FC: More on hoopla.com domain reportedly stolen via fax to Verisign

[InfoSec News <isn () c4i org>]

---------- Forwarded message ----------
Date: Sat, 13 Apr 2002 09:24:51 -0700
From: Declan McCullagh <declan () well com>
To: politech () politechbot com
Subject: FC: More on hoopla.com domain reportedly stolen via fax to Verisign


---

From: admin () consumer net (admin)
To: <declan () well com>, <twinset () cardigan com>
Subject: RE: Domain heist: Hoopla.com reportedly stolen via fax to Verisign
Date: Sat, 13 Apr 2002 00:43:11 -0400
Message-ID: <005401c1e2a5$b76ab730$2b483244@CJ52269B>

The attorney at VeriSign (Network Solutions) who handles these cases is
Phil Sbarbaro at phils () verisign com.  What the issue is that they get
fax authorizations to update the admin contact all the time because
people let their domain records become outdated.  Then there is the
question of how much work does NSI do in order to verify the
authenticity of the fax and/or use due dilligence to correct the matter.

As for getting the domain back via legal means there are generally 2
ways to do that.  One is the Dispute Policy (UDRP) where the owner would
claim trademark rights or a court order. john () johnberryhill com is

Many registrars are now allow users to use "registry locking" which is
essentially the same as locking in your long distance carrier with your
local phone company.

Russ Smith
http://TheNIC.com

---

X-pair-Authenticated: 68.56.46.10
From: "Raymond Hines III" <ray () hinesfamily com>
Organization: DreamStates Technologies, Inc.
To: declan () well com
Date: Fri, 12 Apr 2002 18:25:38 +0005
Subject: Re: FC: Domain heist: Hoopla.com reportedly stolen via fax to Verisign

This also happened to me - I used to own the domain name "dream.org"
back in 1994 when I ran an online BBS called DreamStates BBS. The
techies at the University of Florida graciously allowed me to pull email and
newsgroups via the UUCP protocol under my own domain name (dream.org).
It was very cool and DreamStates BBS was one of the first "internet" enabled
BBSes in all of Florida.

Years later I moved and no longer used the domain name but had it parked
under my personal webmaster account with a hosting company to save for
future use.  When it came time for renewal, I found out that I no longer owned
the domain name -- it was swiped right out under from me with nary a word
from anyone.  Apparently someone in Hong Kong stole it and to this day it is
still registered to someone there.

After many frantic calls and faxes with Network Solutions, the conclusion
was "You're screwed." in so many words. I just gave up fighting for it long
ago since I was a still a struggling student at the University and didn't have
the time nor the resources to fight it legally.

However, after that nasty experience, I transferred all my domains from
Network Solutions to OpenSRS which now has the ability to "lock" your
domain in from being transferred unless you explicitly approve it. I feel much
safer now and I would recommend folks transfer their domains away from
control of Network Solutions for that reason alone (not to mention the
cheaper fees as well).

Ray

---

Date: Fri, 12 Apr 2002 15:33:33 -0700
From: Troy Davis <troy () nack net>
To: Declan McCullagh <declan () well com>
Cc: politech () politechbot com
Subject: Re: FC: Domain heist: Hoopla.com reportedly stolen via fax to Verisign

That happened to one of our domains in late 1998 -- twice.  The hijacker
faxed a forged change request, it was approved despite our email rejection,
and we spent many hours on the phone to get it back.  NetSol switched it
back and said it was locked from future changes.  Two days later, same thing
happened and we did it all over again.  This time they apparantly locked it,
or the guy gave up.

After it happened, we started a thread on a mailing list that NSI used to
host for discussing the domain registration process.  8-10 people replied
to the thread, so they knew about the problem then.  Unfortunately the list
has been closed and the archives seem to be gone.  Worse, it sounds like the
process is still broken.

Troy

---


Date: Sat, 13 Apr 2002 14:42:09 +0200
To: Dean Allen <twinset () cardigan com>
From: Alexander Svensson <alexander () svensson de>
Subject: Re: FC: Domain heist: Hoopla.com reportedly stolen via fax to
   Verisign
Cc: declan () well com

Dean,

At 12.04.2002 13:48, Declan McCullagh wrote:
> From: Dean Allen <twinset () cardigan com>

> A friend of mine, Leslie Harpold, published a well-respected blog/site 
called at hoopla.com. A few days ago her domain was illegally transferred 
to someone named Hubert Sarah in Berlin, seemingly on the basis of one fax 
to NetSol.

unfortunately, the new whois entry is complete
garbage -- there is no "kreshenc 8402 street beunce"
in Berlin, and 41645 is not the correct ZIP code
for Berlin either. Hardly an accident.

> sarah  hubert
> kreshenc 8402 street beunce
>
> berlin
> de  DE  41645
> hubertaxer () yahoo com
>
> Phone: 46456154

Best regards,
/// Alexander

---




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Sign this pro-therapeutic cloning petition: http://www.franklinsociety.org
-------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.