ICANN Asked To Shut Down "Worst" Chinese Registrar

← Back to Stories (view on slashdot.org)

ICANN Asked To Shut Down "Worst" Chinese Registrar

Posted by kdawson on Sunday June 22, 2008 @03:25PM from the pictogram-for-spam dept.

Ian Lamont writes "Anti-spam service Knujon has released reports highlighting how certain registrars in the US and abroad have consistently failed to live up to certain WHOIS-related obligations under ICANN's Registrar Accreditation Agreement (RAA) — specifically, the requirement that people or company registering domains provide valid contact information. Now the firm is requesting that ICANN shut down the worst alleged offender, Xinnet Bei Gong Da Software. According to Knujon, none of the WHOIS records in a sample of 11,000 alleged spam sites registered through Xinnet and reported by Knujon to ICANN's Whois Data Problem Report System were corrected in a six-month period ending in May 2008 — and the Chinese registrar continues to register about 100 spam sites per day. In many cases, says the Knujon document (PDF), Xinnet does not have 'any Whois record data for review while the sites are still active' and the spam sites further promote 'seal abuse' by posting bogus BBB, Verisign, and other trusted industry seals. ICANN says it is investigating. ICANN has just posted a draft revised RAA that is open for public comment until August 4. However, the wording of Section 3.7.8, governing registrars' obligations to check and correct domain owners' contact information, hasn't changed."

119 comments

GASP and SHOCK! by thefear · 2008-06-22 15:31 · Score: 0, Redundant

Spam from China? GASP!

--
:(
1. Re:GASP and SHOCK! by kalirion · 2008-06-22 16:25 · Score: 3, Interesting
  
  So if they shut down the registrar, wouldn't that invalidate all domains currently registered through them? I'm assuming some of those belong to legitimate non-spammers....
2. Re:GASP and SHOCK! by techno-vampire · 2008-06-22 16:38 · Score: 4, Informative
  
  Yes, it will. And those legitimate domains can get themselves transferred to a new registrar. Of course, in order to do that, I'd hope that they'd have to provide proper contact details, which would sieve out all the spammers.
  
  --
  Good, inexpensive web hosting
3. Re:GASP and SHOCK! by Anonymous Coward · 2008-06-22 19:26 · Score: 3, Insightful
  
  Spam from China? GASP!
  Funny how all the spam I receive is from Chinese servers but advertising for US products only available for purchase in the US and leading to US websites.
  pot. kettle.
4. Re:GASP and SHOCK! by Antique+Geekmeister · 2008-06-22 19:30 · Score: 3, Informative
  
  A lot of the spam from China is from US spammers: throwaway domains are very useful, to duck blacklists. It's really an international problem, and tends to fester due to companies like this, which ICANN is typically unable or unwilling to disconnect.
5. Re:GASP and SHOCK! by 1u3hr · 2008-06-22 21:04 · Score: 1
  
  Spam from China? GASP!
  Spam from domains registered in China. Not at all the same thing.
6. Re:GASP and SHOCK! by Anonymous Coward · 2008-06-22 23:39 · Score: 0
  
  GASP! There are legitimate domains in China?
7. Re:GASP and SHOCK! by Anonymous Coward · 2008-06-23 04:31 · Score: 0
  
  A lot of the spam from China is from US spammers.
  That probably contributed to the trade deficits too!
8. Re:GASP and SHOCK! by Meski · 2008-06-23 18:51 · Score: 1
  
  Spam from the middle east would be funnier.
In other words by commodoresloat · 2008-06-22 15:35 · Score: 4, Funny

ICANN has Chinese burglers?
1. Re:In other words by socsoc · 2008-06-23 02:36 · Score: 1
  
  the ICANN and lolcat combination is getting really old...
Shamelessly stealing previous joke by Anonymous Coward · 2008-06-22 15:37 · Score: 5, Funny

If spam is a "whopper" of a problem, and burger king's "whopper" is a cheeseburger, then...
ICANN has cheezburger?
Funny aside: my captcha is "verified", something which these domains were not.
1. Re:Shamelessly stealing previous joke by dadatianpu · 2008-06-22 18:19 · Score: 0
  
  i think China's Internet technology is high so we must continue to compete with Japan and China
2. Re:Shamelessly stealing previous joke by phorm · 2008-06-23 00:18 · Score: 1
  
  ROFLMEOW?
Re:I don't trust the Chinese by commodoresloat · 2008-06-22 15:51 · Score: 4, Funny

Their eyes are a little bit too slanted for my taste. Actually, if you're going to taste them, it's best to remove them from the eyelid entirely. At that point, they're really indistinguishable from European eyes, but much more flavorful.
After an hour or so, though, you need to eat another one.
ICANN is about as useful as the UN by Anonymous Coward · 2008-06-22 15:52 · Score: 0, Flamebait

Which is to say... not at all.
Re:Hmm by Pinky's+Brain · 2008-06-22 15:54 · Score: 0, Troll

I'm betting they will be about evenly tied with defensive Chinese expats (much smaller numbers but much stronger feelings).
seal abuse by Lehk228 · 2008-06-22 15:55 · Score: 3, Insightful

"Seal Abuse"

wow did the mental giants who first thought up using an inline graphic to portray legitimacy ever consider that someone may.... save... said graphic and re-use it.

--
Snowden and Manning are heroes.
1. Re:seal abuse by MrNaz · 2008-06-22 16:18 · Score: 4, Funny
  
  You know you're living in the 21st century when "seal abuse" does not involve clubbing large numbers of adorable baby amphibious mammals in the Arctic.
  
  --
  I hate printers.
2. Re:seal abuse by Anonymous Coward · 2008-06-22 16:30 · Score: 0
  
  Seals are NOT amphibious.
3. Re:seal abuse by stainlesssteelpat · 2008-06-22 17:36 · Score: 1
  
  Yeah but they make great executive jackets
  
  --
  War is the statesman's game, the priest's delight, the lawyer's jest, the hired assassin's trade.- Shelley
4. Re:seal abuse by CartoonFan · 2008-06-22 17:50 · Score: 1
  
  Yeah, we need to get the SPCA on these people. Abusing seals is a terrible thing to do.
5. Re:seal abuse by aj50 · 2008-06-22 18:24 · Score: 2, Informative
  
  Yes they did.
  If the seal is valid you can click on it and get an information page about the site.
  If you get a page about another site or the seal isn't a link then the site isn't legitimate.
  A faked verisign seal on a web site is a great clue that they're not the right people to shop with. It also makes spotting phishing sites a lot easier.
  
  --
  I wish to remain anomalous
6. Re:seal abuse by Samah · 2008-06-22 18:26 · Score: 1
  
  Even better, if they're lazy enough to just direct link, you may want to replace the "images/corporate_logo.jpg" file with "hello.jpg".
  
  --
  Homonyms are fun!
  You're driving your car, but they're riding their bikes there.
7. Re:seal abuse by Anonymous Coward · 2008-06-22 19:18 · Score: 0
  
  amphibious from Webster.com
  2 a: relating to or adapted for both land and water
  Amphibious, but not amphibian.
8. Re:seal abuse by Urkki · 2008-06-22 19:24 · Score: 1
  
  Sure seals are amphibous. They're just not amphibians.
  Unless you're talking about water-soluble seals, but those have to be protected from rain too, not just from full immersion in water. But I don't know of any material used for sealing things, that is water-soluble.
9. Re:seal abuse by Anonymous Coward · 2008-06-22 21:37 · Score: 0
  
  You know you're living in the 21st century when "seal abuse" does not involve clubbing large numbers of adorable baby amphibious mammals in the Arctic.
  FAFAIK, only in Canada does clubbing not equal abuse...
10. Re:seal abuse by houghi · 2008-06-22 22:01 · Score: 1
  
  Reminds me of this short joke:
  A seal walks into a club ...
  
  --
  Don't fight for your country, if your country does not fight for you.
11. Re:seal abuse by Anonymous Coward · 2008-06-22 23:02 · Score: 0
  
  and? what's the punch line? you just going to leave us hanging like that?
12. Re:seal abuse by MrNaz · 2008-06-22 23:41 · Score: 1
  
  At least, that's what the poacher claimed.
  
  --
  I hate printers.
13. Re:seal abuse by jandrese · 2008-06-23 03:35 · Score: 1
  
  So are you saying that seals can't walk on land, or that they can't swim in the water?
  
  --
  
  I read the internet for the articles.
14. Re:seal abuse by Anonymous Coward · 2008-06-23 07:57 · Score: 0
  
  I'm Crazy Eddy, and I'll club a seal to make a better deal!
  If nobody comes down in the next hour to buy a car from me, I'm gonna club this baby seal!
My prediction: Internet segmentation by erroneus · 2008-06-22 16:04 · Score: 4, Insightful

As it stands, I have observed some common practices of simply blocking traffic going to or coming in from IPs from certain foreign nations. For some businesses, this practice alone reduces a tremendous amount of spam without affecting normal business flows. It would also make sense for users and businesses to restrict all communications with peers outside of their borders if, in fact, it has no adverse affect to their business flows.
Ultimately, this could lead to a segmented internet where entire nations find themselves effectively cut off by policy.
I am undecided about whether or not this is a good idea, but if China and Russia won't stop their criminals, perhaps they shouldn't have a presence on the global internet. The message? Play nice or you won't be allowed to play at all! My guess is that internet sanctions would have much faster reaction than economic sanctions.
1. Re:My prediction: Internet segmentation by _merlin · 2008-06-22 16:18 · Score: 5, Interesting
  
  Well, I'd be all for a segregated internet if it could keep all the American spam comments advertising drugs, loans, insurance and porn off my blog. Remember the USA is still the biggest spam producer. It would be nice if you could only spam yourselves.
2. Re:My prediction: Internet segmentation by MrNaz · 2008-06-22 16:22 · Score: 5, Informative
  
  "If China and Russia won't stop their criminals..."
  You're aware that the US is still, by a factor of almost 4, the number one spamming nation on Earth? But don't take my word for it:
  http://www.spamhaus.org/statistics/countries.lasso
  Now, you were saying? Sorry, it's hard to hear you when you're speaking from atop such a high horse.
  
  --
  I hate printers.
3. Re:My prediction: Internet segmentation by dbIII · 2008-06-22 16:33 · Score: 4, Insightful
  
  The problem is that this ISP takes international registrations from spammers everywhere so blocking by a nations IP blocks is not going to help at all. Xenophobia may be comforting but is no help when the many of the criminals are likely to be in your own nation, it's better to go after them directly. As for hampering commerce with major trade partners to slow down some petty crooks that may be next door - implications are worth thinking about.
4. Re:My prediction: Internet segmentation by Shatrat · 2008-06-22 17:11 · Score: 4, Insightful
  
  Sorry, it's hard to hear you when you're speaking from atop such a high horse. That's a pretty condescending attitude on your part as well.
  We may have more spammers here, but at least we have a history of prosecuting and convicting at least some of them.
  I don't really know whether China/Russia have ever convicting anyone of spamming, but TFA refers to a registrar that is either incompetent or complicit dealing with spammers and located in China.
  Sometimes it's ok to criticize a country other than the USA.
  Just let that sink in a little.
  
  --
  09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
5. Re:My prediction: Internet segmentation by ulash · 2008-06-22 17:23 · Score: 0
  
  Come on - give the guy a break. He is merely sticking to his name ;) On a more serious note, I think one of the biggest reasons for the existence of spam is the attitude of "It's not us, it's them". As MrNaz pointed out Spam is a huge problem originating from a lot of countries including the US and despite the existence of laws promising to penalize the big spammers. I think this is reaching such ridiculous heights that there may need to be formation of a specialized organization like the Interpol that will go after spammers.
6. Re:My prediction: Internet segmentation by daveytay · 2008-06-22 17:48 · Score: 1
  
  Nice proof, but not relevant to the issue at hand because the article is about registrars not the source hosts. Have you done a lookup of who registered those spam sites? That is what this is about. No RDNS makes life difficult.
7. Re:My prediction: Internet segmentation by Anonymous Coward · 2008-06-22 17:58 · Score: 0
  
  Give you a break, you're merely using the monospace font for no apparent fucking reason.
8. Re:My prediction: Internet segmentation by Anonymous Coward · 2008-06-22 18:05 · Score: 0
  
  That site has something against Canada. Brazil and Canada both have 125 known spam issues, but it ranks Canada higher, and reverse-alphabetically!
9. Re:My prediction: Internet segmentation by Geak · 2008-06-22 18:12 · Score: 1
  
  The biggest problem with this thinking is that governments don't have any control over the internet anymore, telco's do. Various governments have proven time and time again that they don't want to have anything to do with regulating the internet whatsoever, probably because it's a big cost and they'll get a huge backlash from voters who will have more freedoms stripped away from them. Not only that but the telcos will start whining. The big telcos love globalization. A country like China needs more bandwidth? Sure, we'll lay down the fiber but it's going to cost you. While the telcos rake in the cash, the spam starts flowing faster. Sooner or later they'll be asking for more bandwidth to send more spam and sure enough the telcos are going to agree because it's a huge profit. The only way you will stop spam is to stop the spammers at the source. Force them to provide valid contact information so that when we receive spam messages, we can find the spammers, line them up against a wall and blow their freaking heads off. That might just be enough of a deterrant.
10. Re:My prediction: Internet segmentation by ChameleonDave · 2008-06-22 18:12 · Score: 3, Insightful
  
  We may have more spammers here, but at least we have a history of prosecuting and convicting at least some of them. What difference does that make to me, sitting here with an inbox full of American spam?
11. Re:My prediction: Internet segmentation by Anonymous Coward · 2008-06-22 18:23 · Score: 1, Funny
  
  the number one spamming nation on Earth? ...and don't even get me started on extraterrestrial spam.
12. Re:My prediction: Internet segmentation by Anonymous Coward · 2008-06-22 19:10 · Score: 0
  
  -1 font lameness.
13. Re:My prediction: Internet segmentation by IBBoard · 2008-06-22 19:22 · Score: 4, Informative
  
  I don't really know whether China/Russia have ever convicting anyone of spamming
  
  I think the Russians are actually more effective than the Americans - they murder their Spam King Pins!
14. Re:My prediction: Internet segmentation by tanveer1979 · 2008-06-22 20:35 · Score: 0, Troll
  
  Who cares even if you shoot 90% of your spammers. What matters is that your country contributes more spam than China and Russia, yet you think banning Russia and china will solve spam problem. you related to Bushie darling?
  
  --
  My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
  FB : https://www.facebook.com/TanveersPhotography
15. Re:My prediction: Internet segmentation by ya+really · 2008-06-22 20:40 · Score: 2, Interesting
  
  You're aware that the US is still, by a factor of almost 4, the number one spamming nation on Earth? But don't take my word for it: http://www.spamhaus.org/statistics/countries.lasso [spamhaus.org] Now, you were saying? Sorry, it's hard to hear you when you're speaking from atop such a high horse.
  
  Does this take into consideration a large portion of the bots in the US being controlled by forces outside of the country? It's a pretty well known that just because a computer is spamming and its origin is within the US doesn't mean it's being controlled by an American.
16. Re:My prediction: Internet segmentation by Tony+Hoyle · 2008-06-22 21:00 · Score: 4, Informative
  
  Here is a list of the most prolific spammers in the world - aka. the people controlling these bots:
  http://www.spamhaus.org/rokso/index.lasso
  They're mostly american.
17. Re:My prediction: Internet segmentation by Tony+Hoyle · 2008-06-22 21:14 · Score: 1
  
  This is china we're talking about here. You can bet that the chinese government has control over the internet, just like it has control over everything else.
18. Re:My prediction: Internet segmentation by 1u3hr · 2008-06-22 21:25 · Score: 0
  
  It would also make sense for users and businesses to restrict all communications with peers outside of their borders if, in fact, it has no adverse affect to their business flows.
  And it's because of thinking like that that I, in Hong Kong, find it impossible to communicate with some people in the US.
  I am undecided about whether or not this is a good idea, but if China and Russia won't stop their criminals
  "Their" criminals? The criminals are OVERWHELMINGLY AMERICAN. They use hosting services overseas. The US government could crack down on these if it wasn't in thrall to commercial interests. Trace the money. Block their credit card activity. No money, no spam.
  See the ROKSO list: 72 of the top 115 spammers are American.
  CLEAN UP YOUR OWN HOUSE BEFORE YOU START FUCKING WITH OTHER COUNTRIES
19. Re:My prediction: Internet segmentation by erroneus · 2008-06-22 21:52 · Score: 2, Interesting
  
  I don't claim the US is innocent, not even by implication. I am only pointing out that blocking out other countries is quite effective unless you're doing business overseas.
  And as far as finding it impossible to communicate with people in the US is concerned, you can see the how and the why in action.
  Sometimes really bad solutions have to be enacted before people will be interested in fixing the solution better which results in the problem being solved in a better way. Otherwise, it's just easier to do nothing as most people do.
  But I'm well aware that the majority of spammers are in the US. But a lot of them use non-US hosts to send their stuff out. It's still a very effective measure. Further, if US spammers were forced to resort to using hijacked computers in the US to do their spamming, they'd be in jail a LOT sooner or simply out of business...I wish there were a better expression than "out of business" because they are in criminal activity, not business.
20. Re:My prediction: Internet segmentation by Dan541 · 2008-06-22 21:58 · Score: 1
  
  But do you count the "origin" as the spammers country or the location of the servers?
  I see allot of spam coming from china but it appears to be mostly linked with US products.
  
  --
  An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
21. Re:My prediction: Internet segmentation by nonewmsgs · 2008-06-22 22:38 · Score: 1
  
  i always thought In Russia Spam King Murders YOU!
22. Re:My prediction: Internet segmentation by Nimey · 2008-06-22 23:22 · Score: 1
  
  No, I think there retarded meme posts you.
  
  --
  Hail Eris, full of mischief...
  
  E pluribus sanguinem
23. Re:My prediction: Internet segmentation by 1u3hr · 2008-06-22 23:27 · Score: 1
  
  And as far as finding it impossible to communicate with people in the US is concerned, you can see the how and the why in action.
  No, I can't. I'm trying to contact friends and people I'm doing business with in the US, their ISPs bounce me because I live in the same continent as some spammers. And it doesn't stop spam to any extent anyway.
  But I'm well aware that the majority of spammers are in the US.
  So why did you say "China and Russia won't stop their criminals" when the criminals Are American?
  But a lot of them use non-US hosts to send their stuff out. It's still a very effective measure. Further, if US spammers were forced to resort to using hijacked computers in the US to do their spamming, they'd be in jail a LOT sooner or simply out of business...I wish there were a better expression than "out of business" because they are in criminal activity, not business.
  Brilliant. Hey, I hear the black people are more likely to be violent criminals than whites. Why not just lock them all up? Or at least, put a curfew on them? That would be a "very effective measure", don't you think?
  And if you think I'm angry at being collateral damage, yes, I'm really pissed off. Aside from the basic injustice, trying to block the hosts is hopeless. The moment you start slowing them down, they'll just switch to another country. The only way to stop it is to stop the actual spammers, IN AMERICA. Most of them are committing fraud of one kind or another, selling drugs illegally, etc. Your government makes no more than a token effort to enforce the laws. How many spammers have been sent to jail? One? Two? in the last 10 years. Or are they still out on appeal? Put them in jail. Stop the credit card companies from processing their accounts. That would stop most of them cold.
24. Re:My prediction: Internet segmentation by colfer · 2008-06-23 00:50 · Score: 1
  
  Block traffic from all domains registered through this registrar.
25. Re:My prediction: Internet segmentation by Anonymous Coward · 2008-06-23 01:36 · Score: 0
  
  202.10.64.0/20 is one of theirs. Now it's up to you to iptables that.
26. Re:My prediction: Internet segmentation by hairyfeet · 2008-06-23 03:02 · Score: 1
  
  IIRC the standard formula in China for whether to deal with a cybercrime is this:
  
  If crime is against China or Chinese interests=bullet in the head or long prison term
  If crime is against outsiders=look the other way and cash the check
  
  Now since I don't live there I can't tell you for sure that that is the way it is,that is just what I heard. And as always this is my 02c,YMMV
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
27. Re:My prediction: Internet segmentation by Anonymous Coward · 2008-06-23 03:26 · Score: 0
  
  Then why are American spammers emailing me in Chinese unicode characters?
28. Re:My prediction: Internet segmentation by stonecypher · 2008-06-23 04:31 · Score: 1
  
  Take a look at the rate of growth in spam between the two nations, extrapolate two years, and you have your answer.
  The US may have the lead in the spam race, but China's spam is growing exponentially, and ours is shrinking. They've never prosecuted a spammer.
  Gee, why could it be important to shut down a corrupt registrar under circumstances like those? Hm. Figure it out. Shouldn't take you much more than 30 seconds.
  
  --
  StoneCypher is Full of BS
29. Re:My prediction: Internet segmentation by SpamIsLame · 2008-06-23 04:36 · Score: 3, Interesting
  
  We may have more spammers here, but at least we have a history of prosecuting and convicting at least some of them. What difference does that make to me, sitting here with an inbox full of American spam? Actually, in the case of the particular properties listed in this report (PowerEnlarge, VPXL, Canadian Healthcare, Wondercum) the sponsor for all of those sites is known as SanCash, which is operated jointly out of India and New Zealand. It recently changed its name to ETranz.mu. They list their corporate offices as being located in Mauritius, a notorious offshore location for underground activity.
  The mailers who send you this crap are more than likely located in the US, but the ones who profit from it the most are not. (Based on my own research, even the large-scale American spammers tend to be either Russian or from other foreign countries. It is rare that someone born in the US is behind the send button.)
  The individuals behind these mass domain registrations may also be located in the US, but again they are not the main profit department from these activities.
  These Chinese Registrars may not (repeat: may not) be in cahoots with them either. They merely represented a prime resource due to their total lack of attention to non-Chinese-language complaints.
  The other high profile spam operation who profits from this abuse is known alternately as Spamit or GlavMed. They are the affiliate program behind "Canadian Pharmacy", which is notable due to the fact that there is now a direct link between Canadian Pharmacy domains and the Storm worm. (Documented in several blogs and security review sites.) They also have a lengthy history of hacking public web servers to use them as redirections to the actual spammed target, causing grief for a lot of otherwise legitimate domain owners.
  Spamit / Glavmed is known to be a largely Russian operation. Glavmed is largely considered a non-spam affiliate program but they deal with precisely the same properties, just without any mention of email spamming.
  Not one of the large-scale spam operations has its roots in North America. They are all located offshore, and run by citizens of non-US countries, and remain located in those non-US countries, probably in an attempt to enforce some bogus "immunity" on their criminal activity.
  Registrars are a tiny piece of the puzzle. I wish someone would directly investigate and go after these sponsor organizations.
  Spamit and SanCash are responsible for the majority of all spam received by most individuals around the world. When they experience difficulties (ie: widepsread domain shutdowns), you begin to see incoming spam revert 100% to stock spam, since they can't spam domains anymore. This is a provable, repeatable experiment.
  SiL / IKS / concerned citizen
  
  --
  -- SiL / IKS / concerned citizen
30. Re:My prediction: Internet segmentation by macdaddy · 2008-06-23 08:09 · Score: 1
  
  At the ISP that I run I would personally love to block China. For that matter I would block all of Asia if I could. 98% of the attacks we've been under and the network reconnaissance we've seen comes from China and other Asian countries. I maintain a sizeable block list that I have to feed by hand. I check the WHOIS on every IP or netblock I add. The number of RIPE or ARIN-registered netblocks are so few that I actually author an email to the abuse contacts for that non-Asian SP to report the abuse. I would block Asian countries if I could, if I didn't fear some foreign-made el-cheapo device that my users own having a support site in China. Were it not for that I seriously doubt if my users would even notice.
31. Re:My prediction: Internet segmentation by ChameleonDave · 2008-06-23 13:49 · Score: 1
  
  Gee, why could it be important to shut down a corrupt registrar under circumstances like those? Hm. Figure it out. Shouldn't take you much more than 30 seconds.
  That's a straw man because I'm not arguing against action against a corrupt registrar. I'm saying that people should get off their high horse (since their countries produce a lot of spam too) and stop making racist generalisations and calls for data from certain countries to be blocked.
32. Re:My prediction: Internet segmentation by Geak · 2008-06-23 15:59 · Score: 1
  
  No, it's not china I'm talking about - its multinational companies. If an ISP in China asks a big telco like AT&T to provide them with connectivity, then AT&T will do it in a heartbeat, and no government is going to stop it. But while we're on the subject - if the chinese government had control over the internet then I wouldn't be able to say something like this: "THE CHINESE GOVERNMENT SUCKS GOATSE BALLS!!!"
Doesn't everyone block most of the Pacific rim? by baomike · 2008-06-22 16:55 · Score: 1

Korea to Hong Kong.
This includes taiwan.
Re:another idea by Anonymous Coward · 2008-06-22 17:08 · Score: 0

You know, why don't they just disconnect China from the internet completely.
What "they"?
anti-spam kills anonymous speech by Schraegstrichpunkt · 2008-06-22 17:19 · Score: 4, Insightful

Yet again, "ID cards" are proposed as a method to curb spam, at the expense of anonymous speech.

When are we going to actually fix our protocols?

--
http://outcampaign.org/
1. Re:anti-spam kills anonymous speech by MadnessASAP · 2008-06-22 19:24 · Score: 2, Insightful
  
  Nothing wrong with the protocols, they work work just fine. In fact they work so well that around the world they are capable of handling millions of messages a day across a constantly changing network with an incredibly small failure rate. Perhaps what in fact need to be fixed is the people and the businesses they run, may I suggest a crowbar or other suitably large piece of metal.
  
  --
  I may agree with what you say, but I will defend to the death your right to face the consequences of saying it.
2. Re:anti-spam kills anonymous speech by SpeedyDX · 2008-06-22 19:34 · Score: 4, Informative
  
  RespectMyPrivacy.com is a service provided through NearlyFreeSpeech.Net that allows users to put up proxy contact information with which people may still contact you. Snail mail and faxes are forwarded to their addresses, and when they receive any snail mail or faxes addressed to your domain, they will ask you whether you want these forwarded to yourself. There is also a proxy email that forwards to the email account that you used to register. All of this (allegedly) complies with ICANN regulations, since the information can be used to contact you. The simple solution is the one provided by RMP.C, and it doesn't compromise anonymity.
  Perhaps the situation is not as bleak as you make it out to be.
3. Re:anti-spam kills anonymous speech by Dan541 · 2008-06-22 22:05 · Score: 1
  
  What's wrong with email as it is?
  I know it chews CPU time when a spammer blasts you, but that happens with all services connected to the Internet.
  Changing a protocol is only going to cause incompatability issues.
  
  --
  An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
4. Re:anti-spam kills anonymous speech by hughk · 2008-06-23 00:58 · Score: 1
  
  There is an 'ID' card, if people bothered to enforce existing laws. To collect inbound payments for V1agra, etc., you need to be able to process credit cards. To get the necessary processing account setup, you should be required to prove the beneficial owner of a company. This is an existing law and easy to enforce. It doesn't stop someone who wants to start a 'screwthepoliticians.com' protest website.
  
  --
  See my journal, I write things there
Contact info is better found on the web site. by Animats · 2008-06-22 17:26 · Score: 4, Interesting

There's been a formal study of bad WHOIS data by the Government Accounting Office, the investigative arm of Congress, titled "Prevalence of False Contact Information for Registered Domain Names", on this topic. They found at least 8% of contact info in WHOIS to be totally bogus. They also, as a test of ICANN, submitted 45 "WHOIS information problem reports", of which 11 resulted in correction and 33 did not. But GAO didn't break down the data by registrar.
We've been interested in this issue at SiteTruth for some time. We take a broader view of "bad" web sites than most; we consider any commercial site that lacks valid business name and address information to be bogus. Over 35% of Google AdWords advertisers fail that test. For advertisers whose ads appear on Myspace, the ratio is much higher.
Originally, we tried to get contact information from WHOIS data, but the data quality was so appallingly bad that we had to develop another approach. We have a system that looks for contact info the way a user would, looking at pages with names like "About", "Contact", and such, trying to find a user-readable street address. We also have some big databases of business addresses to check against. This turns out to work much better than looking at WHOIS data when the goal is to find the business behind the web site.
(You can see this info using our AdRater plug-in for Firefox. Download our plug-in to see the ratings for each Google advertiser as the ads go by. Unless you're already blocking all such ads, of course.)
1. Re:Contact info is better found on the web site. by colfer · 2008-06-23 00:48 · Score: 1
  
  GoDaddy requires you confirm your whois info about once a year. I have read they will cut you off if they find it is inaccurate.
2. Re:Contact info is better found on the web site. by drinkypoo · 2008-06-23 02:24 · Score: 1
  
  I don't want my real physical address listed on my domain for the world to see, and I don't have a P.O. box. As a business these complaints are irrelevant, but as an individual I have a right to privacy and requiring valid contact information infringes on that right. This issue is bigger than stopping spam. It's time we looked into making the necessary upgrades to the mail transfer system, and stopped trying to put bullshit bandaids on the problem.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
3. Re:Contact info is better found on the web site. by Animats · 2008-06-23 03:18 · Score: 2, Informative
  
  I don't want my real physical address listed on my domain for the world to see, and I don't have a P.O. box.
  We get that a lot. Now go read California Business and Professions Code Section 17358, which applies if you sell to California, and the European Electronic Commerce Directive (2000/31/EC), which applies if you sell in Europe. Anonymous businesses are illegal in most of the developed world. Deal with it.
  California prosecutors have used B&P code section 17538 when dealing with complaints against online businesses. If the business didn't comply with the address disclosure requirements, but accepted credit cards, the maximum penalty is six months in jail for that alone. Do anything that brings your anonymous business to the attention of prosecutors, and they have that hammer to hold over you.
4. Re:Contact info is better found on the web site. by drinkypoo · 2008-06-23 03:41 · Score: 1
  
  We get that a lot. Now go read California Business and Professions Code Section 17358, which applies if you sell to California, and the European Electronic Commerce Directive (2000/31/EC), which applies if you sell in Europe. Anonymous businesses are illegal in most of the developed world. Deal with it.
  I just argued that a business should be required to report, but that I as a private citizen should not, and you responded by saying that businesses have to report. You're not very good with this whole reading comprehension thing, are you?
  
  If I am engaging in business anonymously, it's probably because it's something I wouldn't take a credit card for in the first place, and so that is a non-issue. I mean, look at the facts - credit card transactions are logged by their very nature, but if you're trying to hide illicit income it's useful to make as much money on the books as possible.
  
  Anyway, would you mind addressing the actual content of my comment, and tell me what a private individual is supposed to do to maintain a minimum level of privacy? Answering "not having your own domain" is not a valid answer - that's like saying you're not allowed to have your own face. I don't want to be represented by someone else's website, but I still don't want to give away my address. Without being able to register with invalid information, I do not have this option.
  
  Why should you have to give up privacy to get a domain, aside from a business, as I already specified?
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Diplomatic incident by Alain+Williams · 2008-06-22 18:08 · Score: 2, Insightful

This could cause a Chinese/USA diplomatic incident. The Chinese upset ''because ICANN (a branch of the government of the USA) is exerting unfair control over the Internet''.
This is one reason why ICANN should be made completely independent of the USA government.
1. Re:Diplomatic incident by Anonymous Coward · 2008-06-24 01:47 · Score: 0
  
  This could cause a Chinese/USA diplomatic incident. The Chinese upset ''because ICANN (a branch of the government of the USA) is exerting unfair control over the Internet''.
  
  This is one reason why ICANN should be made completely independent of the USA government.
  Right, because The Great Firewall or severing the outside connection during the whole Myanmar bs isn't "exerting unfair control over the internet".
Now in paperback... by Alarindris · 2008-06-22 18:26 · Score: 1

ICANN Wants to Shut Down a Registrar
and So Can You!
So the US owns the internet? by jonaskoelker · 2008-06-22 18:43 · Score: 1

Not to be more anti-american than I have to, doesn't this show that the United States, in some sense, "owns" the internet? If not, why?
1. Re:So the US owns the internet? by Eskarel · 2008-06-22 19:25 · Score: 4, Informative
  
  The US doesn't exactly own the internet. ICANN however is supposed to be the central authority on DNS naming(someone has to be and they're the ones who started it), whether you agree with this or not is really rather immaterial.
  However as this isn't really an issue of the US overriding China's rights on the internet it's not really all that important.
  The registrar, who happens to be in China, but could be anywhere for all that it matters signed an agreement with ICANN to follow its rules regarding domain registration. One of those rules it that valid contact information has to be present for all domains. It doesn't as far as I can see have to lead to the person who runs the address, or to any individual involved in the domain(so it's not really an ID card), it simply has to lead to an actual someone who is responsible for that domain. That person is free to decline any requests for information regarding the actual users of their domain, and even to not collect said information at all. They are also entitled to allow said users to continue any activity which doesn't breach the agreement they signed with ICANN or any laws which are applicable to them(ie US law does not apply to a Chinese registrar, but the registrar's agreement with ICANN does). Yes there are potential issues of censorship and you might argue that requiring an individual to be responsible for the registration is wrong, it is however the agreement which the registrars signed in exchange for being able to give out registrations which will be honoured by the internet as a whole and so therefor they're responsible for holding to it.
2. Re:So the US owns the internet? by Dan541 · 2008-06-22 22:20 · Score: 0, Redundant
  
  No the United States of America doesn't own the internet, they often think they do but they don't.
  
  --
  An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
3. Re:So the US owns the internet? by Anonymous Coward · 2008-06-23 05:35 · Score: 0
  
  No the United States of America doesn't own the internet, they often think they do but they don't.
  
  We just invented it, that's all.
4. Re:So the US owns the internet? by Anonymous Coward · 2008-06-23 06:39 · Score: 0
  
  No the United States of America doesn't own the internet, they often think they do but they don't.
  
  We just invented it, that's all.
  
  Along with C, UNIX, Ethernet, the microprocessor, and the silicon transistor.
IP range? by Anonymous Coward · 2008-06-22 18:52 · Score: 0

It would have been nice if the IP range would have been in the article, so that I can filter packets from that range in case ICANN somehow fails to block it.
1. Re:IP range? by RiotingPacifist · 2008-06-23 03:51 · Score: 1
  
  the ips are somewhere in the range *.*.*.* , they are hosted anywhere but REGISTERED with a Chinese registrar. MOST of the IPs will be Chinese but as a REGISTRAR they have no control over IPs, please get a clue.
  
  --
  IranAir Flight 655 never forget!
It's ironic. Don't you think? by kinabrew · 2008-06-22 18:53 · Score: 3, Informative

It's ironic that they want domain owners to provide valid contact information in the belief that this will stop spam.
Before I moved to a registrar who provided free anonymous registration, I provided fake contact information specifically to prevent spambots from looking up my information in whois.
1. Re:It's ironic. Don't you think? by Anonymous Coward · 2008-06-22 20:54 · Score: 0
  
  We're going to end up with a two-layered interenet: one layer that provides anonymity and one that provides privacy.
  One would think the two go hand-in-hand, but this is an example of how they diverge.
  The registration process calls for identity validation so that administrators can collaborate and be held accountable to some degree for compliance with the terms of the agreement. However, that information must be kept private to some degree. Hence, we enter into a world where there exist various circles of trust, within which identities have been validated, and the rest of the internet.
2. Re:It's ironic. Don't you think? by Anonymous Coward · 2008-06-22 22:40 · Score: 0
  
  The same registars allowing phishing sites to be untraceable due to anonymous whois entries? I think those things do more damage than good.
Physical confirmation by Midnight+Thunder · 2008-06-22 21:11 · Score: 1

The only real solution, but not perfect either, is to send a physical confirmation letter (snail mail) to the address in question. The letter would contain a confirmation code that needs to be used to activate the account. Until that happens the account and domain would be reserved for one month before it is returned to the void.
What would be interesting is whether it would be possible to add some intelligence into the DNS server, which checks the whois database to find out who the registrar is. You could then use that as a method for flagging possible domains at risk, or not resolving them. Another approach would be to include this a plug-in for Firefox or other web browsers. The catch is providing the service without killing the whois servers.

--
Jumpstart the tartan drive.
1. Re:Physical confirmation by colfer · 2008-06-23 00:54 · Score: 1
  
  I don't think SMTP usually involves DNS. But spam-listing all the registrar's domains would be possible. Almost every spam email contains links. That is the key.
2. Re:Physical confirmation by colfer · 2008-06-23 00:55 · Score: 1
  
  I mean SMTP on the receiving side, of course. D'oh!
Oblig by Anonymous Coward · 2008-06-22 23:26 · Score: 0

Worst registrar EVER.
Spam yes, how about attacks? by phorm · 2008-06-23 00:28 · Score: 1

I've not really notice China/Russia being any worse for SPAM than elsewhere, but one thing I did notice is that they seem to be much more often the source of cracking attempts against my boxen both at home and work. Even if a lot of it is just SSH password-guessing (sorry losers, I don't allow root-level SSH so you can stop trying that username), a large portion of the IP's involved in this seem to original from China and Russia. Still, I couldn't tell you how many are direct, deliberate attempts and how many are already-owned machines trying to expand their little armies...

A well, there's not much iCANN can does about this, as one doesn't need a DNS entry to port-sniff and attempt brute-forcing passwords. Denyhosts is pretty good at handling this, although I'd to find something that works a little closer to the firewall level so I could have some fun with redirects and tarpits.
Whois invites SPAM by phorm · 2008-06-23 00:31 · Score: 1

The problem with a lot of this is, WHOIS records themselves invite SPAM (conveniently having your email address available to spammers) or other issues. Personally, I'd rather not have some internet eTard with a hot temper and righteous indignation at something I posted online coming to hunt me down via my address in a WHOIS entry...
Not really by damn_registrars · 2008-06-23 01:20 · Score: 2, Insightful

It's ironic that they want domain owners to provide valid contact information in the belief that this will stop spam.
No, actually it really isn't ironic at all. The mechanism makes sense when one considers how many more internet users there are than internet domains. The purpose of requiring valid contact information is so that there is a valid mechanism for contacting the owners of domains that are being spamvertised. The reasoning behind this is simple - if the companies that benefit from spam are required to make their true contact information known, then a mechanism to take action against them is available.

Which is where the problem lies with the registrar mentioned by the article (as well as many others). If you don't know where a company is actually located, you have no mechanism to try to take action against them.

--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
r u kidding me....reverse psych 101 by hesaigo999ca · 2008-06-23 01:56 · Score: 1

Guys, we have to hold on to this ISP, the fact is it is easier to have all the websites on one
ISP, then block that ISP from ever being allowed to show up in your browser, then it is to can them, and have to redo all the tracing work of where is this website now, and where is that one.
We have lost enough resources already fighting this,
we should leave them alone and let them think they are ok where they aren't.
This way I wont have to reconfigure everything all over again to block a new slew of ip addresses.
1. Re:r u kidding me....reverse psych 101 by RiotingPacifist · 2008-06-23 04:16 · Score: 1
  
  Did you even read the TITLE, not the article not even the summary, just the fucking title.
  ICANN Asked To Shut Down "Worst" Chinese Registrar hint: the word registrar means they are registrars not ISPs, unlike other posts would lead you to belive they
  1) do not control the IP addresses of spammers
  2) do not control the Service for the spammers
  As slashdot has clearly become a non-geek hangout ill explain how this mess works
  guy buys a server (from an ISP, but often hosted by a hosting server) - this decided the IP
  guy registers a name for the IP he already has (this is done by the registrar)
  registrar passes this information (name, IP, WHOIS) out, so that everytime you type www.v1agra.com in your awsomebar it takes you to 208.87.33.150
  When the owners of v1agra.com do something bad the relevant agencies can do something about it by looking up who owns the address.
  when a bad registrar fails to check the whois information, the people trying to stop v1agra.com have to goo through the ISP for 208.87.33.150, which is harder and takes more time, and if IIRC the isp has no obligation to have your personal information on record (this may vary by region)
  I may not have got everything above right, ive not owned a domain for some time, but the registrar has no control over the ISP/IP
  
  --
  IranAir Flight 655 never forget!
2. Re:r u kidding me....reverse psych 101 by hesaigo999ca · 2008-06-23 05:32 · Score: 1
  
  You are right, I didn't quite see the full extent of the title, as I have my /.
  on partial view so as to get more story lines through.
  If the prob is the reg.s not having up to date info , we need to change THAT system.
  Godaddy ( my reg. ) sent me some emails telling me that if i didn't update my info to the most recent info that i could get my names blacklisted from dns servers everywhere, so I updated, then it dawned on me, how do they know if the info is real, i have yet to get a knock on my door or call on my phone, so they just assume on activity in my account alone that the info is current...
  The present day situation with hackers being able to poison dns servers or cross redirection for zombie botnets in an attempt to avoid getting shut down, is more or less the same point i was making earlier. We need to track these guys more not less, so ok they didn't update the info properly, does that mean there is a phone call * how many people have service with that reg.
  We don't verify them all up front, we have to wait till we get a response from some team doing security checks that find a website as unsafe. Then we look into it...once looked into, that's when we discover the info is bad or misrepresented.
  We need to develop a better way of for reg.s names is all, the present day system sucks.
  I still say IF... the recourse action is to take down the registrars keeping the names,
  it wont work for long until the hackers find another way around it.
  You will only get somewhere by changing the present system, and forcing a sort of credentials check
  for owning a website. If I own a house, I have to jump through hoops not only are their many public records, but you have a big time tracking system with banks and government involved....where as a website .com name ....anyone and their grandmothers can get.
Not sure if its even the worst by damn_registrars · 2008-06-23 01:59 · Score: 2, Interesting
I can say from my own experience with spam that there are plenty of bad registrars in China, even when only considering which ones are spammer-friendly. Most of the spam email that I receive as advertising for illegal sales of drugs or pirated software is sent on behalf of domains sold by Chinese registrars.

A few Chinese bad apples:
- HKDND
- yesnic
- easydns
- paycenter
And these are just a few bad registrars that I find by searching through a short collection of my spam.
--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Never seen water-soluble seals? by GameboyRMH · 2008-06-23 02:44 · Score: 1

Guess you've never owned a newer American car...

--
"When information is power, privacy is freedom" - Jah-Wren Ryel
if the US has 4X the number by filthpickle · 2008-06-23 03:26 · Score: 1

why is that that I seem to get far more spam written by someone that obviously doesn't speak English as a first language?
I am not arguing the point you make, it just seems odd.
Are there really people dumb enough to click on some of these links? I guess there are or people wouldn't waste their time doing it.
Anyone that watches sports (esp American football) will know when they invent a drug that will make actually make your penis bigger...you won't find out via email...it will be every third commercial during the games.
Hmm... by Anonymous Coward · 2008-06-23 04:46 · Score: 0

last I checked, nearly every godaddy domain is registered by godaddy itself and not whoever the spammer is that's creating the site. That could be considered unlegitimate address info. Just to site one example - look at the same spade address for http://www.kirksvilletoday.com/ , a massive biggoted website... http://samspade.org/whois/kirksvilletoday.com
Are there *ANY* legit domains on this registrar? by Anonymous Coward · 2008-06-23 04:58 · Score: 0

I emailed ICANN to suspend xinnet when I noticed that most of my spam came from their domains. First they wanted proof, then they sent back this:

04/05/08
ICANN has no authority to intervene in problems that concern the use of a
domain name. In some cases and depending of the law in the registrar's
and/or the registrant's country, the registrar might not have that
possibility either.
We therefore recommend you to contact a law enforcement agency in the
registrar's country.
Best regards,
Steve Gobin
Registrar Liaison Manager
ICANN Brussels Office
I told them that this was BS and that the registrar was obviously not following their rules and spamming 1/2 the world. If this was about copyright they would be in there swinging their big stick around in 10 seconds flat. I never got a response.
This is an issue of global network abuse. What, are the viagra people going to sue ICANN?
ENOM is another nasty one--and American by SgtAaron · 2008-06-23 06:09 · Score: 1

I have received lots of spam from these Xinnet-registered domains. I do get frustrated until I remember I've been getting spammed going on 12 or 13 years, never having once been able to get a blasted spammer in my sights... it's just one of those things you have to live with, it seems, since protocols aren't going to change and neither is the nature of many of our human cousins. Well, this is pessimistic, sure.
And then there is ENOM, a wholly American outfit, and I'm wondering why these folks (and I admire them their work, sure) aren't clamoring for that outfit to be cut out.
Take for example regupdate.net. I decided to one day get a packet dump of some odd UDP traffic that was coming in. Turns out it was from spoofed addresses claiming to be from Shaw Cable IP addresses and sent to windows messenger ports (1026-1028).
Please.note.that.once.you.visit.to.to.
RegUpdate.net.and.install.the..cleaner.
program.you.will.not.receive.any.more.
reminders.or.pop-ups.like.this.one...
RegUpdate.net..
Hah! This crap really gets my ire up.
So checking into this, I saw that they use round-robin A records and one goes to some InterNAP network space (Internap doesn't seem to care--I did contact them).
Domain Name: REGUPDATE.NET
Registrar: ENOM, INC.
$ host regupdate.net
regupdate.net has address 63.251.92.197
Internap Network Services NETBLK-PNAP-11-99 (NET-63 -251-0-0-1) 63.251.0.0 - 63.251.255.255
eNom INAP-WDC002-ENOM-1942 (NET-63-251-92-192-1)
63.251.92.192 - 63.251.92.255
You get redirected to 190.34.148.122, in Panama it seems. I wish I could say what stake ENOM has in this scheme, if any, but after awhile hearing about those creeps I'm willing to bet their hands are elbow-deep in some seriously ill behavior.
So, honestly, while I like that someone is yelling about Xinnet, I wish we could rid ourselves of more of these bad apples at home.
-Aaron