http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article1640959.ece
"While it was a misguided effort, the defeated plan to introduce an .xxx domain may prove to be an important milestone in the development of the net. There is need for some select industry-specific regulation of distributing domain names..."
From Times Online
April 11, 2007
By Bernhard Warner
...Mr Hyppönen has a simple solution: create a top-level domain such as .bank or .safe and sell them to reputable banks, credit unions, and perhaps, in the future, retailers. Under such a system – in which an online banking customer at Barclays went to www.barclays.bank, for example – a higher level of accountability would be established. The consumer would have a clear indication that it is, in fact, an authorised bank site they were visiting, not a slick, dressed-up version set up by a scammer.
It’s not a foolproof plan, Mr Hyppönen admits. A canny phisher could set up a re-directing spoof URL, e-mailed to the masses, that appears to carry the dot-bank or dot-safe suffix. But, the chances of pulling off the fraud would greatly diminish as a customer clicking on the legit-looking URL could see that he or she had been directed to a site that ends in some letters other than .bank or .safe. If banks and only banks could secure such a top-level domain, it would help browser makers add layers of defence designed to alert unsuspecting victims that they may not be transacting with their friendly neighbourhood bank.
F-Secure has begun to lobby Icann to take up the long-overdue cause. Whether they heed the calls in a timely fashion (this is Icann, after all) is anybody’s guess. Distributing trademarked domains to the first bidder has created headaches for rights-holders over the years, but in the banking industry, the practice is costing us all. It has given rise to one of the most lucrative scams ever – phishing fraud – that will only grow without some level of regulation.
Controversially, Mr Hyppönen suggests that the dot-bank or dot-safe domain be sold for a good bit more than a fiver. He suggests $500,000 (£254,000). Banks, he says, can afford such a fee, particularly if it means a more secure online banking environment. He also recommends that a single registrar handle the transactions, doling out domain names to banks once they prove they are in fact the high street brand we know, and not some Nigerian scam artist with a poor grasp of grammar.
While it was a misguided effort, the defeated plan to introduce an .xxx domain may prove to be an important milestone in the development of the net. There is need for some select industry-specific regulation of distributing domain names, but the porn industry is no place to start.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment