[gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)
allison nixon
elsakoo at gmail.com
Tue Oct 3 21:36:43 UTC 2017
Jeremy, here is a quote from your report on the EFF webpage:
>>We observed 16 separate top level domains used in this campaign. Using
historical whois data from Passive Total, we were able to discover that
some of the domains had been registered with the email address
amandalovers at mail[.]com. Several other domains, apparently not used in this
campaign, were also registered by amandalovers at mail[.]com1, many of which
followed a similar naming pattern to domains used for this campaign. Some
of the domains had previously shared servers with domains used in these
attacks, increasing our confidence that all of these domains are owned by
the same actor. We also discovered a group of domains which were located on
what appears to be a dedicated server with transferdomain[.]my, one of the
domains used by the attackers.
Shutting down WHOIS would have made this paragraph, and any subsequent
facts found due to these findings in your own report, impossible.
On Tue, Oct 3, 2017 at 5:28 PM, Jeremy Malcolm <jmalcolm at eff.org> wrote:
> On 3/10/17 2:15 pm, allison nixon wrote:
> > Whether or not the EFF agrees with the work of anti-abuse
> > professionals may be a point of debate (or may not, I don't know if
> > your org even likes the idea of anti-abuse or not), but if the EFF
> > believes this information has no utility for our purposes then that is
> > completely factually incorrect.
>
> Sure we like the idea, actually we ourselves also do this sort of work;
> see our current front page feature at eff.org headed "Phish for the
> Future", which (yes) includes some information gained through WHOIS. So
> we are not totally misinformed about this issue as your reply seems to
> assume. We just don't think that there should be any additional
> personal information about registrants made available through the RDS,
> even if it is limited to security researchers or anti-abuse specialists.
>
> --
> Jeremy Malcolm
> Senior Global Policy Analyst
> Electronic Frontier Foundation
> https://eff.org
> jmalcolm at eff.org
>
> Tel: 415.436.9333 ext 161
>
> :: Defending Your Rights in the Digital World ::
>
> Public key: https://www.eff.org/files/2016/11/27/key_jmalcolm.txt
> PGP fingerprint: 75D2 4C0D 35EA EA2F 8CA8 8F79 4911 EC4A EDDF 1122
>
>
>
--
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171003/90f337aa/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list