Dot .name becomes cybercrime haven

The company that controls the .name registry is charging for access to domain registration information, a step that security researchers say frustrates their ability to police the internet and creates a haven for hackers who run internet scams.

When security researchers investigate spam and phishing activity on the internet, they rely on special Whois directories, which list the owner of a domain name, their hosting service and their contact information.

They can use the information to track down who is responsible for a particular scam and to notify innocent webmasters if a portion of their site has been hijacked by black-hat hackers.

ICANN, which sets the rules for the internet’s top-level domain names such as .com and .net, has traditionally required registrars to make Whois data publicly searchable as a condition of the companies’ right to sell domain names.

But Global Name Registry, or GNR, which administers domain names ending in .name (that are intended for use by individuals e.g., johndoe.name), won the right to create tiered levels of Whois access, where public searches show very little information beyond what registrar sold the name and what name servers the site uses.

The site sells five passwords, good for 24 hours only, for $2.

That’s $2 too much for security researcher Gadi Evron, one of the leading authorities on zombie computer networks. “What they have done is made sure the .name TLD is free haven for bad guys to lurk on,” Evron said. “If I need to report 1,000 domains, I’m not going pay $2,000.”

Paul Ferguson, a network architect at the security giant Trend Micro, said just this week he’s seen black hats finding ways to spread malware through name computers.

Swa Frantzen, a Belgian volunteer handler at the SANS Internet Storm Center, which monitors the net for threats, brought the policy to light on Saturday, after he was looking into some odd JavaScript reported to the center.

The domain name indicated that a legitimate .name site might have been hacked, but the .name portion of the domain name didn’t feel right, Frantzen said. The Whois information might have let him figure it out.

But Frantzen refused to pay.

“It feels like extortion,” Frantzen said. “No matter the small amounts involved, it becomes a problem as it means spending money, authorizations, purchases orders and having authorized users for credit cards. All sorts of things that slow it down dramatically.”

Whois data typically includes the name of the purchaser, a physical and e-mail address, as well as information about who hosts the site and what its name server is.

In recent years, registrars have been allowing veiled registrations so that domain-name owners can hide their identity, but still be contacted in case of an emergency or if they are served with legal papers.

Karen Lentz, ICANN’s domain registrar liaison, says that GNR is allowed to keep the data behind a paid firewall as part of its contract with ICANN, and to comply with British privacy laws.

“There is certain data that is minimal data that is free, and there is tiered access to more detailed information,” Lentz said. “One level involves paying a fee to get you access to more data for a limited period of time.”

“The whole point of having this service is to make it efficient,” Lentz said.

Another ICANN employee dismissed security researchers’ concerns about paying for the data.

“I don’t know why that matters,” she said. “Is this (reporter phone call) really worth $2 of your life?”

GNR did not reply to a request for comment by deadline.

But security researcher Evron says the move to a pay system demonstrates a larger truth about names and the internet.

“The domain name system has grown bigger than it was ever planned to be, is doing more than it was ever intended to do and does it proudly,” Evron said. “But the governance around it has become profit-based, and we have no fallback system to handle criminal organizations and countries that abuse domain names.”

Storm center volunteer Frantzen suggests that most domain name owners would benefit from making e-mail address available through the Whois system.

“Just imagine you get a call from us telling you about a problem and offering help to fix it, versus you getting a call from your ISP informing you they shut down your server due to a breach of policy,” Frantzen said.

Read the rest of this entry »

Posted in Domains, Internet, Security | No Comments »

Battle of the ulu.com’s: Lulu.com vs. Hulu.com

This case that could surely elicit some giggles from the rhyme police. Lulu.com said Wednesday that it has filed suit against Hulu.com for trademark infringement on the grounds that the two names and business models are too similar and will create confusion in the market.

Lulu.com, a service that lets members publish, print and sell their own books, has been around for five years, according to the company. Hulu.com is a joint digital video partnership between NBC Universal and News Corp., whose corporate entity N-F Newsite announced the name last week. The lawsuit, filed Wednesday in U.S. District Court in North Carolina, charges N-F Newsite with trademark infringement, unfair and deceptive trade practices, and federal cyberpiracy.

“We have spent more than five years and tens of millions of dollars in investment successfully building the Lulu brand and website into a place for millions of creators and consumers to publish, buy, sell and manage digital content,” Lulu CEO Bob Young said in a statement.

According to gossip site Valleywag, News Corp. took over the domain Hulu.com from a small family that used the site for posting family photos.

Read the rest of this entry »

Posted in Domains, Internet | No Comments »

North Korea to get Internet code

North Korea is expected to register an Internet country address this year as the isolated communist state takes cautious steps towards global information technology, an official said Friday.

The Internet Corporation for Assigned Names and Numbers (ICANN) is likely to approve North Korea’s country domain “.kp” at a meeting in Los Angeles starting in October, Suh Jae-Chul, a board member, told AFP.

“ICANN is expected to approve North Korea’s country code top level domain as it did recently ‘.ps’ for Palestine and ‘.eu’ for the European Union,” Suh said.

“This means that North Korea is becoming more active in engaging in Internet activities,” he said.

Professor Kim Young-Soo, an expert on North Korea at Sogang University, said Internet access in the North was still strictly limited.

“Access to the Internet is tightly controlled there as if it were a top secret,” he said.

North Korea keeps itself closed to the outside world to prevent so-called spiritual pollution from subverting its hardline socialist system.

TVs and radios are tuned to official channels only. The media is a propaganda tool and the leadership is aware of the Internet’s potential to stir up dissent.

It operates its own version of the Internet, a highly censored Intranet that has its own messaging function, Kim Young-Soo said.

It is policed by the Korea Computer Center, North Korea’s window on the worldwide web and its leading high-technology research and development hub.

The centre, set up in 1990, acts as the regime’s gatekeeper, selecting only approved information and downloading it onto the Intranet.

Content is mostly limited to science and technology and available only to selected research institutes, universities, factories and a few individuals.

A German portal set up a joint venture with North Korea in 2004. But South Korea’s Unification Ministry has estimated that only a tight circle of leaders, including Kim Jong-Il and his military henchmen, would have direct access to the Internet.

Read the rest of this entry »

Posted in Domains, Internet | No Comments »

Previous
Next
  • Search


Copyright © 2009 Red Canyon Ltd. All rights reserved.

Company Registration No. 6688868



Find us on Facebook! Find us on twitter! Read our blog! Bookmark us on delicious! Bookmark us on Stumbleupon!

We are listed on the FreeIndex.co.uk Web Designers directory