Re: Gmail security issue

**"* P* L* <t*@spamfodder.com>**

> What disturbed me about this situation was that the big guys- google, 
> go-daddy- didn't seem to feel the need to immediately resolve this issue for 
> their client.
> 
> Maybe lawyer types can answer this- is there a responsibility for such 
> companies to protect their customers?  

There's really not much that GoDaddy could have done to prevent this.

A long time ago Network Solutions used to be the only game in town,
so if you wanted to register a domain you went through them.  As the
Internet became more popular, Internet Service Providers saw that Network
Solutions was sitting on a gold mine and wanted a piece of the action.

They cried out 'monopoly!' and 'unfair!' until ICANN was formed in 1998 to
oversee the distribution of domain registration.  Policies were created,
rules were applied, and anyone who wanted to could start creating domains
for their customers as long as they followed the ICANN guidelines.

Unfortunately, it also meant that a lot of companies were registering
domains that probably had no business being there in the first place.
They couldn't handle the load, were short-staffed, or couldn't balance a
checkbook and went under.  People who had chosen the cheapest registrar
were left without access to their domains and no way to reclaim them.
On the other end of the spectrum, some registrars made it impossible
for people to leave, tying them in to high rates.

ICANN responded with tighter restrictions and an owner-centric method of
transferring domains.  Every company had to honor requests that followed
a certain pattern, and if they didn't they couldn't register or sell
domains any more.

That's why GoDaddy was helpless.  It followed the ICANN regulations when a
domain change request came through, and if it hadn't someone could have
called foul and they would have been out of business.  After the fact
they no longer had access to the domain to take it back, and that sets
a dangerous precedent as well -- who are they to decide who is right
and who isn't?  That's what ICANN is for.

Of course, ICANN is not-for-profit and doesn't want to deal with these
things either, so their grievance procedures require a lot of cash and
time to weed out the looky-loos.

The original domain owner should have reported the incident to law
enforcement, who in turn could have subpoenaed GoDaddy and Google records
to confirm the IP address of the extortionist, trace it back as far as
they need to, and arrest the criminal.  If the hacker isn't hijacking
someone else's network connection or free wireless, that is.  :)

The only real recourse is to pay the fee to ICANN to start an
investigation, and then maybe, just maybe, you'll get your domain back.

And, of course, you can eliminate a lot of your risk by staying away from
those free Internet services, great domain hosting deals, or whatever else
looks too good to be true.  I'll say it again -- you get what you pay for.

Chris
_______________________________________________
gardenwriters mailing list
gardenwriters@lists.ibiblio.org
http://lists.ibiblio.org/mailman/listinfo/gardenwriters

GWL has searchable archives at:
http://www.hort.net/lists/gardenwriters

Send photos for GWL to gwlphotos@hort.net to be posted
at: http://www.hort.net/lists/gwlphotos

Post gardening questions/threads to
&quot;Gardenwriters on Gardening&quot; &lt;gwl-g@lists.ibiblio.org&gt;

For GWL website and Wiki, go to
http://www.ibiblio.org/gardenwriters