Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Crime The Internet

IP Lawfirm Sues Typosquatting Security Researcher 101

Posted by timothy
from the sure-would-be-a-shame-if-somethin'-was-t'-happen dept.
First time accepted submitter scottbee writes "A major New York intellectual property lawfirm has filed a $1m lawsuit against domain squatter/security researcher Wesley Kenzie (aka Securikai). Kenzie registered domain names to collect misaddressed email, and then holding companies to ransom claiming he had found security vulnerabilities and would consult for five figure engagements. Lockheed Martin handled it with a simple UDRP, but the Gioconda Law Group decided instead to file a lawsuit for 'cybersquatting, trademark infringement and unlawful interception of a law firm's private electronic communications in violation of federal laws,' along with a permanent injunction. Kenzie had also tried the same tactic against Rapid7's HDMoore, but was shamed out of the domain names earlier this year."
This discussion has been archived. No new comments can be posted.

IP Lawfirm Sues Typosquatting Security Researcher

Comments Filter:
  • by magic maverick (2615475) on Sunday June 24, 2012 @03:07PM (#40431483) Homepage Journal

    For those of you, like me, who weren't sure what UDRP meant, it means Uniform Domain-Name Dispute-Resolution Policy [wikipedia.org] and ICANN has a page on it [icann.org].

    Anyway, this indicates a major problem with the domain name system. One which could be solved by a simple, careful and widespread application of OpenPGP [faqs.org]. That is, if everyone encrypted emails for recipients, people like this would not be able to read them.

    Also, if I were this "security researcher" I would set up legitmate looking websites at the various domains. Perhaps giocondolaw.com could be a website for Grand International Operations. ConDoLaw., a website trying to put together a convention about law for lay peoples, run by GIO, an organisation setup by our hero... Or something. You know, it doesn't even have to be clever, just appear to actually have a real use for the domain name. In the case of the lockheedmartun.com website well, maybe a shell company called Lockhe, which makes an editor (ed) called Martun, Lockhe Ed Martun. Perhaps repackage and sell (for only $5000 a seat, this wonderful software, complete with source code, and what we won't tell you unless you buy it, is that it's just GNU EMACS or perhaps VIM (depending on what you hate the least).

  • Re:Scummy (Score:5, Informative)

    by interkin3tic (1469267) on Sunday June 24, 2012 @03:23PM (#40431583)
    I'm no lawyer, so I'm not talking about legal standards, but the last link in the summary mentions that at least some other similar schemes this guy pulled off, he essentially threatened to post the e-mail contents, which he said were sensitive, on his blog for all to read. Which to me is a pretty clear indication he did intend to extort.

    It also points out that this is a scheme that is at least 14 years old, hard to claim that he bought all these domains without realizing they were very close to other domains.

    Again I'll point out that I'm not a lawyer, so I'm talking common sense standards here, not legal standards, which usually make no sense to me.

"It's what you learn after you know it all that counts." -- John Wooden

Working...