We cite this one because it was such an unbelievable cock-up it wasn't funny. Fyodor a blackhat? Seclists.org a malicious site? Honest to god did the guy do even the teensiest little bit of due diligence before shutting the site down?
He screwed up, we all know that. My point is that human processes are not infallible, and there's no reason to think that any process we may care to define is likely to be any better overall than the one they have now. If he were much more careful, and that meant that a thousand spam/phish domains stayed up for an extra week every year to avoid a two-day mistaken turndown, would that be better overall?
I agree that typosquatters and the like are the primary reason and that it should go away. As for the phishers- fine- say the problem is stolen credit cards. What then is the solution?
If it were up to me, I would put the price of domains back up to $100, and make them all take a month to get into the DNS. The whole idea that everyone needs a 2LD is utterly broken. But good luck putting that genie back into the bottle. R's, John