nanog mailing list archives
Re: Is WHOIS going to go away?
From: Rich Kulawiec <rsk () gsp org>
Date: Wed, 25 Apr 2018 09:04:15 -0400
On Thu, Apr 19, 2018 at 05:57:48PM -0400, bzs () theworld com wrote:
One of the memes driving this WHOIS change is the old idea of "starving the beast". People involved in policy discussions complain that "spammers" -- many only marginally fit that term other than by the strictest interpretation -- use the public WHOIS data to contact domain owners. I've countered that 20+ years experience trying to "starve the beast" by trying to deny them access to email and other casual contact info has proven the approach to be useless.
I've been trying to kill this same meme for years, and it just won't die. It's related to the equally-silly meme that says that email/newsgroup archives should have the addresses of participant obfuscated, and it's just as wrong. Let me make yet one more likely-futile effort: 1. WHOIS data is a poor source of email addresses. It always has been. Much richer ones exist and new ones show up all day, every day. The same can be said for mailing list/newsgroup archives. Moreover, many of those people are poor choices as victims. 2. Those much richer sources include (and this is far from exhaustive): - subscribing to mailing lists - acquiring Usenet news feeds - querying mail servers - acquiring corporate email directories - insecure LDAP servers - insecure AD servers - use of backscatter/outscatter - use of auto-responders - use of mailing list mechanisms - use of abusive "callback" mechanisms - dictionary attacks - construction of plausible addresses (e.g. "firstname.lastname") - purchase of addresses in bulk on the open market. - purchase of addresses from vendors, web sites, etc. - purchase of addresses from registrars, ISPs, web hosts, etc. - domain registration (some registrars ARE spammers) - misplaced/lost/sold media - harvesting of the mail, address books and any other files present on any of the hundreds of millions of compromised systems annnnnnd - the security breach/dataloss incident of the day 3. The bottom line is that, starting about 15 years ago, it became effectively impossible to keep any email address *that is actually used* away from spammers. [1] Simultaneously, it became a best practice to assume this up front and design defenses accordingly. 4. You know who is best-protected by restrictions on WHOIS and obfuscated domain registration? Spammers, phishers, typosquatters, and other abusers. It's not a coincidence that the number of malicious domains has skyrocketed as these practices have spread. (And "skyrocket" is not an exaggeration. I've been studying abuser domains for 15+ years and I have no hesitation saying that easily 90% of all domains are malicious. And that's likely a serious understatement. Why? Because whereas you and I and other NANOG-ish people register one here, one there, whether for professional or personal or other use, abusers are registering them by the tens of thousands and more. Much more.) ---rsk [1] Yes, there are edge cases. I *know*.
Current thread:
- Re: Is WHOIS going to go away?, (continued)
- Re: Is WHOIS going to go away? Lyndon Nerenberg (Apr 21)
- Re: Is WHOIS going to go away? Lyndon Nerenberg (Apr 21)
- Re: Is WHOIS going to go away? Mark Andrews (Apr 21)
- Re: Is WHOIS going to go away? Lyndon Nerenberg (Apr 21)
- Re: Is WHOIS going to go away? valdis . kletnieks (Apr 20)
- Re: Is WHOIS going to go away? valdis . kletnieks (Apr 20)
- Re: Is WHOIS going to go away? Rich Kulawiec (Apr 25)
- Re: Is WHOIS going to go away? valdis . kletnieks (Apr 20)
- Re: Is WHOIS going to go away? Scott Schmit (Apr 24)
- Re: Is WHOIS going to go away? bzs (Apr 24)
- Re: Is WHOIS going to go away? Rich Kulawiec (Apr 25)
- Re: Is WHOIS going to go away? Anne P. Mitchell Esq. (Apr 25)
- Re: Is WHOIS going to go away? Rob McEwen (Apr 25)
- Re: Is WHOIS going to go away? Stephen Satchell (Apr 25)
- Re: Is WHOIS going to go away? Aaron C. de Bruyn via NANOG (Apr 25)
- Re: Is WHOIS going to go away? Rob McEwen (Apr 25)
- Re: Is WHOIS going to go away? Rubens Kuhl (Apr 25)
- Re: Is WHOIS going to go away? valdis . kletnieks (Apr 26)
- Re: Is WHOIS going to go away? Mike Hammett (Apr 26)