|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: no whois info ?
I don't want to turn this into a domain policy discussion, but here are a few comments (in some semblance of order) which relate to the operational aspects. 1. Anyone controlling an operational resource (such as a domain) can't be anonymous. This _in no way_ prevents anyone from doing things anonymously on the Internet: it just means that they can't control an operational resource, because that way lies madness. 2. If someone wants to remain anonymous -- say, as in the example Janet cited, of sexual abuse victims -- then one of the very LAST things they should do is register a domain. Doing so creates a record (in the registrar's billing department if nowhere else) that clearly traces back to them. Further, an anonymously-registered domain isn't much good without services such as DNS and web hosting: and those, of course, represent still more potential information leaks. Anyone who thinks their "anonymous" registration is truly anonymous is in for a rude awakening: if the data isn't already in the wild, it will be as soon as the spammers find it useful to make it so. It's much better, if anonymity is the goal, not to begin by causing this data to exist. 3. Anonymous domain registration, like free email services, is an abuse magnet. [Almost] nobody offering either has yet demonstrated the ability to properly deal with the ensuing abuse: they've simply forced the costs of doing so onto the entire rest of the Internet. It's thus not surprising that a pretty good working hypothesis is to presume that any domain which either (a) has anonymous registration or (b) has contact addresses at freemail providers is owned by people intent on abusing the Internet. No, it's not always true, but as a first-cut approximation it works quite well. Doubly so if the domain is in a TLD known to be spammer-infested (e.g., ".biz") and triply so if the domain name itself screams "spam" (e.g. "cheap-phentermine-online.biz"). [1] 4. Spammers have a myriad of ways of "harvesting" mail addresses that yield the same data but without requiring WHOIS output. For example, some of the malware they've released prowls through all the sent/received mail on infected systems...which means that if anyone using their brand-new anonymously-registered domain happens to send a single message to someone else -- who is already or subsequently infected -- then the address in question will shortly be in the wild, bought and sold and used by spammers. Note that some of the infected systems are mail servers, so even if the sender and recipient are secure from infection, the address in question may still be acquired. And no doubt some of them are inside registrars and DNS hosts and web hosts, just like they're [nearly] everywhere else. And this is just one way that addresses are harvested. 5. Spam is about far more than than merely SMTP these days. SPIM (IM spam) and SPIT (VOIP spam) and adware and all kinds of other things are being used -- and by _the same people_, e.g. Spamford, to do exactly the same thing: put content in front of eyeballs. Even if we could throw a switch and cut off all SMTP spam, the respite would only be temporary. So just trying to hide from SMTP spam, although it might provide the comfortable illusion of accomplishing something in the short term, is useless in the long term. 6. Spam is a problem for everyone, and so it's everyone's responsibility to fight it. Those who want the privilege of controlling operational resources must also accept the responsibility of doing their part. ---Rsk [1] To save you the trouble of looking it up: Domain Name: CHEAP-PHENTERMINE-ONLINE.BIZ Domain ID: D3193600-BIZ Sponsoring Registrar: DOTSTER Domain Status: ok Registrant ID: DOTS-1025016423 Registrant Name: N K Registrant Organization: Registrant Address1: - Registrant Address2: n/a Registrant City: - Registrant State/Province: - Registrant Postal Code: - Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.3155551212 Registrant Facsimile Number: +1.3155551212 Registrant Email: [email protected] and so on. A 200-foot-high billboard would only be slightly more obvious.
|