funsec mailing list archives
Re: WHOIS Privacy Stalemate... Again
From: "Don Blumenthal" <dmblumenthal () gmail com>
Date: Fri, 24 Aug 2007 10:02:41 -0400
On 8/22/07, Andy Sutton <newslists () pessimists net> wrote:
All I really care about is that someone answers when I tell them about their box being naughty. I don't need to know their name, address, etc. for that. LEO with a warrant would get the non-shielded information from the registrar regardless, so that's not much of an argument one way or another.
I'm using this post to jump in after a couple of days' problems with my gmail account. Warrants/subpoenas/CIDs take time, which is at a premium in 'net investigations. As for bad info, the amount of nonsense in whois records is ridiculous and I wish that ICANN would do more to ensure that registrars acted on reports of bad info. However, the records may have legit information even for LE targets. Not all of them are "bad guys" in the common use of the word, and sometimes folks do things on the web that they don't think are illegal. In fact, the activities might not be illegal until a given agency stretches the definitions in its statutes. All of that is important because whois records may be the only easily available contact info. I'm finding a quickly increasing number of ecommerce sites that have absolutely no information except for something like "info@...." That's not helpful to LE, consumers (I can assure doubters that consumer self-help through use of whois is real), or anybody else who needs to address a problem. OK. I've superficially covered why accurate info is important for more than just LE and the fact that whois records may actually have usable data even when it comes to LE targets. Having said all that, I don't support eliminating the option for privacy/proxy systems. Home based businesses and political sites, to name a few, have real privacy concerns when it comes to information in whois records. PO boxes and other mail drop solutions may work in large cities, but their value as shields diminishes as populations decrease and, since we're talking about an international system, aren't always options at all. Banning sanctioned ways to hide info will only increase the amount of garbage in the databases. The current privacy mechanisms aren't good but I don't have a good solution. Proposals for commercial/non-commercial designations that would govern what has to be visible in whois have obvious problems. Tiered access has floated around for a long time and probably has the best possibilities, but presents its own set of issues and the development of proposed systems that I was following seems to have bogged down Don -- Don M. Blumenthal Technology, Law, and Policy dmblumenthal () gmail com www.donblumenthal.com 734-997-0764 202-431-0874 (c) _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: WHOIS Privacy Stalemate... Again, (continued)
- Re: WHOIS Privacy Stalemate... Again Brian Loe (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- Re: WHOIS Privacy Stalemate... Again der Mouse (Aug 22)
- Re: WHOIS Privacy Stalemate... Again John LaCour (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Andy Sutton (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Nick FitzGerald (Aug 22)
- Re: WHOIS Privacy Stalemate... Again David Jones (Aug 23)
- Re: WHOIS Privacy Stalemate... Again Nick FitzGerald (Aug 23)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- Re: WHOIS Privacy Stalemate... Again Brian Loe (Aug 22)
- Re: WHOIS Privacy Stalemate... Again Don Blumenthal (Aug 24)
- Re: WHOIS Privacy Stalemate... Again Valdis . Kletnieks (Aug 28)
- RE: WHOIS Privacy Stalemate... Again Larry Seltzer (Aug 22)
- RE: WHOIS Privacy Stalemate... Again Nick FitzGerald (Aug 22)
- Re: WHOIS Privacy Stalemate... Again der Mouse (Aug 22)
- Re: WHOIS Privacy Stalemate... Again Dude VanWinkle (Aug 23)
- Re: WHOIS Privacy Stalemate... Again der Mouse (Aug 22)