Intentional & Widespread Whois Errors - Some Specific Examples
Date: Monday May 13 2002, @06:44AM
Topic: USA Goverment Relations

Anonymous writes "In the context of this week's Congressional hearings on the accuracy of Whois data, I thought people might be interested in some specific examples of the problems at issue here. With that motivation, I've prepared a listing of 988 domains registered by a group calling themselves "NicGod Productions" and "Domains For Sale.""

NicGod is much like ordinary domain warehousers in that they seem to seek to sell their domains for a profit, and they're like Tina's Webcam in that they tend to register domains allowed to lapse by prior registrants. But they're quite different in that they don't register the domains in their own name; instead, they use a mixture of names and organizations including, for some 425 names, "Alan Ginsberg" (a deceased American poet). They also don't register the domains using their own street address; instead, they use a variety of addresses from as many as nine different countries, and they seem to use voicemail and fax-forwarding services to receive requests to purchase domains in their inventory.

I'm certainly not the first to notice NicGod's activities; they've been UDRP'ed at least 27 times, and the OECD wrote up a jarring report of their experience with these folks. But my recent work goes a notch further in that I've documented what I believe to be a substantial portion of NicGod's inventory -- including, for example, schools (armenianschools.com, californiastateuniversity.com), government sites (flintpolice.org, winthrop-police.com), and medical information (doctorjohn.com). For each domain, I've extracted data from archive.org, Alexa, Google, and Yahoo to speak to the domains' prior contents & uses as well as their popularity.

My results are available at:
http://cyber.law.harvard.edu/people/edelman/invalid-whois

Ben Edelman
Berkman Center for Internet & Society
Harvard Law School

This discussion has been archived. No new comments can be posted.
Intentional & Widespread Whois Errors - Some Specific Examples | Log in/Create an Account | Top | 11 comments | Search Discussion
Click this button to post a comment to this story
The options below will change how the comments display
Threshold:
Check box to change your default comment view
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
So, what to do about this?
by BenEdelman on Monday May 13 2002, @08:40AM (#6302)
User #3219 Info | http://cyber.law.harvard.edu/edelman
I'm sure the congressmen -- not to mention ICANN staff and the more respectable of registrars -- are anxious to fix this problem. In that context, what specific advise can we offer them?

ICANN's Registrar Advisory Concerning Whois Data Accuracy makes a few suggestions -- that registrars should require that registrants use basic validation methods on contact details at the time of registration; that registrars investigate inaccurate information after notification; that domains with invalid registration "should" be cancelled after 15 days of notice; that resellers should be bound by the same rules.

Is there more that ICANN and the regsitrars could or should do? For example, if a registrant has registered many domains with the same (or nearly the same) invalid address, should the others be canceled too (if the registrar attempts to contact the registrant and the registrant doesn't respond)? Or the registrar should have to receive a separate notification for each domain at issue?

Could there be some central list of "known offenders"? What risks would be entailed in the creation of such a list? What cost and complexity? What benefits?
[ Reply to This | Parent ]
  • 1 reply beneath your current threshold.
Re: Intentional & Widespread Whois Errors - Some S
by BenEdelman on Monday May 13 2002, @07:30AM (#6300)
User #3219 Info | http://cyber.law.harvard.edu/edelman
Yes, I'm told that Doctor John is a musician. (Had I known this when I drafted my report, perhaps I would have chosen a different example!) But the domain was indeed previously held by, as best I can tell, a genuine doctor. See archive.org listings for details.

My own music taste? Suffice it to say that I've actually never heard of Lawrence Welk.
[ Reply to This | Parent ]
Re: Intentional & Widespread Whois Errors - Some S
by fnord (groy2kNO@SPAMyahoo.com) on Monday May 13 2002, @02:17PM (#6308)
User #2810 Info
Very well said, I only have one quibble. In the olden days it was handy to have a public technical contact for a domain name. That long predates the IP lobby waking up to the internet. It also long predates the namespace including millions of entries, many of which could now individually or even collectively go down with no other network loss of functionality. Domain names once approximately corresponded to critical nodes, now they can and do point to home connections. It also long predates the 'public' coming to include scammers and spammers. The public WHOIS didn't scale for a number of reasons.

It's past time for a better WHOIS, and a thick 24/7 global public WHOIS (that must be accurate under penalty of losing the domain name, or even facing charges) will be better for the IP folks, scammers and spammers, worse for everyone else. I'd like to think the latter is still a clear majority. A private WHOIS is part of a better WHOIS for most. -g

[ Reply to This | Parent ]
  • 5 replies beneath your current threshold.




  • This article comes from ICANNWatch
    http://www.icannwatch.org/

    The URL for this story is:
    http://www.icannwatch.org/article.pl?sid=02/05/13/114456