An odd whois record gets me thinking.
I was going through my daily check of notable domain name transfers when I came across something curious.
The whois record for vwvwwfacebook.com changed from someone in Turkey to this whois:
I’ve followed a lot of handovers of domains from cybersquatters to Facebook, and this one seems odd. The email address now associated with the domain is indeed the one that Facebook uses for newly transferred domains. But it doesn’t put them in Mark Zuckerberg’s name, nor is it based in Florida. And of course the phone number and address are bogus. The nameservers haven’t changed either.
It’s possible that Facebook does own this domain now, but I doubt it. This seems like a rather clever way to keep a corporation off your back if you own a typo of their trademark.
If the domain gets added to the company’s hit list, they’ll look up the whois and see that they “own” it. If it’s just a parked domain they may drop the issue there. If it’s something else, they may log in to their registrar accounts to see if they have control of the domain. If they catch on, they’ll just transfer the domain to themselves using the admin email address (assuming it’s not locked).
I want to be clear here that I’m not condoning doing something like this. I’m curious if anyone seen similar cases of whois spoofing?
Kristina says
Yes. I see it very often.
John Berryhill says
I’m surprised it is not more common than it is, but now that you’ve published it…
Kristina says
Although registrants may think it will keep the corporation whose brand is cybersquatted off their back, my experience is that it tends to have exactly the opposite effect.
John Berryhill says
My guess is that they do this sort of thing to fly under the radar of lazy reviewers of WHOIS reports. What I’ve always expected to see is whois data identifying some other habitual cybersquatter.
stewart says
if people like you cannot figure this out how will the rest of us ever have any confidence in this business sector?
Elliot says
I do it all the time.
Michele says
Well if and when they spot it then they save themselves the cost of a UDRP, as they already have the domain
DomainersChoice.com says
using a email address they control is not too smart, as with this they could request a transfer and get the authcode send to the email address listed in the whois.
rs says
“…lazy reviewers of WHOIS reports”
Yes, many attorneys get these whois history reports that often contain errors and the data often comes from an uverified source … yet they use these reports in legal proceedings anyway. I have set up a very subtle message in my whois output to alert these lazy whois report reviewers of the pitfalls of using such data.
John Berryhill says
I guess that’s a problem if one doesn’t understand the difference between “evidence” and “proof”.
rs says
As a hypothetical example: Are you sauing if someone were to break into a building and steal files then a lawyer could use the information obtained as evidence in a legal proceeding but not as proof? I though those activities would be (a) prohibited by ethical considerations and (b) completly stricken from a legal proceeding and cannot be used as evidence or proof?
John Berryhill says
As I said, you don’t understand the difference between “evidence” and “proof”. They are not the same thing. If a bank was robbed on Elm Street at 9PM, then if a witness claims to have seen me on Elm Street at 9PM, that testimony is evidence that I robbed the bank. Is it proof? No. A lot of people were on that street. The witness could be mistaken, etc. But, it is one piece of evidence which, in connection with other evidence, may advance the argument that I robbed the bank.
Any evidence is subject to questions of reliability or admissibility. You are confusing a couple of civil and criminal concepts, but as far as evidence gained as a consequence of an illegal act, consider the following. A burglar breaks into a house and finds, laying there in the living room, the dead body of the murdered wife of the owner of the house. The burglar steals some things and leaves. The owner returns to the house, disposes of the body, and reports the burglary. The burglar is caught. During his interrogation, he confesses to the burglary, and tells the police about the dead body in the living room. The police investigate that claim, find the woman to be missing, and develop a circumstantial case against the owner of the house for murder.
Can the state call the burglar to testify about having seen the body?
Of course they can.
Now, the fact that he is a criminal may affect the jury’s perception of his reliability and credibility, but the mere fact that evidence was obtained as a consequence of someone else committing an alleged offense doesn’t matter.
Objecting on the basis of “He was in the house illegally when he saw the body!” is completely beside the point, and fundamentally silly.
The reliability of any piece of evidence is subject to question. I’ve pointed out on several occasions that, for example, the Internet Archive Wayback Machine has some technical quirks that render things in it to be unreliable, if one defines “reliability” as “certainty”. But there is no requirement that any evidence be 100% reliable for any purpose. That’s why we have trials.
There are people who believe, for example, that the president’s birth certificate is a forgery. They are entitled to believe that. They are also crackpots, paranoids, cranks and crazy people. Those sorts of people see unlawful activities everywhere, because their perception that everyone else is up to no good is a psychological mechanism which reinforces whatever their particular neurosis happens to be.
Or, to use a present example, anyone can type comments onto this website, and can type in any name they want. I have a pretty good idea who “Kristine” above is, and I would bet that a lot of people are pretty sure who is this “John Berryhill” who posts here. But if you wanted to “prove” in some mathematical sense, the identity of the individual who is typing these comments, you’d be stuck back at the difference between “evidence” and “proof”.
rs says
A better ananolgy would be that the prosecutor thinks there is a dead body inside a building. Instead of getting a proper court order he pays his buddy $50 to go break in the building and reports what he sees. Then his buddy says “wow, this is a great business. I can charge lawyers a subscription fee and then when they need evidence I go can around breaking into places because proper court orders are too difficult to obtain.”
John Berryhill says
If we are talking about a criminal proceeding, then there are Fourth Amendment considerations.
But, sure, private investigators do a variety of things in the employ of civil litigants.
Getting back to the topic of the article, what can be known to any degree of certainty about WHOIS data, is that it is WHOIS data. It may or may not be accurate. That’s true of any piece of evidence about anything.
Do the records of a prostitution business count as “records kept in the ordinary course of business”? Sure. But, if my name shows up on the stolen client roster of a call girl service, I tend to think that MJ’s main concern is not going to be outrage that someone stole the records.