Re: Teen hacker controls ebay

[Alexander Bochmann <ab () lists gxis de>]

...on Thu, Sep 09, 2004 at 12:17:59AM +1200, Nick FitzGerald wrote:

> Jeffrey Denton wrote:
> > $ whois -h whois.opensrs.net. ebay.de
> > Registration Service Provider:
> >    DBMS VeriSign, dbms-support () verisign com
> Issuing code-signing certs in Microsoft's name to non-MS folk.
> Reassiging a major eBay domain to Joe Schmoe just because he filled in 
> a web form.
> Is there anything in common here apart from incompetence and obvious 
> lack of trustworthiness of this company's core business operations?

In this case, Verisign can't be blamed - at the time 
of the owner change, Tucows was responsible for ebay.de 
and should have denied the transfer (DENIC's system 
defaults to "yes" if no answer is received, as 
others already mentioned).

Nevertheless, it was the responsibility of the 
provider requesting the transfer to check if 
his customer was authorized to have the domain 
transferred - obviously, cost pressure makes 
the domain traders skip a few steps here.

So, better have your domains handled by someone 
who knows the rules (especially if you're not 
Ebay and no one is going to solve your problems 
in a few hours instead of days).

Alex.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html