Ever since Kevin Murphy broke the news today on TheRegister.co.uk, that VeriSign is asking for take down powers without court orders, the domain blog world has been a buzz with posts about the proposed policy.
Verisign wants the power to “be able to enforce the “denial, cancellation or transfer of any registration” where a domain is deemed to be “abusive”.
Included in the laundry list of reasons for taking down a domain or even cancelling the registration is:
“(e) to respond to or protect against any form of malware (defined to include, without limitation, malicious code or software that might affect the operation of the Internet).”
At the same time this story broke, most domainers are aware that the blog aggregator domaining.com was been reported as a “bad actor” by all of the browsers and blocked.
According to Francois who owns and operates domaining.com, it has been a victim of an attack “of an SQL injection attack originating from multiple Chineses IPs”.
Would Verisign have the right under the proposed rules to take down domaining.com or even cancelling the registration based on the proposal?
Could be and that of course is just one real life example of how this requested power could screw with a lot of people and their livelihood and while the proposal talks about a ” protest procedure to support restoring a domain name to the zone.” it doesn’t talk about what that would entail in terms of time or money.
We know one thing, mistakes happen, domains have been seized by Homeland Security in error and if you think its going to be cheap or quick to get a domain back you should read up on the case of Rojadirecta which was seized in February of this year and is still working its way through the appellate courts.
To fight a VeriSign or the US Government for the return of a domain name could easily run into the six figures and higher.
Of course as part of the proposal Verisign wants immunity for its action even if its completely wrong.
Verisign runs the .com, .net, .tv, .cc, .jobs and and .name TLD’s
Ever wonder if everyone not in China should just ban all Chinese IPs from being able to access our sites? I’m sure a few people make money off Chinese traffic but for the majority is China really a net gain? It surely hurts our quality rankings with G & Y which lowers overall payouts. Then they hack and attack everyone, or try at least. And for what net benefit? Where is the incentive?
Everyone wants to take the glory but no one wants to takes the responsibility when something goes wrong.
The American way!
Most DDOS comes from infected servers in China, Russia and Africa – they do not even know it.
At this point it is all about the government (silver tongue vacuums) “thinking” for those who they deem not able to think on their own.
I’ve recently heard allegations that some country’s actual Internet infrastructure has built into it spyware etc… Wouldn’t blow my mind.
@BullS
Sigh.
On the side, DomainNameWire reported that VeriSign will offer some “protest feature”. They’d better (or even forget about this whole thing altogether) before someone like, say, Microsoft or Google suddenly finds their domain name blocked out one day and decides to sue them for it.
blocking a domain name doesn;t solve the problem.
the problem is forcing (and it does seem to rise to that level) people to use stuff that is ridiculously insecure and just begs to be exploited.
turn on javascript.
use windows.
use our big bloated browser.
use braindead scripting languages so you don’t have to understand how a computer works and never become competent in C.
use dns and pretend the web cannot function without it. bs!
this stuff is basically forced on people. there is a large contingent of developers who simply do not want anyone to become educated on how to be more secure if it means not using their insecure software. they view users as stupid and incapable when actually it is they who cannot get things right.
they get uptight when anyone comes along, eg, a better coder, who is smarter than they are, who values simplicity and does not follow the herd. they want to keep a status quo of head in the sand stupidity.
and this is what makes things so easy for malicious hackers.
that is the problem. ignorance. opposition to education. this is not rocket science.
denying malicious hackers use of the com registry is a stop-gap measure and does not address the underlying problem.
Blocking Chinese IP addresses won’t help. As for this case, this was a direct attack on Domaining. They can always root an end users machine in several countries and re-route through 20 different machines making the hack really difficult to trace.
According to what I read, it was a SQL injection, which means someone loaded malicious java code that is stored in the DB and is run server side, allowing the attackers access to the domaining website. Chances are they were either a, trying to load viruses via java applets while loading domaining.com OR stealing advertisements or redirections from right under Francois’s nose…
So sorry to hear this happen to Francois. I am just getting to know the guy and from all my dealings, he is truly an outstanding guy! Francois, if you care to send me the IP addresses in question, I wouldn’t mind checking to see if they’re nearby and what telecom provider they’re at. I know a few people at China Telecom…one of the upper managers ran me over in his Audi back in 2005, therefore, we made friends…kind of ironic in a way
There must be some solid reasons for VeriSign to seize and domain name. Do they provide information which included their rules and regulations required to follow by domain name owners?
“Verisign wants the power to “be able to enforce the “denial, cancellation or transfer of any registration” where a domain is deemed to be “abusive”.”
======
Clever, ICANN collects the $185,000 and spends it on insiders.
Then the TLD is viewed as competition for .COM (i.e. “abusive”)
Handy way to eliminate anyone that gets in the way of The.Big.Lie.Society
“To fight a VeriSign or the US Government for the return of a domain name…”
====
People may want to rethink “Who really owns your domain names?”
NOTE: With the coming Peer-2-Peer DNS there is no central authority.
It is interesting that Verisign would take the actions on the faulty aging legacy Client-Server DNS. There is some risk this will draw attention to the reality it will eventually be replaced. It seems doubtful Verisign would be a leader in the replacement platform.
There are some clues which makes verisign to seize. keep on sharing your awesome resources.