RE: Fw: [gnso-acc-sgb] Report for today

["Margie Milam" <Margie.Milam@xxxxxxxxxxxxxxx>]

Where is the rest of the WHOIS information?  If this is this the
complete record, a lot of currently required information is missing.
The email address is missing from this, as well as the phone number of
the various contacts.   It would be very difficult to contact Bank of
America or send them an email if there were issues related to the domain
name.

 

Margie

 

  _____  

From: owner-gnso-acc-sgb@xxxxxxxxx [mailto:owner-gnso-acc-sgb@xxxxxxxxx]
On Behalf Of jwkckid1@xxxxxxxxxxxxx
Sent: Thursday, May 24, 2007 6:15 PM
To: gnso-acc-sgb@xxxxxxxxx
Subject: Re: Fw: [gnso-acc-sgb] Report for today

 

Palmer and all sgb members,

 

  There is no need for Dr. Dierker to supply anything else.  Below is
the Whois

results for this domain name.  It clearly shows all the information you
need.

The perp or phisher in this instance *is* Bank of America.

Domain Name: BANKOFAMERICA.COM
   Registrar: TUCOWS INC.
   Whois Server: whois.tucows.com
   Referral URL: http://domainhelp.opensrs.net
   Name Server: NS1.BANKOFAMERICA.COM
   Name Server: NS3.BANKOFAMERICA.COM
   Name Server: NS4.BANKOFAMERICA.COM
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 22-jan-2007
   Creation Date: 28-dec-1998
   Expiration Date: 28-dec-2010

 

 





-----Original Message----- 
From: Palmer Hamilton 
Sent: May 24, 2007 5:36 PM 
To: Gnso-acc-sgb@xxxxxxxxx 
Subject: Fw: [gnso-acc-sgb] Report for today 




-----Original Message-----
From: Palmer Hamilton
To: 'hdierker2204@xxxxxxxxx' <hdierker2204@xxxxxxxxx>
Sent: Thu May 24 10:07:01 2007
Subject: Re: [gnso-acc-sgb] Report for today

Eric,

I realize that Phillip is appropriately concerned that the email list
not be used to resolve personal situations, but in this instance I think
we need to get to the bottom of it.  I think it proves precisely my
point about the need for WHOIS data.

You were phished, and B of A wants the site taken down.  If you will
supply the underlying URL it will expediate B of A's ability to get the
site taken down. 

B of A says with WHOIS data that it can get a site down in roughly a day
and a half.  If this data is taken away, customers will be vulnerable to
long delays.

As I mentioned to you, sopisticated consumers may not be fooled.  You
are a case in point.  Unfortunately, many consumers lack your
sopistication and phishing of this sort works all too often.

Thus, I hope Phillip will forgive me for addressing this very specific
case, but it proves my general policy point.  Banks need access to
protect consumers.


-----Original Message-----
From: Hugh Dierker <hdierker2204@xxxxxxxxx>
To: Palmer Hamilton; dan@xxxxxxxxxxxxxxxx <dan@xxxxxxxxxxxxxxxx>;
gnso-acc-sgb@xxxxxxxxx <gnso-acc-sgb@xxxxxxxxx>
Sent: Thu May 24 08:49:00 2007
Subject: Re: [gnso-acc-sgb] Report for today

Here is the data from a spam I received from whom it says.  I have no
connection with this institution.
 
<http://us.f529.mail.yahoo.com/ym/ShowLetter?MsgId=3066_6873947_66315_19
41_3681_0_55456_10570_4241701953&Idx=33&YY=31291&y5beta=yes&y5beta=yes&i
nc=25&order=down&sort=date&pos=1&view=a&head=b&box=Inbox#attachments>
Fwd: Bank of America alert : Sign-in Error : Verify Your Account
Information

        "Alert@xxxxxxxxxxxxxxxxx"
<Onlinebanking@xxxxxxxxxxxxxxxxxxxxxxx>      
Date:    Wed, 23 May 2007 06:52:18 -0600       

Somehow the policing is down here for this Titan of an institution.
Either this is spam from the bank or this is an example of them not
policing their own domain name.

In any case it gives pause to consider allowing "banks" ready access.

Eric


Palmer Hamilton <PalmerHamilton@xxxxxxxxxxx> wrote:

        Dan,
       
        Let me address why the consumer is at risk as well as the bank.
       
        First, not all risk is off loaded to the bank.  There can be
circumstances where the consumer can be held liable.
       
        Second, in the case of identity theft, the consumer certainly
experiences the serious and often devastating adverse consequences.
Anyone who has been the victim of ID theft can easily speak to this.  It
is fine for us to talk about these issues in the abstract, but talk to a
victim of ID theft, and he or she will likely not be too impressed some
of the arguments we have been hearing.
       
        So, yes, banks do have an interest in limiiting their exposure,
but that interest coincides with the interest of the consumer.  And,
yes, there are unfortunately circumstances where life savings can be
wiped out.  This isn't rhetoric.  This is unfortunate reality.
       
        I would submit that good public policy requires a careful
balancing of interests.  When this is done, I think it is clear that a
construct exists that will protect the consumer and protect the privacy
concerns being expressed.  I fear that our subgroup does not seem to be
engaged in this serious work.  Instead, we seem to be holding fast to
positions without exploring creative constructs that protect multiple
interests.
       
        To totally ignore the risk to the consumer, it seems to me, in
order to uphold the theoretical, is neither wise nor justifiable.
       
       
        -----Original Message-----
        From: owner-gnso-acc-sgb@xxxxxxxxx
<owner-gnso-acc-sgb@xxxxxxxxx>
        To: gnso-acc-sgb@xxxxxxxxx <gnso-acc-sgb@xxxxxxxxx>
        Sent: Wed May 23 20:36:29 2007
        Subject: Re: [gnso-acc-sgb] Report for tomorrow
       
        At 5:34 PM -0700 5/23/07, Hugh Dierker wrote:
       
        >The concept that private IP concerns are interested in the data
to protect
        >consumers is very interesting and I think requires some
thought.
       
       
        One should not overstate this case.  For one example, as I
understand it
        most credit card companies limit liability to customers if they
report
        false charges promptly.  (And then they will change the credit
card number,
        etc.)
       
        This off-loads risk from customer to the financial institutions
directly.
        Thus in those cases the greatest damage is not to consumers but
to the
        financial institutions.
       
        This is not to discount the interests of financial institutions,
as they
        definitely have legitimate interests.  But for example talking
about
        "consumers' life savings" rather than "financial institutions'
profit
        margins" has a rather different ring to it.
       
        I'm all for supporting consumers' real interests in contexts
where that
        makes sense, but I am rather less patient with rhetoric that
holds up
        consumers as proxies for the interests of very wealthy legal
persons.
       
        (Also: did you really mean "IP" above or "ID"?  I don't see
*any*
        connection between "intellectual property" interests and
consumer
        interests, while the financial institution arguments are more
common and on
        the surface more plausible.)
       
        -----
       
        One other point, with regard to access types:
       
        I personally don't see any reason that anyone, even LEAs, would
ever need
        "bulk access" to Whois data (which I interpret as the ability to
download a
        registrar's entire Whois database in a single integrated lump --
this would
        be Type 3 access according to Milton's definition, if I
understand
        correctly).
       
        Why would anyone ever need more than ongoing query access (as
long as
        queries can sometimes entail multiple domains, such as "all
domains for a
        particular registrant")?
       
        I would suggest that there may be no compelling case that
warrants true
        bulk access to Whois data.
       
        Dan
       
        PS -- I believe Milton is going to revise the interim SGB
report, so until
        we receive that I will endeavor to refrain from a whole lot of
further
        comment.  I think it would be useful for us to proceed as much
as possible
        from the outcome of our call today.
       



Regards,

Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div.
of
Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
Registered Email addr with the USPS Contact Number: 214-244-4827