funsec mailing list archives
Re: [privacy] Should Owners Of Web Sites Be Anonymous?
From: Kevin McAleavey <kevinmca () nsclean com>
Date: Thu, 27 Apr 2006 18:44:53 -0400
Remember, this is JESUSland you're talking about ... you'd THINK that by now "the all-seeing eye" would KNOW who's a terrorist and who ain't. Heh. Sorry, couldn't resist ... this episode, like all of the others merely indicates that our politicos have the cluephone qualities of a J-Lo ringtone. :) SORRY to the rest of the world - I live in upstate New York ... VIVE le Quebecois! Avez-vous cigarettes? Heh. But seriously, my embarassment pinned the meter back BEFORE September of 2001 ... once off scale and the needle was bent, I just can't explain it anymore beyond the fact that upstate New York has been abandoned longer than the rest of Jesusland who is still spinning "Katrina." Osama should be PROUD of our leaders, doing MORE damage than he could have even imagined. :( Domain: whitehouse.gov Registrant: Osama bin hidin Contact: Pakistan Cluephone: Off hook, see "spin" Sheesh. :( Forgive my bad attitude, but I see more of Osama than our own government does ... egold trojans as but ONE example that works ... At 12:34 PM 4/27/06, you wrote:
I found this article both curious and entertaining. Of the 4 or 5 websites I run the only whois information that is accurate is an email address and a phone number. This allows interested parties to contact me if necessary but doesn't expose me to any more danger than is absolutely necessary. For law enforcement to claim they need whois info to track the bad guys is laughable. If they have sufficient cause to investigate a website, they came to that cause through the content of the website which is easilly accessible. With the "probably cause" they can get a warrant and go directly to the webhost(which they find with an IP Block lookup or a DNS record). The phishers are already using dynDNS and other technologies to hide their websites so whois wouldn't work for them anyway...that is unless their involuntary reflexes are governed by a checklist. On 4/27/06, Richard M. Smith <rms () bsf-llc com> wrote:http://online.wsj.com/article/SB114609925357637113.html?mod=todays_us_marketplace Should Owners Of Web Sites Be Anonymous? By WILLIAM M. BULKELEY April 27, 2006; Page B1 Last fall, in the wake of Hurricane Katrina, the American Red Cross used an Internet database called "Whois" that lists names and numbers of Web-site owners to shut down dozens of unauthorized Web sites that were soliciting money under the Red Cross logo. Online marketplace eBay Inc. says its investigators use Whois hundreds of times a day to pursue scamsters. Insurance giant Transamerica recently used Whois to trace the owner of a Web site purportedly in the Middle East but actually U.S.-based -- that was selling insurance by infringing on the Transamerica trademark. But if proposed rule changes are adopted by the organization that runs the Internet, corporate and government investigators won't be able to rely on Whois to find the owners of fraudulent Web sites. Whois is regulated by the Internet Corp. for Assigned Names and Numbers, usually called Icann, a nongovernmental organization based in Marina del Rey, Calif., that handles many vital Internet issues. Under Icann's current regulations, anyone who gets a Web site is supposed to list a name, phone number and address in Whois of a contact person to resolve both technical problems with a site and administrative issues. Earlier this month, at the urging of privacy advocates and over the opposition of major corporations, the Icann committee responsible for Whois voted 18-9 to restrict its listings solely to someone who can resolve technical "configuration" problems. That means a Web-hosting company could be listed without any link to the person who controls what appears on the site. After the committee makes recommendations on other aspects of the Whois rules, the full Icann board is expected to approve the reduced disclosure requirement. The dispute partly reflects the growth of the Internet from a communications network used by scientists and academics into a global river of commerce. The requirement for a name, phone number and street address came years before identity theft became a mainstream concern. Advocates of reduced information say that the original purpose was to make sure someone was available to fix Web-site problems that were interfering with the broader network, and the changes are consistent with the original goals of the Internet of permitting free-wheeling communications. Marc Rotenberg, executive director of the Electronic Privacy Information Center, an advocacy group based in Washington, said "for privacy, this is a very good result," because bloggers and other individuals who operate their own Web sites will no longer need to fear stalkers or threats of lawsuits. However, law-enforcement agencies around the world and companies such as Microsoft Corp., Sony Corp., Walt Disney Co. and Time-Warner Inc. are criticizing the plan because they say they need the information now in Whois to combat financial fraud and trademark violation. With only the identity of a technical person, they say investigators won't be able to find a site's owner without filing a lawsuit and getting a subpoena. Many corporate representatives had hoped the committee would force more accurate disclosure in Whois. Bruce A. MacDonald, a trademark lawyer with Schnader Harrison Segal & Lewis in Washington, says lack of enforcement of current Whois regulations is "scandalous" because it lets "fictitious entities and anonymous persons" register domain names. Removing the requirement entirely, he says, will "result in a complete loss of the ability" for companies to track down people misusing corporate trademarks. Although the U.S. government has only an advisory role with Icann, it has indicated it wants more disclosure rather than less, according to one member of a task force working on the issue for Icann. A spokesman for the commerce department says it hasn't submitted a formal statement. The decision to reduce information in Whois "shows that Icann isn't under the control of trademark interests and the U.S. government," says Milton Mueller, a Syracuse University professor and privacy advocate who has been following the issue. However, he says, "there's still a danger that the U.S. government will try to circumvent this." He noted that last fall, the Icann names committee proposed establishing a domain name extension -- ".xxx" -- designed for pornographic Web sites, but the U.S. government has persuaded Icann to postpone approving the plan. Mr. Rotenberg says the U.S. government is in a delicate political position, because it wants the U.S.-based Icann to run the Internet rather than having it taken over by the United Nations as some governments have proposed. Therefore, it is important for Icann to function as an independent body even if it sometimes goes against U.S. policy. Some privacy advocates say Whois may violate tighter data-privacy rules in Canada and Europe by publishing personal information of Web sites based there, but the matter has yet to be adjudicated. Icann declined to make officials available to discuss Whois. The committee vote represented the interests not only of privacy advocates but of companies called registrars. They contract with Icann to sell people uniquely named Web sites and often host the Web sites on their own computers. A number of companies, like Godaddy.com of Phoenix, Ariz., and Register.com, New York, have made being a registrar a major business. Icann gets most of its annual budget from the registrars who pay it certain fees plus 25 cents a year for each domain name registered. The registrars expect that less disclosure would spawn more Web sites. Bloggers played a major role in the dispute, seeking to guard their privacy. One anonymous blogger wrote in an email to the committee that providing contact information publicly "is a way of setting [bloggers] up for identify theft, stalking, stupid lawsuits, and the fear of never knowing when some net kook is going to show up on one's doorstep." Tongue in cheek, he suggested that Icann order corporations with Web sites to list the home addresses and phone numbers of their executives and attorneys. Write to William M. Bulkeley at bill.bulkeley () wsj com _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy-- Warwick AckFin Don't tread on me <>< _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
---------------------------------------------------- Kevin McAleavey at your service Privacy Software Corporation http://www.nsclean.com kevinmca () nsclean com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- [privacy] Should Owners Of Web Sites Be Anonymous? Richard M. Smith (Apr 27)
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? warwick ackfin (Apr 27)
- Message not available
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? Kevin McAleavey (Apr 27)
- Message not available
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? warwick ackfin (Apr 27)
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? Larry Seltzer (Apr 27)
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? Kevin McAleavey (Apr 27)
- Re: Re: [privacy] Should Owners Of Web Sites Be Anonymous? Valdis . Kletnieks (Apr 27)
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? Kevin McAleavey (Apr 27)
- <Possible follow-ups>
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? Justin Polazzo (Apr 27)
- RE: Re: [privacy] Should Owners Of Web Sites Be Anonymous? Justin Polazzo (Apr 28)
- RE: Re: [privacy] Should Owners Of Web Sites Be Anonymous? Justin Polazzo (Apr 28)
- Re: [privacy] Should Owners Of Web Sites Be Anonymous? Justin Polazzo (Apr 28)