back to article Pirate Bay domain suspended thanks to controversial verification system

The Pirate Bay's .org addresses have been suspended as part of a controversial verification process run by domain name overseer ICANN. Visitors to "thepiratebay.org" are greeted with the message: "This domain name has been suspended. This domain name is pending ICANN verification and has been suspended. If you are the owner of …

  1. Quortney Fortensplibe
    Facepalm

    If You've Done Nothing Wrong, You've Nothing to Hide

    "...law enforcement, which has long been frustrated with the wildly inaccurate Whois system that helps criminals to hide their identities when they register domain names..."

    Because no-one but a criminal possibly have reason to want to register a domain name, without giving 'world + wife' access to their personal details.

    Jeez! —when did it turn into the Daily Mail around here?

    1. Anonymous Coward
      Anonymous Coward

      Re: If You've Done Nothing Wrong, You've Nothing to Hide

      I use a domain privacy service. Costs a fiver a year. Is that no longer allowed?

      1. Ben Tasker

        Re: If You've Done Nothing Wrong, You've Nothing to Hide

        > I use a domain privacy service. Costs a fiver a year. Is that no longer allowed?

        Depends on the Registrar. Our own Nominet went through an unpleasant phase not that long ago.

        They changed the rules so that if your site is commercial, you must populate the whois with valid/accurate data (i.e. not a privacy service). The problem is, their definition of commercial was a bit, eh, broad. Carry ads? Commercial. Make reference to selling something? Commercial

        They're now trying to overhaul the way privacy services work on .uk so that when you select "private" your details still go to Nominet, they just won't be published in the whois. Because part of the reason we use privacy services couldn't possibly be that we don't trust nominet themselves?

      2. WatAWorld

        Re: If You've Done Nothing Wrong, You've Nothing to Hide

        I expect your privacy service would meet the requirements.

        The requirement is not that your contact info be available to the public, but that the registrar have access to your contact info. Many ISPs offer this as a free option. They can email you, that is the important thing.

    2. Anonymous Coward
      Anonymous Coward

      Re: If You've Done Nothing Wrong, You've Nothing to Hide

      "...when did it turn into the Daily Mail around here?"

      You must have just joined.

      Tyranny of the majority here too.

  2. Pen-y-gors

    I have a cunning plan...

    How about registering domains using an email like 'stufficann@gmail.com' and set up a cron job that checks the account once a day and automatically clicks on any links?

    Simples(?)

    1. Anonymous Coward
      Anonymous Coward

      Re: I have a cunning plan...

      Aside from the fact that this email address is the one published in WHOIS data and publicly viewable... there is more to it than simply clicking a link:

      "In order to ensure your domain name(s) remain active, you must now click the following link and

      follow the instructions provided:"

    2. Anonymous Coward
      Anonymous Coward

      Re: I have a cunning plan...

      "If you wish to de-register this domain, click here"

  3. L05ER

    regged a domain two weeks ago...

    i was a bit worried about the verification, having to provide all my info to someone other than my registrar...

    turns out it was a bit of a joke... no actual personally identifiable information needed, no email verification links... just one more step in the registration process.

    it's about as effective as that button that said "I am over 18" that i used to click all the time when i was 16... man, the 90s...

    1. Pascal Monett Silver badge

      That button still exists, it's the one that asks you to input your date of birth and allows you to choose any year from 1900 onwards.

      I always get a kick out of saying that I was born on 01/01/1900 and seeing absolutely zero challenge.

  4. David Roberts

    Good idea, crap implementation?

    It is always helpful to be able to confirm that a website domain has been maintained for several years, and not very recently registered to a dubious name somewhere in Delaware.

    This is not a guarantee that the website is genuine but it is a pointer in the general direction.

    Useful when you see a potential bargain on t'Internet which looks slightly too good.

    If someone declines to provide details this is also a pointer. This should be less of an issue for personal web sites which aren't asking for credit card details.

    I did note that there was an option to log into your account. Always a better route than clicking on an email link.

    1. Anonymous Coward
      Anonymous Coward

      Re: Good idea, crap implementation?

      It is always helpful to be able to confirm that a website domain has been maintained for several years, and not very recently registered to a dubious name somewhere in Delaware.

      This is not a guarantee that the website is genuine but it is a pointer in the general direction.

      I tend to dig out the MX records for the domain. I am weary of companies that use hotmail/gmail/yahoo/gmx instead of their own domain for contact to start with, and especially a company that wants to sell security solutions better not host their email with Google.

      In addition, a genuine company will make it possible to find where they actually are registered - if I cannot find your formal company registration and can verify that with the government's registry you are not likely to ever see a dime from me. In this context I like the "Impressum" idea that some nations have where the legally responsible entity of a website makes themselves known.

      Believe it or not, I once came across a company in London City (financial district) who were using Gmail. A good thing the FCA hadn't spotted them yet, they have only now started to think about cloud services and it's still very much a hot potato..

  5. Your alien overlord - fear me

    I never bother, none of my domains (including a .org) have ever been suspended.

    I think however that a good system would be that if you actually pay for your domain (every year or whatever), that's a pretty good indication that you want to keep the domain name. No?

    1. Crazy Operations Guy

      I registered a domain name about 15 years ago now, not once have I been asked to verify it. Although The domain has never had any web content on it (Well, other than a single file containing only "<html></html>" ). I am still receiving email on that address and DNS queries are still coming in for other resources (I host DNS and some other services out of the domain)

    2. NotBob

      I registered a domain years ago for my cousin's business. Her web site is purely information about the business; there are no online financial transactions. At the time, I chose register4less as the registrar.

      It costs a bit more than some of the others, but there are two reasons I've stayed. I got a live person on the phone when I called for help, and they provide domain privacy tools at no additional cost.

  6. chris 17 Silver badge

    all your domain are belong to us

  7. Anonymous Coward
    Anonymous Coward

    not all domains have websites on them, some are parked or just used for email.

  8. Ole Juul

    OpenNIC

    It's all about domain name servers and there is nothing stopping us from running our own. For those not familiar with OpenNIC, it's a democratic, non-national, alternative to the traditional Top-Level Domain registries. OK, this might not take off any time soon but still, ICANN could end up encouraging a parallel internet.

    If people can learn to use 8.8.8.8 in order to overcome censorship, then they can just as well learn to use some other number.

    1. Anonymous Coward
      Anonymous Coward

      Re: OpenNIC

      If people can learn to use 8.8.8.8 in order to overcome censorship, then they can just as well learn to use some other number

      If they use 8.8.8.8 (Google DNS) they mainly swap censorship for surveillance. Using 8.8.8.8 means Google can see every single Internet access you make, including which email service you use (as your mail client needs to resolve server names).

      1. Androgynous Cupboard Silver badge

        Re: OpenNIC

        True, but at least it works. More than I can say for most ISP DNS servers.

      2. Ole Juul

        Re: OpenNIC

        If they use 8.8.8.8 (Google DNS) they mainly swap censorship for surveillance.

        You're quite right. And that's why you should use OpenNic name servers. Not Google. They're not only non logging, but also resolve both ICANN TLDs as well as their own.

      3. Crazy Operations Guy

        Re: OpenNIC

        Rather than setting any specific DNS servers, I jsut set up a VM on my network running unbind configured to use only the root hints and verify with DNSSec. Pretty easy to do and no risk of the ISP interfering with my queries (especially not trying to redirect to an advertising page when attempting to resolve a bad address).

    2. AustinTX

      Re: OpenNIC

      I've written extensively about this here and on slashdot before, and it's worth proposing again.

      The idea that I have to pay a significant amount of money for permission to tack a dot and some sort of pre-selected word to the end of my website name is onerous. I have to pay $8, $15, $30 per year and I'm certainly not receiving services costing that much in return.

      1: Screw ICANN and their TLD system. The idea of TLD itself is prehistoric. All we need is to have another DNS network that lets us "register" most any combination of characters, up to 255 long, as FQDN.

      2: The alternate DNS network would just pass ICANN-formatted FQDN over to legacy DNS networks where they would work as always.

      3: The "walled garden" problem would exist, but for everyone who opted-in, the Internet would be free-er and have more destinations.

      I would have liked to see Google do this, but they have chosen to kowtow to ICANN. OpenDNS and others like it would still be ideal, as they do provide services where you can choose to redirect requests for certain domains to a destination of choice (family filtering, etc.)

  9. Kevin McMurtrie Silver badge
    WTF?

    Hold on...

    First, you don't need to put YOUR personal information in the records. It only has to be an entity that can be responsible for the domain. Any number of anonymizing services will protect peoples' privacy and civil rights. Spammers have fewer options.

    Second, there must be at least some TLDs with validated domain registrations. Feel free to use non-validated TLDs, but people might not give you their credit card number.

    1. a_yank_lurker

      Re: Hold on...

      I think the issue is LEOs are notoriously lazy and anything that interrupts their hourly visit to the donut shop can not be tolerated. That are good reasons to hide WHOIS details from the public and good reasons to broadcast them far and wide. Also, most hosting firms demand a payment, usually by credit card, that indirectly gives a contact to someone who should about the site and its actual owners. So, when the local goons stop stuffing themselves with donuts and actually do something they might in a few hours or may be days learn who is the funder, owner, webmaster, etc. But that will never do.

      1. Robert Helpmann??
        Childcatcher

        Re: Hold on...

        Also, most hosting firms demand a payment, usually by credit card, that indirectly gives a contact to someone who should about the site and its actual owners... the local goons ... might in a few hours or may be days learn who is the funder, owner, webmaster, etc.

        I wonder how easily this would be to circumvent with a prepaid credit card bought at a convenience store. It's an interesting world in which we live. Almost every aspect of our lives can be taken off the grid, if we work at it hard enough. The biggest difference between now and 20 years ago is that doing so today is looking a lot less like paranoia and more like sensible rules for living.

        1. frank ly

          @Robert Helpmann?? Re: Hold on...

          I have a prepaid credit card (registered to me, not bought at a store) and it is not accepted for certain kinds of payment, such as those that need ongoing payment authority. I believe that hosting firms would require a 'regular' credit card that didn't have the possibility of runing empty and probably because they want your registered name and address in case of problems.

          1. Vic

            Heading off on a tangent...

            I have a prepaid credit card

            Does anyone have any suggestions for prepaid debit/credit cards in the UK?

            Everything I've found so far look really expensive...

            Thanks!

            Vic.

    2. Ben Tasker

      Re: Hold on...

      > It only has to be an entity that can be responsible for the domain. Any number of anonymizing services will protect peoples' privacy and civil rights.

      Be wary of who you choose though. Nominet's view is that the domain is "owned" by whoever is named in the whois. So if you're talking about a .UK you're effectively signing ownership of the domain over to a third party, at least in terms of anything where you might want Nominet to get involved. So make damn sure that anonymizing service is one you trust

      1. Androgynous Cupboard Silver badge

        Re: Hold on...

        Why bother with an anonymising service? Take your lead from ICANN's own whois entry:

        Admin Organization:ICANN

        Admin Name:Domain Administrator

        Admin Email:domain-admin@icann.org

        Put down any old address and a number from a phone-to-voicemail service, and you're as anonymous as you like and still within the letter of their requirements.

  10. Steven Roper

    The entire domain registration system is borked

    One of the dangers of using domain admin or anonymising services is that legally, the domain is owned by the entity whose details appear in the Whois entry. So technically, the anonymising service owns the domain and if they get bought out the purchasing entity could technically claim your domain and you would have no rights to it, since you aren't listed as the owner.

    For this reason all our domain names are held via our own company contact. However, phoning the number we use for domain registrations will simply get you a recorded message with no further contact options. Since every spamming fuckwit on the planet scrapes the Whois listings, we registered a separate number which we don't use, because otherwise it just rings constantly with telemarketers, spammers, scammers and scumbags. So it's really a waste of time and money requiring a phone number, when the vast majority of them would either lead to pointless recorded messages like ours, be left off-hook, or constantly busy with spam calls and can't be reached anyway.

    As to clicking on links in emails, this is something I simply don't do, unless I've specifically requested the email (e.g. for a lost password reset/recovery.) Any email claiming to be from our domain registrar asking us to verify our contact details would simply go straight into the spam bin, along with the thousands of other fake domain-renewal notices, account-verification scams, and similar-domain cybersquatter offers we get every day.

    However we've never had a domain suspended for lack of verification so I assume the fact that we pay for them out of our company account is sufficient verification for our registrar.

  11. Anonymous Coward
    Flame

    Heartless B*stards

    They refused to take down a torrent sharing autopsy photos of two murdered children. The request came from the father of the children. Here is more on this: https://en.wikipedia.org/wiki/The_Pirate_Bay#Autopsy_photos

    1. caffeine addict

      Re: Heartless B*stards

      It says in the wiki article that the images were publicly available as part of the investigation. So they came, legitimately, from the police through official channels. Nothing illegal or immoral about the pictures - just bad taste. And if we removed everything in bad taste from the internet...? Well... fuck...

      1. Just Enough

        Re: Heartless B*stards

        "Nothing illegal or immoral about the pictures"

        You don't have to be illegal or immoral to be a heartless b*stard.

        They had a choice to make; do we want to be the website that links to these photos for no good reason other than ghoulish intrusion (they aren't a forensic science website) or do we not? They chose ghoulish intrusion and being heartless b*stards.

        "And if we removed everything in bad taste from the internet...?"

        They weren't being asked to remove everything in bad taste from the internet. They were being asked to remove links to these photos from their website. They chose not to.

        1. Anonymous Coward
          Anonymous Coward

          Re: Heartless B*stards

          Who censors the censors? Who chooses what is bad taste or immoral?

          Which is better?

          A. Everyone follows popular opinion and if anyone gets offended by anything whatsoever it is removed or blocked.

          B. People are free to choose whether they find something immoral and by choosing so don't download or view things they don't wish to, why should my opinion on something remove the option of someone else to view it?

          Please don't confuse the above with illegal because that should be removed as there are reasons for most laws regarding those things.

          It confuses me that people really don't get the problems with option A. The internet exists, before that we had bulletin boards , before that we had underground papers, before that we had word of mouth, before that we had cave drawings. The only difference is the speed at which information is distributed and also the validity of the information. It's also not open to state manipulation which is why politicians are trying so hard to put it back in it's box (e.g. Google right to be forgotten, iCann removing domains, IPB, Hate-Speech laws etc...)

          1. Anonymous Coward
            Anonymous Coward

            Re: Heartless B*stards

            The problem is that option B is not practical. Many times, through shock-and-awe tactics and misdirection, you get ambushed with undesirable content, by which time it's already too late and you've lost your lunch or whatever.

          2. Just Enough

            Re: Heartless B*stards

            "Who censors the censors? Who chooses what is bad taste or immoral?"

            Anyone who runs a website chooses what they have on that website. They are not imposing that choice on anyone else, so they don't have to agonize over it. They are not issuing a dictum on what is bad taste or immoral. They are simply deciding what they are happy to have on their website.

            They chose to be heartless b*stards.

            1. Crazy Operations Guy

              Re: Heartless B*stards

              The problem is that if they acquiesce to one request to take down a torrent (Which someone could just put right back up a few seconds later), it would set a precedent where they are now open to remove anything that anyone finds offensive. Sure, no one will find a problem with releasing autopsy files of children, but where do you stop? Would you want them to take down photo collections of children being starved to death during the holocaust? What about starving children in Africa? Or photos of ISIS's atrocities? All of those things are quite repugnant and no one wants to see them, but they need to be seen. With the files of those children, what if the files indicated that the children were abused or someone happened to know something missing from the investigation that could prove the suspect's innocence?

              Besides, with the way the torrent protocol works, they;d have to hire an army of staff members to download every single torrent, look through the included files, and cross reference them with every single complaint ever brought to them, just to make sure that the content stays down.

    2. Anonymous Coward
      Anonymous Coward

      Re: Heartless B*stards

      That's a surprise. A website governments want to shut down because they are being lobbied by business being exposed by the media (part of the lobby group) as hosting "links to" content regarding children in an emotional way by the father.

      I'm sure those pictures weren't available anywhere else on the internet or any other torrent site and it's just that bad pirate bay causing him distress.

      Apologies if this comes over too sarcastic it's not meant that way but I find it strange that the obvious is overlooked here.

      In other news Sweden can't shut website down legally so America does it for them via Icann. Does anyone really think someone making a lot of advertising money off a domain wouldn't check their email and follow a link?

  12. Charlie Clark Silver badge

    Demarcation?

    Whois system that helps criminals to hide their identities when they register domain names.

    Hang on. I thought helping criminals (and others) hide their identities was the entire point of the State of Delaware?

    1. Anonymous Coward
      Anonymous Coward

      Re: Demarcation?

      Hang on. I thought helping criminals (and others) hide their identities was the entire point of the State of Delaware?

      I'm confused, wasn't this the whole point of Wall Street? Oh, it's both. I see. Carry on then.

  13. WatAWorld

    Either you like being hacked or you like that domain owners aren't totally anonymous

    Either you like being hacked or you like that domain owners aren't totally anonymous from court orders.

  14. Anonymous Coward
    Anonymous Coward

    Too bad, so sad

    The ass clowns lose again.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like