Domain: melbourneit.com.au
Stories and comments across the archive that link to melbourneit.com.au.
Comments · 19
-
Re:Always.
also there's the 5 way goatse issue with that site
... -
Re:Always.I've not seen a bank do it, but these guys do, which I think is just insane, especially seeing as in all other respects (apart from price) they are an excellent domain registrar. Click the login link in the top left and you'll be presented with a non-https page with a username and password on it. I've emailed them about it but they just don't get it. Idiots. did you never try to stick an 's' after the http!
-
Re:Always.
1) SSL certificates do get issued to phishing sites
I figured that would probably happen, but i'd never actually seen it. I don't make a habit of deliberately visiting phishing sites though.2) Some banks have login forms on un-encrypted pages
I've not seen a bank do it, but these guys do, which I think is just insane, especially seeing as in all other respects (apart from price) they are an excellent domain registrar. Click the login link in the top left and you'll be presented with a non-https page with a username and password on it. I've emailed them about it but they just don't get it. Idiots.I've stopped using MelbourneIT for new registrations on that basis. I suggest you do the same.
The Melbourne IT login form does submit to a secure URL, so login details are never passed unsecurely. -
Re:Always.I've not seen a bank do it, but these guys do, which I think is just insane, especially seeing as in all other respects (apart from price) they are an excellent domain registrar. Click the login link in the top left and you'll be presented with a non-https page with a username and password on it. I've emailed them about it but they just don't get it. Idiots.
I've stopped using MelbourneIT for new registrations on that basis. I suggest you do the same.
Actually the site you mentioned DOES process your login through SSL. If you look at the form action, it is sent to a HTTPS address. Now looking at the web page, the blank form is sent unencrypted, but the login is handled over SSL. That's the way some banks operate to avoid the sluggish load times with HTTPS compared to regular HTTP. -
Re:Always.I've not seen a bank do it, but these guys do, which I think is just insane, especially seeing as in all other respects (apart from price) they are an excellent domain registrar. Click the login link in the top left and you'll be presented with a non-https page with a username and password on it. I've emailed them about it but they just don't get it. Idiots.
I've stopped using MelbourneIT for new registrations on that basis. I suggest you do the same.
It doesn't matter if the page you type the username/password in is encrypted, but if the page you send your username/password to is encrypted.The login page has already been sent to you, there is no information on there and doesn't need encryption. But when you do send the query with your login-info to them, then it has to be in an encrypted connection.
That is what MelbournIT does, so ti is quite safe to use them. -
Re:Always.
2) Some banks have login forms on un-encrypted pages
I've not seen a bank do it, but these guys do, which I think is just insane, especially seeing as in all other respects (apart from price) they are an excellent domain registrar. Click the login link in the top left and you'll be presented with a non-https page with a username and password on it. I've emailed them about it but they just don't get it. Idiots.I've stopped using MelbourneIT for new registrations on that basis. I suggest you do the same.
If you check the login form's source you'll notice that it is being submitted to an https URL. -
Re:Always.
1) SSL certificates do get issued to phishing sites
I figured that would probably happen, but i'd never actually seen it. I don't make a habit of deliberately visiting phishing sites though.2) Some banks have login forms on un-encrypted pages
I've not seen a bank do it, but these guys do, which I think is just insane, especially seeing as in all other respects (apart from price) they are an excellent domain registrar. Click the login link in the top left and you'll be presented with a non-https page with a username and password on it. I've emailed them about it but they just don't get it. Idiots.I've stopped using MelbourneIT for new registrations on that basis. I suggest you do the same.
-
Re:its actually pretty common
$9?? it costs $140.00 it register a
.com.au name... http://www.melbourneit.com.au/cc/domainname/australian-domain-names?lid=tile-audomains#tabsB -
Melbourne IT
Melbourne IT, where our slogan is, "All your Panix belong to us".
Disclaimer: I work for Melbourne IT, so have to post Anonymously. -
DNS was censored, not the WWW
The site was hosted on Yahoo and the domain name registeres with Melbourne IT. The site is still on Yahoo's servers and can be downloaded using an IP address and an absolute URL (so their virtual server knows which website you want. By way of explanation, here is something I previously submitted as a story:
At the request of the Australian government, domain name registrar Melbourne IT has removed DNS entries for a political opponent of a ruling political party and its policies in Iraq.
Richard Neville created a parody of one of the Australian Prime Minister's speeches and posted it on a the website www.johnhowardpm.org. After a day the website mysteriously disappeared from the Internet. Melbourne IT, domain registrar for johnhowardpm.org, and Yahoo, the website host, both denied knowledge.
Tim Longhurst has been investigating. After two days two anonymous Melbourne IT technicians have come forward and told him that "johnhowardpm.org" was removed from DNS at the request of representatives from the Australian government, without the knowledge of the domain owner. Normal proceedure is for the domain owner to at least be notified.
Australian Internet users can no longer read www.johnhowardpm.org. Yahoo's DNS server (yns1.yahoo.com) still resolves johnhowardpm.org and the pages still exist on Yahoo's server (premium7.geo.vip.re4.yahoo.com = 216.39.58.74). They may be retrieved by sending a http GET request using telnet, or by setting one's HTTP proxy to 216.39.58.74 and typing "http://www.johnhowardpm.org/" into a browser address bar.
Given that the parody was not obscene, and its facts were well backed with references the only justification seems to be political censorship by Melbourne IT and the Australian government. The Internet equivalent of a political assassination to shut someone up.
If "The Net treats censorship as a defect and routes around it.", what is the future for Melbourne IT as a registrar? The High Court of Australia has also ruled that the Australian Constitution contains a right to freedom of political speech.
-
Re:Chilling.
It's an easy enough misunderstanding: a phishing site looks like a genuine site, but isn't.
Parody sites look like genuine sites too. That's the general point of parody.
Yes, he's missed the point that phishing is about data capture not misinformation but I wouldn't rag him too hard, he's in the right ballpark.
"The right ballpark"????? For Chrissakes....he's the chief technology officer at Melbourne IT. If he doesn't fucking understand what a phishing site is, Melbourne IT Needs a new CTO.
What's more likely? That a CTO of a major ISP actually doesn't understand the concept of a 'phishing site', or said CTO is prevaricating because the Government is breathing down his neck? You do the math. -
Re:Not very surprised
Nope, MelbourneIT and Melbourne University are indeed connected.
-
Re:The weekend rule
Speaking to an employee at Melbourne IT, I heard that THE CEO of the company was aware of the problem on the WEEKEND, and their response was that the company in question needed to provide sufficient proof that they were in fact the company they claimed to be (also initiated ON THE WEEKEND).
Melbourne IT were working within the policy of ICANN, whereby it is now acceptable for a domain to be transferred without the explicit approval of the original owner. This policy was recently changed - it originally only allowed domains to be transferred in ownership with an explicit APPROVAL from the original company. The policy is now such that if the original company does not respond to the request within 5 days, the company asking for transfer will by default have rights to the domain. Everyone who owns a domain effectively must monitor their whois e-mail address at least every 5 days in order to ensure they keep their domain.
This was NOT a case of Australian government being lazy. This idea of a "weekend rule" is stupid, and certainly did not apply here. This is illustrated by the fact that the company's CEO was involved ON THE WEEKEND.
Melbourne IT are very much a corporate entity now. They have share holders, and have a large emphasis internally on sales (much to the dismay of the employee I know). This so called "weekend rule" could be applied to many many other corporates as well (the one I work for being one of them!), since normal "BUSINESS hours" are Monday to Friday 9 til 5 (or whatever your variation is). You will notice that Melbourne IT's hours of operations are rather extensive for an Australian "government" organisation. The notion that this situation was bred from some type of government "weekend rule" is ridiculous.
If google was transferred erroneously on a weekend, you can be sure that it would be dealt with very quickly by whoever needs to deal with it, while of course working in the realms of the policies that govern their processes. The policy is at fault here, not the company governed by them. -
Re:it's worse than that...Google search for MelbourneIT
Top result
Contacts
Contacts:
WorldWide Offices Australian Office: Melbourne Street Address Level 2, 120 King Street Melbourne Victoria 3000 Australia Customer Support Australian Callers 1300 654 677 International or Mobile Phone Callers +61 3 8624 2300 Fax - Australian/Int'l +61 3 9620 2388 Hours of Operation 8:30 AM - 1:00 AM Monday - Friday 8:30 AM - 12:30 PM Saturday U.S. Office: San Francisco (Sales & Marketing) Street Address Melbourne IT 2200 Powell Street Sixth Floor, Suite 690 Emeryville CA 94608 Spanish Office: Madrid (Sales & Marketing) Street Address Jorge Juan 8 28001 Madrid Spain Hours of Operation 9am to 2pm, 4pm to 7pm Contact Information Telephone +34 91 426 1951 Fax +34 91 435 8264
[whois.internic.net]
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name: MELBOURNEIT.COM.AU
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
jwhois melbourneit.com.au -h whois.melbourneit.com
[whois.melbourneit.com]
(Response timed out)
More BS:
To notify Melbourne IT of your complaint or dispute send an email to policy@melbourneit.com.au
Melbourne IT will acknowledge your email within 5 working days of its receipt, and will use all reasonable efforts to provide you with a response to your complaint or dispute within 30 days.
If your matter is more appropriately dealt with by another organisation, we will advise you of any alternative options for resolving your complaint or dispute.
For the curious, their AUP
Please everyone do a 'ping -f whois.melbourneit.com' &; ping -f www.melbourneit.com.au
-
Re:it's worse than that...Google search for MelbourneIT
Top result
Contacts
Contacts:
WorldWide Offices Australian Office: Melbourne Street Address Level 2, 120 King Street Melbourne Victoria 3000 Australia Customer Support Australian Callers 1300 654 677 International or Mobile Phone Callers +61 3 8624 2300 Fax - Australian/Int'l +61 3 9620 2388 Hours of Operation 8:30 AM - 1:00 AM Monday - Friday 8:30 AM - 12:30 PM Saturday U.S. Office: San Francisco (Sales & Marketing) Street Address Melbourne IT 2200 Powell Street Sixth Floor, Suite 690 Emeryville CA 94608 Spanish Office: Madrid (Sales & Marketing) Street Address Jorge Juan 8 28001 Madrid Spain Hours of Operation 9am to 2pm, 4pm to 7pm Contact Information Telephone +34 91 426 1951 Fax +34 91 435 8264
[whois.internic.net]
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name: MELBOURNEIT.COM.AU
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
jwhois melbourneit.com.au -h whois.melbourneit.com
[whois.melbourneit.com]
(Response timed out)
More BS:
To notify Melbourne IT of your complaint or dispute send an email to policy@melbourneit.com.au
Melbourne IT will acknowledge your email within 5 working days of its receipt, and will use all reasonable efforts to provide you with a response to your complaint or dispute within 30 days.
If your matter is more appropriately dealt with by another organisation, we will advise you of any alternative options for resolving your complaint or dispute.
For the curious, their AUP
Please everyone do a 'ping -f whois.melbourneit.com' &; ping -f www.melbourneit.com.au
-
Re:it's worse than that...Google search for MelbourneIT
Top result
Contacts
Contacts:
WorldWide Offices Australian Office: Melbourne Street Address Level 2, 120 King Street Melbourne Victoria 3000 Australia Customer Support Australian Callers 1300 654 677 International or Mobile Phone Callers +61 3 8624 2300 Fax - Australian/Int'l +61 3 9620 2388 Hours of Operation 8:30 AM - 1:00 AM Monday - Friday 8:30 AM - 12:30 PM Saturday U.S. Office: San Francisco (Sales & Marketing) Street Address Melbourne IT 2200 Powell Street Sixth Floor, Suite 690 Emeryville CA 94608 Spanish Office: Madrid (Sales & Marketing) Street Address Jorge Juan 8 28001 Madrid Spain Hours of Operation 9am to 2pm, 4pm to 7pm Contact Information Telephone +34 91 426 1951 Fax +34 91 435 8264
[whois.internic.net]
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name: MELBOURNEIT.COM.AU
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
jwhois melbourneit.com.au -h whois.melbourneit.com
[whois.melbourneit.com]
(Response timed out)
More BS:
To notify Melbourne IT of your complaint or dispute send an email to policy@melbourneit.com.au
Melbourne IT will acknowledge your email within 5 working days of its receipt, and will use all reasonable efforts to provide you with a response to your complaint or dispute within 30 days.
If your matter is more appropriately dealt with by another organisation, we will advise you of any alternative options for resolving your complaint or dispute.
For the curious, their AUP
Please everyone do a 'ping -f whois.melbourneit.com' &; ping -f www.melbourneit.com.au
-
Re:The domains of commerce
should be restricted to
.com domains. That's what the TLD was supposed to mean. Any other TLD should be first-come, first-served
That's what we do here with .com.au domains. You must have a registered business name that your selected domain name can be derived from. Of course, there were many people who thought that was too restrictive. In particular, the moron who writes for The Age and wanted property.com.au for a side venture of his. He gave Melbourne IT flack at every turn for not giving that domain to him (even though they weren't the ones who put the rules into place). AFAIK we also have similar rules for .org.au domains. -
Re:.org, .us, .do .it
Um. This may come as a surprise, but why not move your
.com or .net registrations to another registrar, like MelbourneIT.com.au or one of the others? It's probably cheaper, and they won't be the ones forcing wildcard records down your throat.Sure, this won't change the root servers, but your money won't end up with Verisign anymore, and you'll have a lot less expenses with all those business cards.
-
.au registration rulesOn the other side of the world, Melbourne IT owns an 80% market share in the
.au TLD, which is increasingly recognized not as geographically bound to Australia, but as a Global TLD in its own right.I'd be interested in hearing more about this ".au is global" if it's actually true - and I doubt it. http://www.melbou rne it.com.au/ver2/html/services/indexinww.htm states:
The
This is common knowledge in .com.au is the official designated space for Australian Internet names - it is the official space for Australian business. In order to register a .com.au domain space you must be a registered Australian commercial entity and your Internet name must be derived from your business name. .au - the rules for getting a .com.au are pretty damn strict. To get a .net.au you need to be a registered company that's involved with the Internet and to get .org.au you need to be a registered non-profit organisation. Oh, and Melbourne IT isn't in charge - they licence the right to manage .au from the .au Domain Administration.Melbourne IT's apparantly also into the
.com registration business, so perhaps this is where they got confused.