On October 19th, [Seth_h] from the KiCad Project posted on the KiCad forums that the project’s original domain name kicad-pcb.org has been unexpectedly sold to a third party, and urged members of the community to avoid any links to this old website.
KiCad has used the domain kicad-pcb.org since 2012 as the official source for information on and downloads of their popular open-source electronics design software. Unfortunately, the original domain name was purchased before KiCad was formalized as an organization, so it was not directly under their control. This all came to head when the old domain name was unexpectedly sold to an unnamed third party that was not affiliated with the project. Currently, the old domain is just a website covered in ads, but the KiCad team fears that it may be used maliciously in the future.
With KiCad’s popularity, thousands of tutorials, articles, and project guides over the years have included links to the old KiCad domain. A Google search in October 2021 found more than 19,000 instances of the old domain spread across the internet. [Seth_h] has called upon the community to make every effort possible to update old links, reducing the chance that people stumble across the wrong website.
[Editor’s Note: We think we got ’em all, let us know if we missed any.]
Luckily, Digikey has swooped in to help save the day. They purchased a new domain, kicad.org, from squatters and donated it to the KiCad Project. (Update: Digi-key donated the KiCad.org domain back in October of 2020 after noticing fishy squatters going back to at least 2016) [Seth_h] explains in his post that a number of safeguards have been put in place to prevent this from happening in the future, including not having the domain name owned by a single person, and having all KiCad trademarks registered to the Linux Foundation.
There’s a good reason why KiCad has gotten so popular, it is packed full of great features for PCB design. Check out our coverage of some of the new features we are most excited for in KiCad 6.0 here.
Fellow (D)NS server and black list managers: please sink all resolution requests to the old kicad-pcb.org domain in a deeeeep hole. Something along 127.0.0.1 would be very appropriate.
(Pi-hole, uBlack origin and similar users should already have the adds removed from that old link)
My understanding is that resolving things you don’t like to 127.0.0.1 attempts to create a connection which can load down your networking stack.
I was always told that 0.0.0.0 is better because it just fails – as fast as possible.
0.0.0.0 is… any ip on local machine, so it will still work and create connection.
From wikipedia:
> the address 0.0.0.0 is a non-routable meta-address used to designate an invalid, unknown or non-applicable target.
0.0.0.0 is the correct address to use for blocking domains.
I see that 0.0.0.0 does fail faster, but will it be accepted by DNS resolvers on devices?
Thank you, Digi-key!
Kudos to Digikey for their support, and to the scumbags that bought Kicad’s domain: May a million fire ants infest your underwear!
The squatters name and address could have been published and it could have saved money, I’m sure the squatters when confronted personally with their error would have capitulated and done the right thing.
i really hope that is not a suggestion of any sort of altercation. as we are on a hacker site i feel that social engineering would be more appropriate. google ‘pineapple greentext’ for an example.
Doxxing is bad, period. It’s the contemporary incarnation of a lynch mob. Feeling justified in using/participating in such an action measures the slop in the actor’s ethical compass, not the validity of the action itself.
It can be valid to publish complete and unbiased facts related to a public action, but weaponizing a mob is evil no matter who does it.
It isn’t doxing when all domain holders must register their contact information in the global whois database.
That’s like saying it is doxing to point out a company published their phone number in the yellow pages.
Communist and stalker, what a combination!
The article is slightly wrong, Digikey didn’t swoop in last minute here.
We already migrated to kicad.org last year after the donation from kicad. The sale of kicad-pcb.org was unexpected and done randomly a few days ago.
Thanks, I made an update in the article and linked two a couple of article on the domain donation.
Usually when this happens, it’s because someone forgot to renew, and then a third party pounces in the domain name.
Yea, the owner of the old domain made it no secret he sold it and proceeded to post on the mailing list he’s also selling the .com version as well.
It surprises me the technically able folks behind KiCAD didn’t understand the internet too well to avoid this… water under the bridge at this point. If KiCAD is now a registered trademark, an argument for recapture of the -pcb domain containing this word is well worth pursuing.
It’s not a technical problem but rather a human relationship problem:
https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
You have a point about trying to recover the domain via a legal dispute.
What? To avoid what exactly?
We already moved to kicad.org a year ago on purpose besides just the donation by Digikey. The kicad-pcb domain holder refused to hand over the domain. We updated most of our controlled links over a year ago as well and even posted announcements, a year ago.
As for the trademark aspect, it is up to the Linux Foundation to pursue as they are the registered owners.
Ah ! Well the hackaday REALLY was unclear about the situation then. I was under the impression that you had been homeless for a moment.
According to https://www.kicad.org/blog/2020/10/kicad.org-the-permanent-internet-home-of-KiCad/ the switch was made on 2020-10-29. 5.1.5 was released on 2020-11-05, 5.1.9 (2020-12-28) points to kicad-pcb.org…
The current 5.1.10 still points to kicad-pcb.org!
So what you didn’t do, a year ago, is updating the controlled link in the actual product…
Someone we know has squatted on our [family name].com for decades.
The last time I contacted them, they were only interested in “renting” it.
I wasn’t interested.
Ellen Ripley: I say we take off and nuke the entire site from orbit. It’s the only way to be sure! So, maybe DDOS it?