ICANN Cracks Down on Invalid WHOIS Data 358
DotNM writes "Internet News reports that ICANN, the Internet Corporation for Assigned Names and Numbers, is beginning a crackdown on invalid data in the WHOIS database. In ICANN's annual report, they found that nearly 5000 of the 24148 complaints were due to inaccurate WHOIS information. Some of the domain names in question had the address information of known spammers in the database. Registrars, the companies you register your domains with, are under contractual obligations to ensure this information is correct and accurate. Do you believe this is a step in the right direction? Why?"
It's a rule, play by it. (Score:4, Interesting)
Re:It's a rule, play by it. (Score:2, Interesting)
Re:It's a rule, play by it. (Score:2)
Are they required? What if a domain does not have any MX records? What if it's not used for web purposes?
As someone who gets a copy of both webmaster@ and postmaster@ for about 500 domains let me tell you, all I ever get there is SPAM.
Re:It's a rule, play by it. (Score:5, Informative)
RFC 2142, "Mailbox Names for Common Services, Roles and Functions" is a proposed standard and includes 'webmaster@', 'abuse@', 'noc@', etc.
Re:It's a rule, play by it. (Score:4, Informative)
> Oh dear you thought they were standards,
RFC 822 *is* a standard. It is also known as STD 11, "Standard for the format of ARPA Internet text messages".
--------- *snip* ---------
6.3. RESERVED ADDRESS
It often is necessary to send mail to a site, without know-
ing any of its valid addresses. For example, there may be mail
system dysfunctions, or a user may wish to find out a person's
correct address, at that site.
This standard specifies a single, reserved mailbox address
(local-part) which is to be valid at each site. Mail sent to
that address is to be routed to a person responsible for the
site's mail system or to a person with responsibility for general
site operation. The name of the reserved local-part address is:
Postmaster
so that "Postmaster@domain" is required to be valid.
Note: This reserved local-part must be matched without sensi-
tivity to alphabetic case, so that "POSTMASTER", "postmas-
ter", and even "poStmASteR" is to be accepted.
Re:It's a rule, play by it. (Score:3, Insightful)
The purpose of WHOIS contact information is to allow users and operators of other Internet sites to get in touch with you if your site is causing a problem. The Internet is cooperative, recall -- it could not exist at all without the thousands of sites and networks agreeing to carry each other's traffic. This cooperation requires that operators be able to contact one another in case of a problem. The alternative is that if I see anything even remotely resembling an attack coming from your netwo
Forget the spammers... it's the stalkers! (Score:5, Insightful)
My websites all point to my former address. I moved because some freak was harassing me and I was worried he was going to show up on my doorstep some day. I didn't update the listing and won't for at least another year, unless I get a PO box, and I'm sure as hell not going to spend the money on that when I'm getting zero benefit on it.
My registrar has my real contact info. That's all that matters. If someone has a complaint about one of my sites that can't be resolved by emailing me, they can write to my hosting provider or my registrar.
Re:Forget the spammers... it's the stalkers! (Score:3, Insightful)
Your registrar isn't going to accept calls in the middle of the night because your PC is infected with a virus or DDoS agent and is saturating my network with traffic. That's not thei
Because I want a persistent address (Score:5, Insightful)
I had a stable email address with an ISP for about ten years, but the ISP discontinued my service plan and said I'd have to change addresses if I wanted to stay with them, so that's why I registered a domain, so I have a permanent net address that I can give out to friends and acquaintances. That doesn't mean I want it advertised to the public. It's like an unlisted phone number. I'm ok with the registrar having my contact info in case law enforcement needs to find me, but I see absolutely no reason they have to publish it in WHOIS.
Re:Forget the spammers... it's the stalkers! (Score:5, Insightful)
My registrar emails me too frequently with "special offers" and I get site related junkmail even though my whois data does not point to my address. I can only surmise that the registrar is making a few bucks on the side selling data.
If there was a valid reason for the FBI or the IP-Police to kick down my door, they can do a dig on me, go to the switch up the road, and pull the line. When I pop out of the door to look at the wires, they can rush me with all their SWAT gear.
For everyone else - It's the internet, use it to contact me, or lookup the netblock owner, they get a check from me every month. If the law enforcement officers can't do that, they should be kicked back to parking meter duty.
I have an unlisted phone number for a reason, I'm sure not going to post it in the whois database!
Re:Forget the spammers... it's the stalkers! (Score:3, Interesting)
Re:Forget the spammers... it's the stalkers! (Score:4, Interesting)
Re:It's a rule, play by it. (Score:5, Insightful)
If you want to make a dent in spamming, just violate the first, fourth, fifth, sixth and eighth amendments. Simple!
Re:It's a rule, play by it. (Score:3, Insightful)
1st Amendment: Spam is not protected free speech. Commercial speech, which the vast majority of spam is, isn't covered here. We are talking about people who are selling you herbal viagra and the like. Unless you somehow want to include SPAM in a religious context?
4th Amendment: While I certainly don't support pressing the fourth amendment, the government has already set numerous preceden
Re:It's a rule, play by it. (Score:5, Insightful)
Re:It's a rule, play by it. (Score:4, Insightful)
I haven't recieved any snailmail spam, most likely because I'm not American, but one evening I got a [lovely] call from China. A female (yes, I was shocked myself, first time a girl calls me!) said something about representing some huge business.
Her english was bad so I couldn't really hear what she was saying, but I finally figured out that they had heard about 'my large and great company' and that I was known worldwide for my splendid leadership and nose for business.
I kinda freaked out, hung up and went for my tinfoil hat. I changed the contact info, but when my registrar complained that my address 'BOFH Avenue 666' was bouncing I had to change it back.
Bottom line, I would very much appreciate some kind of mechanism that would protect your privacy a little bit better. The problem is that the Internet is global and legislation is very different around the globe so the solution would have to be technical.
Re:It's a rule, play by it. (Score:2, Interesting)
Hell no! (Score:3, Insightful)
It's a crappy rule; change it. (Score:5, Interesting)
Requiring public, accurate whois information is idiotic. I think a requirement for accurate information held in confidence by ICAN is a good idea (to be available to the police with a warrant). Before you run out there cheering for accurate public information, think about how you would feel if every email and every web posting you made had your home phone & address on it. If everyone were sane and reasonable, it would be good. Since everyone's not, and someone can anonymously e.g. burn your house down, it's bad.
Spammers are just going to get phones with junk info and PO boxes. This can only hurt, not help.
I'm surprised to see the responses I'm seeing on a site where most people ostensibly argue for free speech and anonymity.
Re:It's a rule, play by it. (Score:4, Informative)
Enforcing this rule for the ".us" domain name is to be required as part of the proposed US-Australia Free Trade Agrement [dfat.gov.au] - Chapter 17, Article 17.3
Re:It's a rule, play by it. (Score:2)
Re:It's a rule, play by it. (Score:3, Insightful)
Not quite... (Score:5, Funny)
In the case of spammers' domains, take a few extra steps. First, lock the domain right away. Second, instead of attempting to inform the spammer that their domain is locked until the WHOIS data is updated, send an assasin to where they live to have them killed.
Will this limit freedom of expression? (Score:4, Interesting)
In the US, it's not a problem to express yourself. You can say whatever you like about the government and get away with it. OK, not quite anything. In other countries, however, including western countries like Germany and France, freedom of expression is non-existant -- you may only say what the government allows you to say. In the two countries I've mentioned, it's not much of a problem, because they've basically only banned racist expressions. But there are more than enough other countries (China, anyone?) that actively work to suppress their citizens from expressing themselves freely. For dissidents in such countries, false WHOIS data may be necessary for freedom of expression. Is ICANN trying to help such governments crack down on their citizens?
If ICANN wishes to enforce this rule, I agree with the procedure outlined in the parent post, but disagree that spammer's domains should be treated separately.
The problem is, how do you recognize a spammer's domain? If you simply look at the "to" address, it will result in a lot of legitimate sites getting spammed, because a real spammer will fake the from address. If you look at the originating sender, I've had enough (virus) spam that apparently originated at my mail server. The header information was modified -- the IP did not belong to my mail server. But you can't backtrace to find the domain if the IP is in a dynamically allocated range. Once again, 1:0 for the spammers.
The few honest souls who are dumb enough to use valid information will get caught anyway. Now if we are talking about domains that are linked in spam, that's a little easier to deal with, but there is still a large potential for abuse. So a spammer doesn't like a site. Voila, take them down. In fact, anyone could effectively disrupt any website they like.
Of course, spammers should be prosecuted, provided they are within the jurisdiction of a state that cares (e.g., the US). But intellegent spammers work offshore anyway, which puts them beyond the reach of any western regulatory body except ICANN. We can go after their domains, but there's no easy solution to determine which domains are pure spam.
Lots of useless data in there (Score:5, Interesting)
I looked at using the whois db for my IP to city [hostip.info] project, but rejected it because (a) it's forbidden [which was the most important reason, honest
So I just depend on good folks like yourselves to fill in the data. I think that gets around the various patents that Quova etc. have got on populating a city/ip database as well
Frankly I'd give it about 50% accuracy, and I'm approaching that without using it at all...
Simon
Re:Lots of useless data in there (Score:5, Informative)
As for maxmind (and quova), I think you'll find you pay for anything other than the country data. Hostip gives you the city if it can...
Regardless, one of the points is to try and analyse just how much wrong data is entered, when you let the net as a whole put info into a system, so I'm happy anyway, and if it turns out to be a useful resource, so much the better
It's always easier to knock something down rather than build it up, isn't it ? Let's just see how it evolves over time
Simon
Re:Lots of useless data in there (Score:3, Insightful)
Some NAT firewalls send extra headers (X-NAT-PROPOGATED-FOR') similar to proxies ('HTTP_FORWARDED_FOR' and similar), and I try to pick up on those where I can, but at the end of the day, any system has to have *something* to work with.
The fraction of IP addresses that oscillate or change city a lot is very small (1%). The vast
Good for spammers (Score:5, Insightful)
Re:Good for spammers (Score:5, Funny)
That's the thing, all right. I'll change my domain's address from AL Ralsky's residence when they crack down on WHOIS spamming.
Not sure if it's a good idea (Score:5, Funny)
Not sure what the legal ramifications/consequences of doing so might be, so do it at your own risk.
Re:Good for spammers (Score:3, Funny)
Just this morning I did the classic, rip up all the junk mail and use their prepaid envolopes to ship it back to them. It cost them stamps, time to open it, and to throw it away. And it was fast and fun for me!
Re:Good for spammers (Score:4, Interesting)
Well, I don't give two flying fucks about your "valid WHOIS" issues. I have a private site. It's not for you, it's not for others, it's for me. It recieves MY mail, and provides services to select friends. That's all it does.
I should not need to give out all my contact information to the world just so I can locate my damn server on the internet easily.
Re:Good for spammers (Score:3, Interesting)
It's not for you, it's not for others, it's for me.
That's too bad because the DNS is a PUBLIC database. The Internet is PUBLIC. You don't make the rules; ICANN does. If you don't like it -- tell your friends to set up their own DNS servers with pointers to your IP.
I should not need to give out all my contact information to the world just so I can locate my damn server on the internet easily.
Again, that's your o
Re:Good for spammers (Score:3, Insightful)
I kno www.SomeNameHere.com looks cooler, but since it's really a private little thing, I'm not sure that should be an argument.
Change of the rules (Score:4, Insightful)
So, change the rules to only let the magic people that operate the internet and the law see it.
Re:Change of the rules (Score:5, Insightful)
Every Joe in the country does not need his own second-level DNS domain. For those that believe they have a solid reason to have their DNS domain parented that far up the DNS hierarchy, they need to be aware that public registration is a requirement for that.
I don't really see a problem with that, especially for domains like ".com", which are meant to be commercial.
Now, for the new TLDs like ".name", I might see a case where DNS registration might not need to be accompanied with a publicly-visible registration, but for the rest, why not? It helps everyone identify who's responsible for a domain so that problem and abuse reports get handled in an efficient manner.
If we pull domain contact information from the public, someone still needs to be an effective first line for abuse and problem reports. If someone has a misconfiguration or malicious user that's impacting my network, I'd better damn well have a number I can call to get that issue resolved. If I can't get that in the WHOIS database, I'd better be able to call someone who can obtain it on my behalf.
I guess for me, it boils down to having responsible contact information available for every netblock and DNS domain that's registered. This doesn't necessarily need to be the end user (and in the case of third-level DNS domains or a customer's small netblock, it isn't even today), but if users are going to register assets high enough in the "tree" (second-level DNS domains and large IP netblocks), they need to accept the responsibility of keeping valid contact information available to the public, because nobody else is going to do it for them. You're free to sub-delegate those resources (third and fourth-level DNS domains or smaller blocks of IP addresses, for example), making you the contact for those end users, or if you choose to require their contact information be publicly available, they would be. It's just gotta be someone. The gTLD registrars I don't think are staffed to be that someone.
My two cents.
Re:Change of the rules (Score:2)
evil people will always find a way to find a target.
A PO box? (Score:2)
First, ICANN should crack down (Score:5, Insightful)
Ironic (Score:5, Interesting)
Something about this is ironic.
Someone needs to speak to NetSol about the ICANN report.
-----
Protect Your Privacy
from Spammers and Telemarketers
When you register a domain name, your address, e-mail, and phone number are published in the public WHOIS database. ICANN requires this personal information to be available for anybody to view on the web. With
Private Registration you can deter spammers, telemarketers, identity thieves, harassers, stalkers and others who access this database.
Private Registration provides you with alternate contact information for your domain name registrations. The contact information you want to keep private is kept out of the public WHOIS database.
For a limited time you can add Private Registration to each of your existing domain name registrations for the introductory price of just $5 a year. Terms and conditions are included in our Service Agreement.
To add Private Registration
1) Log into your Network Solutions Account
2) From the Account Details page, click on one of your domain names
3) In Domain Details, click "Make this a private registration"
4) Check the domain name registration(s) you want to make private and
click continue
Introductory Offer Only $5 a year
Re:Ironic (Score:5, Informative)
Re: (Score:2)
We can do it. We have the technology. (Score:4, Interesting)
It'd be interesting to see what would result if WHOIS is washed against such a list...
Re:We can do it. We have the technology. (Score:2)
Re:We can do it. We have the technology. (Score:2)
It's a pretty sophisticated tool aimed at junk mailers who don't want to get any return-to-sender pieces, and used by anybody who presorts their mail in order to get lower postal rates since the post office already gets the groups in ready-to-split packages.
Re:We can do it. We have the technology. (Score:2)
Re:We can do it. We have the technology. (Score:3, Insightful)
Most people, in fact all
Fake addresses necessary (Score:3, Funny)
The spam kings don't mind having to leave valid contact info,
but obviously draw the line on accurate email addresses that
would leave them open to receiving UCE.
Don't want your information public? (Score:3, Informative)
https://registrar.godaddy.com/dbp.asp?isc=&se=%2B
It only costs 2-3$ a year more than a normal domain, and the domain is registered in the registrar's name so your info isn't public.
Re:Don't want your information public? (Score:2)
My guess is not very hard.
On a side note, if this is designed to tie in with the can-spam act, then why haven't people started to sue the owners of web sites linked in spam? Or those who contact you back after submitting 'tracking data'?
Re:Don't want your information public? (Score:2)
A person shouldn't buy this "anonymous registration" service expecting that nobody will ever be able to track them down. There is nothing that you can do to keep the FBI (or whatever Law Enforcement Agency) from tracking you down.
Anyone who expects to be able to run a site with illegal content expecting complete anonymoty is a damn fool, and failed to read rules when buying the service. They state quite clearly that if you break the law while hiding behind them, they will fully c
crap! (Score:4, Funny)
It's not that hard to confirm a physical address. (Score:2)
This would be what most domain registrars are doing for e-mail addresses, which explain why e-mail is so accurate yet physical addresses are wrong. However, domain registrars would drag their feet on this because 1. It costs money, an
No, I don't believe it is... (Score:2)
How about MY privacy as a domain owner? Do I really need s-mail spam, e-mail spam, etc just because spammers lie about their address?
Re:No, I don't believe it is... (Score:2, Insightful)
Hrm... (Score:2)
And then that begs the question is it legal/ethical to require that information to be public?
I know of no law that requires that information to be correct and I can see several ethical issues that would preclude this not being a privacy right issue.
I second that motion (Score:4, Insightful)
This policy sucks. (Score:5, Insightful)
What if I want to be able to host a website realtively anonymously, so that people don't know that I am running the website?
For example, what if I were gay, and wanted to host a website about gays, but I didn't want my employers to be able to do a search and find out that I am gay so they can discriminate against me?
Also, spammers and other marketers harvest the info from the registration datatbase. Back when the Internet was all educational facilitities, requiring people to register who they are made sense. Now it does not.
Hopefully this policy will not affect services that act as proxies to register names under their name rather than the name of te acual server owner.
Then don't register the "I-M-GAY.COM" domain name (Score:2)
Re:This policy sucks. (Score:2, Interesting)
Get a Lawyer (Score:3, Informative)
I love my hosting dudes (Score:3, Interesting)
Thats risky. (Score:4, Insightful)
Re:I love my hosting dudes (Score:2)
.
Nobody cares about mining data from WHOIS (Score:4, Insightful)
You know that huge, 5+ paragraph bit of text you get with any WHOIS query that's really damn annoying?
An employer who shall remain nameless used the WHOIS database to get sales leads. When they got blocked for too many queries per day, they simply set up more systems- they were blocked by specific IP, not range.
The most amusing part was the nonchalant reaction when said employer called Verisign and asked if they could pay for more access, the answer was no, but when Verisign was told "we'll be accessing the data anyway", the answer was "okay". You'd think it would be more along the lines of "you do that, and you'll be violating our terms of use and we'll sue the crap out of you".
Do you really think Verisign gives a crap about the privacy of info in the whois database?
ramblings... (Score:5, Interesting)
Some whois databases already put the e-mail address in an image so that spiders cant harvest them, most do not. This means that a first timer will quickly find his/her e-mail address useless becuase of the sheer amount of spam the address gets.
Then there is the question of privacy and personal safety. Let's say I believe that some cult exists only for the sole purpous of ripping people off, and I put up a web site warning other people and telling them of my personal experiences. The cult memebers that feel outraged by my blasphemy might look up who I am by the database, and I would be risking life and limb by putting opinions on the web.
Now someone is bound to ask "Hey, what about kiddy pr0n". Well, that's why I think the autorities should have access to that information, just as they have some other rights not bestowed upon us regular joes.
The next argument will then prolly be
Those who would sacrifice a little freedom for temporal safety deserve neither to be safe or free.
- Benjamin Franklin
I think this is hypocrisy and not even quite realistic. It's easy to quote famous people from behind a keyboard, but I just wonder how many of the slashdot crowd would actually put the money where their mouth is. After all, living together is but a series of compromises. No one can live their lives as they whish. Chance and other people will prevent this.
And as someone said
No man is an island,
Entire of itself.
Each is a piece of the continent,
A part of the main.
But I digress...
Re:ramblings... (Score:3, Interesting)
I don't think that this scenario can be aptly described by Ben's quote. This is a decision that may increase people's freedom to not be harassed by spammers. Granted, there will need to be policies to keep personal information intact. Perhaps they should make all information tha
Re:ramblings... (Score:2)
Re:ramblings... (Score:3, Interesting)
The rest of us hurt when your DNS domain information is bad. It's not about turning the domain owner in for kiddie porn
I think it's good (Score:3, Insightful)
For intents and purposes, we're dealing with addressing, and just like each physical address the post office deals with needs to be as accurate as possible for mail to be delivered effeciently, so do the cyber addresses that exist need to be in order for things to work correctly and effeciently.
I work at a corporation where a former engineer setup several hundred remote domains with all servers having the exact same host name. This meant for years we could only utilize the network on an IP level (e.g., all scripts and so forth not being able to use hosts names, but instead using the differing IP addresses of each server). Now, I know there are ways around this, but logistically, we had to wait to "fix it right" and have now done so, but the point is, fore-thought into proper addressing, accurate information, etc., when dealing with networking -- or the postal system -- is essential. Keeping things up-to-date is also essential.
We bitch about mail being slow, but how many of us haved moved and then taken the time to inform each addressy of that move especially when the postal system lets us know to do so by still delivering the mail to us with the little yellow "inform sender of address change" sticker?
I'm glad to see the enforcement of accurate information take place....
Wrong. (Score:2, Interesting)
Above all it's stupid. Anyone putting correct information in there is not breaking the law an
Excellent move! Make domain owners responsible. (Score:3, Insightful)
I can understand that some people have reservations about posting their private information in public databases, but options such as PO Boxes are available (I use a PO Box myself). Also think of it in context: if someone knows your name and wants to find your address, they can easily do so anyway. You can also give a cell phone number instead of a home phone, of course.
Dynamic DNS (Score:2)
I wonder if ICANN cares about this at all, or if their problem is with false WHOIS information, rather than people avoiding having any WHOIS information whatsoever.
ICANN't (Score:2, Insightful)
1) I don't have a correct email address listed, so I don't get spam.
2) I don't have a correct snail mail address listed, so I don't get junk mail
3) I don't have a correct phone number listed, so I don't get telemarketers.
Seems to me like this will be a huge benefit to any company who's ever solicited me in a way I hate. Score: Businesses, 1; Users, 0
Re:ICANN't (Score:3, Informative)
Re:ICANN't (Score:3, Interesting)
If it takes me a week to wind my way through the legal system because you chose to make it difficult for me to contact you, you can bet that I'm holding you partially responsible for the damages that extra week caused.
WHOIS contact information isn't about documenting your name and address for Big Brother, it's about being a responsible Internet organization. No one is twisting your arm and saying you
define "invalid" (Score:3, Informative)
Proxy Registration Services (Score:5, Informative)
For those who fear stalkers, etc., there are services like Domains by Proxy [domainsbyproxy.com] (related to the registrar Go Daddy [godaddy.com]). These services will register the domain on your behalf; they require valid contact info from you, and they put their own contact info in the WHOIS database. This is technically in line with the ICANN rules because the proxy registrant is the real registrant of the domain. (Although they have a contractual obligation of doing it on your behalf.)
If you break the terms of service -- for example, if you use the domain for spam support or to commit illegal activities -- the proxy registrant will expose your real identity. Otherwise, your privacy is pretty well protected with these services.
I've used those types of services (including Domains by Proxy) to register domains on behalf of minor children who shouldn't have their contact info exposed online, and for other purposes requiring some level of privacy. For my own domains, I'm not afraid to use my valid PO box address and phone number.
(Note: I am not affiliated with these services in any way, except as a customer.)
My experience (Score:4, Insightful)
A WHOIS horror story (Score:4, Interesting)
Well...I got on every telemarketing phone call list imaginable...AS A BUSINESS. You think it's hard stopping residential telemarketing? Wait until you start getting phone calls at your house asking you to buy Pitney Bowes postage equipment, insurance for your employees, etc, etc.
It was a NIGHTMARE. All I could do was ask the individuals to a) place me on their do not call list, and b) ask where they bought my information from (information that, not a SINGLE COMPANY was able to provide).
So, since then, I've used a P.O. Box for mail, and I FLAT REFUSE to give a phone number.
I'll start providing valid information when I know that it isn't going to be harvested by any slimy company out there.
Um no (Score:2, Insightful)
Slashdot? Or Schoolbookdot? (Score:3, Funny)
This sounds like a question from some 5th grade social studies book... Brings back nightmares from those days. Please don't write like this again.
Email in WHOIS (Score:4, Interesting)
Here's a suggestion. I've only been doing this for about a week but it's been effective so far. In WHOIS, list your email address as dns-admin@yourdomain.blah. Configure your mail server to accept email to this address but then send a bounce with "5.1.1 User has moved; please try dnsadmin@yourdomain.blah" message (note the lack of hyphen). Configure dnsadmin@yourdomain.blah to go to your real mailbox.
This works because no spammer ever uses their real email address, so they'll think their message was accepted and they'll never see the bounce. Meanwhile, a real human being who actually needs to communicate with you will get the bounce with your real address.
As for physical contact information, the best I've come up with so far is a PO box. But that costs money.
Spammers and other questions... (Score:4, Interesting)
Second question. Why not have some small fee in order to access the WHOIS database. Make it a dollar charge, that has to be charged to a credit card with correct contact information (for example, they fax you the data). If someone abuses the database, then they get cut off.
Third question, and the most important. How the hell can we make a better system where the 98% of us who do not abuse resources do not get screwed by a few bad apples who will do anything for a buck. Do we make it a charge, so there can not be an easy profit? Do we have a system where a few trusted people are allowed to forward requests, and block those they know are from the bad apples? How do we identify the bad apples?
This all pisses me off. I hate it how one person can force the rest of us to NEED locks for doors. It would be better if they did not exsist.
Re:Spammers and other questions... (Score:2, Redundant)
Personally, I feel the internet should stay away from charging. The moment you begin to charge for one service it's only a matter of time before other services get charged for as well.
Screw ICANN (Score:2, Interesting)
The one time I used all of my correct information I ended up getting a) prank phone calls, b) calls from people who disagreed with some of the sites messages (think free choice vs. life, not PORN
The people who are lazy to call end up mailing you. Sure you can setup an account that just collects all of
Yes. So that abuses of the system are dealt with. (Score:2)
> are under contractual obligations to ensure this information
> is correct and accurate.
>
> Do you believe this is a step in the right direction? Why?
Yes. So that abuses of the system are dealt with.
pointless (Score:2)
It's the wrong way to go (Score:5, Insightful)
2. Spoofing whois is essential for people who wish to use the internet to get messages across that powerful people want suppressed. Or at the very least, powerful people will retaliate.
For instance:
mediawhoresonline.com -- the people behind the Horse (out to pasture at the moment) were afraid of retaliation in their personal and private lives. They have some justification for this, for Bush and his people have grown famous for their ruthless vengeance against anyone who crosses them - Valerie Plame, Wilson, Richard Clark, the owners of that restaurant in Texas tht called the cops on the Bush Girls (business shut down for "code violations"), the Funeralgate affair (nailed the whistleblower AND her department). And innumerable others whom we don't hear about because, well, reporters don't want to cross the Bush family either.
Buzzflash.com also hides their identies for the same reason, I think.
Now, on to the cultbusters. During the late '90's, a lot of ex-Scientologists went online, mainly on the Usenet on alt.religion.scientology, but also branched out into the web as well. They had to hide their identities: the utter certainty of the destruction of their lives if they ever were outed was paramount. The viciousness of the attacking Sea Org (secret agents oh my) is legendary, and you can check it out at xenu.net, as well as any number of other sites.
Just don't use the WayBack machine: they purged the history of the internet of all the critical sites with any teeth at the behest of the Hubbardites.
Now there are others: the Moonies, the nutballs in Japan, any number of small, evil little cults all over the U.S. If you want to expose them, anonymity is key. And anonymity was long held constitutional in the U.S. under the 1st amendment as necessary to demand redress of wrongs without fear of retaliation.
I fake my whois info, and always will.
3. Registering users will not stop the spam. Oh please. People who send billions of messages and make millions of dollars aren't scared of fines or jail time. They're rich; they won't see real jail. This registration crackdown is happening because the control freaks in law enforcement can't stand seeing anonymous communications. It's like nails on chalkboard to them. I think Pratchett said it best when he wrote that cops, if they had their way, would make everyone sit at home, at their tables, with their hands on top of the table where the cops can see them.
It's not like we haven't seen this coming. The jail doors are clanging shut, and they won't let us bang on any pipes in Morse code without the ability to listen in any time they'd like.
Never again. (Score:3, Interesting)
I used to write a lot about moronic white supremicist groups around the country.
One day I saw my home phone and address being passed around on skinhead message boards, and the real-life threats began.
I'll never provide legit info again, ever. I'd rather lose my domain than have someone come to my door and threaten to kill my "nigger loving" family, again.
Companies and individuals are different (Score:3, Insightful)
I will not have all the people who don't like what I publish on my websites harrass me at my home address, which is the only "valid" address I currently have to use in my whois records. I will not give that information out in public for any reason. There are way too many net.kooks out there for me to volunteer my home address.
I will also not pay to get a p.o. box to avoid being harrassed. Why should I pay to be left alone?
For businesses, however, I do agree, the whois records should be valid and uptodate. This includes the spamming parasites, who've made it an art form to forge every single record of theirs they possibly can.
How can they prove it? (Score:3, Interesting)
What if I were the operator of a website that contained opinions that were very contraversial? One example I can think of is the abortion debate. There are extremists on both sides who will spend every waking moment trying to ruin the lives of people on the other side of the debate.
Do I want to invite people to my house to vanalize my property or burglarize me if I can help it? Certianly not.
I have always used fake information, except for my phone and email contact (I figure that its pretty immune to what I'm worried about, I can filter spam, etc) which I leave in case my registrar accidentialy forgets who my domain belongs to.
How do they know I do not live at this address? Are they going to send someone out? What if its just a drop box for mail?
Why require accurate contact info? (Score:3, Interesting)
Just firing from the hip here, but corporations and real estate have to have accurate contact information too. I'm guessing this has to do with preventing squatting, and with resolving legal issues which involve the owner of the property in question. Both of these issues have correlaries in domain name space.
I don't feel like publishing my personal data (Score:5, Interesting)
What's next, publishing my SSN and birthday in whois data?
I know some other countries (france, for example) are very strict and will only issue domains to a company with a tax ID and right to the name. Well, go right ahead france, but I think the generic domains (com/net/org) should remain open to all without prying eyes.
If we wanted such open access to domain owner data, how how about a
False Entitlements (Score:4, Insightful)
I liken them to homeowners and small businesses who are dumping their pollution directly into the river, and then complaining when told that the same new environmental laws which apply to mega-toxic-corp upsteam also apply to them. However, just like the river, which may supply drinking water to people living downstream, DNS is a public service hosted on other peoples servers, not your own. If you want to use a public service (as opposed to running your own private DNS server for your buddies, etc.) you may have to abide by public rules.
The beginnings of a clean-up mechnism are simple. Notify people to clean up their DNS records and then randomly snail mail letters to a percentage of domain owners. Lock domains for owners who do not respond.
If you want your privacy and anonynimity, which was not implicit in the original rules for DNS service, pay for a proxy service (electronic equivalent of a PO box, answering service, subsidiary in the Bahama's, etc.). But don't depend on being entitled to a mechanism which makes you look exactly like joe toxic spammer at zero cost, and which leads to a Tragedy of the Commons.
Re:Or.. (Score:2)
Re:Or.. (Score:2)
Re:Or.. (Score:2)
Same reason an e-mail address need be published... to get a hold of the owner in the event of a problem. When for example a site's dns servers go down, this can cause just a little bit of havic. As many people have their contact information on addresses hosted on the dns server, you can see where this can become a problem.
Re: (Score:3, Funny)
Re:More control but not for corporations (Score:2)
Because "we" don't "run" the Internet. The Internet is a protocol, not a television network.