Home / News I have a News Tip

Your Whois Search May Be Monitored by Third Parties

"...my next step in testing was to go to the four hosting services meta-searched by CNet and search them directly with new domain names also picked out of thin air. Two days later they haven't been taken.

At this point I have to say I don't know exactly what's happening, but something fishy is going on. With a whole lot more testing, I think I could figure out the source of Chesterton's domain name feed, but I decided it was time to get the story out first."

Read full story: eWeek

Follow CircleID on
Related topics: DNS, Domain Names, Whois
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Re: Your Whois Search May Be Monitored by Third Parties Matthew Elvey  –  Jul 23, 2006 1:40 PM PDT

It seems CNET has disabled it's domain name search feature.  The link is broken, and clicking on the Web hosting directories and tool: "Domain name search" that's currently here redirects to cnet's home page as well; other links on their site to this feature don't work either.  The actions of a victim or perpetrator?

Re: Your Whois Search May Be Monitored by Third Parties John Berryhill  –  Jul 23, 2006 1:55 PM PDT

Doing a metasearch through a service that then queries numerous other parties in order to determine whether a name is taken from a unique source seems like an odd way to go about name availability searching.  By definition, it is a query that doesn't require a metasearch from several sources.

Having tried the search with CNET for a fifteen-letter sequence that could in no means be a random coincidence, it appears that it too was registered two days later.

It's odd that people would think "things I type into some webpage on the internet" is held as confidential information by whomever might be on the receiving end of that information, but the moral of the story appears to be that if you want to know if a domain name is available, then check directly against the registry instead of performing a query that is several steps removed.

One wonders whether even Chesterton knows the source of the data it is receiving from any of several parties in the process.

Re: Your Whois Search May Be Monitored by Third Parties Dave Zan  –  Jul 23, 2006 4:06 PM PDT

Unfortunately many internet users aren't "savvy" enough to know exactly how this works. But that's where education comes in. :)

Let's do our part, guys. And do what we can.

Re: Your Whois Search May Be Monitored by Third Parties John Berryhill  –  Jul 23, 2006 7:35 PM PDT

I don't know how "savvy" one has to be about not communicating a purchase interest prior to being prepared to make a purchase.

For example, anyone can set up a webpage that says, "Thinking about purchasing stock?  Type in the ticker symbol here, and I'll tell you the current price."

Ummm… hey… there are web pages that do that as a "free service". 

Maybe I spend too much time at the track with other gregarious horseplayers who will be happy to chat about anything EXCEPT how they are betting in the next race....

Lemme know if you see anything you like on eBay, Dave.

Re: Your Whois Search May Be Monitored by Third Parties Uma Murali  –  Jul 24, 2006 2:57 AM PDT

As a domain name registrar (Namesbeyond.com), we have taken an approach that any request to determine availability of a domain name on our systems and Whois servers are "left alone" - i.e., no data mining and domain tasting.

Should be part of a registrar code of conduct.  In this case, the search is going through intermediaries and not registrars directly.

Re: Your Whois Search May Be Monitored by Third Parties John Berryhill  –  Jul 24, 2006 12:36 PM PDT

Should be part of a registrar code of conduct.

Agreed.

This can still happen even if a registrar believes it follows a code of conduct, though.  Some registrars outsource their 'name spinning' function (whereby a prospective registrant is provided with a number of additional variant names based on the input target name).  Those registrars might not even be aware that the name spinner is using the data.

Part of the difficulty for an end user is identifying a registrar, as opposed to a reseller, a webhosting company which will go through a registrar on behalf of its customers, or, in this instance a news site.  The search system used in the experiment, and which I also used to duplicate the result, seems like a brain-damaged approach to checking domain availability in the first instance (as a meta-search to determine a binary answer relative to a unique piece of information available from a single source makes about zero sense).

One of the other inefficient ways that people check domain availability is to type www.. and see if there is a web page there.  In that instance, the search defaults to say, msn.com, Google, or whatever default search is configured via a browser plug-in, so a third-party still has access to the data.  (Of course, if the ISP is running OpenDNS, then EVERY domain will look 'taken', and OpenDNS will know whether any unregistered domain names get an appreciable amount of traffic...)

To post comments, please login or create an account.

Related

Topics

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Cybercrime

Sponsored byThreat Intelligence Platform

Whois

Sponsored byWhoisXML API

IP Addressing

Sponsored byAvenue4 LLC