Seltzer blows whistle on 'domain tasting' rat but serious questions remain

Seltzer blows whistle on 'domain tasting' rat but serious questions remain

Summary: Larry Seltzer who I used to work with at PC Week (before it changed its name to eWeek) has exposed Chesterton Holdings as a rat that either ICANN or Verisign must deal with immediately.  The outfit for which very little information is available (it didn't respond to Larry's inquiries) is somehow spying on people as they research domain names they're considering for registration and then beating those people to the punch by registering those domain names first.

SHARE:
TOPICS: Browser
8

Larry Seltzer who I used to work with at PC Week (before it changed its name to eWeek) has exposed Chesterton Holdings as a rat that either ICANN or Verisign must deal with immediately.  The outfit for which very little information is available (it didn't respond to Larry's inquiries) is somehow spying on people as they research domain names they're considering for registration and then beating those people to the punch by registering those domain names first.  In most cases, such research is done  by querying something known as a WHOIS (who is?) database. 

The implication is that Chesterton is somehow gaining access to the history of WHOIS queries.  Seltzer was alerted to the problem by one of his readers who was thinking of registering a domain name that was a combination of her first and last name (eg: davidberlind.com).  A WHOIS query showed that it was available but when she went to register the domain, suddenly, it was already registered to Chesterton Holdings. She performed her query through a domain metasearch service that's run by CNET Networks (the parent company to ZDNet).  Larry verified the problem by researching some domain names he pulled out of the blue and sure enough, the next day, they were registered to Chesterton Holdings. 

It's unclear how Chesterton is getting access to WHOIS queries.  But it's clear that whoever is responsible needs to be stopped now.  ICANN and Versign (the latter of which oversees the .com and .net top level domains): Are you listening? What about the California District Attorney's office (Chesterton appears to be based on LA)?

Topic: Browser

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

8 comments
Log in or register to join the discussion
  • Blisters

    They show up after all the work has been done and they hurt.
    Cohn
  • Let's regulate someting worth regulating

    One second folks...Much like email, WHOIS queries are unencrypted (i.e. in readable cleartext) and they can be made to any WHOIS server... Any (or all) of the companies that allow domain name searching may be logging and analyzing user-supplied search information in the same way that most companies log any ?Search? term provided by a visitor to a site. It?s up to them, but it seems to me that there is a real revenue stream that can be derived from asking a user to search for a domain name to register and telling them that it?s taken (whether it is or not) and telling them that they can ?make an offer? to buy it (for more money). Illegal? Don't think so. Questionable business practice? Ummmm, perhaps at a stretch. Depends on your politics or the direction that the wind happens to be blowing right now....

    Let's not try to legislate against this. I'm certain there are much more important things to legislate against in California right now...

    - J353
    j353
    • There are other ways....

      This isn't a California-only problem, it is potentially a global problem. However, given your hands-off attitude, I suspect you will also have no problems with people using whatever non-illegal methods they deem worthy of launching against the company as retribution and retaliation for this practice. After all, it IS an act of expression. ;c)
      sixit
      • Express away...

        I only mentioned California as it was mentioned in the original posting. And this already IS a global problem, but not really that big of a problem...

        I have no problem with anyone doing anything they want as long as it's legal. You suspect accurately.
        j353
  • davidberlind.com

    Shows as available to register and so I suspect do the other domains referred to in the article (that were not mentioned by name...by now...as davidberlind.com was deleted and is available (as I write this)

    Now if you do a little research on the Phone number of Chesterton Holdings(google it)

    http://www.google.com/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial_s&hl=en&q=Chesterton+Holdings&btnG=Google+Search

    ...you will find that they are associated with other less tasteful (illegal acts) than just snaking domains from whois searches...like Phishing, as reported in this link.

    http://www.castlecops.com/modules.php?name=Fried_Phish&fp=phish&id=3454&in=1
    Forrester
    • Update

      After researching the whois history of (my-chase.net)it appears that Chesterton Holdings was tasting the domain, after that Phishing report was initiated...they registered it on the 10th of April 2006, and the Phishing report was initiated on the 4th of April 2006...a day after the registrant (previous to Chesterton Holdings)registered it on April 3rd 2006 and then deleted the domain sometime between the 3rd and the 10th
      Forrester
  • Bob Parsons from Godaddy laid all of this out several months ago

    ... in his blog.

    [b]http://www.bobparsons.com/MayKiting.html[/b]

    is the link to visit to read his June 21st update on the situation.

    The best in-depth read on how it all works (or possibly works) behind the scenes is at this link:

    [b]http://www.rootfest.net/squatters.html[/b]

    which paper/web trails every step of the process and shows how it all leads back to one person in New Orleans, LA (not LA as in Los Angeles in your blog.)

    This is good ... and disturbing .. reading.

    RICK
    rick@...
  • Just tried this myself to see if it still works

    Chesterton still hasn't backed off. I tried this domain:

    http://www.abiggerpecker.com/

    and now it's registered to Chesterton <g>.

    "Abiggerpecker.com
    What you need, when you need it"
    ncdodge