[registration-issues-wg] New Zealand's .Nz namespace gets preliminary injuction against DomainTools - Domain Name Wire | Domain Name News & Website Stuff

Derek Smythe derek at aa419.org
Thu Sep 13 20:38:17 UTC 2018

I already showed why Roberto's analogy is not appropriate. Banks can't
self-blind (fact) like registrars do, in fact they can and do get
penalized if they try it.

Is law enforcement consumer protection, or mitigation?
How does that protect consumer rights?

Already the most mature law enforcement systems have admitted they
simply do not have the capacity to deal with all the cyber abuse; USA,
UK, EU. Other countries have from less sophisticated law enforcement
systems to virtually no law enforcement when it comes to cyber
capacity. Jurisdictional issues in a global system can take more than
a year to address if they choose to engage.

So how does it help consumers if certain registrars adopts an
anything-goes attitude, dumping even more responsibility on law
enforcement? Is this not a recipe for disaster at consumer level?

Derek Smythe
Artists Against 419

On 2018/09/13 22:11, Michele Neylon - Blacknight wrote:
> Roberto’s example is a nice one 
> Law enforcement access to data in a legally compliant fashion
> Mr Michele Neylon
> https://www.blacknight.com/
> https://michele.blog
> Intl. +353 (0)59 9183072
> Sent from mobile so usual disclaimers about typos etc apply
> On 13 Sep 2018, at 21:00, Derek Smythe <derek at aa419.org
> <mailto:derek at aa419.org>> wrote:
>> But then again there is an obligation for banks to know their clients
>> (KYC) and ensure accurate details of the client is obtained
>> (Ironically also mentioned in the GDPR). International anti-money
>> laundering policies exists in a system that seeks to regulate
>> illegitimate abuse of the banking system. This system is even
>> supported by countries where we see zero real cyber consumer
>> protection policy. The system does not seek to protect it's own to the
>> detriment of all other, instead we see massive fines.
>> So trying to compare ICANN to the Financial Action Task Force, Banks
>> to Registrars, and registrants to bank clients is not even remotely
>> appropriate.
>> But it would be. Then we'd have less "Inno Cent" registrants (PA
>> registrant name which is an alias for "Bar Clay" in a case Compliance
>> self blinded to, now at Complaints).
>> Incidentally, in the abuse we fight, linked to domain abuse, much
>> money laundering info goes into the Financial Action Task Force system
>> - enough said.
>> Derek Smythe
>> Artists Against 419
>> http://www.aa419.org
>> On 2018/09/13 21:29, Roberto Gaetano wrote:
>>> Hi all.
>>> The ability to search bank accounts would allow finding answers to
>>> the following questions:
>>> - is the bank account holder real or is somebody hiding behind a
>>> false identity or a third party (let’s call it “proxy” for short)?
>>> - is the bank account used for illegal transactions?
>>> And once understood that the “real" bank account holder is hiding
>>> behind proxies it allows answering the following question:
>>> - does he/she/it own other bank accounts hiding behind other proxies?
>>> - is there a network of proxies covering a centrally managed
>>> criminal activity?
>>> Public information about all bank accounts will allow
>>> self-appointed vigilantes to detect a lot of frauds and criminal
>>> networks!
>>> Have a nice weekend,
>>> Roberto
>>> PS: this is not a made-up case, this is the way the anti-mafia
>>> police in Italy proceeds to discover mafia networks. The difference
>>> is that nobody screams hell to have bank account information public.
>>>> On 13.09.2018, at 23:56, Derek Smythe <derek at aa419.org
>>>> <mailto:derek at aa419.org>> wrote:
>>>> The ability to search for a registrant and find answers to the
>>>> questions:
>>>> - Is this a proxy?
>>>> - Is the website hacked?
>>>> ... and once understood to be a malicious registrant, answers the
>>>> question:
>>>> - which other malicious domains might the malicious registrant have
>>>> registered?
>>>> Example: atsprojects.co.za <http://atsprojects.co.za> in this
>>>> case. From there into a mess of
>>>> similar long ongoing fraud, much published about.
>>>> It allows us to join the dots and turn a fraud incident into consumer
>>>> protection.
>>>> It also avoids situations where the abuse report goes to a domain
>>>> reseller facilitating. Example
>>>> https://www.justice.gov/opa/pr/latvian-national-sentenced-prison-scareware-hacking-scheme-targeted-minneapolis-star-tribune
>>>> This is well worth a read, it simply illustrates one of many "insider
>>>> threats" in DNS which is ignored. Never a word was said about Heihachi
>>>> despite me asking it be used for a case study. Opportunities lost.
>>>> Derek Smythe
>>>> Artists Against 419
>>>> http://www.aa419.org
>>>> On 2018/09/13 20:30, Michele Neylon - Blacknight wrote:
>>>>> Derek
>>>>> Sorry but what on earth has that got to do with Domain Tools
>>>>> making a shadow copy of the registry's whois?
>>>>> Regards
>>>>> Michele
>>>>> --
>>>>> Mr Michele Neylon
>>>>> Blacknight Solutions
>>>>> Hosting, Colocation & Domains
>>>>> https://www.blacknight.com
>>>>> https://blacknight.blog /
>>>>> http://ceo.hosting/
>>>>> Intl. +353 (0) 59  9183072
>>>>> Direct Dial: +353 (0)59 9183090
>>>>> -------------------------------
>>>>> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business
>>>>> Park,Sleaty
>>>>> Road,Graiguecullen,Carlow, R93 X265
>>>>> ,Ireland  Company No.: 370845
>>>>> On 13/09/2018, 18:17, "registration-issues-wg on behalf of Derek
>>>>> Smythe" <registration-issues-wg-bounces at atlarge-lists.icann.org
>>>>> <mailto:registration-issues-wg-bounces at atlarge-lists.icann.org>
>>>>> on behalf of derek at aa419.org <mailto:derek at aa419.org>> wrote:
>>>>>   There are always two sides to a story with the truth somewhere in
>>>>>   between.
>>>>>   The irony: In a recent fraud case domain grandlin.co.nz
>>>>> <http://grandlin.co.nz> was registered
>>>>>   via a German registrar with fake registration data, belonging to a
>>>>>   real NZ business (in the motor trade). Then content was stolen
>>>>> from a
>>>>>   Greek manufacturer of boots to create a fake NZ business. In turn
>>>>>   another domain was registered to spoof the Army. The fake army
>>>>> domain
>>>>>   then sent out tender requests to businesses. Take a guess what
>>>>> - all
>>>>>   of them won the tender. Once the companies had prepaid for the
>>>>> orders
>>>>>   ... then nothing.
>>>>>   In at least one case reported to law enforcement (the typical
>>>>> panacea
>>>>>   for domain abuse) a woman not only lost her business leaving
>>>>> her deep
>>>>>   in debt, but with all her personal details supplied to
>>>>> criminals, also
>>>>>   forcing her to lay off staff.
>>>>>   Sad fact: there will never be justice or restitution for her or her
>>>>>   employees. At least seven other small business are known about that
>>>>>   came to collect their orders at a fake address of a business not
>>>>>   involved (also in the motor trade).
>>>>>   This is also not the only .co.nz <http://co.nz> domain we are
>>>>> aware of begin abused
>>>>>   similarly.
>>>>>   That is why, when I see these cases and knowing what is REALLY
>>>>>   happening, when privacy is touted in an unbalanced way, I get sick:
>>>>>   Club registrant/registrar/ICANN trumps law and order, also
>>>>> human rights.
>>>>>   Derek Smythe
>>>>>   Artists Against 419
>>>>>   http://www.aa419.org
>>>>>   On 2018/09/13 13:31, Carlton Samuels wrote:
>>>>>> https://domainnamewire.com/2018/09/12/new-zealands-nz-namespace-gets-preliminary-injuction-against-domaintools/
>>>>>> _______________________________________________
>>>>>> registration-issues-wg mailing list
>>>>>> registration-issues-wg at atlarge-lists.icann.org
>>>>>> <mailto:registration-issues-wg at atlarge-lists.icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/registration-issues-wg
>>>>>   _______________________________________________
>>>>>   registration-issues-wg mailing list
>>>>>   registration-issues-wg at atlarge-lists.icann.org
>>>>> <mailto:registration-issues-wg at atlarge-lists.icann.org>
>>>>>   https://mm.icann.org/mailman/listinfo/registration-issues-wg
>>>> _______________________________________________
>>>> registration-issues-wg mailing list
>>>> registration-issues-wg at atlarge-lists.icann.org
>>>> <mailto:registration-issues-wg at atlarge-lists.icann.org>
>>>> https://mm.icann.org/mailman/listinfo/registration-issues-wg

More information about the registration-issues-wg mailing list