Privacy and domain abuse vs the IP constituency
Hi Folks Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of. It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below. Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse. Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts. For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements. Now, considering the background of the hosting provider, he specializes in these. How do we counter the the IP constituency if they throw these examples at us? How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know. Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529 Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move. http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...) In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues. As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue. It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC? Just one such IP - 209.217.237.134: adamscolechambers.com airfrcdcuk.com Download your scam kit at https://airfrcdcuk.com/images/intcourier.zip ... or use the online pages: https://airfrcdcuk.com/intcourier/contactus.htm if you search a bit on the contact details, you will see it's a continuation of http://www.complaintsboard.com/?search=Air%20Freight%20Courier%20Delivery%20... albmb-my.com (http://www.albmb-my.com/INT-BANKING/ - initial report) albmb-my.net babaplc.com banquefinamauk.com barbplcuk.com barcba-uk.com barcbplcuk.com barclaysonlineservice.com barristermayallemersonstuart.com bdl-eu.com boabn.com boaplc-online.com cahootbplc.com capitalcrownbplc.com cbplconline.net chelseabuk.com chevronoilcompany-uk.com chmbchina.com ctmfirm.com davidhunterpartnerschambers.com daviesandpartnerschambers.com ddicourier.com dhlhome-uk.com dib-ae.com dislamiconline-ae.net e-alliancetrustsonline.com e-clydesdalebauk.com e-clydesdalebauk.net e-creditalliance.com eu-finciu.com eurolacbn.com expressparceldelivery-ng.com fbi-govs.com fbi-uk.com fbidirect.org fcmbdirect.com fcmbhome.com frontierforwardings.com fsaofficeonline.com fwcdsonline.com g-maildirect.com gainvestmentlimited.com gcc-as.com globalinvestltd.net halimicrofinance.com hlisbs.com ibarclaydirect.com iraqreconstructionjobs.net irsukonline.com katiemarchart.com kayenterprisesinsurance.com kmiexpresscourier.com leighdaysolicitors.com ltsb-official.com macsreview.com milestonemonetaryfirm.com monitoringcommission.org nbgroupplc.com nokiastaff.com norwichcitybn.com ntwstbnplc.com nwsttbplc.com planfslimited.com rbimb.com rbnsplc.net rbosmy.com responsecs.com rrs-asociados.com thehotmailupdate.com thestudenteventhost.com tpcapitallimited.com uknl-office.com ukpdac.com ukworldlinkcourier.com un-worldwide.org upds-ng.com wapblogin.com yahoo-maildirectonline.com zenithb-ng.com zenithoffices.com Note the impunity with which even the FBI, IRS, United Nations is being impersonated, never mind Yahoo, Hotmail and the rest. And this party has been doing it for years now. Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils? Just some real world food for thought. Derek Smythe Artists Against 419 http://www.aa419.org
Derek, These are great points. If you want to get a response to "how do we counter the IP constituency," it might be useful to hear the perspective of registrars. It may be easy to see what a registrar should do to solve any particular evil. But the question is, what can a registrar do to deal with a particular evil AND ALSO provide services that consumers want AND ALSO not do things to piss off the consumers. Asking a registrar to remove popular services or do things that cause a hue and cry with its customers is not realistic. Of course the IP people don't care about that, because they only care about their livelihood. You might want to forward this to the registrar list and see what they say. Registrars, as you point out, are a big part of the solution, so they need to be engaged. Antony On May 7, 2011, at 7:41 AM, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Just one such IP - 209.217.237.134: adamscolechambers.com airfrcdcuk.com Download your scam kit at https://airfrcdcuk.com/images/intcourier.zip ... or use the online pages: https://airfrcdcuk.com/intcourier/contactus.htm
if you search a bit on the contact details, you will see it's a continuation of http://www.complaintsboard.com/?search=Air%20Freight%20Courier%20Delivery%20...
albmb-my.com (http://www.albmb-my.com/INT-BANKING/ - initial report) albmb-my.net babaplc.com banquefinamauk.com barbplcuk.com barcba-uk.com barcbplcuk.com barclaysonlineservice.com barristermayallemersonstuart.com bdl-eu.com boabn.com boaplc-online.com cahootbplc.com capitalcrownbplc.com cbplconline.net chelseabuk.com chevronoilcompany-uk.com chmbchina.com ctmfirm.com davidhunterpartnerschambers.com daviesandpartnerschambers.com ddicourier.com dhlhome-uk.com dib-ae.com dislamiconline-ae.net e-alliancetrustsonline.com e-clydesdalebauk.com e-clydesdalebauk.net e-creditalliance.com eu-finciu.com eurolacbn.com expressparceldelivery-ng.com fbi-govs.com fbi-uk.com fbidirect.org fcmbdirect.com fcmbhome.com frontierforwardings.com fsaofficeonline.com fwcdsonline.com g-maildirect.com gainvestmentlimited.com gcc-as.com globalinvestltd.net halimicrofinance.com hlisbs.com ibarclaydirect.com iraqreconstructionjobs.net irsukonline.com katiemarchart.com kayenterprisesinsurance.com kmiexpresscourier.com leighdaysolicitors.com ltsb-official.com macsreview.com milestonemonetaryfirm.com monitoringcommission.org nbgroupplc.com nokiastaff.com norwichcitybn.com ntwstbnplc.com nwsttbplc.com planfslimited.com rbimb.com rbnsplc.net rbosmy.com responsecs.com rrs-asociados.com thehotmailupdate.com thestudenteventhost.com tpcapitallimited.com uknl-office.com ukpdac.com ukworldlinkcourier.com un-worldwide.org upds-ng.com wapblogin.com yahoo-maildirectonline.com zenithb-ng.com zenithoffices.com
Note the impunity with which even the FBI, IRS, United Nations is being impersonated, never mind Yahoo, Hotmail and the rest. And this party has been doing it for years now.
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
Just some real world food for thought.
Derek Smythe Artists Against 419 http://www.aa419.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
My view is that the IP constituency ranges from genuine protective and for the good of all to totally abusive in self interest, much as the privacy group stretches from a genuine desire for privacy to nefarious actors that desire anonimity. The truth is somewhere in between. To move forward in any way, we first have to understand there is no passing the buck - this hurts us, our fellow internet users (be they registrants or not) to legitimate businesses. There are many that would have a "them" vs "us" scenario and in some cases it is in their best interest to distract us all. However, to move forward we all have to understand and accept the system is being manipulated and we have to work together to oust bad actors, even if (dare I say it) we work with members of the "evil" IP constituency. We all have valid points and need to accept that privacy is needed, but not at all costs. Currently privacy is hurting us (the general consumer) as implemented, also the IP constituency. In the end there are those tat do not care, it's just more business. Even though off topic, we even see it with SSL certificates. Nowadays a SSL certificate is worthless, it has to be a "special" certificate to convey any trust (theoretically, but that has also been proven wrong). Example: https://airfrcdcuk.com/intcourier/contactus.htm Beautiful SSL certificate (most likely free or a cheapie) There is nothing bogus about https://airfrcdcuk.com/PositiveSSL_tl_trans.gif Note how the company registration and VAT number for http://www.samedayuk.com/ has been stolen. This domain is in turn being used to target the general consumer. Let us look at where this consumer finds himself from the victim list on airfrcdcuk.com:
Sweden United States of Ame USA Dominican United States of Ame JORDAN UNITED STATES OF AME U.S.A United States of Ame United States of Ame USA United Kingdom USA Israel Australia USA Saudi Arabia VENEZUELA VENEZUELA jordan New York POLAND Canada New Zealand USA United Kingdom Denmark Sweden Canada AUSTRALIA Espana United State U S A Malaysia
So who do we blame? The fraudster tucked safely away in Nigeria in this instance, laughing at us getting nowhere? Registrars are basically giving most of this to him at virtually no cost. Why, he is actually becoming quite wealthy after the years he has been exploiting the system. He is using his fake registrant details for his business "bigbizhosting.com". Yes, fake whois:
165, Jalan Ampang, Kuala Lumpur, 50450 MY
is the address for the Hotel Nikko in KL, Malysia. "Dig" around a bit and get to agamahost@yahoo.com. But Agamahost (Donmaco/Ace live Web Host/....) is in Nigeria, quite a bit removed from Malaysia - whoops! Well at least that is better than the reseller that lives in a tree in New Zealand (as per his whois) and acts as a proxy for other German users (who happen to set up fake shops, spoofs etc) and host on bullet proof hosting in Russia. All in the name of privacy of course! My point is we cannot argue with the IP constituency at this stage. There has to be better checks throughout the system to cut out the bad actors. Both us and the IP constituency needs to agree on this is a start of making it better for all users, commercial or not. At the moment there is little credibility in the system and is even being used as a reason in some camps to do away with he current whois system. Should we ask why trust on the Internet is declining to an all time low if we are selling trust away (unverified and with free privacy) at about $10 per domain? Where in the real non-virtual world would you see this? Maybe this is too cheap. The savings is being passed on to discrete registrants, the real cost is being paid later by bystanders being drawn in (see the country list above), in terms of secondary security products (anti-virus, firewalls, associated spam costs etc). We are trying to do something that is unsustainable. Derek On 2011/05/07 02:33, Antony Van Couvering wrote:
Derek,
These are great points. If you want to get a response to "how do we counter the IP constituency," it might be useful to hear the perspective of registrars.
It may be easy to see what a registrar should do to solve any particular evil. But the question is, what can a registrar do to deal with a particular evil AND ALSO provide services that consumers want AND ALSO not do things to piss off the consumers. Asking a registrar to remove popular services or do things that cause a hue and cry with its customers is not realistic. Of course the IP people don't care about that, because they only care about their livelihood.
You might want to forward this to the registrar list and see what they say. Registrars, as you point out, are a big part of the solution, so they need to be engaged.
Antony
On May 7, 2011, at 7:41 AM, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Just one such IP - 209.217.237.134: adamscolechambers.com airfrcdcuk.com Download your scam kit at https://airfrcdcuk.com/images/intcourier.zip ... or use the online pages: https://airfrcdcuk.com/intcourier/contactus.htm
if you search a bit on the contact details, you will see it's a continuation of http://www.complaintsboard.com/?search=Air%20Freight%20Courier%20Delivery%20...
albmb-my.com (http://www.albmb-my.com/INT-BANKING/ - initial report) albmb-my.net babaplc.com banquefinamauk.com barbplcuk.com barcba-uk.com barcbplcuk.com barclaysonlineservice.com barristermayallemersonstuart.com bdl-eu.com boabn.com boaplc-online.com cahootbplc.com capitalcrownbplc.com cbplconline.net chelseabuk.com chevronoilcompany-uk.com chmbchina.com ctmfirm.com davidhunterpartnerschambers.com daviesandpartnerschambers.com ddicourier.com dhlhome-uk.com dib-ae.com dislamiconline-ae.net e-alliancetrustsonline.com e-clydesdalebauk.com e-clydesdalebauk.net e-creditalliance.com eu-finciu.com eurolacbn.com expressparceldelivery-ng.com fbi-govs.com fbi-uk.com fbidirect.org fcmbdirect.com fcmbhome.com frontierforwardings.com fsaofficeonline.com fwcdsonline.com g-maildirect.com gainvestmentlimited.com gcc-as.com globalinvestltd.net halimicrofinance.com hlisbs.com ibarclaydirect.com iraqreconstructionjobs.net irsukonline.com katiemarchart.com kayenterprisesinsurance.com kmiexpresscourier.com leighdaysolicitors.com ltsb-official.com macsreview.com milestonemonetaryfirm.com monitoringcommission.org nbgroupplc.com nokiastaff.com norwichcitybn.com ntwstbnplc.com nwsttbplc.com planfslimited.com rbimb.com rbnsplc.net rbosmy.com responsecs.com rrs-asociados.com thehotmailupdate.com thestudenteventhost.com tpcapitallimited.com uknl-office.com ukpdac.com ukworldlinkcourier.com un-worldwide.org upds-ng.com wapblogin.com yahoo-maildirectonline.com zenithb-ng.com zenithoffices.com
Note the impunity with which even the FBI, IRS, United Nations is being impersonated, never mind Yahoo, Hotmail and the rest. And this party has been doing it for years now.
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
Just some real world food for thought.
Derek Smythe Artists Against 419 http://www.aa419.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
Derek, There can be no bargaining on fundamental, constitutional or legal rights for individuals, in favour of the commercial interests of a few corporations. If such thing were to happen, that would be through the form of a proper, accountable, legislative process, not a parallel enforcement, judicial system set up by private sector companies in order to protect their vested interests. This is not the wild west anymore: we have institutions that are in charge of chasing, arresting and judging people who do things against the law. If these institutions do not do their job, talk to your congressman, vote for another party at the next election, i.e exercise your democratic rights as a citizen to influence the society and the administration that runs it. And please ask yourself: who you buy a Rolex from a stranger in the street ? If you did, you would only have to blame yourself for your foolishness. Would you buy a Rolex from a stranger on the Internet ? The same answer applies. The only remedy against stupidity is education. I must say I am disappointed to read on a mailing list targeting the interests of individuals that they should give up one of their constitutional rights in order to be friendly to the IP constituency. Many lawyers in Europe consider the provisions regarding WHOIS in the RAA to be illegal in Europe. I know of at least one registrar that is under investigation of the data protection office in its country for possibly breaking the local privacy laws for individuals. It is only a matter of time before these provisions will not be enforceable in this part of the world. Registrars can be part of the solution, indeed. It only requires legitimate authorities to ask them, as long as they don't break the law. If they are asked by unaccountable vigilantes, asking things against the law, like revealing personal data, don't be surprised they ignore them. Patrick Vande Walle On 07 May 2011, at 00:41, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
On 2011/05/07 13:59, Patrick Vande Walle wrote:
Derek,
There can be no bargaining on fundamental, constitutional or legal rights for individuals, in favour of the commercial interests of a few corporations.
Bargaining? Few? Who said anything about bargaining or few? As for constitutional or legal rights - nobody has the right to use a domain and/or it's privacy to defraud - that is not your constitutional/god given or whatever right - thought the Internet and the way things are implemented currently has made some parties think so because they have been doing it for years abusing international jurisdictional issues and are getting away with it without repercussions, in fact becoming quite wealthy in the process at the cost of international consumers. Example: Is LE going to chase down a "Malaysian" provider repsonsible for a VPS full of scam domains. Example: http://www.adamscolechambers.com/law/people.html Why should this not of concern to us, the average John Doe? Simple - because the target is not the site that is being plagiarized http://www.chartlands.org/people.php (right down to images of the actual lawyers). These scams have been going on to target the average small people that may be cluesless, yes, but they do not deserve the right to be defrauded by anonymous miscreants. As for the legitimate chartlands.org, do they have the right to have their designs stolen, the images stolen and added to fictitious names? Arguably they would use intellectual property laws etc to take down this domain (and they should) and end up forming part of the "evil" IP constituency en the end. Here both the average user and the IP constituency have common ground - which is the point I'm trying to make! Now rinse and repeat this scam thousands of times over and the victims accumulate quickly....
If such thing were to happen, that would be through the form of a proper, accountable, legislative process, not a parallel enforcement, judicial system set up by private sector companies in order to protect their vested interests. This is not the wild west anymore: we have institutions that are in charge of chasing, arresting and judging people who do things against the law. If these institutions do not do their job, talk to your congressman, vote for another party at the next election, i.e exercise your democratic rights as a citizen to influence the society and the administration that runs it.
The wild west? Congressman? Parallel enforcement? .... I think you should take a breath and ask why these are successful. My "congressman" is exactly at the heart of the problem. We do not have those here, we have members of parliament etc. Further it is not their problem either, since the actors in the above illustrated issue have nothing to do with it. Yet we may sit with victims. So where do we go, Malaysia where the DNS leads us to? What a (whois) joke, fake whois details! Here we have international issues at play. I have no say other than continuously bugging the law enforcement officers in the USA regarding hosting accounts, pointing out issues to the relevant hosting providers etc since this malicious party abuses USA hosting providers and the protection they offer. As for the country he resides in, Nigeria, they have different priorities and even though illegal in their country under the "419" statue, the rate at which these are growing and abusing the DNS system shows how efficient their enforcement system is. Why, it has grown way beyound the prolific cottage industry of a few years back and has it become an accepted. Do you not think the domain usage in these scams are playing a role? Yes they do and we need to ask ourselves why the use is continued and growing. So, to answer your statement. "My" congressman or equivalent member of parliament, law enforcement etc can only do so much, but at the end of the day international escalations exist and are followed. Itis up to the recipient country to action. If they do not ... we have what we have. So no, it is not a wild west but disparate laws and remote differing priorities that causes situations like the current to exist. But then again I think you know that as this issue has certainly been beaten to death.
And please ask yourself: who you buy a Rolex from a stranger in the street ? If you did, you would only have to blame yourself for your foolishness. Would you buy a Rolex from a stranger on the Internet ? The same answer applies. The only remedy against stupidity is education.
Wow! Now it is okay to be defraud foolish people? So much for the promise of the internet, lets start all over again. Here is a little reality check for you since you wish to equate this to non-virtual issues; In all other non-virtual systems their is much more responsibility/accountability and maturity. We had examples regarding proxies on this list re buying cars etc. Their is a responsible party. That responsibility ensure you make very sure you know who you are proxying for if you have to accept responsibility for his actions. Equate that to the net? The average "foolish" user equates to most of the populace on the planet. The believe that domains registrations is a normal real world process with all the checks and balances as they find in their every day lives. We on this list know better. So are we to start another ICANN group? The "foolish" group with real responsible world expectations?
I must say I am disappointed to read on a mailing list targeting the interests of individuals that they should give up one of their constitutional rights in order to be friendly to the IP constituency.
Friendly? No, I'm saying we should not self blind at all costs. Thus far it has resulted in a stalemate that cost us individuals quite a lot. And we can expect more of the same. Ask yourself, why are some of the biggest supporters of open whois details LE? Is it not because they also rely on the public to make them aware of issues? How many abusers on the internet have been arrested based on leads that came from the non-badged public? Even fake whois has it's values. I suggest you read the ICANN archives on this issue.
Many lawyers in Europe consider the provisions regarding WHOIS in the RAA to be illegal in Europe. I know of at least one registrar that is under investigation of the data protection office in its country for possibly breaking the local privacy laws for individuals. It is only a matter of time before these provisions will not be enforceable in this part of the world.
Yes, hiding whois details may alleviate some problems in as far as there may be less reports of arrests. Take a guess why? Simply because the public will not be able to point out issues/trends/etc to LE.
Registrars can be part of the solution, indeed. It only requires legitimate authorities to ask them, as long as they don't break the law. If they are asked by unaccountable vigilantes, asking things against the law, like revealing personal data, don't be surprised they ignore them.
I would agree is we had a system where the obfuscated whois details were real. But as it is currently, we have a system that is seriously broken, that criminalelementsrely on for their success, and quite successfully so. So now we are to hide this problem, roll out more TLDs and expect the interests of all be better served? Wow, where is the reality in that? I know the interests of registries/regisrars will be served If we are to fix the system, it's simple, though painful. a) Do not allow unverified proxy registrations (tossing in a free SSL certificate as you go). Only do it once you have full verification of the registrants. Forget about instant gratification register a domain in 5 seconds. It satisfies some, harms the majority. Purge the junk details. If may cost more. How can we also expect our/other authorities to protect us if we give them a trashed system to start off with? b) Ensure that proxy providers themselves are legitimate. Why, one of them "lives in a tree", hotel, are proxied themselves over a period of time, targets German users (victims?), hosts in Russia, targets "foolish" users worldwide in scams/DDoS attacks etc and has the legal authorities running around in circles trying to fulfill their duties. c) Identify bad actors in the DNS system and give it credibility by denying them access to it. It is not your god given/constitutional right to register abusive domain after abusive domain, year after year to target third parties, however "foolish" they may be. This should also not be tokenism; being seen to be doing something, just enough to avoid criticism, but not enough to distract the bad actors. Rather the registries/registrars should be agreeing on a code of conduct where their registrants should not abuysing the system to target and abuse the system, allowing it to harm third parties in cross jurisdictional issues that leads to much harm. Here we may work with the IP constituency, not "befriending them" necessarily. At time to time we have common ground. Lets not self blind and merrily follow the piper across the cliff. On this, caveat: Yes: there are issues such as human rights where exposure of serious human rights issues such as genocide etc should be exposed. But if we are to be serious on this issue, a new sponsored TLD can be set up where the registration etc can be managed by human rights specialists. Registration should also not attract a fee for the precise reasons this TLD should exist. By following this process, we could rapidly cut out abuse, give the system credibility and protect the interests of legitimate users. There is nothing wild west in this system. We do not have to be botanical specialist to discern an apple from an orange, likewise a scam domain from a legitimate domain (I am not talking a hijacked/hacked domain - different issue). Derek
Patrick Vande Walle
On 07 May 2011, at 00:41, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
Derek, Why is this a "domain" issue? You seem to be describing criminal behavior but I'm not entirely sure why you're grabbing on the domain end of the stick. If I impersonate a police officer, it's my behavior that's criminal -- there isn't (and shouldn't be) any liability attached to the shop that sells the uniforms. Antony On May 7, 2011, at 11:58 PM, Derek Smythe wrote:
On 2011/05/07 13:59, Patrick Vande Walle wrote:
Derek,
There can be no bargaining on fundamental, constitutional or legal rights for individuals, in favour of the commercial interests of a few corporations.
Bargaining? Few? Who said anything about bargaining or few?
As for constitutional or legal rights - nobody has the right to use a domain and/or it's privacy to defraud - that is not your constitutional/god given or whatever right - thought the Internet and the way things are implemented currently has made some parties think so because they have been doing it for years abusing international jurisdictional issues and are getting away with it without repercussions, in fact becoming quite wealthy in the process at the cost of international consumers.
Example: Is LE going to chase down a "Malaysian" provider repsonsible for a VPS full of scam domains. Example: http://www.adamscolechambers.com/law/people.html Why should this not of concern to us, the average John Doe? Simple - because the target is not the site that is being plagiarized http://www.chartlands.org/people.php (right down to images of the actual lawyers).
These scams have been going on to target the average small people that may be cluesless, yes, but they do not deserve the right to be defrauded by anonymous miscreants.
As for the legitimate chartlands.org, do they have the right to have their designs stolen, the images stolen and added to fictitious names?
Arguably they would use intellectual property laws etc to take down this domain (and they should) and end up forming part of the "evil" IP constituency en the end.
Here both the average user and the IP constituency have common ground - which is the point I'm trying to make!
Now rinse and repeat this scam thousands of times over and the victims accumulate quickly....
If such thing were to happen, that would be through the form of a proper, accountable, legislative process, not a parallel enforcement, judicial system set up by private sector companies in order to protect their vested interests. This is not the wild west anymore: we have institutions that are in charge of chasing, arresting and judging people who do things against the law. If these institutions do not do their job, talk to your congressman, vote for another party at the next election, i.e exercise your democratic rights as a citizen to influence the society and the administration that runs it.
The wild west? Congressman? Parallel enforcement? .... I think you should take a breath and ask why these are successful. My "congressman" is exactly at the heart of the problem. We do not have those here, we have members of parliament etc. Further it is not their problem either, since the actors in the above illustrated issue have nothing to do with it. Yet we may sit with victims. So where do we go, Malaysia where the DNS leads us to? What a (whois) joke, fake whois details!
Here we have international issues at play. I have no say other than continuously bugging the law enforcement officers in the USA regarding hosting accounts, pointing out issues to the relevant hosting providers etc since this malicious party abuses USA hosting providers and the protection they offer.
As for the country he resides in, Nigeria, they have different priorities and even though illegal in their country under the "419" statue, the rate at which these are growing and abusing the DNS system shows how efficient their enforcement system is. Why, it has grown way beyound the prolific cottage industry of a few years back and has it become an accepted. Do you not think the domain usage in these scams are playing a role? Yes they do and we need to ask ourselves why the use is continued and growing.
So, to answer your statement. "My" congressman or equivalent member of parliament, law enforcement etc can only do so much, but at the end of the day international escalations exist and are followed. Itis up to the recipient country to action. If they do not ... we have what we have. So no, it is not a wild west but disparate laws and remote differing priorities that causes situations like the current to exist.
But then again I think you know that as this issue has certainly been beaten to death.
And please ask yourself: who you buy a Rolex from a stranger in the street ? If you did, you would only have to blame yourself for your foolishness. Would you buy a Rolex from a stranger on the Internet ? The same answer applies. The only remedy against stupidity is education.
Wow! Now it is okay to be defraud foolish people? So much for the promise of the internet, lets start all over again.
Here is a little reality check for you since you wish to equate this to non-virtual issues; In all other non-virtual systems their is much more responsibility/accountability and maturity. We had examples regarding proxies on this list re buying cars etc. Their is a responsible party. That responsibility ensure you make very sure you know who you are proxying for if you have to accept responsibility for his actions. Equate that to the net?
The average "foolish" user equates to most of the populace on the planet. The believe that domains registrations is a normal real world process with all the checks and balances as they find in their every day lives. We on this list know better.
So are we to start another ICANN group? The "foolish" group with real responsible world expectations?
I must say I am disappointed to read on a mailing list targeting the interests of individuals that they should give up one of their constitutional rights in order to be friendly to the IP constituency.
Friendly? No, I'm saying we should not self blind at all costs. Thus far it has resulted in a stalemate that cost us individuals quite a lot. And we can expect more of the same.
Ask yourself, why are some of the biggest supporters of open whois details LE? Is it not because they also rely on the public to make them aware of issues? How many abusers on the internet have been arrested based on leads that came from the non-badged public?
Even fake whois has it's values. I suggest you read the ICANN archives on this issue.
Many lawyers in Europe consider the provisions regarding WHOIS in the RAA to be illegal in Europe. I know of at least one registrar that is under investigation of the data protection office in its country for possibly breaking the local privacy laws for individuals. It is only a matter of time before these provisions will not be enforceable in this part of the world.
Yes, hiding whois details may alleviate some problems in as far as there may be less reports of arrests. Take a guess why? Simply because the public will not be able to point out issues/trends/etc to LE.
Registrars can be part of the solution, indeed. It only requires legitimate authorities to ask them, as long as they don't break the law. If they are asked by unaccountable vigilantes, asking things against the law, like revealing personal data, don't be surprised they ignore them.
I would agree is we had a system where the obfuscated whois details were real. But as it is currently, we have a system that is seriously broken, that criminalelementsrely on for their success, and quite successfully so.
So now we are to hide this problem, roll out more TLDs and expect the interests of all be better served? Wow, where is the reality in that? I know the interests of registries/regisrars will be served
If we are to fix the system, it's simple, though painful. a) Do not allow unverified proxy registrations (tossing in a free SSL certificate as you go). Only do it once you have full verification of the registrants. Forget about instant gratification register a domain in 5 seconds. It satisfies some, harms the majority. Purge the junk details. If may cost more.
How can we also expect our/other authorities to protect us if we give them a trashed system to start off with?
b) Ensure that proxy providers themselves are legitimate. Why, one of them "lives in a tree", hotel, are proxied themselves over a period of time, targets German users (victims?), hosts in Russia, targets "foolish" users worldwide in scams/DDoS attacks etc and has the legal authorities running around in circles trying to fulfill their duties.
c) Identify bad actors in the DNS system and give it credibility by denying them access to it. It is not your god given/constitutional right to register abusive domain after abusive domain, year after year to target third parties, however "foolish" they may be. This should also not be tokenism; being seen to be doing something, just enough to avoid criticism, but not enough to distract the bad actors. Rather the registries/registrars should be agreeing on a code of conduct where their registrants should not abuysing the system to target and abuse the system, allowing it to harm third parties in cross jurisdictional issues that leads to much harm.
Here we may work with the IP constituency, not "befriending them" necessarily. At time to time we have common ground. Lets not self blind and merrily follow the piper across the cliff.
On this, caveat: Yes: there are issues such as human rights where exposure of serious human rights issues such as genocide etc should be exposed. But if we are to be serious on this issue, a new sponsored TLD can be set up where the registration etc can be managed by human rights specialists. Registration should also not attract a fee for the precise reasons this TLD should exist.
By following this process, we could rapidly cut out abuse, give the system credibility and protect the interests of legitimate users.
There is nothing wild west in this system. We do not have to be botanical specialist to discern an apple from an orange, likewise a scam domain from a legitimate domain (I am not talking a hijacked/hacked domain - different issue).
Derek
Patrick Vande Walle
On 07 May 2011, at 00:41, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
A domain is many things to many people. Sadly it's also part and parcel of the scammers/spammers/... bag of tricks. It's their entrance ticket to the web for certain types of crime. Add to that lookalike domains. Ask yourself why we find all those derivative names used in scams. No matter what we may say here, it is how the general public perceives domains that makes the difference to domain abusers. What should the shop owner selling uniforms do after he was informed what you are doing with those uniforms? After he was shown how you mug people in the street outside his shop, abusing the implied power that uniform gives you? Obviously report it to the law enforcement authorities for a start. But should/would he again sell you the next uniform (unless requested to do so by the authorities)? Let's take it one step further, your uniforms you buy are for a country just across the border, what should the shop owner do if the shop labels were collected on the scene of a cross border crime along with a fake ID used at said shop? Or being cross-border make that make it okay? Remember, the shop owner has the closest visible link to you from a public perspective. Add registration details to the mix. Today you are Joe Bloggs, tomorrow John Smith, the next day Dick Turpin and you present theze bogus registrations details when you buys your goods. Why did the authorities ask the shop owners for registration details in the first place if they are not collected or they don't bother verifying them in a bid to chase efficiency and simply don't care. Luckily many shop owners care, but others do not. To alleviate the issue, some shop owners creates an unverified proxy system, advertises it and sell even more uniforms. When the authorities come knocking, he simply shrugs his shoulders and blames you. Let's change the uniforms to money. Money laundering? Know your client? Likewise trade issues. Maybe a bit extreme example, but what are scams about? Money. Take it a bit further and the reason for the money laundering legislation. Funding for terrorism, drugs and what not is not a horror story. It is very real. Why do we expect domains to be different? Virtual maybe, but not the potential for harm through deception. Domains are only part and parcel of the bigger issue at hand, but vital in some instances. Let's rather ask why domains should be exempt from normal real world issues? On 2011/05/08 00:52, Antony Van Couvering wrote:
Derek,
Why is this a "domain" issue? You seem to be describing criminal behavior but I'm not entirely sure why you're grabbing on the domain end of the stick.
If I impersonate a police officer, it's my behavior that's criminal -- there isn't (and shouldn't be) any liability attached to the shop that sells the uniforms.
Antony
On May 7, 2011, at 11:58 PM, Derek Smythe wrote:
On 2011/05/07 13:59, Patrick Vande Walle wrote:
Derek,
There can be no bargaining on fundamental, constitutional or legal rights for individuals, in favour of the commercial interests of a few corporations.
Bargaining? Few? Who said anything about bargaining or few?
As for constitutional or legal rights - nobody has the right to use a domain and/or it's privacy to defraud - that is not your constitutional/god given or whatever right - thought the Internet and the way things are implemented currently has made some parties think so because they have been doing it for years abusing international jurisdictional issues and are getting away with it without repercussions, in fact becoming quite wealthy in the process at the cost of international consumers.
Example: Is LE going to chase down a "Malaysian" provider repsonsible for a VPS full of scam domains. Example: http://www.adamscolechambers.com/law/people.html Why should this not of concern to us, the average John Doe? Simple - because the target is not the site that is being plagiarized http://www.chartlands.org/people.php (right down to images of the actual lawyers).
These scams have been going on to target the average small people that may be cluesless, yes, but they do not deserve the right to be defrauded by anonymous miscreants.
As for the legitimate chartlands.org, do they have the right to have their designs stolen, the images stolen and added to fictitious names?
Arguably they would use intellectual property laws etc to take down this domain (and they should) and end up forming part of the "evil" IP constituency en the end.
Here both the average user and the IP constituency have common ground - which is the point I'm trying to make!
Now rinse and repeat this scam thousands of times over and the victims accumulate quickly....
If such thing were to happen, that would be through the form of a proper, accountable, legislative process, not a parallel enforcement, judicial system set up by private sector companies in order to protect their vested interests. This is not the wild west anymore: we have institutions that are in charge of chasing, arresting and judging people who do things against the law. If these institutions do not do their job, talk to your congressman, vote for another party at the next election, i.e exercise your democratic rights as a citizen to influence the society and the administration that runs it.
The wild west? Congressman? Parallel enforcement? .... I think you should take a breath and ask why these are successful. My "congressman" is exactly at the heart of the problem. We do not have those here, we have members of parliament etc. Further it is not their problem either, since the actors in the above illustrated issue have nothing to do with it. Yet we may sit with victims. So where do we go, Malaysia where the DNS leads us to? What a (whois) joke, fake whois details!
Here we have international issues at play. I have no say other than continuously bugging the law enforcement officers in the USA regarding hosting accounts, pointing out issues to the relevant hosting providers etc since this malicious party abuses USA hosting providers and the protection they offer.
As for the country he resides in, Nigeria, they have different priorities and even though illegal in their country under the "419" statue, the rate at which these are growing and abusing the DNS system shows how efficient their enforcement system is. Why, it has grown way beyound the prolific cottage industry of a few years back and has it become an accepted. Do you not think the domain usage in these scams are playing a role? Yes they do and we need to ask ourselves why the use is continued and growing.
So, to answer your statement. "My" congressman or equivalent member of parliament, law enforcement etc can only do so much, but at the end of the day international escalations exist and are followed. Itis up to the recipient country to action. If they do not ... we have what we have. So no, it is not a wild west but disparate laws and remote differing priorities that causes situations like the current to exist.
But then again I think you know that as this issue has certainly been beaten to death.
And please ask yourself: who you buy a Rolex from a stranger in the street ? If you did, you would only have to blame yourself for your foolishness. Would you buy a Rolex from a stranger on the Internet ? The same answer applies. The only remedy against stupidity is education.
Wow! Now it is okay to be defraud foolish people? So much for the promise of the internet, lets start all over again.
Here is a little reality check for you since you wish to equate this to non-virtual issues; In all other non-virtual systems their is much more responsibility/accountability and maturity. We had examples regarding proxies on this list re buying cars etc. Their is a responsible party. That responsibility ensure you make very sure you know who you are proxying for if you have to accept responsibility for his actions. Equate that to the net?
The average "foolish" user equates to most of the populace on the planet. The believe that domains registrations is a normal real world process with all the checks and balances as they find in their every day lives. We on this list know better.
So are we to start another ICANN group? The "foolish" group with real responsible world expectations?
I must say I am disappointed to read on a mailing list targeting the interests of individuals that they should give up one of their constitutional rights in order to be friendly to the IP constituency.
Friendly? No, I'm saying we should not self blind at all costs. Thus far it has resulted in a stalemate that cost us individuals quite a lot. And we can expect more of the same.
Ask yourself, why are some of the biggest supporters of open whois details LE? Is it not because they also rely on the public to make them aware of issues? How many abusers on the internet have been arrested based on leads that came from the non-badged public?
Even fake whois has it's values. I suggest you read the ICANN archives on this issue.
Many lawyers in Europe consider the provisions regarding WHOIS in the RAA to be illegal in Europe. I know of at least one registrar that is under investigation of the data protection office in its country for possibly breaking the local privacy laws for individuals. It is only a matter of time before these provisions will not be enforceable in this part of the world.
Yes, hiding whois details may alleviate some problems in as far as there may be less reports of arrests. Take a guess why? Simply because the public will not be able to point out issues/trends/etc to LE.
Registrars can be part of the solution, indeed. It only requires legitimate authorities to ask them, as long as they don't break the law. If they are asked by unaccountable vigilantes, asking things against the law, like revealing personal data, don't be surprised they ignore them.
I would agree is we had a system where the obfuscated whois details were real. But as it is currently, we have a system that is seriously broken, that criminalelementsrely on for their success, and quite successfully so.
So now we are to hide this problem, roll out more TLDs and expect the interests of all be better served? Wow, where is the reality in that? I know the interests of registries/regisrars will be served
If we are to fix the system, it's simple, though painful. a) Do not allow unverified proxy registrations (tossing in a free SSL certificate as you go). Only do it once you have full verification of the registrants. Forget about instant gratification register a domain in 5 seconds. It satisfies some, harms the majority. Purge the junk details. If may cost more.
How can we also expect our/other authorities to protect us if we give them a trashed system to start off with?
b) Ensure that proxy providers themselves are legitimate. Why, one of them "lives in a tree", hotel, are proxied themselves over a period of time, targets German users (victims?), hosts in Russia, targets "foolish" users worldwide in scams/DDoS attacks etc and has the legal authorities running around in circles trying to fulfill their duties.
c) Identify bad actors in the DNS system and give it credibility by denying them access to it. It is not your god given/constitutional right to register abusive domain after abusive domain, year after year to target third parties, however "foolish" they may be. This should also not be tokenism; being seen to be doing something, just enough to avoid criticism, but not enough to distract the bad actors. Rather the registries/registrars should be agreeing on a code of conduct where their registrants should not abuysing the system to target and abuse the system, allowing it to harm third parties in cross jurisdictional issues that leads to much harm.
Here we may work with the IP constituency, not "befriending them" necessarily. At time to time we have common ground. Lets not self blind and merrily follow the piper across the cliff.
On this, caveat: Yes: there are issues such as human rights where exposure of serious human rights issues such as genocide etc should be exposed. But if we are to be serious on this issue, a new sponsored TLD can be set up where the registration etc can be managed by human rights specialists. Registration should also not attract a fee for the precise reasons this TLD should exist.
By following this process, we could rapidly cut out abuse, give the system credibility and protect the interests of legitimate users.
There is nothing wild west in this system. We do not have to be botanical specialist to discern an apple from an orange, likewise a scam domain from a legitimate domain (I am not talking a hijacked/hacked domain - different issue).
Derek
Patrick Vande Walle
On 07 May 2011, at 00:41, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
In my role as uniform purveyor, If I report an impersonator to the police, presumably they arrest him. If they don't, *and* they tell me they're still looking for him, *and* he shows up again, then I call them again. If I call them ten times and they still don't arrest him, eventually I figure that either (a) he's innocent or (b) they don't care or (c) both. What I don't do is tell every customer who comes into my shop that because I reported someone once, everyone is under suspicion, and I'm going to be sending all of their names to the police, and collecting and verifying their address and other particulars before I sell them a uniform. I'm not a cop, and my customers (and probably the general public) don't want me to act as a cop. I'm not trained, I don't know the law, and I'm not given any powers by the state. Furthermore, I would be out of business in a week, because all my customers would be (rightly) offended and seek another uniform shop. If I recognize a malefactor, I will happily drop a dime on him. If it's someone I don't know, the presumption is that he's not a malefactor. The key is recognition. It's very easy to fake your identity on the Internet, it's very hard to verify that people are who they say they are. The cops can't seem to do it, how am I, a guy who sells uniforms, supposed to do it? I can walk into any Walmart in the country and buy a 12-inch hunting knife that I can eviscerate somebody with, or a bow and arrow that will kill a human being at a great distance. I can buy gasoline to set someone's house on fire. I can buy a variety of poisons, or the ingredients for poison, at any drug store or hardware store. They don't ask me who I am, where I live, or any such thing. If I do any of these things, the cops will come after me, but they're not going to hold the person who sold me my tools of evil responsible, simply because they are evil because of my actions, not in themselves. The vast majority of domain names are used for useful and legitimate purposes, just as gasoline is, or ammonia and chlorine bleach. Personally I have a hard time justifying a regime that would treat sellers of domain names as criminal accomplices, or impose on them a duty of verification that doesn't exist for ISPs, or email providers, or IP address providers. I certainly don't see anyone lining up to indemnify registrars against lawsuits because they deny someone a domain name unjustly. Antony On May 8, 2011, at 7:34 AM, Derek Smythe wrote:
A domain is many things to many people.
Sadly it's also part and parcel of the scammers/spammers/... bag of tricks. It's their entrance ticket to the web for certain types of crime. Add to that lookalike domains. Ask yourself why we find all those derivative names used in scams. No matter what we may say here, it is how the general public perceives domains that makes the difference to domain abusers.
What should the shop owner selling uniforms do after he was informed what you are doing with those uniforms? After he was shown how you mug people in the street outside his shop, abusing the implied power that uniform gives you?
Obviously report it to the law enforcement authorities for a start. But should/would he again sell you the next uniform (unless requested to do so by the authorities)?
Let's take it one step further, your uniforms you buy are for a country just across the border, what should the shop owner do if the shop labels were collected on the scene of a cross border crime along with a fake ID used at said shop? Or being cross-border make that make it okay? Remember, the shop owner has the closest visible link to you from a public perspective.
Add registration details to the mix. Today you are Joe Bloggs, tomorrow John Smith, the next day Dick Turpin and you present theze bogus registrations details when you buys your goods. Why did the authorities ask the shop owners for registration details in the first place if they are not collected or they don't bother verifying them in a bid to chase efficiency and simply don't care. Luckily many shop owners care, but others do not. To alleviate the issue, some shop owners creates an unverified proxy system, advertises it and sell even more uniforms. When the authorities come knocking, he simply shrugs his shoulders and blames you.
Let's change the uniforms to money. Money laundering? Know your client? Likewise trade issues. Maybe a bit extreme example, but what are scams about? Money. Take it a bit further and the reason for the money laundering legislation. Funding for terrorism, drugs and what not is not a horror story. It is very real.
Why do we expect domains to be different? Virtual maybe, but not the potential for harm through deception.
Domains are only part and parcel of the bigger issue at hand, but vital in some instances.
Let's rather ask why domains should be exempt from normal real world issues?
On 2011/05/08 00:52, Antony Van Couvering wrote:
Derek,
Why is this a "domain" issue? You seem to be describing criminal behavior but I'm not entirely sure why you're grabbing on the domain end of the stick.
If I impersonate a police officer, it's my behavior that's criminal -- there isn't (and shouldn't be) any liability attached to the shop that sells the uniforms.
Antony
On May 7, 2011, at 11:58 PM, Derek Smythe wrote:
On 2011/05/07 13:59, Patrick Vande Walle wrote:
Derek,
There can be no bargaining on fundamental, constitutional or legal rights for individuals, in favour of the commercial interests of a few corporations.
Bargaining? Few? Who said anything about bargaining or few?
As for constitutional or legal rights - nobody has the right to use a domain and/or it's privacy to defraud - that is not your constitutional/god given or whatever right - thought the Internet and the way things are implemented currently has made some parties think so because they have been doing it for years abusing international jurisdictional issues and are getting away with it without repercussions, in fact becoming quite wealthy in the process at the cost of international consumers.
Example: Is LE going to chase down a "Malaysian" provider repsonsible for a VPS full of scam domains. Example: http://www.adamscolechambers.com/law/people.html Why should this not of concern to us, the average John Doe? Simple - because the target is not the site that is being plagiarized http://www.chartlands.org/people.php (right down to images of the actual lawyers).
These scams have been going on to target the average small people that may be cluesless, yes, but they do not deserve the right to be defrauded by anonymous miscreants.
As for the legitimate chartlands.org, do they have the right to have their designs stolen, the images stolen and added to fictitious names?
Arguably they would use intellectual property laws etc to take down this domain (and they should) and end up forming part of the "evil" IP constituency en the end.
Here both the average user and the IP constituency have common ground - which is the point I'm trying to make!
Now rinse and repeat this scam thousands of times over and the victims accumulate quickly....
If such thing were to happen, that would be through the form of a proper, accountable, legislative process, not a parallel enforcement, judicial system set up by private sector companies in order to protect their vested interests. This is not the wild west anymore: we have institutions that are in charge of chasing, arresting and judging people who do things against the law. If these institutions do not do their job, talk to your congressman, vote for another party at the next election, i.e exercise your democratic rights as a citizen to influence the society and the administration that runs it.
The wild west? Congressman? Parallel enforcement? .... I think you should take a breath and ask why these are successful. My "congressman" is exactly at the heart of the problem. We do not have those here, we have members of parliament etc. Further it is not their problem either, since the actors in the above illustrated issue have nothing to do with it. Yet we may sit with victims. So where do we go, Malaysia where the DNS leads us to? What a (whois) joke, fake whois details!
Here we have international issues at play. I have no say other than continuously bugging the law enforcement officers in the USA regarding hosting accounts, pointing out issues to the relevant hosting providers etc since this malicious party abuses USA hosting providers and the protection they offer.
As for the country he resides in, Nigeria, they have different priorities and even though illegal in their country under the "419" statue, the rate at which these are growing and abusing the DNS system shows how efficient their enforcement system is. Why, it has grown way beyound the prolific cottage industry of a few years back and has it become an accepted. Do you not think the domain usage in these scams are playing a role? Yes they do and we need to ask ourselves why the use is continued and growing.
So, to answer your statement. "My" congressman or equivalent member of parliament, law enforcement etc can only do so much, but at the end of the day international escalations exist and are followed. Itis up to the recipient country to action. If they do not ... we have what we have. So no, it is not a wild west but disparate laws and remote differing priorities that causes situations like the current to exist.
But then again I think you know that as this issue has certainly been beaten to death.
And please ask yourself: who you buy a Rolex from a stranger in the street ? If you did, you would only have to blame yourself for your foolishness. Would you buy a Rolex from a stranger on the Internet ? The same answer applies. The only remedy against stupidity is education.
Wow! Now it is okay to be defraud foolish people? So much for the promise of the internet, lets start all over again.
Here is a little reality check for you since you wish to equate this to non-virtual issues; In all other non-virtual systems their is much more responsibility/accountability and maturity. We had examples regarding proxies on this list re buying cars etc. Their is a responsible party. That responsibility ensure you make very sure you know who you are proxying for if you have to accept responsibility for his actions. Equate that to the net?
The average "foolish" user equates to most of the populace on the planet. The believe that domains registrations is a normal real world process with all the checks and balances as they find in their every day lives. We on this list know better.
So are we to start another ICANN group? The "foolish" group with real responsible world expectations?
I must say I am disappointed to read on a mailing list targeting the interests of individuals that they should give up one of their constitutional rights in order to be friendly to the IP constituency.
Friendly? No, I'm saying we should not self blind at all costs. Thus far it has resulted in a stalemate that cost us individuals quite a lot. And we can expect more of the same.
Ask yourself, why are some of the biggest supporters of open whois details LE? Is it not because they also rely on the public to make them aware of issues? How many abusers on the internet have been arrested based on leads that came from the non-badged public?
Even fake whois has it's values. I suggest you read the ICANN archives on this issue.
Many lawyers in Europe consider the provisions regarding WHOIS in the RAA to be illegal in Europe. I know of at least one registrar that is under investigation of the data protection office in its country for possibly breaking the local privacy laws for individuals. It is only a matter of time before these provisions will not be enforceable in this part of the world.
Yes, hiding whois details may alleviate some problems in as far as there may be less reports of arrests. Take a guess why? Simply because the public will not be able to point out issues/trends/etc to LE.
Registrars can be part of the solution, indeed. It only requires legitimate authorities to ask them, as long as they don't break the law. If they are asked by unaccountable vigilantes, asking things against the law, like revealing personal data, don't be surprised they ignore them.
I would agree is we had a system where the obfuscated whois details were real. But as it is currently, we have a system that is seriously broken, that criminalelementsrely on for their success, and quite successfully so.
So now we are to hide this problem, roll out more TLDs and expect the interests of all be better served? Wow, where is the reality in that? I know the interests of registries/regisrars will be served
If we are to fix the system, it's simple, though painful. a) Do not allow unverified proxy registrations (tossing in a free SSL certificate as you go). Only do it once you have full verification of the registrants. Forget about instant gratification register a domain in 5 seconds. It satisfies some, harms the majority. Purge the junk details. If may cost more.
How can we also expect our/other authorities to protect us if we give them a trashed system to start off with?
b) Ensure that proxy providers themselves are legitimate. Why, one of them "lives in a tree", hotel, are proxied themselves over a period of time, targets German users (victims?), hosts in Russia, targets "foolish" users worldwide in scams/DDoS attacks etc and has the legal authorities running around in circles trying to fulfill their duties.
c) Identify bad actors in the DNS system and give it credibility by denying them access to it. It is not your god given/constitutional right to register abusive domain after abusive domain, year after year to target third parties, however "foolish" they may be. This should also not be tokenism; being seen to be doing something, just enough to avoid criticism, but not enough to distract the bad actors. Rather the registries/registrars should be agreeing on a code of conduct where their registrants should not abuysing the system to target and abuse the system, allowing it to harm third parties in cross jurisdictional issues that leads to much harm.
Here we may work with the IP constituency, not "befriending them" necessarily. At time to time we have common ground. Lets not self blind and merrily follow the piper across the cliff.
On this, caveat: Yes: there are issues such as human rights where exposure of serious human rights issues such as genocide etc should be exposed. But if we are to be serious on this issue, a new sponsored TLD can be set up where the registration etc can be managed by human rights specialists. Registration should also not attract a fee for the precise reasons this TLD should exist.
By following this process, we could rapidly cut out abuse, give the system credibility and protect the interests of legitimate users.
There is nothing wild west in this system. We do not have to be botanical specialist to discern an apple from an orange, likewise a scam domain from a legitimate domain (I am not talking a hijacked/hacked domain - different issue).
Derek
Patrick Vande Walle
On 07 May 2011, at 00:41, Derek Smythe wrote:
Hi Folks
Here is a more than excellent example of why domain abuse issues belongs at the registrar and why true privacy will not be possible until abusers are taken care of.
It all started off with a report of a phishing site. Doing a reverse lookup on the IP the domain was hosted on, we get the list included below.
Spending a bit of time on the search engines quickly shows numerous frauds related to the relevant domains. Digging a bit deeper keeps on leading to a specific "hosting provider" with a track record of these type of domains and even SSL certificate abuse.
Now, looking a bit closer at them in terms of whois details, we find gross privacy abuse for the domains used in fraud and fraud attempts.
For those that know how, looking very closely at them leads to victims to this fraud and details showing them all to be of the same origin as regards certain design elements.
Now, considering the background of the hosting provider, he specializes in these.
How do we counter the the IP constituency if they throw these examples at us?
How do we deal with this form of domain abuse? The authorities are in the know for a more than a while know. The SSL certificate providers are in the know as well. The domain registrars are in the know.
Doing a bit of backtracking leads to this post: http://www.jaguarpc.com/forums/showthread.php?t=24529
Now here is the sad part; Since that post, the hosting was terminated and simply moved to another IP at the same hoster, later we have two more more victims in Australia after this move.
http://www.rbol-uk.com/INT-UK/ (as I said, those that know how ...)
In fact the Nigerian hosting provider is simply moving hosting once caught out. In the meantime the "free one year privacy" is abused to for anonymity and to make tracking more difficult. Without finding, stopping and disabling these domains, the misery they create at the hands of the abusers continues.
As you will see, there is no easy way to do a 1-to-1 mapping of domain name against the spoofed domain, so more TLDs will just compound the issue.
It also does not help if we claim that domain names have no special meaning, in the eyes of the "ordinary user", how can http://www.barclaysonlineservice.com not be part of Barclays Bank PLC?
Now ask yourself: what number of legitimate domain owners are targeted by lack of domain privacy vs what number of the public are victimized by domain "anonymity"? Which is the lesser of the two evils?
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
Hi, On Sun, May 8, 2011 at 1:33 PM, Antony Van Couvering <avc@avc.vc> wrote: Personally I have a hard time justifying a regime that would treat sellers of domain names as criminal accomplices, or impose on them a duty of verification that doesn't exist for ISPs, or email providers, or IP address providers. on that note, there IS a "proposal" sent to ICANN (altho not via normal channels) to create "IP address registrars" AND make them subject to the same kind of rules that domain registrars must follow: http://icann.org/en/correspondence/statement-ip-address-registrar-accreditat... Not sent via normal channels, as they don't think they will get a fair hearing from the ASO: http://icann.org/en/correspondence/holtzman-to-jeffrey-02mar11-en.pdf I imagine At-Large might want to weigh in on this at some point? -- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there."Â Jon Postel
On 2011/05/08 12:33, Antony Van Couvering wrote:
In my role as uniform purveyor, If I report an impersonator to the police, presumably they arrest him. If they don't, *and* they tell me they're still looking for him, *and* he shows up again, then I call them again. If I call them ten times and they still don't arrest him, eventually I figure that either (a) he's innocent or (b) they don't care or (c) both. I know for a fact that many registrars do escalate serious issues. In fact I have had feedback via this loop on certain issues. When one registrar changed hands in terms of the holding company, all feedback stopped. Abuse using it's services shot up.
What I don't do is tell every customer who comes into my shop that because I reported someone once, everyone is under suspicion, and I'm going to be sending all of their names to the police, and collecting and verifying their address and other particulars before I sell them a uniform. Agreed, most surely not. However there is a requirement to collect registration details and that part fo the registration agreement was put there for a reason.
I'm not a cop, and my customers (and probably the general public) don't want me to act as a cop. I'm not trained, I don't know the law, and I'm not given any powers by the state. Agreed, but you do not have to be a cop to recognize a mugging either.
Furthermore, I would be out of business in a week, because all my customers would be (rightly) offended and seek another uniform shop. They would do the same if they knew you knowingly kept on supply the same mugger.
If I recognize a malefactor, I will happily drop a dime on him. If it's someone I don't know, the presumption is that he's not a malefactor. Agreed, this is not too much to ask. As for somebody you don't know, if a continued abuse pattern develops over the years, you will know something is wrong. In a normal business, would you accept the same credit card continuously from the same party if it results in a charge back every time?
The key is recognition. It's very easy to fake your identity on the Internet, it's very hard to verify that people are who they say they are. The cops can't seem to do it, how am I, a guy who sells uniforms, supposed to do it?
It's not always a case of the cops not being able to do it, it's a case of priorities. As one LE said it: "A 5 minute crime on the internet can take years to fully prosecute". hat equates to resources like finaces and manpower. That in itself causes a skewed cost in terms of cross border issues. The verification of linked events is actually not all that difficult as well either, even if not traceable down to an actual perpetrators.
I can walk into any Walmart in the country and buy a 12-inch hunting knife that I can eviscerate somebody with, or a bow and arrow that will kill a human being at a great distance. I can buy gasoline to set someone's house on fire. I can buy a variety of poisons, or the ingredients for poison, at any drug store or hardware store. They don't ask me who I am, where I live, or any such thing. If I do any of these things, the cops will come after me, but they're not going to hold the person who sold me my tools of evil responsible, simply because they are evil because of my actions, not in themselves. The vast majority of domain names are used for useful and legitimate purposes, just as gasoline is, or ammonia and chlorine bleach. Yet domains have a added requirement, a registration. There is also an expectation under that general populace that somehow domains have a special significance. I am not going to argue the merits of this point, it is how it is. However do we tell them it is wrong when domain are supposed to be registered.
Personally I have a hard time justifying a regime that would treat sellers of domain names as criminal accomplices, or impose on them a duty of verification that doesn't exist for ISPs, or email providers, or IP address providers. I certainly don't see anyone lining up to indemnify registrars against lawsuits because they deny someone a domain name unjustly. In fact indemnity is an issue came up with a recent ICANN meeting. I think the Godaddy's representative Christine Jones raised the issue. The heartening fact is that many registrars are willing to stick their necks out and do to stop abuse.
Many ISPs and other service providers nowadays requires verification. I personally use a few of those. This is also happening more and more. We need to ask ourselves why. Verification has also been instituted by law in certain countries. This in itself is a red flag for privacy, but under the circumstances we cannot blame a country if it is in a genuine bid to protect it's citizens. Howe can we counter it being later abused? However we as general internet users set the stage for this scenario and we only have ourselves to blame for where this could well lead to. That is why it is of concern to me that we do not pass the buck in terms of addressing bad actors in our midst and give them a hiding place under the "privacy" flag while they prey on out fellow internet users, also using privacy as an excuse for invalid whois details, rather rather exposing them by reporting etc as allowed for. However by denying the issues of domain abuse linked to domain privacy or fake registration details, we are well on our way to forcing ourselves into a choice of our constitutional privacy and not being a registrant or having no privacy and being a domain registrant as the only two legal options. If this sounds unrealistic, a related issue is the banning of domain privacy on .US domains. If in a bid to do the right thing we have to work with members of the IP constituency, so be it for now. I have shown we have common ground. Interesting reading: http://voices.washingtonpost.com/posttech/2011/02/godaddycoms_christine_jone... Derek
I have a meta question here. Does anyone in the discussion other than me actually work with law enforcement dealing with online crime, or is it all hypothetical? Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
Continuously. On 2011/05/08 21:25, John R. Levine wrote:
I have a meta question here. Does anyone in the discussion other than me actually work with law enforcement dealing with online crime, or is it all hypothetical?
Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
On 08 May 2011, at 01:34, Derek Smythe wrote:
Why do we expect domains to be different? Virtual maybe, but not the potential for harm through deception.
Domains are only part and parcel of the bigger issue at hand, but vital in some instances.
Let's rather ask why domains should be exempt from normal real world issues?
Indeed. Domain names are no different from any other means used to deceive, extort or steal other people. The Internet is no different from the rest of the society. Hence, crime on the Internet should be handled by the same actors as the rest of crimes. Surely, private investigators can report suspected criminal activities to LEA, and obviously, registrars, registries, ISPs should honour requests originating form legitimate law enforcement entities. Now, the fact that LEAs may not be efficient in fighting crime, especially in an international context, is no reason to build a parallel enforcement system run entirely by the private sector with no accountability to the rest of the society. Surely, LEAs could do better. But we should help them by providing the information we have, rather than trying to judge and punish ourself. Patrick
----- Original Message -----
From: "Patrick Vande Walle" <patrick@vande-walle.eu> To: "At-Large Worldwide" <at-large@atlarge-lists.icann.org> Sent: Monday, 9 May, 2011 12:42:22 AM Subject: Re: [At-Large] Privacy and domain abuse vs the IP constituency
On 08 May 2011, at 01:34, Derek Smythe wrote:
Why do we expect domains to be different? Virtual maybe, but not the potential for harm through deception.
Domains are only part and parcel of the bigger issue at hand, but vital in some instances.
Let's rather ask why domains should be exempt from normal real world issues?
Indeed. Domain names are no different from any other means used to deceive, extort or steal other people. The Internet is no different from the rest of the society. Hence, crime on the Internet should be handled by the same actors as the rest of crimes. Surely, private investigators can report suspected criminal activities to LEA, and obviously, registrars, registries, ISPs should honour requests originating form legitimate law enforcement entities.
Yes, but for private investigators to be able to do their jobs they need some public information. It requires the whois to give enough info to know it is the same entity, while guarding the privacy of the individual. What do you propose?
Now, the fact that LEAs may not be efficient in fighting crime, especially in an international context, is no reason to build a parallel enforcement system run entirely by the private sector with no accountability to the rest of the society. Surely, LEAs could do better. But we should help them by providing the information we have, rather than trying to judge and punish ourself.
LEA do not work alone, someone has to report the crime, LEA need the public help very often to know what is happening. This is a societal issue which is not linked specifically to the Internet. I don't want to open a debate, but should we have a policeman at every street corner, or should we have responsible citizens who tell kids to behave and sometimes slaps them to put them back at their place ? ref: http://www.lesechos.fr/economie-politique/france/actu/0201324616036.htm So yes I'm not for a parallel enforcement system outside of governments, but at the same time, can't we handle some of the minor issues ourselves? To have worked with the whois technically, technically it is a mess, this is one area ICANN could work on, without trying to mix a technical problem (info is queried and displayed in a similar manner) with a political problem (what info to display). The problem of domain abuse to be handled by the registrar only. I strongly disagree. How do you get to the extent of the issue? Each registrar has a different way to report domain abuse... ICANN should be the one stop shop, you report to ICANN, they collect statistics and pass the report to the registry (for them to learn more about their registrars) and to the registrar for it to handle. ICANN is only doing the Ostrich policy with its head in the sand trying to ignore the extent of the problem?
Now, the fact that LEAs may not be efficient in fighting crime, especially in an international context, is no reason to build a parallel enforcement system run entirely by the private sector with no accountability to the rest of the society.
I get the impression you aren't very familiar with the way that law enforcement works. For Internet stuff, they are constantly working in tandem with non-LE people in industry and academia. I work with them in mailing lists, occasionally on the phone, and face to face at conferences. Now and then I testify in court. For obvious reasons I can't discuss the details, but the idea that there is a Chinese wall between LE and non-LE, and that non-LE don't use WHOIS info to assist LE is laughable. I think we all agree that natural people have privacy rights. But about 99% of domains are not registered by natural people, which makes it obvious that the right way to hande the ones that are registered by natural people is as exception cases. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
On 09 May 2011, at 02:31, John R. Levine wrote:
For Internet stuff, they are constantly working in tandem with non-LE people in industry and academia.
This is by no means new, or Internet-specific. LEAs have always relied on ordinary people to provide them information in order to identify and locate criminals. I am fine with that. What I do not want is that domain name suspensions happen outside the LEA framework.
I think we all agree that natural people have privacy rights. But about 99% of domains are not registered by natural people, which makes it obvious that the right way to hande the ones that are registered by natural people is as exception cases.
I think it is also safe to say that 99% of the people do not use the WHOIS databases. Maybe we could treat the one percent of those having a need for the WHOIS as an exception. This is, in essence, what Telnic has done for the .tel WHOIS : allow access to clearly identified individuals and entities. Patrick Vande Walle
I am fine with that. What I do not want is that domain name suspensions happen outside the LEA framework.
Wow, you really are completely unfamiliar with the way the Internet works. Never mind. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
On 05/09/2011 06:20 AM, John R. Levine wrote:
I am fine with that. What I do not want is that domain name suspensions happen outside the LEA framework.
Wow, you really are completely unfamiliar with the way the Internet works.
Perhaps a better way to express the thought above is that we aspire to a kind of net governance in which domain name suspensions occur only through well defined procedures that are good enough to be considered by most of us as conforming to our notions of "due process". --karl--
That is exactly what I meant. Thanks Karl. "Karl Auerbach" <karl@cavebear.com> wrote:
On 05/09/2011 06:20 AM, John R. Levine wrote:
I am fine with that. What I do not want is that domain name suspensions happen outside the LEA framework.
Wow, you really are completely unfamiliar with the way the Internet works.
Perhaps a better way to express the thought above is that we aspire to a kind of net governance in which domain name suspensions occur only through well defined procedures that are good enough to be considered by most of us as conforming to our notions of "due process".
--karl-- _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
Best regards, Cordialement, Patrick Vande Walle -- Sent from a mobile device. Apologies for the typos and the brevity.
Wow, you really are completely unfamiliar with the way the Internet works.
Perhaps a better way to express the thought above is that we aspire to a kind of net governance in which domain name suspensions occur only through well defined procedures that are good enough to be considered by most of us as conforming to our notions of "due process".
Hypothetically, that would be very nice. Meanwhile, on the actual Internet, registrars routinely turn down thousands of domains every day just to keep up with the pillz, phish, and other crimeware. There's certainly room for improvement, but to me it's impressive that they screw up as infrequently as they do. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
PS:
This is, in essence, what Telnic has done for the .tel WHOIS : allow access to clearly identified individuals and entities.
Uh huh. I just picked a bunch of names out of the .TEL zone file, did WHOIS lookups, and it gave me the data for all of them. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
participants (8)
-
Antony Van Couvering -
Antony Van Couvering -
Derek Smythe -
Franck Martin -
John R. Levine -
Karl Auerbach -
McTim -
Patrick Vande Walle