This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Spam under protection. Believe it or not!
- Previous message (by thread): [anti-abuse-wg] Spam under protection. Believe it or not!
- Next message (by thread): [anti-abuse-wg] Spam under protection. Believe it or not!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Tue Sep 29 06:43:07 CEST 2015
In message <795BDB4E-C73E-4669-AF8E-644156449479 at virtualized.org>, ICANN (David Conrad <drc at virtualized.org>) wrote: >rfg wrote: >> The entirely predictable result is massive and ongoing >> fraud in WHOIS records... which ICANN works overtime to try to dismiss, >> cover-up, sweep under the rug, and to make extremely tedious and difficult >> to even report to them. > >This is, of course, also untrue. Which part? Unlike most people here, I actually read the ICANN CEO's published/public response to just one of Garth Bruen's several very detailed and well- documented reports which detailed ICANN's abject failure to apply any- thing that might be confused with disipline or enforcement to various provably bent registrars who were massively helping either spammers or criminals or both. The ICANN CEO's public response was all obfsucation and denial... it was all stuff like "Bruen got his facts wrong" or else "We already dealt with this". In short, it was all just an exercise in sweeping self-evident problems under the carpet. Not once did the ICANN CEO ever admit that ICANN wasn't doing the job of administering the Internet in every bit as immaculately perfect a way as Jesus Christ himself would have done. As regards to my second contention, quoted above, that ICANN has made the reporting of fradulent domain name WHOIS records exceptionally tedious and difficult ... so as to effectively discourage anybody serious from ever even trying to file such a report... I can attest from first-hand personal knowledge and experience that this is absolutely 100% true. In fact, I'll go further and say that the creation of unnecessary bureaucratic tedium and bullshit is something that the enforcement staff at ICANN has raised up to the level of an art form. Once upon a time, many years ago, I used to diligently report... via the ICANN reporting web form... all of the spammers domains that I came across which had blatantly fradulent information in the associated WHOIS records. But for various reasons, several years ago I began concentrating on so-called "snowshoe" spammers who routinely register dozens or hundreds or thousands of different domain names at a time. (This is not at all a new phenomenon. It has been going on for more than a decade now. I first noticed this spammer tactic myself way back in 2004.) Anyway, it was already bad enough that the exceptionally tedious ICANN WHOIS problem reporting form took longer to fill out, per domain, than it took for the spammer to (fradulently) register his domain. But then I also realized that any time I found a snowshoe spammer who had registered, say, 100 domains, all with fradulent WHOIS data, ICANN gave me no option other than to sit, for hour after hour, filling out their stupid and tedious WHOIS problem reporting form, over and over again, for each individual domain, one at a time. I asked about the possibility of making reports of groups of fradulent/ bogus WHOIS records in batches, and at first I could not even get the favor of even a reply from ICANN. (Obviously, they didn't even want to think about the issue.) Perhaps a year or more later on, I asked about this again. (I guess ICANN may have had some personel changes by that time... another issue that Garth Bruen has reported on, but not in a positive way.) So then I finally got a response, and the response was just that they (ICANN) were "thinking about" the idea of petrhaps accepting reports of batches of fradulent WHOIS reports. I asked multiple times about that and never got a straight answer. So basically, the answer slowly became clear to me... ICANN absolutely did not want to even be dealing with the whole issue of fradulent WHOIS records. (That was already self-evident from the fact that... as Bruen also documented... about half of the time even the reports that ICANN was already getting never resuled in any action on anybody's part whatsoever. The WHOIS data just stayed fradulent and ICANN quietly closed the cases.) So obviously, given that they (ICANN) didn't want to even deal with the fradulent WHOIS data issue AT ALL, the last thing they would want was to start accepting such reports IN BULK. So they hemmed and hawed and delayed and procrastinated. Eventually after a few years I heard tell that they (ICANN) finally had put something into place to allow JUST a few special pre-selected folks to report fradulent WHOIS records in bulk. But there were a LOT of qualifying requirements, or so I heard. You had to give them a blood sample and one of your kidneys before they would accept you into the exclusive club that was now allowed to report batches of fradulent WHOIS records. But even with that, I'm sure that they worked things out so that it would STILL be substantially more tedious and more time consuming for the person who was _reporting_ a fradulent batch of WHOIS records to them than it was for the original spammer to register that same entire batch of domains. Advantage: Spammer. But anyway, by this point in time I wasn't at all interested in partici- pating anymore in ICANN's little WHOIS policing charade. It was obvious to me... just as it was to Garth Bruen... that they (ICANN) were only going through the motions, and even then they were only doing even the minimum that they promised to do only some of the time. Many other times they would just close the cases. It was 100% clear that they just didn't really want to do any of this (WHOIS policing) and that they had only been dragged, kicking and screaming, into lifting a finger at all in this whole area. (Certainly, none of the registrars who pay their salaries wanted to have ICANN hasseling them about the lies told in the WHOIS records by their various criminal and spammer customers.) Also, ICANN did other things to try to disuade people from even filing WHOIS problem reports... I mean above and beyond just making the process as slow, tedious and time consuming as they thought they could get away with, and then also totally ignoring a large percentage of the reports that they ended up receiving anyway, even despite all of the obstacles that they (ICANN) has erected to try to disuade people from even filing them. Whereas ICANN... which is to say the registrars who pay for ICANN's existance... bend over backwards to make it easy for criminals to register domain names with completely fradulent and fictitious identifying information, they were... at least back in 2008... simultaneously INSISTING that anybody who filed a WHOIS problem MUST give them that reporter's true and correct name, e-mail address, etc.... all information which ICANN would then PASS ON to the relevant registrar. The domain registrar would often then, in turn, further pass on the name and e-mail address of the person who had ratted them out to their criminal and spammer customers. I'M NOT MAKING THIS UP! The idea that the spammers who one had just ratted out might turn around and mailbomb you, or DDoS you was not in the least bit far-fetched. In fact, quite the contrary. I'm pretty sure that it actually happened as a direct result of ICANN policies... policies which demanded total honesty from those public-spirited people who were kind enough to report fradulent WHOIS records to ICANN, even as ICANN itself (via its accredited registrars) were busy making sure that the system which allowed crooks and criminals to put any lies they wanted into their WHOIS records would not be materially changed, impacted or disturbed in any meaninful way... except maybe a little bit around the edges... to keep the critics quiet, and to prevent governments from getting involved. I was so outraged at the way that ICANN was setting up its own WHOIS problem reporters for DDoS attacks, that I decided to squawk, loudly, about it at the time... but only after ICANN refused to even acknowledge the problem (in private correspondance to me): http://krebsonsecurity.com/2011/03/whois-problem-reporting-system-to-gain-privacy-option/ As you can see, EVEN AFTER this particular bit of ICANN shit had hit the fan (i.e. made it to the press) ICANN still wouldn't even commit to a date by which they would fix the problem. Maybe they eventually did. I never went back to check. By this point in time I had had it, and I had finally and fully realized that ICANN... far from wanting to work to fix the problem... had been actively working and scheming, finding ways to thwart and/or deter anybody from the outside who might want to see WHOIS data become more accurate. That is actually not at all surprising, once one realizes who is actually paying their salaries and who is actually paying to keep the lights on at ICANN, i.e. the registrars, even the best of which are, at best, ambivalent about WHOIS accuracy. Others are knowingly making money from people who they know good and well are filling up the WHOIS data base with complete bullshit. Garth Bruen has seen it. I have seen it. Suresh has seen it. It is silly to try to deny this simple reality anymore. There are just too many witnesses. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] Spam under protection. Believe it or not!
- Next message (by thread): [anti-abuse-wg] Spam under protection. Believe it or not!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]