interesting that I found this evening and it's one of the reasons why I rushed in here very late and this is not conclusive, but it's a little tiny bit of digging that I did. So using the DNS intelligence platform that we use in our farm and we developed, one of the things I did was I did a scan for every single domain name that has the string Ethos Cap in it. And we found, of course, a whole bunch of them in lots of different TLDs, but a couple stuck out ethoscapital.com, which relates to Ethos Capital. Well that's been around for a while. That was registered on 21 October of 2011. What's interesting to me though is ethoscapital.org. Ethoscapital.org was actually registered on 7 May of 2019. Wow. Yeah. Quite interesting. Now the registration information, the who is, is obviously masked ostensibly because of GDPR, the European Privacy Regime that prevents PII from being displayed and who is data. And who is, for those of us again who don't live on the command line, is how historically you would look up a domain name. Who is, you know, CNN.com will show you who owns essentially CNN.com. You can try it yourself. So the who is here is masked. But I find it extraordinarily interesting that the .org version of Ethos Capital was registered several months before they claimed to have approached PIR about this. So you think maybe they were saying to themselves, hey guys, we're going to pull this off. We really should have a .org ourselves. And with somebody like Fadi Shahadi being on their advisor list, who was the president and CEO of ICANN, I would like to know, and I would like to perhaps see the communications going back and forth, if there were any, about any back-channeling of information with respect to the lifting of the registration fees on .org. I'm also kind of surprised that that domain wasn't registered before. Most companies have squatters that take their names if they don't take them themselves. Is there a way to go back and see if it was registered before May of this year? Oh, absolutely. I haven't done that yet, but it's quite possible that is the case. But again, this company, Ethos Capital, nobody really heard of them beforehand. Who heard of Cambridge Analytica? These companies just sort of pop out of nowhere and you realize how evil they are. No doubt. But again, I think Ethos Capital seems like it's trying to make the right noises to say that it's going to satisfy the stakeholders, it's not going to increase fees or do anything too crazy. And to an extent, I do believe them only because the economics of making decisions otherwise would be terrible. All I know is Ethos is going to be pissed if they have that .org and they have to pay more for it later. Yeah. An extra dollar a year is going to kill them. But let's see. We're going to track this. I think this is important to a lot of our listeners and important to the essentially internet users at large and especially not-for-profit organizations. So this is really important. A lot of people are up in arms about it and we're going to continue to track it and cover it here. Okay. We'll definitely have some updates on that. Speaking of lots of listeners, we'd like to talk to some of them. And we want to test out this phone too to see if it actually works. Our number is 212-209-2877, I'm sorry. It's not on the wall. I looked on the wall and the wall is different. 212-209-2877 is our phone number. And yeah, we'd just like to hear any feedback on the show, on technology in general and other things. We've been really positive this week where we had some really amazing things happen and we're thrilled about the advances that are taking place. So we want to keep going in that direction. And of course, in that vein, we also would like to encourage people to call the pledge line 516-620-3602 to show support for WBAI and make such things possible where we can improve and expand anything that's possible. And we want to hear your ideas as well. And you can write to us, oth at 2600.com with those ideas. But just to let you know, the pledge gifts that we have for you include the hacker portrait. That's where you can have your own likeness painted by our own Rob T. Firefly. And yes, indeed, you can send me a photo of yourself or someone that you would like a portrait painted of. And I will interpret it artistically and paint it on a five by seven canvas for you. This is an actual painting on actual canvas, one of a kind piece of art. You will have the only copy. And this is the only way in which you can get hold of a commissioned art piece by me because I'm not doing this right now outside of this premium for this station. So if you go to give2wbai.org or you call 516-620-3602 and ask for the hacker portrait for a pledge of $100 or more, you could get hold of that and I would be thrilled to do it for you. You can also get the three year subscription to the Printed Magazine 2600, the Hacker Quarterly for a contribution of $50. Just ask for 2600 three year subscription and that will come hurtling to your doorway or mailbox or PO box or whatever it is that you tell them. Or you could send it to somebody else too. It makes a great gift or good revenge too at the same time. Hacker Digest, full set and lifetime subscription for a pledge of $100, a fraction of what it normally costs. So that's another great way to contribute to the radio station. And of course, the Hacker Tote Bags that Kyle is still holding on to for a pledge of $25. And those are really cool too and they can hold just about anything, including all the back issues that you can get. Okay, so again, I'm sorry we had a bunch of phone calls come in. If you're still ringing the phone, you've gone somewhere else and we don't know where you are. So please call us 212-209-2877. Sometimes it just sort of transfers to different lines and they're in different rooms. Again, we just want to hear how we sound. We don't even know if this is going to work. You might not be able to hear us on the phone. We've never used it before. So let's try this one here. Good evening. You're on off the hook. Hello? Hi, go ahead. Can you hear us? Yeah. I just sent you guys an email about a group called save.org and they actually have a letter posted on their website, help stop the sale of public interest registry to a private equity firm and it's addressed, attention, Andrew Sullivan, CEO, internet security, John Nevitt, CEO, public internet registry, Martin Botterman, internet corporation for assigned names, ICANN and Goran Mabry, Marbie, I'm sorry, CEO of ICANN. So I think you guys maybe should try and get in touch with that group and maybe have somebody from that organization on the show or dialogue with them, you know, since they seem to be aligned with your concern about the sale of .org. Yeah, absolutely. And in fact, we've reviewed their letter. We've taken a look at their literature and in fact, I have it printed out right in front of me and the address or the domain name to get to them is save.org.org. And that's save. Really? Save.org.org. So save.org.org. And yeah, you're absolutely right. And some of the issues that they raise, which essentially, you know, they're concerned with raising registration fees, the rights protection mechanisms and, you know, a lot of the things that we had discussed on the air. So you're absolutely right. I think their interests are aligned and our listeners should go to save.org.org to learn more and potentially sign the letter that they are putting together. Thank you for that call. And I'm sorry, but every time you say save.org.org, it makes me laugh and I don't know if that's the best way to win a campaign, but it is clever. I'll give you that. It's definitely clever. The one thing that kept coming to me is why do these registrars need to make money? I mean, I guess some of the top level domains, sure, they could be money makers, but you're telling me like adding some names to a file in a DNS registry that has like a huge overhead. Like why should .org be something that has to be like profit making and, you know, maybe others could, but it just to me doesn't really make sense. It sounds like the racket for certificate authorities, honestly, before Let's Encrypt. It's like, hey, we have this fake thing, this thing that has no tangible, it's literally a checkbox and it means there's trust. This is the same thing. It's like a line in a zone file in a DNS database somewhere. What does that cost? And how can you charge enormous rates for one domain versus other domains when their overhead is the same for running those servers? Back in the early 90s, you could register as many domain names as you wanted. It didn't cost anything and people were registering all kinds of things and those who got there first who didn't have a trademark violation to confront later on, they might still even own those domains now. Yeah. I mean, Kyle, you bring up a good point. It does not necessarily have to be run in a for-profit way, but since it is private property, it can be transferred, sold, and that's what ISOC is doing. And one of the reasons why I went into what ISOC does for the internet at large at the outset of this discussion was to show that they're doing really important things and they have a lot of really important endeavors. And according to Vint Cerf in an email that he wrote on November 15th where he's sort of deflecting a lot of the criticism coming from members of ISOC claiming that this should be ratified by the membership, it wasn't done, that this deal wasn't struck in a transparent manner or in a manner in accordance with good governance principles. Vint Cerf wrote in a November 15th email that it is unrealistic to assume this deal could be negotiated in a way you have suggested. This is a good deal for ISOC and the board deserves credit for due diligence in its negotiations. Those are the words of Vint Cerf. And I think, you know, they should carry some weight and we should be somewhat skeptical. If it's a good deal for ISOC, that means that they're getting enough money so that they can fund their other ongoing operations that are important to all of us and important to the hacker community, important to internet users at large. But this notion that the board deserves credit for its due diligence is what I really take issue with because we don't know what due diligence was done. We don't know what backgrounding was done on these people. Nothing about that due diligence has been transparent and so I take issue with that. Sorry, Vint. Yeah, I agree. Like that goes to your point of they ought to be forthright about answering those questions because on the surface it looks really bad and to me, as I was comparing it to the certificate authorities or other rackets in internet infrastructure, that on the surface does not exemplify being in the public interest to be operated by private equity interests. In this particular case, not all cases, for example dot com or other stuff, but I think it's sort of a contradiction, right? Or like almost a hypocrisy. It certainly is and I think this is a perfect illustration of the fact that sometimes it's not what you do, but necessarily how you do it that makes the most difference to the people to whom it matters most. Absolutely, yeah. You know, there's some parallels between things that happened here a few weeks ago and this. It's how you do something. Maybe the intention was good, but the execution was terrible, so I guess we'll see how this plays out. Hey, we have a couple of other stories I'd just like to briefly touch upon. This is kind of interesting. The Registrar General's website, Registrar General, of course, being from Zimbabwe, their website was hacked and it was hacked by somebody who couldn't spell the word hack. That's true. The site basically had a big thing over it that said hacked, spelled correctly, and then the second one says hacked, H-E-K-E-D, and the theory is that the hacker didn't know which spelling was the right one, decided to use both just to be safe. But that made news in Zimbabwe. We like to follow things that are going on from the best domain in the world, .zw. Who owns that one, Alex? Well, that would be Zimbabwe. That's the country code top-level domain. Yeah, but do the people of Zimbabwe own that, or is there some evil corporation there that owns that top-level domain? It's probably an amalgam of a private interest organization together with a government. I don't know exactly, but I'm sure the government has either some controlling interest in it or some say over how the registry is going to operate. ZW is really kind of interesting, and all these country code top-level domains are really kind of interesting because they are not necessarily regulated by ICANN in the same way as the other generic top-level domains. And there's a big distinction in how disputes are reconciled in those, how domains are registered, registration criteria for .is, you're going to have different fees for .zw. Some domains like .tk, which we see a lot of malicious activity originating from, give away domain names for free. So there's a huge disparity in how all of that's run. I for one can get behind hecked as an adjective. I think it's hecking great. I think more things should be hecked. Okay, here's something from the register. Apparently, ethical hacking is a redundant term, but to be a hacker is no longer a bad thing, according to proponents of the cybersecurity art form known as penetration testing. One-time LulzSec hacker Jake Davis and his deportation-proof hacker mate Lori Love appeared at a talk organized by pen-testing business RedScan, in which the great, the good, and the register chewed the fat about hacking for positive purposes. Davis said it's got a negative stigma because of very malicious hacking, which is always dumped into the same category of cyber attack. Davis was dismissing the term ethical hacking while embracing the old-fashioned word of hacker. We should just say hacker. To be a hacker is no longer a bad thing. I take issue with that because I don't think being a hacker was ever a bad thing. And I've always been suspicious of the term ethical hacking. It just seems like a scam designed to sell you something. There's courses, there's certificates, there's kits, there's all kinds of things you can throw your money at. And if you're talking about being ripped off by hackers, well, maybe that's what they're doing, ripping off people who want to be called hackers. But it just seems like you're emphasizing the same point twice by saying ethical hacking, because hacking by default is a positive thing and is usually done by honest people. And I never liked the word ethical there because ethical is kind of a neutral term. If someone has ethics that somebody might say that are good, or if someone has ethics that somebody might say are negative, both of those people are behaving ethically according to their own ethical code. And I think that you could be a new hire for a corporation or a government agency of sorts, say for instance, in the defense industry. And of course, you fit the description of the ethical white hat. All these terms were probably thrown into the job description. And then you went about your merry way, building parts for whatever bomb or whatever cog and whatever wheel you're now responsible for. Having a role in a job title does not necessarily beget the activity of someone who is inherently ethical. And I would argue those entities aren't necessarily just by default ethical in all scenarios. I think we should put the word ethical in front of a bunch of different definitions of what people do. For instance, politicians, that's a great place to start. So how about we define certain congresspeople, an ethical representative, for instance. We have that, ethical governor, ethical president, we won't see that for a while. But the point is to simply define something because what they are now is not that. It's a lot more believable than hacking. For many years now, I've been going to an ethical proctologist. Well, there you go, see, and you feel better for that, don't you? Absolutely. Huge difference. Well, here's something else, a late-breaking development here for those of you concerned about your Twitter accounts. Authorities have arrested an individual who is allegedly part of the Chuckling Squad. There's nothing funny about that. A hacking group that in August compromised the Twitter account of Twitter CEO Jack Dorsey, according to law enforcement and criminal sources. They also claimed responsibility for hacks of other celebrities. Now the alleged member was arrested around two weeks ago. One of the leaders of the Chuckling Squad goes by the handle D-Bug, told Motherboard this. Motherboard's not naming the individual because they're a minor. He's a member of Chuckling Squad. We had just divided it in half by saying he. He was a member of Chuckling Squad, but not anymore. He was an active member by providing celebrities and public figure phone numbers and helping to hack them. Okay, you know, if you take over somebody's Twitter account, is that really the same thing as a computer crime? It's a prank. It's just drawing some graffiti on a page and showing somebody they're not using proper passwords, especially the head of Twitter. When did we start treating this as if it was something serious? Well I think, you know, quite a few years ago. I mean when I was growing up doing this kind of thing would not have landed you with a federal criminal charge. Here it certainly can. It can be a violation of the Computer Fraud and Abuse Act because you accessed a system to which you didn't have, without authorization, and you had no sort of privilege to access that particular system. This would be that account. And I think a lot would go into whether or not to bring criminal charges based on how the hack was done. Right. Here it seems like it was some kind of SIM jacking type of arrangement where I might have actually compromised the mobile carrier and then redirected the multi-factor authentication, a 2FA, to a separate phone and then logged into the account that way. That would be, you know, a more serious charge than just, you know, brute forcing Jack's password so to speak. The thing with SIM swapping, which is the term they use here, it's linked to things like swatting threats, you know, where you have cops show up at somebody's house who is completely innocent, theft of cryptocurrency, and all kinds of other invasions of privacy. Those are the issues. Those are things that you can prosecute people for, but simply for guessing somebody's or fooling somebody into giving you a password for a Twitter account. That should never be something that is taken so seriously it involves somebody being dragged to jail. Yeah. I mean, you always have to look at the intention behind this too. It was the intent. Was this person motivated by private financial gain? Were they trying to sell access to the account? Were they just making a point that Twitter needs better security? If the latter, then I think there should certainly be some prosecutional discretion exercised in this case. And that's why it's important to have, you know, really good public interest lawyers who also become prosecutors too, because they're going to be handling cases just like this. I'm really sorry for the people we didn't get to on the phone. We're just so excited by this new studio that we can't stop talking and trying other things. Kyle, one last report from the window. Anything interesting happening outside? I just can't believe none of you saw that fire truck. Really? It was a fire truck? No one turned. No one looked. I looked at it. I won't even tell you what part of the show it was. It was many minutes ago. No one saw the fire truck pass by. Well, the important thing is we didn't hear it. No. Well, that's what I meant. Yeah. No one saw the lights. No one reacted at all. I did. But. As long as we're not on fire. Yeah. It's just something that will just pass unnoticed from this point on. Actually, not from this point on because this was the test drive of the new studio. We officially cut over to the new studio next weekend, I believe. Not this weekend, but the one afterwards. Okay. And there'll be all kinds of ceremonies and media coverage and things like that. It's a ribbon cutting. It's a ribbon cutting. Yeah. There's no ribbon here yet, so it hasn't even happened. And they're christening it. And we have to cut back to the old studio now somehow. I don't know how that's going to happen. I think Max is going to have something to do with that. They've got to break a champagne bottle over the board. Yeah, that's how we lost the last board. All right. We'll be back next week. Write to us. OTH at 2600.com. Tweet at us. Hacker Radio Show. And keep your eyes open for technological developments. Have a happy Thanksgiving. Good night.