<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-acc-sgb] Additional Proposal
- To: gnso-acc-sgb@xxxxxxxxx
- Subject: Re: [gnso-acc-sgb] Additional Proposal
- From: Jeff Williams <jwkckid1@xxxxxxxxxxxxx>
- Date: Wed, 16 May 2007 23:25:51 -0700
Ross and all sgb members,
Your remarks regarding the need for enhanced privacy are not
off topic at all. In fact the need for enhanced privacy given
several proposals here reaffirms why enhanced privacy if
third party access to some commercial segment private industry
or commercial segment associations is to be considered or
given and under what specific set of rules and/or restrictions they
are to use such access. Same would also be so for some
LEA's.
Ross Rader wrote:
> Margie Milam wrote:
> > The value of these services is evident from the marketplace that has
> > arisen to fill the need and the numerous financial institutions that
> > have subscribed to these services. Security Companies (both public and
> > private) have devoted significant resources in monitoring, detecting and
> > responding to phishing, and taking down fraudulent web-sites, and use
> > WHOIS for this purpose. Banks don't generally desire to spend the
> > research and development resources necessary to keep up with the
> > sophisticated phishers and often turn to security companies to assist
> > them.
>
> You missed my point. I was pointing out that the value of the services
> that these firms provide is not contingent on continued unfettered
> access to whois data.
>
> > Relying on IP addresses alone does not provide all of the information
> > necessary to identify domain name phishes because if you shut down one
> > IP address, they just set up additional ip addresses to host the
> > fraudulent sites. The only way to effectively shut down domain based
> > phishes is to deal with it at the registrar level because the registrar
> > has the information that can identify the culprit.
>
> That's a bit circular. a) IP addresses are less disposable than domains,
> b) most domain based phishes actually use a domain name that belongs to
> the culprit (most piggyback on a third party domain that has been
> captured due to some technical insecurity) and c) identifying the
> culprit doesn't shut down the phish.
>
> >
> > Please note that the problem is not just phishing, although phishing is
> > significant. The problem extends to all kinds of intellectual property
> > abuse, including the sale of counterfeits, such as counterfeit drugs.
> > Because law enforcement is ill-equiped and under-resourced, much of the
> > work falls to the brand holders, many of whom use service providers, to
> > protect their consumers from illegal online-activities.
>
> That's a pretty broad brush. Isn't it actually the case that enforcement
> is primarily the responsibility of the IP holder and that law
> enforcement agency will typically focus on higher value, higher yield
> activities than focusing on specific intellectual property protection cases?
>
> And while slightly off-topic, I'll also point out that its more often
> the case that the general public needs protection from your corporate
> clients than the other way around - which is one of the primary reasons
> why enhanced privacy for individuals is so important.
>
> -ross
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
Registered Email addr with the USPS
Contact Number: 214-244-4827
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|