[NA-Discuss] Policy Failure Enables Mass Malware: Part II(ICANN and OnlineNIC)

Garth Bruen at KnujOn gbruen at knujon.com
Thu Sep 30 14:12:27 UTC 2010


Update to the update: SECURETABS[DOT]NET replaced with
SECURETABS[DOT]ORG, still at OnlineNIC!



> -------- Original Message --------
> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part
> II(ICANN and OnlineNIC)
> From: <gbruen at knujon.com>
> Date: Thu, September 30, 2010 8:12 am
> To: <na-discuss at atlarge-lists.icann.org>
> 
> 
> SECURETABS[DOT]NET is now finally offline after 74 days, but there are still 
> three other malware-redirected domains in this scheme: GENERICTAB.COM 
> (TUCOWS), CHEAPDRUGSNORX.COM (OnlineNIC), BESTGENERICPHARMA.COM (DIRECTNIC). 
> The domain that controls the rotation of these sites: PHARM-TRACKER.COM is 
> also sponsored by OnLineNIC. All described in the full report: 
> http://www.knujon.com/WDPRS_failures_malware_intrusion_securetabsDOTnet_Knujon_september10.pdf
> 
> --------------------------------------------------
> From: <gbruen at knujon.com>
> Sent: Wednesday, September 29, 2010 7:21 PM
> To: "Michele Neylon :: Blacknight" <michele at blacknight.ie>
> Cc: <na-discuss at atlarge-lists.icann.org>
> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part II(ICANN 
> and OnlineNIC)
> 
> > Michele,
> >
> > I've made it quite clear. The unlicensed pharmacy domain promoted through
> > thousands of hacked websites has false WHOIS which they failed to correct
> > within the stipulated time. The sponsoring Registrar failed to investigate
> > and suspend the domain within the stipulated time. ICANN failed to address
> > the original complaint against the domain with the Registrar and 
> > completely
> > botched the complaint against the Registrar.
> >
> > Would you still feel the same if it were your site that was hacked on 
> > behalf
> > of a non-compliant sponsored by a non-compliant Registrar?
> >
> > You'll see in our follow-up next week how a Registrar was actually the
> > VICTIM of such a scheme. Some might even say this was an "attack" from a
> > competing domain company.
> >
> > -Garth
> >
> > --------------------------------------------------
> > From: "Michele Neylon :: Blacknight" <michele at blacknight.ie>
> > Sent: Wednesday, September 29, 2010 4:43 PM
> > To: "Garth Bruen at KnujOn" <gbruen at knujon.com>
> > Cc: <wendy at seltzer.com>; <na-discuss at atlarge-lists.icann.org>
> > Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part II
> > (ICANN and OnlineNIC)
> >
> >> And what exactly are those roles?
> >>
> >> I know I may live to regret asking, but I would love to know.
> >>
> >> Or is this one of those "let's make it ICANN's problem since registrars
> >> are obviously evil"?
> >>
> >>
> >> Mr. Michele Neylon
> >> Blacknight
> >> http://Blacknight.tel
> >>
> >> Via iPhone so excuse typos and brevity
> >>
> >> On 29 Sep 2010, at 22:34, "Garth Bruen at KnujOn" <gbruen at knujon.com>
> >> wrote:
> >>
> >>> That's kind of a leap in logic, we're talking about specific icann roles
> >>>
> >>>
> >>>> -------- Original Message --------
> >>>> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part II
> >>>> (ICANN and OnlineNIC)
> >>>> From: Wendy Seltzer <wendy at seltzer.com>
> >>>> Date: Wed, September 29, 2010 4:26 pm
> >>>> To: Garth Bruen at KnujOn <gbruen at knujon.com>
> >>>> Cc: Evan Leibovitch <evan at telly.org>,
> >>>> na-discuss at atlarge-lists.icann.org
> >>>>
> >>>> And I suppose you'd support COICA, the US proposal to censor domain
> >>>> names "dedicated to infringing activity" too?
> >>>>
> >>>> I certainly would not want to see ICANN in here.
> >>>> <http://wendy.seltzer.org/blog/archives/2010/09/21/copyright-censorship-and-domain-name-blacklists-at-home-in-the-us.html>
> >>>>
> >>>> --Wendy
> >>>>
> >>>> On 09/29/2010 03:34 PM, Garth Bruen at KnujOn wrote:
> >>>>> I believe there is an ATRT meeting next month here in Boston, not sure
> >>>>> where yet, would be happy to participate.
> >>>>>
> >>>>>
> >>>>>
> >>>>>> -------- Original Message --------
> >>>>>> Subject: Re: [NA-Discuss] Policy Failure Enables Mass Malware: Part 
> >>>>>> II
> >>>>>> (ICANN and OnlineNIC)
> >>>>>> From: Evan Leibovitch <evan at telly.org>
> >>>>>> Date: Wed, September 29, 2010 3:22 pm
> >>>>>> To: Beau Brendler <beaubrendler at earthlink.net>
> >>>>>> Cc: Garth Bruen at KnujOn <gbruen at knujon.com>,
> >>>>>> na-discuss at atlarge-lists.icann.org
> >>>>>>
> >>>>>>
> >>>>>> On 29 September 2010 15:11, Beau Brendler
> >>>>>> <beaubrendler at earthlink.net>wrote:
> >>>>>>
> >>>>>>>
> >>>>>>> "ICANN’s vice president of government affairs for the Americas, 
> >>>>>>> Jamie
> >>>>>>> Hedlund, said the meeting was “outside the scope of our role as the
> >>>>>>> technical coordinator of the Internet’s unique identifiers.”
> >>>>>>>
> >>>>>>> How is enforcing the provisions of the RAA outside the scope of its
> >>>>>>> role?
> >>>>>>>
> >>>>>>>
> >>>>>> I smell another ATRT submission....
> >>>>>>
> >>>>>> This is worth escalating to the global At-Large lists, IMO.
> >>>>>>
> >>>>>> - Evan
> >>>>>
> >>>>>
> >>>>> ------
> >>>>> NA-Discuss mailing list
> >>>>> NA-Discuss at atlarge-lists.icann.org
> >>>>> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
> >>>>>
> >>>>> Visit the NARALO online at http://www.naralo.org
> >>>>> ------
> >>>>
> >>>>
> >>>> -- 
> >>>> Wendy Seltzer -- wendy at seltzer.org +1 914-374-0613
> >>>> Fellow, Princeton Center for Information Technology Policy
> >>>> Fellow, Berkman Center for Internet & Society at Harvard University
> >>>> http://cyber.law.harvard.edu/seltzer.html
> >>>> http://www.chillingeffects.org/
> >>>> https://www.torproject.org/
> >>>> http://www.freedom-to-tinker.com/
> >>> ------
> >>> NA-Discuss mailing list
> >>> NA-Discuss at atlarge-lists.icann.org
> >>> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
> >>>
> >>> Visit the NARALO online at http://www.naralo.org
> >>> ------
> >>
> > ------
> > NA-Discuss mailing list
> > NA-Discuss at atlarge-lists.icann.org
> > https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
> >
> > Visit the NARALO online at http://www.naralo.org
> > ------
> > 
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
> 
> Visit the NARALO online at http://www.naralo.org
> ------





More information about the NA-Discuss mailing list