“Not having bulk access makes it difficult to draw those correlations,” Gull said. I’ll bet threat intel companies have similar gripes.
1
1
Neil Fried (2nd from L) of MPAA up next. He suggests US should compel websites to make WHOis data public again. Others have noted GDPR is cramping copyright enforcement.
“We may need Congress to act. ... this information, when there is a nexus to the US, must be made public.”
1
1
GG Levine, is the National Association of Boards of Pharmacy, says “not having access to WHOis data has slowed investigations and hampered our efforts.” Says investigators once had a window into who owned what site — “now we have a brick wall.”
1
2
That was from Alan Brill of Kroll, who is speaking now.
But am curious how sites would navigate both GDPR & US requirements mooted by Fried of the MPAA.
Fried holds up Denmark as an example, says .dk requires the publication of some WHOis data *and* is GDPR compliant.
1
1
Brill says WHOis data has been available since the dawn of the internet. “If we want a transparent internet, (we) need to know who’s at the other end of the line.” He compares it to KYC regulations at banks. “Not having it doesn’t make sense.”
1
1
Fried said that “since WHOis has gone dark, we’ve seen an uptick in domain registrations.” Suggests that the data isn’t in yet, but that malicious actors are jumping at the chance to register sites anonymously.
1
1
Gull says that removing the ability to make instant WHOis queries is slowing LE down dramatically.
“The subpoena response time from a good provider could be a matter of days. It’s exponentially slowing down our response time.”
As for foreign providers: “That’s months.”
1
Chung: “We’re talking about time,” said Chung. If it takes a few extra weeks to get basic info, “there’s true harm that could be done”
2
2
Just because the domain is behind a privacy proxy, you can still send email to the admin listed in whois and the proxy should forward it on.
Oct 17, 2019 · 11:15 PM UTC
1
