[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[atlarge-discuss] Re: [ga] Re: [atlarge-discuss] Re: [nc-transfer] Re: [ncdnhc-discuss] WLS proposal

I certainly emphasize with your concerns. However, sometimes we have a
tendency to go gunning for an isolated, but notorious, incident more
zealously, due to its notoriety or shock value.  Perhaps, sometimes we
gun for mosquitos with a double barrel shotgun, because we are closer
to the mosquito bite than anyone else.  That's understandable.

I don't profess to know the total answer, but I recognize the problem
from a larger scope, I think.

As long as there is fraud, spammers and other pests on the Internet,
the WhoIs information will continue to be a tool that ISP's use to
"attempt" to stop them. We use the WhoIs all the time to identify the
source of Spammers. We use the WhoIs to help verify credit card
charges and to prove that a business, which is applying for a Merchant
Account, is the legitimate registrant of the domain name represented
by the pages we print and "fax" to the potential acquiring Bank.

If WhoIs goes totally anonymous, I think the first folks to jump at
it will be the nefarious ones who use us and abuse us all the time.
They do their own brand of stalking by trying to relay mail off of our
servers, using fraudulent cards to sign up for our services and
attacking us with Ping floods and other methods of trying to bring our
network to its knees.

Personally, I have an unlisted telephone number at home and I pay the
telephone company extra for that.  My motivation is to not have sales
people or get rich quick screamers call me at home.  I already get
that at work.  On the flip side of that, our neighborhood has a
neighborhood watch program and our address and telephone number is
listed in that directory.

I don't know the total solution to the WhoIs information.  I do know
that from a business standpoint, making most information anonymous
will certainly help the bad guys.  John Gotti would have liked to have
been the anonymous Don rather than the Teflon Don.  Given the latter,
he would have enjoyed much better country club golf.

I don't know that there is a right or wrong answer to this debate.
We do, however, need to blend the practicality with the risk
management of it somehow.

Thanks,


Tuesday, June 18, 2002, 12:12:38 PM, Jeff Williams <jwkckid1@ix.netcom.com> wrote:
JW> Barbara all assembly members, stakeholders or interested parties,

JW>   INEGroup wholeheartedly and strongly agrees with Barbara's comments
JW> below.  Indeed it is not necessary for a registrants personal and private
JW> information such as home address and phone number to be listed in Whois
JW> data for their domain name.  In fact to do so is s severe security risk
JW> to that individual and a potential hindrance to law enforcement in this
JW> unfortunate age of cyber terrorism.  Law enforcement agencies, such
JW> as the FBI, CIA, NSA, or military intelligence do not need to be
JW> chasing false leads due to some prankster using Whois data to
JW> create false leads or false information fraudulently using someone's
JW> registration information of a Domain Name that would include
JW> their personal physical address or personal Phone Number.
JW> To make such information necessary as part of the registration
JW> of a Domain name is simply stupid and unnecessarily harmful, as
JW> well as partly counter productive..

JW> Barbara Simons wrote:

>> If you are opposed to spammers, then I would think that you would be really
>> upset with the whois database, which is a rich resource indeed for spammers.
>>
>> Information about where I live has nothing to do with openness or the lack
>> thereof.  I am quite happy to have my email address made available (but not
>> to spammers - I wish).  But surely you would not accuse me of a lack of
>> openness if I were to refuse to provide my home address to the world in
>> order to obtain my own domain name.  (It is entirely reasonable, by
>> contrast, to require that I provide an accurate technical contact).
>>
>> I have no idea how many children have their own domain names, but there are
>> obviously quite a few.  You might want to check out Chris Van Allen, whose
>> dad gave him the domain name pokey.org several years ago.  Chris became
>> somewhat famous when he was sent a cease and desist order by the Prema Toy
>> Co., the company that manufactures Gumby.  You can read about Chris'
>> adventures at www.pokey.org.
>>
>> To state the obvious, if a child has a website that has been purchased by
>> that child's parent, and if the parent is required to provide his or her
>> home address, most folks will be able to infer the address of the child.
>>
>> Many parents seem to believe that information about their children should
>> not be posted for anyone in the world to view.  Many adults feel the same
>> about their own information.
>>
>> You might have made a similar argument about drivers' license records being
>> held by the California Dept of Motor Vehicles.  That information was open,
>> and as a result a young women's home address was located by a stalker, and
>> she was murdered.  I have heard about a woman who was stalked based on her
>> whois information, but I'm afraid I can't give you a reference for that.
>> Maybe someone else on one of these lists can.
>>
>> As far as political speech goes, I'm sure you are aware of countries and
>> times during which criticism of one's government can be life threatening.
>> And you don't have to go outside the US to find multiple examples of abuses
>> and harassment of law abiding citizens by some law enforcement agencies.  If
>> you have not been following the most recent revelations about the FBI and
>> its obsession with UC Berkeley, the Free Speech Movement, and Clark Kerr,
>> the then President of the University of California, I shall be happy to
>> forward to you a very detailed set of articles published a couple of weeks
>> ago in the San Francisco Chronicle.  If the '60s are ancient history for
>> you, there are recent abuses by the LA Police Department, including the
>> framing of innocent people, that date back only a few years.  I can send you
>> some references for those as well.
>>
>> Openness does not mean that we must relinquish all notions of privacy if we
>> are to own a domain name.  Rather than forcing people to provide information
>> about where they are located, Congress should be requiring ICANN to
>> institute meaningful privacy protections on the whois database.  Maybe then
>> we could discuss whether or not the domain name owner's personal information
>> should be provided.
>>
>> Barbara
>>
>> P.S.  The early incarnation of the Internet, ARPANET, was about maintaining
>> communications after a devastating event such as the dropping of nuclear
>> weapons on the US.  It was *not* about openness, nor was it about commerce.
>> The openness that you and I both cherish came into being because of the
>> small clique of researchers and academics who were the original ARPANET
>> users.  I share your desire to maintain that openness and to prevent the
>> Internet from being regulated and restricted to the point that it becomes a
>> jazzed up Home Shopping Channel.  If the Internet is to continue to be the
>> open communications channel that it has become, then it is critical that
>> people have the ability to speak without fearing that everything they say
>> and do can be monitored.
>>
>> On 6/17/02 10:46 PM, "Micheal Sherrill" <micheal@beethoven.com> wrote:
>>
>> > Wait a minute.  I am all for protecting abused wives, children, and those
>> > seeking political asylum.  But, what does this have to do with the Whois
>> > function?  I agree that perhaps a felony conviction for a first time offense
>> > is harsh but please do not forget what this Internet was, and is all about,
>> > openness.  At this time this (openness) is being clogged by a proliferation of
>> > SPAMers that will, eventually, plug the pipe for any meaningful communication.
>> > If we do not have the means to track accurate information of those that seek
>> > to take advantage of all the resources that others fund how will we survive?
>> > Your arguments pluck at our heartstrings but they also try to pluck my
>> > pocketbook.  I mean, how many children have their own domain name?  And if
>> > they can afford it, why do they need to hide their identity?  It would seem to
>> > me that most children are trying to reach other children.  So why protect them
>> > from each other?  Besides, the children do not register the domain names,
>> > their parents usually do.  It has nothing to do with discovery.  Even more so,
>> > what Internet sites are dedicated to battered women that would somehow lead
>> > angry, misguided men to a safe house?  I do not think that any support group
>> > would purchase a domain name but would be smart enough and economical enough
>> > to go through a Web hosting company.  And what is even more perplexing is the
>> > reference to free speech.  Free speech is about openness.  We talk about
>> > things in the open!  So why the need for subterfuge?  If we have free speech
>> > on the Internet what makes sense about listing a false address for our cause?
>> > Anything else is already illegal, even via the USPS.  Plus, I have no idea
>> > what you are talking about in reference to trademark holders sending out cease
>> > and desist letters.  Overall, the logic of your complaint does not compute.
>> >
>> > Regards,
>> >
>> >
>> > Micheal Sherrill
>> >
>> >
>> > ---------- Original Message ----------------------------------
>> > From: Jeff Williams <jwkckid1@ix.netcom.com>
>> > Date:  Mon, 17 Jun 2002 19:55:34 -0700
>> >
>> > Barbara and all,
>> >
>> > We [INEGroup] agree with you here Barbara, and are in process of
>> > contacting the appropriate senate and House members that are
>> > involved in this rather arcane and misguided legislation being considered.
>> >
>> > I personally would suggest that anyone concerned about their personal
>> > safety, and privacy that are Domain Name holders do likewise without
>> > delay...
>> >
>> > Barbara Simons wrote:
>> >
>> >> I agree that accurate information should be provided for the technical
>> >> liaison.  What I'm saying is that a law that makes it a felony to provide
>> >> inaccurate information for the domain name holder creates major problems
>> >> regarding political speech, shelters for battered women, children who own
>> >> their own domain name, etc.  The whois database is an open invitation for
>> >> massive privacy invasion of domain name owners (as opposed to technical
>> >> contacts).  HR 4640 would make it a felony in the U.S., punishable by up to
>> >> 5 years in prison, to provide false address information for the owner of a
>> >> domain name.  This would be a boon to trademark holders who are eager to
>> >> send out large numbers of cease and desist letters, and a blow to people who
>> >> care about protecting our privacy.
>> >>
>> >> I didn't mean to start a discussion about HR 4640, though I hope that this
>> >> has helped to make our US based members aware of this misguided legislative
>> >> proposal.
>> >>
>> >> Regards,
>> >> Barbara

JW> Regards,

JW> --
JW> Jeffrey A. Williams
JW> Spokesman for INEGroup - (Over 124k members/stakeholders strong!)
JW> CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
JW> Information Network Eng. Group. INEG. INC.
JW> E-Mail jwkckid1@ix.netcom.com
JW> Contact Number:  972-244-3801 or 214-244-4827
JW> Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


JW> --
JW> This message was passed to you via the ga@dnso.org list.
JW> Send mail to majordomo@dnso.org to unsubscribe
JW> ("unsubscribe ga" in the body of the message).
JW> Archives at http://www.dnso.org/archives.html




----
Don Brown - Dallas, Texas USA     Internet Concepts, Inc.
donbrown_l@inetconcepts.net         http://www.inetconcepts.net
PGP Key ID: 04C99A55              (972) 788-2364  Fax: (972) 788-5049
Providing Internet Solutions Worldwide - An eDataWeb Affiliate
----


---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de