420 Redux
[Posted to Random Bytes on February 27, 2003 11:33 PM| Links to this post ]
As I mentioned earlier, CNET and a few others are reporting on the seizure of a number of domain names by US law enforcement agencies like the DEA. As usual, the more mainstream press gets the story, well, just plain wrong. I'm not sure why they did this, but CNET mixed at least two stories together. The first, concerns the seizure of the ISONews website after the plaintiff had already entered a guilty plea.

No big deal here.

Where the story gets interesting is as it relates to the seizure of six websites by the US Drug Enforcement Agency. And what's even stranger is how they did it.

On February 25th, Verisign's zone files showed that the pipedreams.dea.gov DNS signature was the new home to six domain names. Stranger still is the fact that there are no other domain names in all of .com, .net, .org, biz or .info that call this DNS server home.

These domain names all used to call other DNS servers home - five different homes actually; bigstep.com, calpop.com, compuzone.net, feynman.net and stargateinc.net. So the question is, how did they move from their own homes to their new one run by the DEA?

Well, that's the interesting part. According to the internal structures of the internet, the DNS, they just did. There is no real record of who made the changes, why or under what authority. But it just didn't happen magically. Someone had to intervene and actually change the DNS record as hosted by the registrars for these domain names. So the question is, the story is - who did this and under what authority?

Standard practice may have been to lock the domain name with the registry so that it couldn't be transferred out of the juridiction to another supplier. Or, it could have been put on hold so that the internet wouldn't be able to see it at all. But this didn't happen - instead, someone edited the DNS because the DEA said so.

Let me repeat that - someone edited the zone files because the DEA said so.

Compound that thought with the reality that there are only really two practical ways to change what goes into the zone files. By editing what the registrar of record knows about the domain name and having them submit it to the registry for publication to the rest of the world - or - have the registry make the change to the zone directly.

What is unclear is where this change actually took place. Usually it takes place at the registrar, but technically the registry can do it - they're just not supposed to. According to the 2600 article, the whois data at some of the registrars like GoDaddy and Register.com displayed data that would be consistent with the registrar editing the data directly. On the other hand, Verisign's whois displayed data consistent with that which would have been edited directly at the registry with no involvement by the registrar.

If the former is the case, then we are left with a question as to whether or not the DEA is over-reaching their mandate. If the latter is the case, we are left with that question and a new one - why would Verisign edit the zone files, without the involvement of a registrar, at the behest of a government agency?

This is a problem and we need straight answers now.

We need to know why this happened for the very simple reason that there is a massive difference between domain names, DNS and the World Wide Web. Government needs to take care to ensure that they are enforcing their laws in an appropriate way. Now, instead of alleged criminals simply being off the air while criminal charges are being sorted out, we are left to deal with a dangerous precedent - that an agency of the US Government has stepped in and arbitrarily determined what was published into the zone.

I don't have a serious problem with one government agency caretaking the zone - I do have a problem with a bunch of them messing with it. I sincerely hope that the DOC tells the DEA to go find their own sandbox. I also hope that we get some straight answers regarding how this actually happened, under what authority and by whom.

Post a comment