Sally, "You - AUSREGISTRY - provide the tools and instructions on how to download the whois database." Not sure I understand - please explain. "As for issuing challenges, you are basically asking everyone out there to hack your systems." Not true - I simply challenged someone to contact my CTO with their methodology! It would be stupid to propose such a challenge. My reasoning is this. One of the primary missions of AusRegistry is to maintain the integrity of the .au database. Since taking over last July we have worked very hard to ensure this is so. We do, however, work within a policy framework and some "weaknesses" are beyond our control. We police where we can and are permitted to. I honestly believe we have been successful in curbing the abuse of the whois that was rampant before we took over. To say that the system is worse now is a slight upon our company. I do not believe this is so. We are, as I said before, open to suggestions on how we can improve. In working with auDA we hope to ensure that the database we managed is done so in a way that benefits all and limits abuse where it can. I am not saying it can't be done ever - just that we are doing our best to make sure it doesn't happen and to date there is no evidence to assume our system has been compromised. Regards, Adrian Kinderis MD - Sales and Marketing Level 6, 10 Queens Rd Melbourne Victoria 3004 P: 03 9866 3710 F: 03 9866 1970 E: adriank§ausregistry.com.au W: www.ausregistry.com.au -----Original Message----- From: Sally Jonas [mailto:sally_jonas§yahoo.co.uk] Sent: Wednesday, July 23, 2003 3:05 PM To: dns§lists.auda.org.au Subject: RE: [DNS] Young Mr Guy Adrian, I am sure the new system may have some advantages over the old, I would assume mainly in functionality for the Registrars who pay you for these services. However for the average Registrant who infact pays for all your wages, including the $200,000 salaries of auDA, does not gain from the new system at all. I imagine they don't even care. You - AUSREGISTRY - provide the tools and instructions on how to download the whois database. Everything is in the public domain. As for issuing challenges, you are basically asking everyone out there to hack your systems. (By the way this is not necessary and I would not know how to anyway). Obviously Guy Fawkes (not me) knows how to get information so I am not alone. Perhaps auDA should start listening to people (those not in the old boys club) when it starts debating and issuing policies. I have heard many suggestions put forward on this list that are totally ignored. Many are put down by those who gain the most out of the current system. The board members (not all) are only interested in serving themselves (many are reigstrars or have a vested interest in the system). The current system is not "open and transparent" or to the "benefit of all". I could go on but who cares. Nobody listens. Everybody breaks the rules. --- Adrian Kinderis <adriank§ausregistry.com.au> wrote: > All, > > Please elaborate on how it is easier now than it was two years ago to > mine the .au database. > > I am extremely confident that the system has maintained and will > continue to maintain significant advantages over what existed > previously. > > The integrity of the database is our primary concern... and believe me - > it is intact! > > Please feel free to contact Chris Wright (CTO). He is happy to hear how > you are able to obtain any information - in fact challenges you to tell > him so. > > Adrian Kinderis > MD - Sales and Marketing > Level 6, 10 Queens Rd > Melbourne Victoria 3004 > P: 03 9866 3710 > F: 03 9866 1970 > E: adriank§ausregistry.com.au > W: www.ausregistry.com.au > > -----Original Message----- > From: Sally Jonas [mailto:sally_jonas§yahoo.co.uk] > Sent: Wednesday, July 23, 2003 12:07 PM > To: dns§lists.auda.org.au > Subject: RE: [DNS] Young Mr Guy > > > > > > After control of the AUNIC Registry was moved to auDA, auDA made the > > decision to stop the uncontrolled access to the database. This made > things > > more difficult for scammers, as they had to work from old copies of > the > > database which were gradually going out of date, or try and keep them > > up-to-date by querying aunicstatus for the latest data. > > > This is a misconception. The way ausRegistry has structured and > developed the new Whois database > has infact made it easier for scammers to maintain and update their > copies of the database. > > > Restrictions were also introduced on the number of queries entities > could > > make. This also made life harder for dodgy operators. But, data > fields > > such as the 'expiry date' were still visible. > > > It takes only a few lines of code to circumvent the number of queries > restriction > > > When the .au Registry was moved to the new AusRegistry system, the > 'expiry > > date' (the critical field used by scam 'domain name renewal' > operators) was > > no longer visible - making things still more difficult for the dodgy > folks. > > > > While the 'expiry date' no longer is available it doesn't take a genius > to work out expiry dates. > a) renewals are based on a 2 year cycle so the renewal dates fr the > 300,000 domains previously > registered to july 2002 can be simply calculated. > b) it is fairly simple to, for example, work out what names where > registered this week. > > > > > > > So the history of the .au Registry under auDA's supervision is a > history of > > changes that have gradually made things much more difficult for shonky > > domain name renewal operators. > > > > > > Again the opposite infact it now makes it easier. > > Perhaps ausRegistry should spend some of their well publicised profits > into creating a secure > system. If they are not aware of the flaws inbuilt into their systems > then we should all be > concerned. > > Perhaps auDA should consider making the whois database available only to > registered entities. > > The current system is open to abuse and while auDA has some control over > domain name scammers it > still leaves the whois database open to spammers (A bigger problem for > the average user). > Unfortunately this leads to government policies being put in place which > IMHO restrict freedom of > individuals. I'm sure Josh will disagree on this one. > > Sally > > > ________________________________________________________________________ > Want to chat instantly with your online friends? Get the FREE Yahoo! > Messenger http://uk.messenger.yahoo.com/ > > ------------------------------------------------------------------------ > --- > List policy, unsubscribing and archives => > http://www.auda.org.au/list/dns/ > Please do not retransmit articles on this list without permission of the > > author, further information at the above URL. (350 subscribers.) > > > > ------------------------------------------------------------------------ --- > List policy, unsubscribing and archives => http://www.auda.org.au/list/dns/ > Please do not retransmit articles on this list without permission of the > author, further information at the above URL. (350 subscribers.) > ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://uk.messenger.yahoo.com/ ------------------------------------------------------------------------ --- List policy, unsubscribing and archives => http://www.auda.org.au/list/dns/ Please do not retransmit articles on this list without permission of the author, further information at the above URL. (350 subscribers.)Received on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC