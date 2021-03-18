Big problem: Nominet members won't know how many votes they're casting in decision to oust CEO, chair

.UK registry operator leaves itself open to vote rigging accusations

Kieren McCarthy in San Francisco Thu 18 Mar 2021 // 12:05 UTC

Analysis By being uncooperative and opaque, Nominet is opening itself to allegations that it manipulated the outcome of next week's vote to fire its CEO and board chairman.

In a call on Wednesday, just two working days before Monday’s crunch vote by members on the fate of the board, Nominet’s company secretary Rory Kelly told Krystal CEO Simon Blackler, who has led the PublicBenefit.uk campaign against the current management, that Nominet will not provide members a list of their voting rights – the number of votes they will each cast.

For those who don't know, Nominet members are each assigned a number of votes calculated [PDF] from the number of paid-for domain names they each have on the books and the total number of domains registered. So, if you're a Nominet member and you're assigned 6,502 votes, that's how many you'll cast when voting on the upcoming EGM resolution to cull the board.

oops

.UK overlord Nominet tells everyone not to worry about 'distorted' vote allocations in its board elections

READ MORE

We understand Kelly told Blackler that Nominet will only provide these rights alongside the results, though, prompting Blackler to ask how Nominet could justify telling its members how many votes they were each casting only after the vote had been concluded. Kelly said the delay was due to Nominet checking the tabulations were correct.

There is no good reason for the delay, and in the past Nominet has always provided voting rights details before any vote, usually a month in advance. Thanks to the complex voting system run by the organisation, the number of votes held by each of its 2,500 members vary significantly, and are calculated in advance then published before any vote to provide transparency and accountability.

The issue is of such significance that the PublicBenefit.uk team has sent several letters to Nominet’s board over the past month asking for clarity on the issue, and one member has lodged a formal complaint against the organisation after his requests for the same information were repeatedly ignored. That member, Andrew Bennett, was also informed on Wednesday that the board will only address his complaint after the extraordinary general meeting (EGM).

The issue is not academic: in 2020, Bennett discovered Nominet had wrongly calculated voting rights for the two prior years, giving a disproportionately large number of votes to its largest members. Those members are expected to vote in favor of keeping the CEO, chair, and three other board members in place.

Damn statistics

While most Nominet members receive an average of 5,000 votes each to cast in board elections, in 2019, the largest registrar, GoDaddy, was given 5.2 million; a figure that was reduced to 3.6 million after Bennett noticed the discrepancy and complained. At the time, Nominet snubbed demands for an investigation, and said only that “the error had its origin in the treatment of multiple part-payments for domains… as a result of a coding change.” It also said the miscalculation had no effect on the outcome of the board elections due to other rules in place.

At the EGM next week, an individual member’s vote will be capped at three per cent but taken across the entire membership, a similar miscalculation could easily result in a yes result turning into a no – especially if one was, say, able to adjust the figures after the event.

In the phone call on Wednesday, we understand Kelly said he did not know the date on which the company had decided to tabulate the voting rights, though as company secretary, he really ought to know.

Three-quarters of the votes allocated to individual members are calculated by the number of .uk domain names each member holds at a specific time. Those numbers vary significantly day-to-day in a registry in which there are just under 11 million names, most of which are renewed every year.

The number of domain names held by each member at any given time are contained within a constantly updated database. Since running that database is Nominet’s entire core function, it would be fairly easy for the organisation to create a program that ran final voting tallies against the domains database again and again over time, selecting a day in which Nominet received the highest possible number of votes in its favor from those members who backed it. Nominet could then claim after the fact that that was the day it had decided to tabulate voting rights.

In other words, Nominet could pick a moment in time when the registrars that voted against the sacking of the CEO and board chairman have sufficient votes to cast to block that resolution.

It’s difficult to know what the effective shift in votes of one day over another would be but Nominet would have a full month to pick from and with the vote expected to be tight – the resolution requiring 50 per cent of cast votes to pass – even just a few percentage points could see Nominet CEO Russell Haworth and chairman Mark Wood retain their highly paid jobs rather than be unceremoniously booted from the organisation the next day.

That's not to say this manipulation will happen or there's a suggestion this will happen; it's that there is a concern that Nominet has created a situation in which it could be possible due to its lack of transparency.

Nominet has also told members that it will only provide the results two hours after the EGM has ended. “Our election scrutineer Civica requires two hours to count the votes, due to the complexity of the voting and the record turnout,” it said in an announcement of the EGM on Wednesday.

“Therefore, the meeting will be concluded once voting closes. The results of the vote will be announced via Twitter, the Nominet website, and an email to members when the count is complete.”

Control mechanisms

That’s not all, however.

Nominet is also expected to use its control of the EGM, and the fact that it cannot be convened in person due to COVID-19 pandemic restrictions, to skew the process in its favor, it is feared.

Blackler said he was asked to provide a three-minute video outlining his case to members that would then be played during the EGM, with Nominet also providing a three-minute video from one of its non-executive directors arguing against the resolution.

The upshot of that approach, however, was that Blackler was told he would not be able to appear live during the EGM itself. When Blackler made it clear that he wanted to deliver his arguments and potentially answer member questions live, we understand Kelly told him Nominet may not be able to do so because of technical limitations.

money

Nominet shakes up system for expiring .uk domains, just happens to choose one that will make it £millions. Again

READ MORE

Not only that, Nominet also intends to limit the amount of time available to members to ask questions – Kelly would not be pinned down on the exact amount of time, we understand – and the company secretary said Nominet would prioritize written questions that had been sent in advance.

That approach is a time-honored tactic used by companies to avoid difficult or challenging questions: a moderator can claim to have received a wide range of questions that they ask corporate representatives – invariably softball questions – before saying they have run out of time and so cannot get to the tougher ones. It is a system that Register reporters run into on an almost weekly basis.

When told in clear terms by Blackler that he wished to speak live at the EGM and be in a position to ask any questions posed by members over the reason for bringing the EGM, Kelly told him he would take his request back to Nominet’s chairman and ask for clarification.

We have asked Nominet to respond to this version of events that we understand occurred between its company secretary and PublicBenefit.uk’s Simon Blackler, and will update this story if it responds. ®

Updated to add

A Nominet spokesperson has confirmed to us that Blackler will not be allowed to speak live at Monday's meeting and answer questions from the community.

"We released the agenda yesterday," Nominet said in a statement.

"We have set out the running order so that both the petitioner and the company make their case in the same way, for the same duration, before a Q&A session. The offer remains open to Mr Blackler. The company secretary has shared the petitioner’s request with the Board.”

Blackler declined to provide a recorded presentation.

60 Comments

Australian police suggests app to record consent to sexual activity

‘You swipe left and right and there’s another option if you want to have intimacy’ says commissioner
Simon Sharwood, APAC Editor Thu 18 Mar 2021 // 03:59 UTC

The police commissioner of New South Wales in Australia has floated the idea of a smartphone app to record consent to sexual activity.

In a paywalled story published by News Corporation and broadcast on local radio, Michael Fuller suggested such an application would not be run by the cops nor the government, and could be either a standalone app or added as a feature in dating apps.

“You swipe left and right and there’s another option if you want to have intimacy,” he said.

The idea comes against a background of recent heightened debate about sexual assault in Australia.

Continue reading

Missile systems software dev leaker has sentence almost doubled after UK.gov says 4½ years was too soft

Ex-BAE engineer refused to give Brit cops his VeraCrypt key
Gareth Corfield Thu 18 Mar 2021 // 17:04 UTC

A former missile software engineer who boasted about leaking critical defence secrets to hostile foreign powers and refused to give police his VeraCrypt key has had his prison sentence nearly doubled by the UK Court of Appeal.

Simon Finch, formerly of Swansea and now of one of Her Majesty’s prisons, will spend a minimum of three years in the slammer instead of the 18 months he would have spent behind bars.*

Court of Appeal judges Lord Justice Fulford, Mrs Justice McGowan and Mr Justice Bourne increased Finch’s sentence from 4½ years to 8 years, saying the original sentence from the Old Bailey was too lenient.

Finch, formerly a BAE Systems software engineer who worked on top secret missile systems, was jailed last year after changing his pleas at the last minute. He was charged with breaching the Official Secrets Acts and the Investigatory Powers Act.

Continue reading

Ministry of Defence tells contractors not to answer certain UK census questions over security fears

But there are legal protections... right?
Gareth Corfield Fri 19 Mar 2021 // 14:27 UTC

The Ministry of Defence has ordered its contractors not to answer certain questions on the UK's once-in-a-decade census – despite threats of £1,000 fines being handed to people who don't complete the national survey.

"It's a crime to ignore the census. You can be prosecuted if you don't complete the census," says GOV.UK's webpage about what happens if you don't fill it out.

Yet the Ministry of Defence has taken a curious line against the census, urging defence personnel and contractors to give incomplete answers to four questions – and to ignore one altogether.

An Industry Security Notice issued on 15 March and aimed at defence contractors urges them not to give full and complete answers to questions 41-42, 44, and 50. When filling in 41 ("What is (was) the name of the organisation or business you work (worked) for?") contractors should not "give details about the place where you work", according to the MoD.

Continue reading

Partial beer print horror as Microsoft's printer bug fix, er, doesn't

Bugs, patchually: Just when you thought it was safe to print from Windows
Richard Speed Thu 18 Mar 2021 // 19:14 UTC

Updated Microsoft continues to demonstrate its impressive commitment to Windows quality by admitting the patch it released to patch the patch that broke printing was, er, itself broken.

As a reminder, a fresh security update dropped from Microsoft's Windows Update orifice last week that left some Windows 10 users unable to print. Worse, a screen of deathly blue was flashed when a printing operation was attempted – a step up from the error message seen after last year's mishap.

With impressive speed, Microsoft hurried out an out-of-band optional patch to deal with the affected Windows 10 versions: KB5001567 for Windows 10 2004 and 20H2; KB5001566 for Windows 10 1909; KB5001568 for 1809 and KB5001565 for 1803.

Continue reading

From Maidenhead to Morocco: In a change to the scheduled programming, we bring you The On Call of Dreams

Here's looking at you, kid
Richard Speed Fri 19 Mar 2021 // 08:15 UTC

On Call It's Friday! Pour yourself a beverage, break out the end-of-week treats, and enjoy a reader's tale of international intrigue and derring-do that began with an innocent stint On Call.

Our story takes us to the fine British market town of Maidenhead, where our hero, who for reasons that will become clear we will call "Humphrey", was toiling away for a well-known telecommunications company.

His self-described role was "help desk monkey" and his desk was located in a large, black-glassed building "which I always thought looked a bit like Darth Vader's helmet." Still, it was close enough to the local bowling alley, and the frustrations of the morning were regularly taken out over lunch on the Crystal Maze game installed there.

The company had drunk deep from the goblet of Apple and Humphrey's days were spent dealing with all the delights on offer from System 6 and 7. "We had a wide area network," he recalled, "and [insert defunct telco name here] had a class A address space to play with; they thought that routing AppleTalk globally was going to put their network to excellent use."

Continue reading

Move aside, Technoking: All hail the Sweat Master and his many inspirational job titles

I hope he doesn't call me Pedoking
Alistair Dabbs Fri 19 Mar 2021 // 09:30 UTC

Something for the Weekend, Sir? You know my name. Look on my works and despair. "Does he get paid for that?" Yup, I can hear you despairing right now.

My name is not enough. What I need now is a stupidity-engorged job title. Oh yes, the fashion is back for overegged descriptions of what you want other people to think you do for a living.

Thought you'd seen the end of "Director of Inspiration", "Thrill Executive" and "VP for Fun"? Not if you're active on LinkedIn, of course, where a risible catchline and desperate posts that have been cut-and-pasted from tech manuals of SEO airheadery is mandatory. But for the rest of us, the idiotic job title was a fading fad that is rapidly returning to 100 per cent opacity.

For this we can thank the world's most famous parent of numerically monikered infants, Elon Musk. Not content with having an auto-correct-irking first name, he has decided it would be a wheeze to change the bit underneath it on his business card to read "Technoking".

Continue reading

With Nominet’s board-culling vote just days away, we speak to one man who will publicly support the management

'There should be a dialogue – not a double-barreled shotgun'
Kieren McCarthy in San Francisco Thu 18 Mar 2021 // 08:27 UTC

Interview On Monday, an extraordinary vote will take place at an extraordinary general meeting (EGM) of the .uk internet registry operator, Nominet.

If the single resolution receives more than 50 per cent of the votes cast, the company’s CEO and chairman will be ousted, a third board member removed, and two staff members will be removed from the organisation’s decision-making body, leaving six board members behind.

The vote itself has been driven by a campaign called PublicBenefit.uk, which argued that over the past five years Nominet has reduced public benefit donations 65 per cent and seen its operating profit plunge by 38 per cent while increasing the pay of its top three directors by 70 per cent. It also argued that Nominet has “ignored members’ concerns and input,” and “tried to silence critics, the press and members.”

The campaign has been surprisingly successful, gathering the public support of 453 of Nominet’s roughly 2,500 members, representing 25.6 per cent of the total member vote: a figure that points to a successful Yes vote given that Nominet votes rarely attract more than 10 per cent of its members.

Continue reading

The Roaring Twenties: Future foreign policy will rely on rejuvenated 'cyber' sector, UK government claims

Good news for Mancunian infosec and chip design bods, but we're raising an eyebrow on the nukes
Gareth Corfield Thu 18 Mar 2021 // 09:30 UTC

The British government has published its Integrated Review into defence and security policy – and though you'll like it if you're in the UK infosec industry, threats of nuking North Korea in revenge for WannaCry are very wide of the mark.

While the Cyber-Integrated Cyber-Review of Cyber-Security, Cyber-Defence, Cyber-Development and Cyber-Foreign Cyber-Policy was cyber-short on cyber-concrete cyber-promises, it did use the word "cyber" 114 times.

Yet in terms of "things that will flow from this" the Integrated Review (IR) mentioned only the National Cyber Security Centre and the nascent National Cyber Force, both already in existence. The IR was long on ambition but clothed in the impenetrable language of defence and management consultancy. A sample of it reads as follows:

Continue reading

Boldly going where Elon Musk will probably go before: NASA successfully tests SLS Moon rocket core stage

Space agency now that much closer to the Moon tossing multi-million dollar Space Shuttle engines in sea
Laura Dobberstein Fri 19 Mar 2021 // 10:25 UTC

NASA’s Space Launch System (SLS) core stage has finally completed its test, taking the Artemis program one step closer to the Moon and relieving nervous engineers across Stennis Space Center and beyond.

The second hot-fire test of NASA's largest ever rocket element went off without a hitch for 8 minutes and 19 seconds after its first attempt was cut short at just over a minute.

Continue reading

Ofcom says no price controls on full-fibre broadband until 2031, giving BT's Openreach the kick to 'build like fury'

Analyst: 'Ultimate winner is BT as it's avoided cost-based regulation for next half decade'
Matthew Hughes Thu 18 Mar 2021 // 14:25 UTC

UK comms regulator Ofcom has confirmed it will limit pricing restrictions on Openreach's full-fibre wholesale products during the gigabit rollout period.

Under the rules, introduced as part of a five-year review of how the UK fixed-line telecommunications market operates, Openreach will have autonomy in how it charges for wholesale residential broadband products, with two exceptions.

The BT-owned provider will still be obligated to offer an affordable entry-level 40Mbps superfast service, and Ofcom will set a fixed price that will adjust with inflation. In the 30 per cent of the UK where Openreach is the sole provider, Ofcom will impose a pricing regime that also allows it to recover the costs of both its full-fibre and legacy copper networks.

Additionally, Ofcom has said it will permit Openreach to charge £1.70 more for its entry-level broadband product if it is delivered over full fibre. This is justified, it said, due to the speed and reliability fibre offers over copper.

Continue reading

Biting the hand that feeds IT © 1998–2021

Do not sell my personal information Cookies Privacy Ts&Cs