ICANN slaps registrars who help criminals
Tuesday May 27, 2008 at 11:02 am CST
Posted by Chris Barton, Research Scientist and Artemis Geek
It’ll come as no surprise that there are a bunch of domain registrars that are effectively supporting criminal gangs by not acting on reports of domains run for evil deeds and criminal activities. (Or as we say: They don’t wear a glowing white hat!)
I was chatting on email with Garth Bruen from KnujOn the other day and we agreed that it’s been well known for a long time in the industry that certain registrars are “black hat” and he questioned what was being done about it and pointed me at a story they had worked with the Washington Post on the subject of their top ten documented here: http://www.knujon.com/registrars/#the_list.
For a different data source (and one that looks very much like our own 
) URIBL’s “hall of shame” has been on line for ages and can be viewed here: http://rss.uribl.com/nic/
I don’t take these things at face value but I’ve been aware of this issue for a couple of years and have even stood up at an APWG conference and shook my finger at registries and registrars in the room after an early presentation on double-flux and made sure they knew only they could help fight it.
Well it looks like Garths article and PR worked, the wheels of power at ICANN have turned and they have told the worst registrars to act!
So my hat tip for the month of May has to go to Garth, Cool.. Nice one… and congratulations!
ICANN state
“But if those registrars, including those publicly cited, do not investigate and correct alleged inaccuracies reported to ICANN, our escalation procedure can ultimately result in ICANN terminating their accreditation and preventing them from registering domain names,”
I suspect however that the “inaccuracies” relate to the accuracy of whois information and if that is the case I suspect that the registrars will simply start their own privacy services.
NB: Privacy and anonymity are different things if your a LEA (Law Enforcement Authority) within your jurisdiction, but to me the humble lower middle-class sysadmin (Hi @SRS) and those outside of their primary jurisdiction they are effectively the same impenetrable barrier. We repute against domains registered with privacy services because statistically speaking (in the filtering metric truck-loads of email world) they are used as anonymity services more than privacy.
Competition time: Just for fun, I’m going to open a book on the first registrar to expire date and put a black McAfee Baseball Cap up for grabs. (We engineers don’t get much SWAG, let alone give it away). Just leave a message with the registrar you think will stop trading (or be disaccredited by ICANN) first and the date you think they will be gone on.
Employees of McAfee, KnujOn and ICANN need not apply, I’m the judge and my decision is final!
Final thoughts: All we need now is a few of the heavily abused cc-TLD’s to do the same and dive into the fight before we see more of these.
May 27th, 2008 at 11:08
We’re not worthy! Party on Garth.
August 8th, 2008 at 03:24
ICANN won’t actually do anything. That would interfere with the money flow.
Imagine if LE used the same methods to control blue collar crime…
“Hey, Bill, look…we got a letter from the feds saying we’d better knock it off or else they might ultimately do something.”
Slap? How about huff-n-puff so they don’t look completely complacent?
Here’s a predication: Your black hats will collect dust.
- George