<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: Fw: [gnso-acc-sgb] Report for today
- To: gnso-acc-sgb@xxxxxxxxx
- Subject: Re: Fw: [gnso-acc-sgb] Report for today
- From: jwkckid1@xxxxxxxxxxxxx
- Date: Thu, 24 May 2007 19:15:23 -0500 (GMT-05:00)
<HEAD><TITLE>Fw: [gnso-acc-sgb] Report for today</TITLE>
<STYLE>body{font-family:
Geneva,Arial,Helvetica,sans-serif;font-size:9pt;background-color:
#ffffff;color: black;}</STYLE>
<META content="MSHTML 6.00.2900.3086" name=GENERATOR></HEAD>
<BODY>
<DIV id=compText>
<STYLE>body{font-family:
Geneva,Arial,Helvetica,sans-serif;font-size:9pt;background-color:
#ffffff;color: black;}</STYLE>
<META content="MSHTML 6.00.2900.3086" name=GENERATOR>
<DIV id=compText>
<STYLE>body{font-family:
Geneva,Arial,Helvetica,sans-serif;font-size:9pt;background-color:
#ffffff;color: black;}</STYLE>
<META content="MSHTML 6.00.2900.3086" name=GENERATOR>
<P>Palmer and all sgb members,</P>
<P> </P>
<P> There is no need for Dr. Dierker to supply anything else. Below
is the Whois</P>
<P>results for this domain name. It clearly shows all the information you
need.</P>
<P>The perp or phisher in this instance *is* Bank of America.</P>
<P>Domain Name: BANKOFAMERICA.COM<BR> Registrar: TUCOWS
INC.<BR> Whois Server: whois.tucows.com<BR> Referral
URL: http://domainhelp.opensrs.net<BR> Name Server:
NS1.BANKOFAMERICA.COM<BR> Name Server:
NS3.BANKOFAMERICA.COM<BR> Name Server:
NS4.BANKOFAMERICA.COM<BR> Status:
clientTransferProhibited<BR> Status:
clientUpdateProhibited<BR> Updated Date:
22-jan-2007<BR> Creation Date: 28-dec-1998<BR>
Expiration Date: 28-dec-2010<BR><BR></P>
<P> </P>
<P> </P>
<DIV id=compText><BR><BR><BR>
<BLOCKQUOTE style="PADDING-LEFT: 5px; MARGIN-LEFT: 0px; BORDER-LEFT: #0000ff
2px solid">-----Original Message----- <BR>From: Palmer Hamilton
<PALMERHAMILTON@xxxxxxxxxxx><BR>Sent: May 24, 2007 5:36 PM <BR>To:
Gnso-acc-sgb@xxxxxxxxx <BR>Subject: Fw: [gnso-acc-sgb] Report for today
<BR><BR><ZZZHTML><ZZZHEAD><ZZZMETA CONTENT="text/html; charset=utf-8"
HTTP-EQUIV="Content-Type"><ZZZMETA CONTENT="MS Exchange Server version
6.5.7651.59" NAME="Generator"></ZZZHEAD><ZZZBODY><ZZZ!-- -- format plain text
from Converted><BR><BR>
<P><FONT size=2>-----Original Message-----<BR>From: Palmer Hamilton<BR>To:
'hdierker2204@xxxxxxxxx' <hdierker2204@xxxxxxxxx><BR>Sent: Thu May 24
10:07:01 2007<BR>Subject: Re: [gnso-acc-sgb] Report for
today<BR><BR>Eric,<BR><BR>I realize that Phillip is appropriately concerned
that the email list not be used to resolve personal situations, but in this
instance I think we need to get to the bottom of it. I think it proves
precisely my point about the need for WHOIS data.<BR><BR>You were phished, and
B of A wants the site taken down. If you will supply the underlying URL
it will expediate B of A's ability to get the site taken down. <BR><BR>B
of A says with WHOIS data that it can get a site down in roughly a day and a
half. If this data is taken away, customers will be vulnerable to long
delays.<BR><BR>As I mentioned to you, sopisticated consumers may not be
fooled. You are a case in point. Unfortunately, many consumers lack
your sopistication and phishing of this sort works all too often.<BR><BR>Thus,
I hope Phillip will forgive me for addressing this very specific case, but it
proves my general policy point. Banks need access to protect
consumers.<BR><BR><BR>-----Original Message-----<BR>From: Hugh Dierker
<hdierker2204@xxxxxxxxx><BR>To: Palmer Hamilton; dan@xxxxxxxxxxxxxxxx
<dan@xxxxxxxxxxxxxxxx>; gnso-acc-sgb@xxxxxxxxx
<gnso-acc-sgb@xxxxxxxxx><BR>Sent: Thu May 24 08:49:00 2007<BR>Subject:
Re: [gnso-acc-sgb] Report for today<BR><BR>Here is the data from a spam I
received from whom it says. I have no connection with this
institution.<BR> <<A
href="http://us.f529.mail.yahoo.com/ym/ShowLetter?MsgId=3066_6873947_66315_1941_3681_0_55456_10570_4241701953&Idx=33&YY=31291&y5beta=yes&y5beta=yes&inc=25&order=down&sort=date&pos=1&view=a&head=b&box=Inbox#attachments";
target=_BLANK>http://us.f529.mail.yahoo.com/ym/ShowLetter?MsgId=3066_6873947_66315_1941_3681_0_55456_10570_4241701953&Idx=33&YY=31291&y5beta=yes&y5beta=yes&inc=25&order=down&sort=date&pos=1&view=a&head=b&box=Inbox#attachments</A>>
Fwd: Bank of America alert : Sign-in Error : Verify Your Account
Information<BR><BR>
"Alert@xxxxxxxxxxxxxxxxx"
<Onlinebanking@xxxxxxxxxxxxxxxxxxxxxxx> <BR>Date:
Wed, 23 May 2007 06:52:18
-0600 <BR><BR>Somehow the policing is
down here for this Titan of an institution. Either this is spam from the bank
or this is an example of them not policing their own domain name.<BR><BR>In any
case it gives pause to consider allowing "banks" ready
access.<BR><BR>Eric<BR><BR><BR>Palmer Hamilton
<PalmerHamilton@xxxxxxxxxxx>
wrote:<BR><BR>
Dan,<BR> <BR>
Let me address why the consumer is at risk as well as the
bank.<BR> <BR>
First, not all risk is off loaded to the bank. There can be
circumstances where the consumer can be held
liable.<BR> <BR>
Second, in the case of identity theft, the consumer certainly experiences the
serious and often devastating adverse consequences. Anyone who has been
the victim of ID theft can easily speak to this. It is fine for us to
talk about these issues in the abstract, but talk to a victim of ID theft, and
he or she will likely not be too impressed some of the arguments we have been
hearing.<BR> <BR>
So, yes, banks do have an interest in limiiting their exposure, but that
interest coincides with the interest of the consumer. And, yes, there are
unfortunately circumstances where life savings can be wiped out. This
isn't rhetoric. This is unfortunate
reality.<BR> <BR>
I would submit that good public policy requires a careful balancing of
interests. When this is done, I think it is clear that a construct exists
that will protect the consumer and protect the privacy concerns being
expressed. I fear that our subgroup does not seem to be engaged in this
serious work. Instead, we seem to be holding fast to positions without
exploring creative constructs that protect multiple
interests.<BR> <BR>
To totally ignore the risk to the consumer, it seems to me, in order to uphold
the theoretical, is neither wise nor
justifiable.<BR> <BR> <BR>
-----Original Message-----<BR> From:
owner-gnso-acc-sgb@xxxxxxxxx
<owner-gnso-acc-sgb@xxxxxxxxx><BR>
To: gnso-acc-sgb@xxxxxxxxx
<gnso-acc-sgb@xxxxxxxxx><BR>
Sent: Wed May 23 20:36:29 2007<BR>
Subject: Re: [gnso-acc-sgb] Report for
tomorrow<BR> <BR>
At 5:34 PM -0700 5/23/07, Hugh Dierker
wrote:<BR> <BR>
>The concept that private IP concerns are interested in the data to
protect<BR> >consumers is very
interesting and I think requires some
thought.<BR> <BR> <BR>
One should not overstate this case. For one example, as I understand
it<BR> most credit card companies
limit liability to customers if they
report<BR> false charges
promptly. (And then they will change the credit card
number,<BR>
etc.)<BR> <BR>
This off-loads risk from customer to the financial institutions
directly.<BR> Thus in those cases the
greatest damage is not to consumers but to
the<BR> financial
institutions.<BR> <BR>
This is not to discount the interests of financial institutions, as
they<BR> definitely have legitimate
interests. But for example talking
about<BR> "consumers' life savings"
rather than "financial institutions'
profit<BR> margins" has a rather
different ring to
it.<BR> <BR>
I'm all for supporting consumers' real interests in contexts where
that<BR> makes sense, but I am rather
less patient with rhetoric that holds
up<BR> consumers as proxies for the
interests of very wealthy legal
persons.<BR> <BR>
(Also: did you really mean "IP" above or "ID"? I don't see
*any*<BR> connection between
"intellectual property" interests and
consumer<BR> interests, while the
financial institution arguments are more common and
on<BR> the surface more
plausible.)<BR> <BR>
-----<BR> <BR>
One other point, with regard to access
types:<BR> <BR>
I personally don't see any reason that anyone, even LEAs, would ever
need<BR> "bulk access" to Whois data
(which I interpret as the ability to download
a<BR> registrar's entire Whois
database in a single integrated lump -- this
would<BR> be Type 3 access according
to Milton's definition, if I
understand<BR>
correctly).<BR> <BR>
Why would anyone ever need more than ongoing query access (as long
as<BR> queries can sometimes entail
multiple domains, such as "all domains for
a<BR> particular
registrant")?<BR> <BR>
I would suggest that there may be no compelling case that warrants
true<BR> bulk access to Whois
data.<BR> <BR>
Dan<BR> <BR>
PS -- I believe Milton is going to revise the interim SGB report, so
until<BR> we receive that I will
endeavor to refrain from a whole lot of
further<BR> comment. I think it
would be useful for us to proceed as much as
possible<BR> from the outcome of our
call today.<BR> <BR><BR><BR></P>
<P>Regards,<BR><BR>Jeffrey A. Williams<BR>Spokesman for INEGroup LLA. - (Over
134k members/stakeholders strong!)<BR>"Obedience of the law is the greatest
freedom" -<BR> Abraham Lincoln<BR><BR>"Credit should go with the
performance of duty and not with what is very<BR>often the accident of glory" -
Theodore Roosevelt<BR><BR>"If the probability be called P; the injury, L; and
the burden, B; liability<BR>depends upon whether B is less than L multiplied
by<BR>P: i.e., whether B is less than PL."<BR>United States v. Carroll
Towing (159 F.2d 169 [2d Cir.
1947]<BR>===============================================================<BR>Updated
1/26/04<BR>CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of<BR>Information Network Eng. INEG. INC.<BR>ABA member in good
standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx<BR>Registered Email
addr with the USPS Contact Number: 214-244-4827<BR><ZZZ!--
--></P></ZZZBODY></FONT></ZZZBODY></ZZZHTML></BLOCKQUOTE></DIV></DIV></DIV></BODY>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|