Note: Officials at LogicBoxes and Directi take strong exception to the reports discussed in this story. Their objections are detailed in this follow-up story. Two recently issued reports portray the Internet Corporation for Assigned Names and Numbers (ICANN) as a bureaucracy that enables cyber criminals. In one report (PDF), …
Refusal to comment
"In an email to The Register, Atrivo principal Emil Kacperski declined to comment"
So did he send you an empty email a couple of million times or just the usual stiff-pill adverts?
Should ICAAN be the enforcement ?
While I completely disagreed with the notion that registars should play police, ICAAN is a non-profit public benefit corp.
If ICAAN is shown an autonomous address or domain that is engaged in illegal activity, yank the address back into the pool and cancel the domain name and the ability to recreate it for a year
now .. how would this be adjudicated ? excess of lawyers around California, including free speech avocates
who would pay for the, say, 2000 verifiers, lawyers / judges that would be involved ?
I'd suggest Google, as thier technology can be tweeked to search these domains out, and also identify sites with malware
Where a registrar and/or hosting system has, say, 10% of a 256 IP block being used for illegal activity, warn all domain owners on that block that in 3 days that block of addresses will be taken back into the domain name pool
a legit system will respond before it gets to that point, and self police, an illegitimate one will move the sites to new blocks, and then you yank a greater range they control
Google should have a positive vested interest in promoting legal business vs scams with thier adverts, stopping search links to malware downloads, or links to child porn
for once instead of just doing no evil, Google can fight some
Hell, even the Angel of Redmond and some major IPSes have been going after the spammers, however only ICAAN as a public *front* can be the enforcement arm turning back in address space to the RIRs for redistribution as *new* unallocated space
( yes I understand that 100s of sites can sit on 2 nameserver IPs, this doesn't fundamentally change much, all kinds of space criminals can move too, and the individuals can eventually be put in jail by regular procecution or be made too big a liability for a registrar or large webhost to deal with .. not that much IPv4 space left to waste it)
these guys make me look like an angel :)
maybe it's just a proof that hierarchical systems do not work?
can someone pls invent a replacement to DNS that would work in a more P2P manner? Something like, "I only give directions to those I know".
Let me get this straight
A company that is an AS is dealing with criminals but we are told that there is no problem with the AS trust network because we all know and trust each other.
The answer would be to drop this AS until they stop hosting such large volumes of crap.
Remember, this is the organization that was supposed to have a number of at-large members. Which they then voted out of existence.
ICANN != Domain Police
I take issue with this article's headline and leading sentence, as ICANN does not "enable" online scams any more than Internet Explorer does, and neither does "a bureaucracy that enables cyber criminals" fit the bill, unless you also count Earhlink as an enabler. ICANN manages one part of an exceedingly complex piece of technology. Learn more about what it does before spreading misinformation, please.
All ICANN can do is to terminate a registrar's accreditation. It has nothing to do with whether a registrar exists or if it does good work. They are not in the business of determining what domains any individual registrar handles, or what the purpose of those domains is. Contacting them and asking them to remove any particular domain or registrar because you don't approve of the activities of that domain/registrar would be barking up the wrong tree.
"ICANN is the private, not-for-profit technical coordination body responsible for coordinating the unique assignment of Internet domain names and IP addresses. ICANN is not a government agency. ICANN has a contractual relationship with all accredited registrars that clearly sets forth the obligations of accredited registrars, (See http://www.icann.org/registrars/ra-agreement-17may01.htm). If a registrar fails to adhere to any of the terms of the RAA, ICANN may pursue all remedies available to it under the RAA, including termination of accreditation. If you have a complaint that concerns a matter addressed in the RAA, you should contact ICANN for assistance at http://www.internic.net."
Use the link in the preceding paragraph to report any registrar you have issues with, and ICANN will check to see whether that registrar is performing its obligations under the RAA (Registrar Accreditation Agreement). Directi seems to be the only active accredited registrar mentioned in the article.
The fact sheet may be of interest to any who are wondering what ICANN does. (http://www.icann.org/en/factsheets/fact-sheet.html) Similarly, you should review the case study of the "Registerfly" debacle of a year ago to further learn about what role ICANN plays in handling registrar issues (http://www.icann.org/announcements/factsheet-registerfly-registrars-26mar07.pdf)
ICAAN does more that accredit registrars
I was involved with the Registerfly debacle, fortunately I lost no domains, transfering them all months before the downfall .. I was smart never to use thier privacy services, webhosting or other services ( in fact you should never use any registrar for webhosting, nor a webhost for registration services, as any dispute about webhosting or other services can turn into locking up your domain )
ICAAN ultimately awarded GoDaddy a bulk transfer of Registerfly client domains .. a *bit* more than *just* taking away registerfly's accreditation
ICAAN resolves name (trademark) disputes, so it already has an adjudication and enforcement mechanism in place, so it's not a stretch to increase thier powers to to deal with, or make easier for law enforcement to shut down and remove domains / addresses participating in illegal activity
If they really can't or won't, perhaps it would be better to throw it back to the US Dept. of Commerce to regulate and enforce .. don't think that would be the *prefered* solution however
Take away the accreditation and deal with the domains that registrar used to handle.
It *is* "a bit more than just taking away [an] accreditation", but it's still not the domain police.
Directi's official response to inaccurate reports which falsely implicate the Directi Group
From Bhavin Turakhia’s Desk:
There have been some articles and reports recently published by Garth Bruen at Knujon and by Jart Armin and James Mcquad at Hostexploit, that somehow link Directi with groups that support organized internet crime. The motives behind these reports are still unknown, but as an organization that prides itself in setting industry benchmarks in ethics and best practices, we are extremely shocked by these allegations. While I applaud the efforts of volunteers such as Knujon and Hostexploit who spend their personal time to try and combat spam, I am personally quite saddened when the very individuals who we trust to combat fraud engage in publicity moves without consideration for the reputation of legitimate businesses.
Neither Knujon nor Hostexploit extended a basic courtesy of even contacting us to verify any of the facts in their report before publishing the same. Directi is not even remotely related to the organizations or activities listed in those reports. The arguments presented in these reports are either downright baseless, or based on complete fabrication of facts.
Various other news agencies and blogs have further referenced these reports in the form of a story or post, once again without any attempt to verify or validate the facts in these reports. Given the amount of noise this has created - it is imperative that we clarify our stand and rectify the factual inaccuracies in those reports.
The first false and inaccurate report in question is one published by Garth Bruen of Knujon. Find below each of the factual inaccuracy or misstatement in his report and our response to the same -
1. The report claims that “48 ICANN-accredited Registrars (affiliated with Directi) … do not seem to exist and are phantom.”
This statement is factually incorrect, and was completely unverified by Knujon. Knujon did not even bother to contact ICANN in this regards to get the right facts. The truth of the matter is that all 48 companies which belong to Directi and its clients, are in existence and are duly incorporated and validly existing under law.
2. Other Online reports further claim that these 48 registrars are involved in illicit activities.
This allegation is made without providing ANY evidence to corroborate the same. This statement is grossly inaccurate. The reporters did not bother to support such claims with any factual evidence, nor contacted us for clarification. All 48 companies combined have under a few thousand customers who have registered legitimate domains with these registrars and have not received any abuse complaints. Yet these companies have been dragged in, without evidence, into an issue that is unrelated to them.
3. Garth of Knujon further claims that the Directi Group owns a company by the name of ESTDomains.
This is another blatantly false insinuation. Directi has never owned ESTDomains. Garth has no documentation that shows Directi owning ESTDomains. We have challenged Knujon to produce any evidence with respect to this. In fact the only relationship between Directi and ESTDomains is that ESTDomains has purchased certain software from Logicboxes a few years ago to power their Registrar operations. They are otherwise an independent company and we do not control their actions or their behavior.
To continue reading our response and comments on all the inaccuracies within each report, please visit our Corporate Blog:
- Updated Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
- Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
- Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
- FOUR DAYS: That's how long it took to crack Galaxy S5 fingerscanner
- Did a date calculation bug just cost hard-up Co-op Bank £110m?