So while the abuse numbers may well justify treating newly registered / low-reputation .garden domains with suspicion, blanket-blocking the entire TLD seems like it would create real collateral damage.
In general though, if you want Fortune 500s to utilize your service/company, don't utilize a novelty TLD.
¹As in abuse of planet's resources, economy, job market and on human sanity and patience.
If you have a cheap TLD of course bad actors will buy a bunch.
Like is it stereotyping to say Black people tend to have darker skin than whites?
At some point, it’s not stereotyping, it’s intrinsic. And if the domain is super cheap to register, is overrun by bad actors, and is generally a nuisance… is it really stereotyping?
Collateral damage I get. Like if you’re running a convenience store and observe that teenagers in track suits and bandanas are robbing you blind (hey look I’m stereotyping), banning these kids will also ban the totally legit kid who happens to dress that way.
But? Isn’t that ok? Should the shop owner just eat continued losses for fear that eventually someone might dress like that and not be a risk?
I fear that I sound snarky, but I really don’t mean to. My point is that at a macro level stereotyping is absolutely wrong. But at a tactical, day-to-day lived experience level, how much abuse do we all have to put up with? An unlimited amount ?
Your analogy is altogether misplaced.
> But? Isn’t that ok?
No, it never is. The hallmark of civilization avoiding collateral damage and protecting the innocent, without which we're animals.
Your argument is bogus because filters absolutely can be nuanced, operating at the name level. It is a non sequitur for a filter to operate at the TLD level.
> My point is that at a macro level stereotyping is absolutely wrong. But at a tactical, day-to-day lived experience level
Huh. That is just laughable and sad. Stereotyping is wrong at every level, and it's even more wrong at the everyday level.
> First-year TLDs under $2 is one of the best indicators of likely abuse. Some TLDs like .xyz are truly fighting abuse while others feign ignorance.
I don't understand this. The first year being discounted (or free) helped .me, and .xyz in the past. This is one year of data. Surely more time is needed?
> It is unlikely that there are valid business reasons for network environments to allow .garden domains;
What do you mean? What is this likelihood based off of?
> highly recommend defenders completely block the .garden top-level domain, and allowlist items as needed.
Holy overreaction, Batman.
My domain was flagged for abuse (it's a static site with a daily word game, no ads or anything else) and the TLD took it down. Not my registrar or host, the TLD itself. There was no communication on this, it took some effort to work out what even happened, and appealing was a pretty blind process of claiming to have fixed the issue and issuing proof (which felt a bit strange to fabricate proof that it was fixed, since no issue existed to begin with) and hoping they'd unblock it, with no communication at all beyond a place to send such a claim.
They did unblock it, and while I am sympathetic to them having to fight abuse, I still moved away from them.
For end-users, less so - stick to DNS blocklists and uBlock filters for malware domains which are freely available.
Here's an anecdote: I know someone who insisted on using a .tk domain for legitimate business purposes for many years. When I heard of this, I immediately asked "isn't that the TLD managed by a shady company that gives domains away for free and then steals them back if they become popular?" He insisted this did not affect him, as he was a legitimate customer who had been paying for the domain for over a decade.
Fast forward a few years, the company behind the TLD (Freenom/OpenTLD) went under due to their shady business practices, he lost the domain, and was told he had to register it again at a new registrar for a much higher price to recover it.