Domain: dantobias.com
Stories and comments across the archive that link to dantobias.com.
Stories · 4
-
New TLDs Loaded with Fraudulent Registrations
Dan Tobias and others wrote in about the disaster unfolding during the new registrations of .biz and .info domains. Both TLD's are - by mandate of ICANN - employing sunrise registrations where trademark holders can pre-register or reserve domain names that coincide with their trademarks. However, neither registry plans to check the validity of the asserted trademarks. Guess what? Most of the reservations in .info thus far appear to involve fictional trademark claims on highly generic words - I checked ten common words for trademark validity and was able to verify two and confirm that seven were completely invalid (.biz is doing things slightly differently, and will probably have fewer problems). The challenge process costs $300, so it's doubtful that most bogus registrations of non-trademarks will ever be challenged - register yours today, or just amuse yourself by checking common names. As usual, I should point out that if the root were run properly, allowing any TLD to be added, this squabbling over an artificially-limited resource would be eliminated. -
ICANN Sneaks In Reserved Names For Existing TLDs
dtobias writes: "In the ongoing and contentious debate over new Top Level Domains, one flamewar-provoking issue has been whether certain names ought to be reserved as second (or higher) level domains within new TLDs because there's something inherently (or at least potentially) abusive to their use. Entrenched interests of all sorts have proposed everything from famous trademarks to city, state, province, and country names to generic drug names for such exclusion, while people favoring a more free and open Internet have opposed all such exclusions in favor of the traditional First Come, First Served system." (Read on for more.)"But, under everybody's noses, ICANN has recently snuck in some name exclusions for the existing TLDs, com, net and org. This was hidden in the revised agreements between ICANN and Verisign. See this page in ICANN's site (this is from the com agreement, but similar provisions are in the other two).
Among things that are excluded from use as second level domains are all one and two letter names, all names that are the same as another TLD (both the existing ones and the group like museum that's planned for debut this year), and, most questionably, various names and acronyms relating to ICANN, IANA, and other Internet governing organizations, including aso, dnso, pso, ietf, and ripe. No other organizations in the world yet have the power to ban their names or acronyms from use in all TLDs (though many are clamoring for these powers), but ICANN and IANA have taken this right in a bald power grab, stopping the many other entities in the world whose initials happen to match these from having a right to try to obtain sensible domain names for themselves.
These exclusions apply only to new registrations, not renewals, so the many existing domain names that violate these exclusions will be allowed to continue so long as they don't lapse for nonpayment or get cancelled by a domain dispute panelist's decision.
I have more domain name information and commentary in my site."
-
ICANN Sneaks In Reserved Names For Existing TLDs
dtobias writes: "In the ongoing and contentious debate over new Top Level Domains, one flamewar-provoking issue has been whether certain names ought to be reserved as second (or higher) level domains within new TLDs because there's something inherently (or at least potentially) abusive to their use. Entrenched interests of all sorts have proposed everything from famous trademarks to city, state, province, and country names to generic drug names for such exclusion, while people favoring a more free and open Internet have opposed all such exclusions in favor of the traditional First Come, First Served system." (Read on for more.)"But, under everybody's noses, ICANN has recently snuck in some name exclusions for the existing TLDs, com, net and org. This was hidden in the revised agreements between ICANN and Verisign. See this page in ICANN's site (this is from the com agreement, but similar provisions are in the other two).
Among things that are excluded from use as second level domains are all one and two letter names, all names that are the same as another TLD (both the existing ones and the group like museum that's planned for debut this year), and, most questionably, various names and acronyms relating to ICANN, IANA, and other Internet governing organizations, including aso, dnso, pso, ietf, and ripe. No other organizations in the world yet have the power to ban their names or acronyms from use in all TLDs (though many are clamoring for these powers), but ICANN and IANA have taken this right in a bald power grab, stopping the many other entities in the world whose initials happen to match these from having a right to try to obtain sensible domain names for themselves.
These exclusions apply only to new registrations, not renewals, so the many existing domain names that violate these exclusions will be allowed to continue so long as they don't lapse for nonpayment or get cancelled by a domain dispute panelist's decision.
I have more domain name information and commentary in my site."
-
MAPS RBL Is Now Censorware (Updated)
HumpBackB wrote us about the lawsuit that ISP Media3 has filed against MAPS and its Realtime Blackhole List. The RBL, despite blocking only 2% of spam, is widely seen as an effective tool against mail abuse. I'm going to risk life and limb, and say that it has become, instead, just another censorware tool. Here's why.Media3 has had six of its ClassCs added to the RBL: one in June, and five in November. These 1500 IP numbers are now cut off entirely from the rest of the Internet for any Internet provider who subscribes to the RBL (more on this later).
But making these 1500 IP numbers vanish from the net -- which is exactly what happens for any provider who subscribes to the RBL -- does not stop any spam from getting through. They are not blocked because those servers are sending unsolicited email, or any kind of e-mail for that matter.
Media3's service agreement is more-or-less the same as all responsible, anti-spam providers:
"M3 does not permit the transmission of unsolicited e-mail... Subsequent violations will result in suspension and/or termination of the account without refund of service fees..."
And MAPS does not even allege that a single piece of spam has been sent from any of these 1500 IP numbers. As their press release says:
"Media3 refused to require their Web-hosting customers to stop advertising their Web sites by using unsolicited commercial email..."
Even this fact is in dispute. I spoke with Joe Hayes at Media3, and he told me that the company does not tolerate Web sites which promote themselves through spam.
You can check the RBL evidence file yourself. When a MAPS representative spoke with Joe back in June, he told him that he needed to, not tighten up his sendmail rules, but "terminate the Samco [Web] sites and rewrite his AUP to prohibit the hosting of spamware."
Spamware? Yes. Media3 does host Web sites which sell software that sends bulk e-mail and harvests e-mail addresses. Take a look at MarketingMasters.com. Their IP number is 209.211.253.74, which is in the Media3 ClassC which was blocked in June. You can look them up on the RBL at http://mail-abuse.org/cgi-bin/ lookup?209.211.253.74.
Again, the blocking of that IP number, their Web site, does not stop a single piece of spam from being sent or received. What it does do is punish the folks at MarketingMasters, whose Web site can't be seen by RBL subscribers.
The problem is that MAPS has put every 209.211.253.x IP number on their list. For example, if you look up 209.211.253.169, you'll see exactly the same message and same rationale.
And 209.211.253.169 is not a spam Web site. It's otherwise known as Peacefire.org, a group of young people who are advocates of free speech rights for teenagers, and -- irony alert -- longtime opponents of censorware.
In fact, if you visit their Web site you'll see many reports about how censorware blocks the good as well as the bad. Their latest, "Amnesty Intercepted," shows that sites like Amnesty International Israel and the American Kurdish Information Network are blacklisted as pornographic by overzealous censorware.
Kind of like Peacefire -- and over a thousand other sites -- are blacklisted by MAPS.
Let's be clear about what censorware does. It does not by itself block content. It "only" rates that content as unacceptable for viewing, and it is up to someone -- your parents? your teacher? your ISP? -- to apply its rules to prevent you from seeing that content.
I don't like spam any more than the next person. But I also don't like censorship, and I take a content-neutral view of these things. If someone delivers a product to be used by Alice to block Bob from seeing website because she doesn't like its content, that product is censorware.
And if that product capriciously, unfairly, and deliberately blocks innocent Web sites, then it's not very good censorware.
In this case, the "bad" Web site sells software which could be used to spam. Frankly, compared to Nazi propaganda or bomb-making instructions, it's pretty tame. But that's not important. Standing up for speech I agree with is easy, everybody does it. If you want freedom, you have to stand up for speech you disagree with.
At least with programs like CyberPatrol, SurfWatch, and Net Nanny, when overblocking mistakes are pointed out, they are corrected. But as MAPS admits in its press release and evidence files, the intent here is not to block the actual Web sites (after all, people who want to buy the software will find a way to buy it).
No, the intent is to get the ISP in question to play ball. The fact that a thousand innocent Web sites are censored is, as far as I can tell, irrelevant.
I don't see much difference between this and any other censorware. One difference is that few other censorware packages are actually free. Another is that fewer are so obviously wielding their power as a retaliatory weapon.
And, there's also the fact that the RBL is used by a backbone provider, AboveNet, whose CTO also happens to be a co-founder of MAPS. Peacefire had no idea that it was being censored until it heard from confused would-be readers. At least with traditional censorware, if your connection to a website is blocked, you have some idea of why. Peacefire's readers naturally had no idea whether their packets were traveling over AboveNet's network, and only knew that their connections were being rejected.
(I contacted Paul Vixie to ask about AboveNet and how it uses the RBL, but he refused comment, sending me to AboveNet PR, who didn't get back to me by deadline time.)
Vixie claimed in 1998 that "MAPS volunteers always contact the owner of a site before it's blacklisted." I'm guessing none of the 1,500 blocked Web sites were contacted.
But then, MAPS also advises Web providers:
"If you host Web sites, we suggest that you use one IP per domain so that if spam occurs for one Web site, we don't have to blackhole you or your other customers to block access to the spamming site."
That's exactly what Media3 does -- and exactly what MAPS did.
Oh, and one more difference. The RBL is more successful than any other censorware package. According to Upside, 20,000 companies that control 40% of all e-mail accounts (and, quite possibly, Web sites); that's up from what ZDNet said in 1998, 2000 ISPs that control 30% of Internet destinations.
I can't find much to argue with in Joe Hayes's summary:
"They [MAPS] are blocking very good educational sites, nonprofit organizations, in their attempts to get us to adopt their definitions in their entirety. They've made no bones about hurting people and while Media3 maintains a policy of not allowing unsolicited e-mails, we do not see completely eye-to-eye on MAPS's definitions because they become very encompassing and very broad. While they have a good tool, and I commend them for their efforts to contain e-mail abuse, they're a good thing gone bad and they have basically become the abuser."
And here's a heavily abridged list of the sites that cannot be accessed via AboveNet, or any of the other providers who use the RBL -- just a few of the sites on just one blacklisted ClassC:
- FulfilledLives.com, "the place for women and girls," about spirituality and relationships.
- DesktopHeaven.com, Windows themes, screensavers, wallpaper.
- TownOfCary.org, the official website for the town of Cary, North Carolina.
- StudioZito.com, yet another Web site-designer.
- Crossalizer.de, a music site which points out (in German) that it's a victim of an anti-spam initiative, and thus has moved to Crossalizer.com.
- StrikeMore.com, bowling tips and schedules.
- NewTechWellness.com: "The total balance of wholeness and wellness within the areas of Mind, Body, Family, Society, and Finances in our lives is our goal," OK, whatever.
- ElaineCoffman.com
and DianaPalmer.com
-- both are authors of romance novels.
And finally, - CraftersCommunity.com. "If you are looking for a fun and easy recipe to do with the kids, try these deliciously simple Winter Cookie Pops."
Update, something like an hour later: If you're planning to e-mail me or post a comment saying I don't know what I'm talking about because the RBL only blocks mail traffic, please take a moment to read this 1997 interview. Excerpt:
SunWorld: How do you defend your policy of Blackholing Web services that host spammers' Web sites -- even if the spam itself isn't going through their service?
Vixie: This is the most controversial thing we do because it's censorship of something that isn't spam. It's me saying to some Web provider, because you are renting space to this person [a spammer] who is doing something completely legal, I am going to Blackhole your butt.
For more on the Border Gateway Protocol implementation of the RBL, see this page (thanks to jeffg for the link); for a description of how it drops all packets to blackholed sites, see this message.
Also, Bennett Haselton of Peacefire reports, at 10:58 PM EST:
I just telnetted in to www.peacefire.org and was able to do "ping www.above.net" and "ping home.cnet.com" and "ping www.infoworld.com" despite the fact that that traceroute on all of these sites shows that they are hooked up via above.net.
Peacefire's IP address is still on the RBL, so it looks like AboveNet has, for the time being, temporarily stopped blocking their users from accessing sites on the RBL.
This means that either:
(1) AboveNet has realized the errors of their ways, and is trying to correct them.
(2) AboveNet is trying to cover up the fact that they ever censored their users' Internet access, and they are temporarily opening up the gateway so that people on AboveNet will be able to access Peacefire and will think it is all a hoax.