Fancy a .dev domain? They were $12,500 a pop from Google. Now, $1,000. Soon, $17.50. And you may want one

Meanwhile, .gay comes out of the commercial closet

Google has launched a new internet extension specifically for developers but if you want to get a good name, you're going to have to pay for it.

The .dev top-level domain already has some big names drummed up to give it some credibility, including GitHub, Slack, CloudFlare and Salesforce. And the company has started a "Dutch auction" where it charges lower and lower fees each day for a week for those that want a .dev address.

At launch, this week, you could get any available .dev domain for a mere $12,500 – something that plenty of people pointed out was ridiculous. Today, Thursday, you can "pre-order" one for just over $1,000 (with an annual $17.50 renewal). If you're willing to wait until Sunday, and if your preferred name is still available, you can get it for just $17.50 a year.

The big question of course is: why bother?

And to be fair to Google, it has actually come up with a compelling reason: in-built security. The .dev TLD is included on the HSTS preload list, and HTTPS required for all connections to .dev websites, removing the need for individual HSTS registration or configuration.

That is a pretty compelling advantage over other domains if you are indeed looking for a new online space for a project or similar. Plus the name ".dev" is somewhat appealing if you are in the developer space. It's certainly easy to recall and it marks the website for what it is.

No one is going to shift their main corporate site to a .dev domain but it could be a great spot to highlight ongoing work or pull in community interest. TensorFlow has gone for; NodeJS is at; and so on.

Internal problem

Google has actually been sitting on the .dev top-level domain since 2015 when it did a deal with Amazon to swap ownership of .book and .talk in return for .dev and .drive. Both companies had put in dozens of applications for new gTLDs, paying $185,000 a piece for the pleasure.

Google then started slowly warning others about an impending launch of .dev domains on the public internet in 2017 by making a change to Chromium that required all domains ending in .dev (as well as .foo) to use HTTPS via a HTTP Strict Transport Security (HSTS) header. The result was lots of internal-only .dev domains returning error messages and, Google hoped, raised awareness in the developer community that now was the time to get off .dev domains.

Well, just over a year later and it has launched. If you are currently running a .dev internal site, it's time to move. Or possibly purchase it for good.


In related domain news, the long fight over .gay has finally been resolved with Top Level Design based in Portland, Oregon taking control over the extension after two other companies withdrew, presumably after a private auction. Top Level Design already runs a number of internet extensions including .design, .wiki and .ink.

The .gay extension has been controversial – but not for the reason you may think. Back in 2014, a company called dotgay applied for .gay to be a "community" top-level domain, which meant it would be run in a different way to commercial interests but also get priority over such bidders. That organization gained the support of hundreds of gay organizations but ended up in a bureaucratic nightmare with DNS overseer ICANN.

Its community bid was rejected by a third party under dubious circumstances, causing dotgay to appeal, and appeal again, and appeal again. And again. The issue even drew in ICANN's Ombudsman who used his last ruling to tell the organization to give .gay to dotgay for chrissake.

But ICANN, which prides itself in never being wrong despite any evidence to the contrary, refused to budge and it was released to commercial entities with deeper pockets to sort out. ®

Similar topics

Other stories you might like

  • Experts: AI should be recognized as inventors in patent law
    Plus: Police release deepfake of murdered teen in cold case, and more

    In-brief Governments around the world should pass intellectual property laws that grant rights to AI systems, two academics at the University of New South Wales in Australia argued.

    Alexandra George, and Toby Walsh, professors of law and AI, respectively, believe failing to recognize machines as inventors could have long-lasting impacts on economies and societies. 

    "If courts and governments decide that AI-made inventions cannot be patented, the implications could be huge," they wrote in a comment article published in Nature. "Funders and businesses would be less incentivized to pursue useful research using AI inventors when a return on their investment could be limited. Society could miss out on the development of worthwhile and life-saving inventions."

    Continue reading
  • Declassified and released: More secret files on US govt's emergency doomsday powers
    Nuke incoming? Quick break out the plans for rationing, censorship, property seizures, and more

    More papers describing the orders and messages the US President can issue in the event of apocalyptic crises, such as a devastating nuclear attack, have been declassified and released for all to see.

    These government files are part of a larger collection of records that discuss the nature, reach, and use of secret Presidential Emergency Action Documents: these are executive orders, announcements, and statements to Congress that are all ready to sign and send out as soon as a doomsday scenario occurs. PEADs are supposed to give America's commander-in-chief immediate extraordinary powers to overcome extraordinary events.

    PEADs have never been declassified or revealed before. They remain hush-hush, and their exact details are not publicly known.

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022