Definitive Proof ICANN's New Whois Verification Works

whois_verificationOne of my own websites just got knocked offline by that new ICANN Whois Accuracy Program we told you about a few weeks ago. Recall that it's a new policy which requires you to explicitly verify your contact info if you modify your whois record.

Also, I forgot to mention this, if your email address in your whois record ever bounces (like from a WDRP notice), it also triggers the Whois Verification process.

So if you have a stale email address sitting in a contact record somewhere, it will eventually, probably cause you to go offline because the next time your registrar emails it and it bounces, it will trigger the verification process, which will also bounce. As I just found out with one of my own domains.

But it's all good, because I've fixed my email address and verified my contact info so now the Forces for Good in the world know, definitively and absolutely that the identity behind my domain's contact details are true and correct.

And, I can resume receiving spam, phishing attacks and malware at my now updated email address.

 Further Reading

7 Great Web Hosting Screwings To Watch Out For

[ This is a reprint of the "Why Choose easyWEB" page from over on, you know, easyWEB ]

Why easyWEB?

 

While we may be latecomers to the web hosting space, in the course of helping you manage your domains and DNS for over 15 years we’ve seen pretty well every trick in the book, and we’ve seen our customers suffer the fall-out from having those tricks played on them by third-party web hosts.

“Please start offering web hosting” was a common refrain we heard from you, and we resisted for a long time because we didn’t feel we had the core competencies to offer it. Once we started looking at it, we realized something key about the entire web hosting industry:

99% of the web hosting marketing is deceptive, misleading and/or bait-and-switch.

This shouldn’t come as a surprise (but it did), given that the situation is the same in the domain industry. But the core premise behind easyWEB was to bring the same gimmick-free reliability and responsiveness to web hosting that you’ve come to depend on for your domains and DNS.

This insight involved a deep dive into the current web hosting marketing trends, and in the same spirit as the near legendary “10 Things You Must Know Before You Register a Domain Name With Anybody” we bring you:

The 7 Great Web Hosting Screwings To Watch Out For

#1) 24×7 Support

What 99% of web hosts mean when they say “24×7″ support, or even “24×7 email support” is that “you can send us an email any time, 24×7″.

That doesn’t mean you’ll actually get a reply. Especially not at that hour. It’s like the old Dilbert cartoon:Screen Shot 2014-01-13 at 12.56.16 PM

When they say “24×7 support”, it doesn’t mean 24×7 response. Read more »

YOU have a moral obligation to use crypto.

we_want_you_to_use_cryptoToday is The Day We Fight Back, a global initiative to send a message to our overlords that we're not thrilled about being spied on, subject to mass surveillance and basically living in an Orwellian nightmare.

Ordinarily we're not big "joiners" or "petition pushers", we think taking action has more efficacy. However, this is in it's own way doing just that. It is simply unfathomable to me how low on people's radar this issue is.

When the first revelations began surfacing that the NSA had basically implemented a surveillance state, I commented privately "just wait, eventually it will come out that Canada is doing the same thing".

Sure enough, reports started to surface about CSEC's activities, first engaging in industrial espionage against trading partners and then more recently, setting up wifi honeypots in Canadian airports to track Canadian citizens.

What surprised me was the lack of reaction from the populace here about this latest revelation. Trust me: this isn't just about an experiment in an airport tracking metadata, it's just the tip of the iceberg.

A lot of people like using us because we're not in the USA, and some of the rationalizations behind that perceived benefit still hold true: somewhat saner copyright laws (at least for the moment), not being wimps when it comes to idiotic takedown requests, et al.

But the idea that we are somehow "out of reach of the NSA" is definitely not one of them. Sure, we're not actively collaborating with them, as many US businesses are, but as we've said before: we just assume the pipes going into and out of our major network exchange points are being vacuumed en masse.

That's why we recently rolled out GPG encrypted email forwarding and will soon make it available on easyMail where it can encrypt your IMAP mailboxes. It's why we're going to spin out a personal privacy appliance fairly soon. Read more »

Welcome to easyDNS, Press 1 for support. Press 2 to get the last 4-digits of your credit card number on file here.

Just kidding.

We've had numerous requests to today to comment on this issue as Naoki Hiroshima's nightmarish tale of how his Godaddy account, Paypal account and ultimately his highly coveted Twitter handle were compromised and the latter stolen.

(Sorry I haven't posted sooner on this, I'm out of the office this week, way up north in a log cabin where not only does it get down to -37C at night, but they told me when I checked in this year "make sure you look outside for wolves before you come out at night or in the morning". Not to mention there's no wifi and I'm tethering through my phone right now.)

Anyhoo, since Naoki Hiroshima's story went viral a lot of you are asking what easyDNS would or wouldn't do. There are similar follow up stories being posted as well, like @jb's similar account.

The common thread in both of those events are that the attackers used social engineering attacks using publicly available information (like address info from whois records) and were able to obtain in one online service or another, the last 4 digits of the credit card used to make purchases on the account. Read more »

As Deadly as a DDoS: ICANN Unleashes the Whois Accuracy Program

[ Sorry about the original title - I probably should have given it a second thought - markjr ]

More effective than a botnet, more sweeping than a Denial-of-Service attack, ICANN has devised a deadly Weapon of Mass Destruction that can instantly render a entire online presence persona-non-grata regardless of how much redundancy, mitigation muscle-power or firewalls a hapless defender has deployed, this latest attack vector can take it all away, not with one click, but for lack of one…. Read more »

Know Your Domain Right

(Originally a guest post written for Techdirt)

Screen Shot 2014-01-17 at 3.17.26 PMWhen I first got into this business I frequently wondered why the domain-policy mailing lists I was getting involved in attracted a lot of activist types.

Over the years it became apparent to me very quickly, that in an emerging era of global communications and transparency (what Anthony Wile calls "The Internet Reformation") – that "the name" (the domain name) along with the ability to "locate it" (DNS) was a central, all-important "secret sauce" to the entire internet.

But it was only gradually that I became aware that it would take centre stage politically and and become the battleground between forces for liberty, free speech and emerging civil & business models on one hand and entrenched reactionary, authoritarian, cronyist kleptocrats on the other. Read more »

NABP to Registrars: You Must Takedown and Seize Any Domain We Tell You To

pharmalobbyIt's almost surreal to be getting this letter from the National Association of Boards of Pharmacy (NABP) addressed to ICANN Registrars requesting that "you adopt and implement policies and procedures, consistent with this letter,", given the timing of what we just went through with the City of London Police takedown requests.

What are those policies and procedures the NAPB wants all ICANN Registrars to adopt? Glad you asked: Read more »

Domains Locked in London Police Takedown Ordered To Be Transferred.

wewinThe National Arbitration Forum has just handed down its decision in respect to the three domain names locked down at Public Domain Registry in response to the City of London Police Intellectual Property Crime Unit takedown requests. The decision is in favour of easyDNS and orders the three names to be transferred to us.

The full text of the decision is available here, the notable finding is that:

No court order has been issued which would prohibit the transfer of the domain names at issue from the Registrar of Record to the Gaining Registrar.  Therefore, there is nothing in the Transfer Policy which authorizes the Registrar of Record to refuse to transfer the domain names. Read more »

Things Go Better With Crypto: Introducing GPG Encryption on Your Email Forwarding

things-go-better-with-crypto_design

We are happy to unveil a beta feature for email forwarding:

You can now optionally add GPG keys to individual mailmaps so that your forwarded email arrives at its next hop encrypted.

This means that if you are forwarding your email to your ISP, office, or third party email provider (including easyMail by easyDNS), the email will arrive on those servers encrypted and can only be decrypted by entering the passphrase to the corresponding private key.

The email address on the GPG key used does not need to match the address in your mailmap, you can use any public key you want and you could even generate a specific key for each mailmap you want to do this with.

Why Would You Want To Do This?

There is a school of thought that says if you're not doing anything wrong then you should have no problem accepting  that your communications are wiretapped by government intelligence agencies and stored in large databases where they will ostensibly never be used to your disadvantage in any way.

That school is plainly and simply wrong and that's not an opinion, it's an historical fact that when the government begins wholesale spying on its own subjects, the road to tyranny has been embarked upon.

The way we see it, if the NSA can do it now with zero due process and total impunity, it just green lights every other law enforcement agency, intelligence organization or even  private interests to do the same. In other words, all bets are now off in terms of expectation of privacy in your personal and business communications, so everybody who is concerned about it needs to start taking action on their own to reclaim that expectation.

Our job now is to provide you with tools to help with that.

Read more »

Verisign punts: easyDNS To Appeal Decision of "No Decision"

Pick one.

Pick one.

The never-ending odyssey of the London Police shakedown requests against numerous file sharing and bittorrent domains worldwide, it looks like we'll have to push this all the way up to a TDRP panel to decide the fate of 3 domains locked-down at Public Domain Registry without valid grounds.

To review, the London Police sent out takedown requests to multiple domain registrars worldwide demanding that they shut down various bittorrent websites and hijack their traffic to  more palatable file sharing websites (mostly commercial entities blessed by the IP lobby based in the U.K.). easyDNS refused in the absence of a valid court order (as per our Takedown Policy). Read more »

Status Updates

Receive new posts via email

Loading...Loading...


Introducing:
easyPress.ca Managed WordPress Hosting
Fully Managed
WordPress Hosting, eh

Archives