Network Solutions Fights Back

By Larry Seltzer  |  Posted 2005-02-25 Print this article Print

I spoke to Champion Mitchell, CEO of Network Solutions, and its clear hes fed up with ICANN. Mitchell warned ICANN in advance of the new rules that they would encourage domain "slamming" by which registrars would grab domains without permission or through misleading e-mails. There has already been an example of this involving Domain Registry of America (a reseller for eNom) which sent out a notice to users that their domains were expiring and that it needed to renew, but in fact they were initiating a transfer. The FTC went after them for this practice.

Mitchell points out that the new rules facilitate slamming and that novice users are very likely to fall for it.
Since the notice of the transfer likely comes from the gaining registrar, with whom the domain owner has no relationship, they are likely to ignore the message, leaving the transfer free to proceed. Many users would assume that not responding to a transfer request would deny the transfer, but in fact the default is just the opposite.

And when the domain gets slammed its not just the domain name that gets moved. Very often users will lose their e-mail service, their web service and more. It could be devastating to a small Internet-based business. And ICANNs provision for such people is a long and drawn-out process that probably looks less appealing than just caving in to the slammer.

In a final irony, since the losing registrar—through no fault of their own—stopped providing a service already paid for to their customer, they may be legally liable. Nobody knows the law on this yet, but its only fair to assume the worst from the situation.

So what can users actually do to protect themselves? First, READ YOUR E-MAIL. Theres no guarantee that a slamming or theft attempt will involve an e-mail notification, but theres a good chance it will, and you can at least deny the request, call up and scream bloody murder at that point. Secondly, if your registrar hasnt done it for you already, lock your domain. Officially, this prevents changes to the domain without your permission. Of course, it appears that it didnt save, but its an easy measure to take.

If you dont mind the extra record keeping, set different userids and passwords for your administrative, billing, and technical contacts in your registry records. This makes it much harder for someone to steal your domain by using one account to gain access to another. And, of course, the information in the records should be accurate, or you wont get the notification that your domain is about to be stolen.

Finally, use a private registration facility like Godaddys DomainsByProxy or Network Solutions similar facility so that your personal information doesnt show up at all in the whois record. This also stops your whois from turning into a source of spam attacks. (Why is this contact information public anyway? More craziness from ICANN rules.)

If the point of changing transfer rules was to break the Network Solutions monopoly, then ICANN needs to wake up and look at their own business. Network Solutions no longer has a monopoly. The problem today is fraud, and sadly ICANN is being part of the problem.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel