Feeds

Nominet warns on Whois data mining

US firm caught harvesting personal information

The Essential Guide to IT Transformation

Nominet has issued a warning about commercial companies that are swiping copyrighted information on domain name owners from its Whois database.

Several weeks ago, the UK internet registry owner noticed a sharp increase in the number of people accessing its Whois service, an online searchable database that provides ownership details for individual .uk internet addresses, including the name of the individual and sometimes their home address.

Nominet director of IT Jay Daley said in one 24-hour period there were an additional 50,000 look-ups appearing to come from 5,000 different internet addresses. Thanks to careful monitoring and analysis, however, Nominet was able to trace the source of the requests to a single company - US security company Intrusion.com.

Nominet blocked Intrusion.com and sent an email to the company requesting an explanation, but heard nothing back. A week later, it phoned the US firm and sent another email before finally speaking to its co-founder, vice-president and vice-chairman T Joe Head, who confirmed the company had been building a database of .uk domain ownership in order to help its products perform better.

According to Daley, Head claimed to have a database of 130m domain names across the world, with Whois data on 70m of them. When the company identifies a domain name that is being used for nefarious purposes it runs a search across its database for any other domains run or owned by the same organisation and reviews their status.

The company's use of the information is immaterial, however, as under European law the Whois database is the copyrighted property of Nominet.

Nominet is particularly sensitive about its database after Australian scammers tricked 50,000 Nominet customers into paying imaginary renewal fees when they were contacted through their Whois details, stolen from the Nominet website by an automated request program.

Brad Norrish and Chesley Rafferty were found guilty in January this year and fined AU$2.3m (£980,000) by an Australian court after a Nominet chase lasting nearly three years. Nominet has since provided all customers with the option to opt-out of providing anything but their name on the public Whois database, and carefully monitors access to the database.

According to Daley, Intrusion.com claimed it wasn't aware of the UK and European law that makes the database copyrighted material. It said its actions are perfectly possible as the law in the US, and extended to all global top-level domains including .com, .net, .org and so on, is that all details of domain owners - including home telephone numbers and email addresses - are made freely and publicly available.

Daley said he was keen to publicise the issue of database mining so commercial companies were aware of the law difference between the US and EU, and to make other countries' registries aware that their databases were probably also being stolen through sophisticated request techniques.

In a statement to The Register, Intrusion’s president and CEO, G Ward Paxton, said it had deleted any information on domain names registered by Nominet and while it investigates the “concerns over Intrusion’s use of the information”.

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.