funsec mailing list archives
Re: WHOIS Privacy Stalemate... Again
From: "John LaCour" <johnlacour () gmail com>
Date: Wed, 22 Aug 2007 14:53:25 -0700
Private registration is an issue when bad guys register domains, but in practice I don't see this too often. It's more often that they use completely made up information or just use a stolen identity. For example, all of the rock phish domains were registered with the actual name and address of the person whose stolen credit card was used to pay for the domain (last time I checked). Access to the WHOIS information is also helpful when a legitimate organization has had their resources misappropriated (e.g. their server hacked) and you want to contact them to get things cleaned up. Registrars and ISPs would find themselves being the middle man thousands of times a day if they have to vet requests for contact information due to security incidents (on top of the abuse issues they already have to manage). -John On 8/22/07, Larry Seltzer <Larry () larryseltzer com> wrote:
Aren't there other people, people here even, that are interested inkeeping some level of whois available to the public - besides those big scary black helicopter types that are only trying to track your Internet doings?! I'm also uncomfortable with the stereotypes in this story which, unfortunately, follow from the interest groups formally represented at the GNSO. The fight is more than just a bit illogical. The interests of intellectual property holders and other privacy opponents may be impeded by an OPOC setup, but it's already impeded by private registration. No process to get information from a private registration is going to be any easier than the OPOC, so the fact that the process won't be standardized means that the incentive for disparate private registrations to develop is greater. Seems like a bigger mess to me. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- WHOIS Privacy Stalemate... Again Paul Ferguson (Aug 22)
- Re: WHOIS Privacy Stalemate... Again Brian Loe (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- Re: WHOIS Privacy Stalemate... Again der Mouse (Aug 22)
- Re: WHOIS Privacy Stalemate... Again John LaCour (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Andy Sutton (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Nick FitzGerald (Aug 22)
- Re: WHOIS Privacy Stalemate... Again David Jones (Aug 23)
- Re: WHOIS Privacy Stalemate... Again Nick FitzGerald (Aug 23)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- Re: WHOIS Privacy Stalemate... Again Brian Loe (Aug 22)
- Re: WHOIS Privacy Stalemate... Again Don Blumenthal (Aug 24)
- Re: WHOIS Privacy Stalemate... Again Valdis . Kletnieks (Aug 28)