Slashdot Mirror
US .gov WHOIS Info Restricted Over Attacker Fears
An anonymous reader writes "VeriSign Inc has stopped providing access to information about the .gov internet domain, which is restricted to US government bodies, over concerns the data could be used in planning internet attacks."
C/O George W. Bush
1600 Pennsylvania Avenue
Washington, DC.
Yup, wouldn't want anyone to know where HE lives, do we?
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
If you need whois data for a ".gov" domain, go to the General Services Administration.
sarchasm: The gulf between the author of sarcastic wit and the person who doesn't get it.
There shouldn't even be a .gov TLD.
.gov.us
It should be
...hide the contents of the websites too?
Not much point hiding the whois information of a domain if its accompanying website tells the whole world who and where they are...
-- Even if a god did exist, why the fsck should I worship it?
Don't say that too loudly - the *terrorists* might hear you! ;o)
Video Game cheats, hints a
I think they should restrict access to the .gov DNS records also. Would go a long way in making the .gov net a whole lot more secure. :)
It had to be a matter of public record anyway, right? I don't see what this solves. I think the old term "Security throught obscurity" applies here. That term has also been trampled on time and again because it just doesn't work. Hide information via one source, get all confident that you're safe, and then get surprised when you're actually not.
Is there anyone out there who can explain what this accomplishes really? I'm seriously asking because I might be missing something.
Luck favors the prepared, darling.
While I think the intent is admirable, the net effect might be somewhat frustrating. For example, how are we supposed to get contact info if say a governement group's DNS goes south? Or maybe just a portions of it? what about entities that have been misapportioned? (Good example is the City of Albuquerque, NM.)
The quote that I found interesting is: "Also removed from the FTP site was the zone file for in-addr.arpa, which is used for reverse-DNS lookups (when somebody wants to find out what domain is associated with an IP address, rather than the other way around)." So is this a prelude for them to stop supporting rev. DNS? If it does stop, are they really aware of the potential consequences? (Stopped email, blocked access, etc.) What about who to contact and how to contact them about possible network outages?
Things like this might seem like a good idea at the time, but can (and do) lead to other problems. I am in favor of security as much as the next guy, but half though-out moves like this don't help.
-D.
P.S. I wonder if they are going to stop publishing things like the white pages (online or even the print edition)? Hey they do have government entity addresses and phone numbers?
I wonder whether .gov will find itself listed in
on rfc-ignorant
for this.
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
What is WHOIS?
The .GOV WHOIS database is a tool that provides users with the ability to lookup records in the registrar database. Using WHOIS, you can search for people, name servers, and domains. From a UNIX system, you can use the -h option to point to the .GOV WHOIS server, nic.gov. For example, to find out about gsa.gov, use the following command: "WHOIS -h nic.gov gsa.gov".
(posted anonymously to avoid karma-whoring)
I work for the government, and we had to remove the directions to our office from our website. Didn't quite understand this..since we have our address on our website and all you need is something like mapquest to get directions. Makes no sense.
So, I read the attached article, and I understand what Verisign is doing. My question is: why? What is the motivation behind them blocking access to these whois records?
I agree with the article in saying "It seems so logical to take that
Actually, why do we have whois records for any domain?
www.timcoleman.com is a total waste of your time. Never go there.
You damn pot smoking Californians need to realize CA is not a country (as much as you wish it were).
.ca domain YOU HAVEN'T WON YET. I'm looking forward to .TX for Texas to leave the Union (and take GW with them).
Just because you somehow tricked the powers that be into making a
Frankly, yes. It is an instance of the government taking away information that should be available to the public under the guise of "national security."
And in the current climate, this is exactly the kind of thing we should be fighting against, with Ashcroft in power.
Granted that this is a relatively minor instance, but it is one that is part of a much greater whole.
The interests of "security" cannot supercede the interests of liberty.
"Enough of this wretched, whining monkey life." -- Marcus Aurelius, _Meditations_, Book 9, 37
--
Mod up a post Rob doesn't like and you'll never mod again
If you want to participare in a public network then they shouldn't be hiding whois information. Nobody is saying they can't run their own top secret nework (as I'm sure they already do to some degree) but participation in this giant public network involves some amount of conformance to standards.
Any information that is so critical to national security shouldn't be on the internet in the first place.
- Toby
I'd like to point out that the government's nic is still available, only Verisign, a non-government corporation, removed their database of .gov from public view.
Human nature is the same everywhere; the modes only are different. -- Earl of Chesterfield