[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [atlarge-discuss] Re: [nc-transfer] Re: [ncdnhc-discuss] WLSproposal

Micheal - - I owe the group my apologies -

I actually just got my first piece of SPAM email that I can clearly identify
as being from someone's illegal harvesting of WHOIS data. What is also
interesting is that BANKONE sent me a US Mail advertisement and mailed to
the street address of the "Whois" domain address I just got the SPAM sent
to. Since there are no other references to this entity anywhere on this
planet that I know of there is only one possible place the data came from.
WHOIS.

Todd

----- Original Message -----
From: "Micheal Sherrill" <micheal@beethoven.com>
To: "Jeff Williams" <jwkckid1@ix.netcom.com>
Cc: "Barbara Simons" <simons@acm.org>; "atlarge discuss list"
<atlarge-discuss@lists.fitug.de>; "Nancy J. Victory"
<nvictory@ntia.doc.gov>; "Karen Rose" <krose@ntia.doc.gov>; "gen full"
<ga-full@dnso.org>
Sent: Wednesday, June 19, 2002 10:44 PM
Subject: Re: [atlarge-discuss] Re: [nc-transfer] Re: [ncdnhc-discuss]
WLSproposal


> Hello Jeff:
>
> You need to slow down a bit.  I took my time to carefully answer your
retorts from yesterday.  You obviously charged through my email and in a
flurry, typed out the first things that came into your head.  You are
arguing for arguments sake and I shall no longer continue this thread.  Case
in point, you went to http://www.ss.ca.gov/elections/elections_k.htm  but
did not look at the voter registration forms as I suggested.  I will not
converse with an impetuous person.  They always drag me down to their level
and beat me up with experience.
>
> Regards,
>
>
> Micheal Sherrill
>
>
> ---------- Original Message ----------------------------------
> From: Jeff Williams <jwkckid1@ix.netcom.com>
> Date:  Thu, 20 Jun 2002 00:36:16 -0700
>
> Michael and all assembly members, stakeholders or interested parties,
>
> Micheal Sherrill wrote:
>
> > Hello Jeff:
> >
> > I have replied to your answers below.  In order to keep things somewhat
less confusing my first comments to Barbara are MS1, your response is JW,
and my reply is MS2.
> >
> > MS1.  The Whois database is not a rich resource for SPAMers.
> >
> > JW.  And where and how do you come to this questionable conclusion when
> > a number of already self admitted spammers openly state that they
> > frequently use the Whois database for gathering E-Mail addresses
> > for marketing purposes?
> >
> > MS2.  What are the SPAMers marketing and to whom?
>
>   What would be whatever that UCE spamer has in mind or been contracted
> to hawk to (Whom) that particular set of E-Mail addresses that he/she/it
may have.
>
> > The only email address I get from Whois is usually the sysadmin.
>
>   Well than you don't do many or haven't done too many Whois lookups...
>
> >  I cannot imagine SPAMers trying to sell something to sysadmins.  Kind
of like a crook trying to fence bullets to a cop.
> >
> > MS1.  I would think that most SPAMers get email addresses from online
discussions (just like this one) or postings to Web sites.
> >
> > JW.  Indeed this is yet another source.  However it is not near a good
or easily
> > gleanable source(s) for E-Mail addresses for UCE Spam purposes..
> >
> > MS2.  I disagree, Jeff.  This would be the obvious choice.  Recent email
and new postings means a warm body at the other end.
>
>   So does many new Domain Name registrations, of which there are thousands
> per day...  With Crons or certain types of scripts, many of which I am
very
> familiar with, going against the Whois Database makes the Whois database
> the easiest by which to gather these E-Mail addresses and eliminate the
> obvious E-Mail addresses that begin with "Admin@" to compile a flat file
> of very fresh warm bodies by which a UCE Spamer can than use at his
> or her content...
>
> >
> >
> > MS1.  Why the reluctance to provide your home address for a domain name?
> >
> > JW.  Barbara answered that question already in her comments below.  Did
> > you not read her response in it entirety?
> >
> > MS2.  Jeff, this was a rhetorical question as a lead in for the rest of
my comment below.  Do not be so snippy.
>
>   Sorry that I seemed so snippy Michael.  I t was not my intent, but was
instead
> a rhetorical response to your rhetorical question as well as puzzled to a
degree
> because Barbara did previously answer that in here previous response to
which
> you were yet again asking yet another question about...
>
> >
> >
> > MS1.  You have already done so for your telephone, TV cable connection,
bank account, driver?s license, mortgage (which is public information at the
County Recorder?s office), charge cards, newspaper delivery, and to register
your children for school.
> >
> > JW.  No "I" haven't, and I doubt, but do not know if Barbara has.  To my
knowledge,
> > and at least in both California, Texas, and 14 other states in the US,
for a drivers
> > license no physical address is necessary or required.  For a mortgage,
as
> > lending laws also do not require you to provide your physical address
under
> > the fir lending act.  In addition most schools, even private schools do
not
> > require, and in most US states cannot require you to provide a physical
address
> > to register your children in that school.   I also have two credit cards
that
> > do not list or have my physical address home address in any fashion
> > as well.  Hence, Michael, as we have gone over before on this very
> > At-Large forum a few weeks back now, your contention here in response
> > to Barbara does not ring quite accurate...
> >
> > MS2.  Your statement is only correct about one thing, Jeff.  We did,
indeed, have a similar discussion a few weeks ago.  But you were wrong then
and you are still wrong now.  The State of California absolutely requires a
physical address in order to vote.  It also requires a mailing address if it
is different from the physical address.   Go to
http://www.ss.ca.gov/elections/elections_k.htm and see for yourself.
>
>   I did. And I would suggest that you read it yourself more closely.  For
> instance here is a snippet from the above URL reference YOU provided:
>
> Register to Vote!
>                       Deadline for March 5, 2002 Primary is February 19,
2002
>
>                       You may register to vote if you meet the following
criteria:
>
>                      You are a United States citizen
>                      You are a resident of California
>                      You are at least 18 years of age (or will be by the
date of the next election)
>                      You are not in prison or on parole for conviction of
a felony
>                      You have not been judged by a court to be mentally
incompetent to register
>                      and vote
> ==================  End of snippet =================
>
> So Michael, there is nothing or no language that states that a persons
> personal private physical address is required for proof of residency in
> the state of California.  And therefore Michael, it is not necessary
> for any California resident to provide such specific information in order
to
> vote...  Ergo, your contention is incorrect in accordance with your
> stated URL reference.
>
>
> >  Both the downloadable hard copy and the online registration form
require them.  And I do not know what you mean by ?fir lending act?
regarding mortgages.  I was not referring to loans for purchasing trees ;)
I was talking about a house.  If you buy a house in California, Jeff, the
physical address of that house is recorded in the Office of the County
Recorder and your name is placed in the same public document.  In addition,
all children attending California public schools must register with a
physical address in order to be placed in the corresponding school district.
No
> > physical address, no placement in school.  I am not too sure where you
get your information but I have lived in California for many years, vote,
own a home, and send a child to school.  It all takes a physical address to
do any of the aforementioned actions.
> >
> > MS1.  You are easily found, Barbara, already.  For approximately $25 I
can get an enormous amount of information about you from any credit
reporting agency such as Experian or Equifax.
> >
> > JW.  Go ahead and try to do that.  If I or Barbara, in this case find
out that
> > you have made such an attempt, we could file a court action of invasion
> > of privacy.
> >
> > MS2.  No, you cannot, Jeff.  It is leased information.  When you signed
up to receive various utilities and services (such as electricity, natural
gas, heating oil, water, sewer, garbage collection), applied for revolving
accounts at department stores, or a myriad of charge cards, even local
telecom, cable, and satellite dish providers, you also signed off on their
intention to report your payment history to a credit bureau.
>
>   For a credit card yes a report to the credit bureau's such as equifax is
> required and done regularly.  But that information is NOT available to the
> Public or just anyone to get, not even other credit extending
organizations
> without your expressed written permission, or signing the Opt-out for
> public disclosure.  Hence yet again Michael, your arguing yourself in a
circle.
>
> > If I am a member of that credit bureau I can get your credit report.
>
>   Go ahead a try doing that.  Post it here as let see what you get.  I bet
> you either will not get accurate or my specific credit information, or
> you cannot get it at all...
>
> >
> >
> > MS1.  For a few dollars more I could go to http://www.lexis-nexis.com
and found more stuff than I, perhaps, want to know about you.
> >
> > JW.  Again go ahead and try that Michael, and you will likely find
yourself in some
> > very hot water.  Lexis-Nexis, of which I am a member, has been sued
> > successfully for releasing opt-out credit information without the
expressed
> > written consent of the individual which that information was requested
> > a number of times and forced to make restitution accordingly.  Check
> > Google on that for yourself for just the more recent cases...
> >
> > MS2.  Again, Jeff, it is leased information.  I do not know what you are
talking about concerning opt out.  The only opt out I find at
http://www.lexis-nexis.com regards their marketing information.
>
>   You need to look that opt-out requirement under the federal credit
protection
> act, Michael.  Perhaps you should seek some legal council that specializes
> in this area so that he/she can help you understand the law in this
regard.
> I will not take the time to point you in the right direction here, as that
> is not my responsibility nor in my purview as it relates to this thread,
> or this discussion/debate.  However, it is obviously in your best
interests
> before you get your self in some serious civil trouble that you may not
> be able to afford.
>
> >  But, in any case, you have strayed from my assertion.  Lexis-Nexis is a
company that collects information about people and one pays them money to
receive that data.
>
>   I know very well what Lexis-Nexis is.  I have been a member for a number
> of years.  Hence, repeating this  here is an exercise in wasting band
width
> at this juncture.  And as you should have by now taken my previous
suggestion
> to look up the huge number of case law to which Lexis Nexis has been found
> guilty of for giving out individuals credit information without the
permission of
> the individual to which that credit information belongs to or had not
singed
> an opt-out.
>
> >  Whether or not they have been sued in the past for improper business
practices is not the point.  They are still open for business selling that
information.  Which I can purchase legally.
>
>   Yes, you can purchase some legally, true enough, which is why Lexis
Nexis
> is a good source for such information and is in business.  But you cannot
> get anyone's credit information rom Lexis Nexis.  Mine for instance.
>
> >
> >
> > MS1.  You point to one child?s URL and state that obviously there are
quite a few out there.  I do not think so.  I find a lot of children?s Web
sites that are commercial but, after using several search engines, could not
find another private one.  I am sure there are others but not quite a few.
In any case, I would not feel comfortable purchasing a URL for my child?s
personal use.  There are already other methods to get him online without a
Whois of his home address.
> >
> >  JW.  Ok than, why are you advocating and clearly inaccurately stating
that there
> > should be no problem with providing a persons home physical address?
> >
> > MS2.  Jeff, I did not state that there would not be a problem providing
a physical address.  Please reread my sentence above.  Regarding children
there are other means to providing a URL.
>
>   ANd I was not referring to JUST children either Michael.  I also
understood
> that you were.  Wheater of not the registrant is a child or not is only
one of
> several dangers with being required as the House Bill would seem to
> require, to provide a physical personal address and Phone Number,
> but stalking, of adults, such as single women most especially
> is also a severe danger, or the use of such information for terrorists
> that use the internet especially the Whois database to glean such specific
> information for nefarious and harmful use.
>
> >
> >
> > MS1.  Stalkers are not nice, I agree.  However, most do not use the
Whois nor the Department of Motor Vehicles to find children.
>
>   Stalkers do not only stalk children, in fact according the the FBI, most
> stalkers stalk adult women.
>
> >
> >
> > JW.  Agreed.  But more and more according the the FBI NIPC are doing
so...
> > Hence the very real concern.
> >
> > MS2.  Are you referring to CyberNotes?  If so, I would much appreciate a
pointer to that publication.
>
>   No I am not.  I am referring to one of several FBI reports to which I am
on
> their mailing lists that send me that information monthly.
>
> >
> >
> > MS1.  They follow them home from school.  So, should we stop stalkers by
closing the schools?  Again, if parents are concerned about privacy they sho
uld go through a Web host.
> >
> >  JW.  Some Web Hosts do a fairly good job, but many more do not.
Earthlink
> > for instance does a fairly good job.  However Verisign does not.  In any
> > event this part of your argument does not logically follow and therefore
> > is not germane to your conclusion...
> >
> > MS2.  Jeff, I think you must be getting tired at this point.  Your last
sentence is more for dramatic impact and less for making sense.
>
>   Looks at the subject line and you can intuitively understand the reason
for me
> using that sentence, Michael.
>
> >
> >
> > MS1.  Relating some isolated and rare instances of information abuse is
a scare tactic and is not necessarily relevant to the topic.
> >
> > JW.   If they were just rare instances, this would of course be an
accurate
> > evaluation of statement.  Unfortunately they are no longer rare, and
> > are on the increase.
> >
> > MS2.  Show me the data.
>
>   I don't have to.  You can look it up for yourself.  The FBI in your own
area will
> be happy to provide those reports for you..
>
> > They may be on the increase but I contend they are still rare.  Of all
the email transmitted in a day I would predict that less than a thousandth
of a per cent (<0.001) is used to stalk people.
>
>   Predictions are of course nice, but they are still just that,
predictions.
>
> >  Which means that 99.999% of all email is NOT used to stalk.  Because of
that rare instance we should not have a Whois?
>
>   No, it means that YOUR prediction would indicate this.  I would strongly
> disagree.
>
> >
> >
> > MS1.  For instance, just a few months ago a handful of men abused the
freedom of our skies by flying some airliners into some buildings.  Does
that make jet planes the culprit?
> >
> > JW.  No, it makes the lack of adequate security a culprit, of course.
Hence
> > Barbaras argument that listing someone Home physical address in the
> > Whois database in order to register a Domain Name and the present
> > legislation considering not doing so a felony is in effect using a
facility,
> > such a Whois as a tool for terrorists, stalkers, and Spammers
> > much easier...
> >
> > MS2.  The Whois is a tool for terrorists?  Come on, Jeff.  The Al-Quida
have purportedly used the Internet for communications.
>
>   And for gathering information, according to CNN, the Department of
Defense,
> and the FBI in recent weeks in senate and house hearings.
>
> >  Should we shut the whole system down, too?
>
>   Of course not.  But than what does this have to do with the House bill
> being pushed by the the IP lobbyist in Wash. D.C. to make it a felony
> NOT to provide your personal physical home address when registering
> a Domain Name?  I would gander a guess the answer is NOTHING
> AT ALL...
>
> >  And they also used cell phones and ATM machines.  And automobiles.
Where will it end?
>
> It may never end...  But again Michael, what does this have to do with the
House bill
> being pushed by the the IP lobbyist in Wash. D.C. to make it a felony
> NOT to provide your personal physical home address when registering
> a Domain Name?  Again I would have to answer, NOTHING AT ALL...
>
> >
> >
> > Regards,
> >
> > Micheal Sherrill
> >
> > ---------- Original Message ----------------------------------
> > From: Jeff Williams <jwkckid1@ix.netcom.com>
> > Date:  Tue, 18 Jun 2002 20:11:19 -0700
> >
> > Michael and all stakeholders of interested parties,
> >
> > Micheal Sherrill wrote:
> >
> > > Whew.  There is a lot of pretzel logic and skewed information in your
response below.  I will attempt to answer each argument in order.
> > > 1.  The Whois database is not a rich resource for SPAMers.
> >
> >   And where and how do you come to this questionable conclusion when
> > a number of already self admitted spammers openly state that they
> > frequently use the Whois database for gathering E-Mail addresses
> > for marketing purposes?
> >
> > > I would think that most SPAMers get email addresses from online discus
sions (just like this one) or postings to Web sites.
> >
> >   Indeed this is yet another source.  However it is not near a good or
easily
> > gleanable source(s) for E-Mail addresses for UCE Spam purposes..
> >
> > >
> > > 2.  Why the reluctance to provide your home address for a domain name?
> >
> >   Barbara answered that question already in her comments below.  Did
> > you not read her response in it entirety?
> >
> > > You have already done so for your telephone, TV cable connection, bank
account, driver?s license, mortgage (which is public information at the
County Recorder?s office), charge cards, newspaper delivery, and to register
your children for school.
> >
> >   No "I" haven't, and I doubt, but do not know if Barbara has.  To my
knowledge,
> > and at least in both California, Texas, and 14 other states in the US,
for a drivers
> > license no physical address is necessary or required.  For a mortgage,
as
> > lending laws also do not require you to provide your physical address
under
> > the fir lending act.  In addition most schools, even private schools do
not
> > require, and in most US states cannot require you to provide a physical
address
> > to register your children in that school.   I also have two credit cards
that
> > do not list or have my physical address home address in any fashion
> > as well.  Hence, Michael, as we have gone over before on this very
> > At-Large forum a few weeks back now, your contention here in response
> > to Barbara does not ring quite accurate...
> >
> > > You are easily found, Barbara, already.  For approximately $25 I can
get an enormous amount of information about you from any credit reporting
agency such as Experian or Equifax.
> >
> >   Go ahead and try to do that.  If I or Barbara, in this case find out
that
> > you have made such an attempt, we could file a court action of invasion
> > of privacy.
> >
> > >  For a few dollars more I could go to http://www.lexis-nexis.com and
found more stuff than I, perhaps, want to know about you.
> >
> >   Again go ahead and try that Michael, and you will likely find yourself
in some
> > very hot water.  Lexis-Nexis, of which I am a member, has been sued
> > successfully for releasing opt-out credit information without the
expressed
> > written consent of the individual which that information was requested
> > a number of times and forced to make restitution accordingly.  Check
> > Google on that for yourself for just the more recent cases...
> >
> > >
> > > 3.  You point to one child?s URL and state that obviously there are
quite a few out there.  I do not think so.  I find a lot of children?s Web
sites that are commercial but, after using several search engines, could not
find another private one.  I am sure there are others but not quite a few.
In any case, I would not feel comfortable purchasing a URL for my child?s
personal use.  There are already other methods to get him online without a
Whois of his home address.
> >
> >   Ok than, why are you advocating and clearly inaccurately stating that
there
> > should be no problem with providing a persons home physical address?
> >
> > >
> > > 4.  Stalkers are not nice, I agree.  However, most do not use the
Whois nor the Department of Motor Vehicles to find children.
> >
> >   Agreed.  But more and more according the the FBI NIPC are doing so...
> > Hence the very real concern.
> >
> > >  They follow them home from school.  So, should we stop stalkers by
closing the schools?  Again, if parents are concerned about privacy they
should go through a Web host.
> >
> >   Some Web Hosts do a fairly good job, but many more do not.  Earthlink
> > for instance does a fairly good job.  However Verisign does not.  In any
> > event this part of your argument does not logically follow and therefore
> > is not germane to your conclusion...
> >
> > > Relating some isolated and rare instances of information abuse is a
scare tactic and is not necessarily relevant to the topic.
> >
> >   If they were just rare instances, this would of course be an accurate
> > evaluation of statement.  Unfortunately they are no longer rare, and
> > are on the increase.
> >
> > >  For instance, just a few months ago a handful of men abused the
freedom of our skies by flying some airliners into some buildings.  Does
that make jet planes the culprit?
> >
> >   No, it makes the lack of adequate security a culprit, of course.
Hence
> > Barbaras argument that listing someones Home physical address in the
> > Whois database in order to register a Domain Name and the present
> > legislation considering not doing so a felony is in effect using a
facility,
> > such a Whois as a tool for terrorists, stalkers, and Spammers
> > much easier...
> >
> > >  Should we shut down the airlines because of this abuse?
> > > 5.  How do you equate free speech with Whois?  Your logic gets very
fuzzy at the last.  Clark Kerr was maligned by the FBI and by Ronald Regan
while he was California?s governor.  In fact, it was precisely the fight for
openness called the Freedom of Information Act that brought the files to the
light of day.  If people want to talk about the abuses of government they
should do so out in the open to make it as available to as many people as
possible.  Just as much as we demand that the government be open.  It
reduces abuse.  If you want to hide yourself, do your protesting via a
remailer.  But, I would bet that less people will pay attention.
> > >
>
> Regards,
>
> --
> Jeffrey A. Williams
> Spokesman for INEGroup - (Over 124k members/stakeholders strong!)
> CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
> Information Network Eng. Group. INEG. INC.
> E-Mail jwkckid1@ix.netcom.com
> Contact Number:  972-244-3801 or 214-244-4827
> Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
> For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
> For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de
>


---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de