Slashdot Mirror
Russia to Halt Public Access to .RU Whois Data?
An anonymous reader writes "A Domain Tools blog post is reporting on a Russian newspaper article regarding a provision of Russian law that would prohibit public access or posting of Whois data for the .RU TLD without written permission. The Personal Data law, which the article states went into effect on January 30, 2007, will require compliance by RosNIIROSa (www.ripn.net) by 2010."
In Canada its not prohibited to look up information, but as an individual with a registered domain, I don't have to have my information in the whois record. Check out Privacy.ca
That this means the single largest collection of hacking and spamming sites will now have protection against people finding out who even owns the domains they run from?
I'm a fiscal conservative, it's a pity we don't have a political party anymore
There's absolutely no reason that in the US we must have valid contact information in that database. I use my work address, phone number, and my website spam GMail account on there because I don't want to deal w/the bullshit spam, letters in the mail, etc.
Whoever had the bright idea to mandate that for ending spam didn't think clearly. Perhaps Russia (while not their motivation for this move) is on the right track.
In Soviet Russia, compromat.ru own YOU!
Does this mean that we can report security attacks to abuse@kremlin.ru?
Check out my sysadmin blog!
Not just broken by the spammers, though they're in large part responsible for making much info inaccessible, it's also broken by the lack of standards and registrar greed.
Just try to write a tool to automatically parse WHOIS output to get the registration date of a domain (a good heuristic when determining whether a domain is spammy -- a 1-day old domain merits a little more investigation than a 1-year old one). Assuming the info is available at all and not hidden behind some captcha-enabled web page (not just to shield from spammer harvesting, but also to throw sales pitches at you), the date field could be anywhere, and in any format. Hell, I've even seen registrars use MM/DD/YY format, two-digit years no less. Some even use multiple formats. It's crazy insane.
RIPE appears to actually have their shit together, and uses a pretty good uniform format. Bully for RIPE, but that's generally only good for IP WHOIS, and the rest is being eroded as the rest of the WHOIS system decays at the seams.
Done with slashdot, done with nerds, getting a life.
Spammers have already laid .ru low. I know of more than a few small to medium companies that flat out drop emails if there's a .ru _anywhere_ in the email. Not just the from or reply to fields. If there's a http link pointing to a .ru domain, they drop it.
.ru's problems right now. Though it boggles me how a TLD trustee can get away with not publishing whois information while still under ICANN's rules.
I try to tell them that just dropping "mail.ru" would be a better longterm strategy, but their minds are usually made up. I think this may be some kind of holdover from the cold war.("The Russian's have internets?! Blockade their commie propaganda!")
Anyway, my point is that lack of whois information is the least of
May the Maths Be with you!
Of course not. There is no legitimate reason why anyone would want to contact the domain owner about some issue with the site or its content.
And your hosting company should just reject all requests and complaints. They are just a hosting company and have no need to get involved with anything else. You pay, they host, right?
You mean like the additional fees that the registrars/hosts get for hiding your personal contact information if you so choose? So this rule should apply only to people who don't want to have money extorted from them?
Dude, do you not know how much of a rip-off all the private registration services (also those not from GoDaddy) are, because they charge you for privacy?
hackerkey://v4sw5/7BCHJMPRUY$hw3ln3pr6/7FOP$ck6ma8+9u6L$w4/7CGUXm0l6DLRi82NCe3+9t5Sb7HMOPRen5a17s0DSr1/2p-3.62/-5.23g3/5
See, for me, this is simply a matter of character. Or the appearance of it. If you don't want me to know who you are, why should I accept mail from your domain at all?
I run the email for a pretty small ISP. When a mail server (or farm) starts going crazy and trying to kill my servers with hundreds of connections per second; the first thing I do is drop the packets from the network. I then check the whois listing to see if it's yahoo! or ebay or something like that and consider unblocking it after I know who I'm dealing with.
When the whois says "NONAME NETOWRK ASSOcIATES" or there simply isn't anything listed, they stay on the drop list. So this is really a handy development. Essentially nothing from .ru will look legit anymore so I can just block all of it, right?
Imagine if you weren't allowed to use roads because a bus company complained about your driving 3 times. --skunkpussy
Estonian servers have been under constant barrage of DDOS attempts since April 26, much of which have been tracked to Russian servers. Now Russians try to obfuscate their whois. Is it just me, or are those two events linked...?
Such a policy is not without precedent. Tonga's NIC has kept registration information private for years.
Then again, Tonga's NIC also has a healthy anti-spam policy, including a provision for revealing registration info for domain names canceled for violating that policy.
But does keeping registration info private really help shield spammers? Who's to say that spammers are providing valid registration info in the first place? They abuse public registration records both ways: they falsify their own info to shield their identities, and they appropriate and abuse the info of honest people doing the right thing.
I am all for private registration records. If Russia enacts their law, they will have the exact opposite policy of the United States. And, damn, will I envy those Russians for it.
In conservative Canada, information protects you!
http://www.skullsecurity.org/blog/
Well, in modern Russia bribery is the only way of doing business with the government. Period. On ANY (including the highest) level. This is not even a cynical view. It's just how it is. Given this and the fact that it takes less money to get a fake Russian passport (under $200) than to bribe an official to get a real one (about $500), this just increases the registration cost for any foreigner wishing to get a domain .ru
Any guest worker system is indistinguishable from indentured servitude.
Actions have multiple consequences, so why can't they have multiple causes?
Inconceivable! If that were the case, then how could we continue to blame videogames for violence, blame WMD's for the invasion on Iraq, and incompetence for that which could be ascribed to malice?!
If I have been able to see further than others, it is because I bought a pair of binoculars.