AOH :: IS1092.HTM

Re: ICANN cast as online scam enabler

Re: ICANN cast as online scam enabler
Re: ICANN cast as online scam enabler

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

Forwarded from: Directi 

Directi's official response to inaccurate reports which falsely 
implicate the Directi Group

 From Bhavin Turakhia=E2=80=99s Desk:

There have been some articles and reports recently published by Garth 
Bruen at Knujon and by Jart Armin and James Mcquad at Hostexploit, that 
somehow link Directi with groups that support organized internet crime. 
The motives behind these reports are still unknown, but as an 
organization that prides itself in setting industry benchmarks in ethics 
and best practices, we are extremely shocked by these allegations. While 
I applaud the efforts of volunteers such as Knujon and Hostexploit who 
spend their personal time to try and combat spam, I am personally quite 
saddened when the very individuals who we trust to combat fraud engage 
in publicity moves without consideration for the reputation of 
legitimate businesses.

Neither Knujon nor Hostexploit extended a basic courtesy of even 
contacting us to verify any of the facts in their report before 
publishing the same. Directi is not even remotely related to the 
organizations or activities listed in those reports. The arguments 
presented in these reports are either downright baseless, or based on 
complete fabrication of facts.

Various other news agencies and blogs have further referenced these 
reports in the form of a story or post, once again without any attempt 
to verify or validate the facts in these reports. Given the amount of 
noise this has created - it is imperative that we clarify our stand and 
rectify the factual inaccuracies in those reports.

The first false and inaccurate report in question is one published by 
Garth Bruen of Knujon. Find below each of the factual inaccuracy or 
misstatement in his report and our response to the same -

1. The report claims that =E2=80=9C48 ICANN-accredited Registrars (affiliated 
   with Directi) =E2=80=A6 do not seem to exist and are phantom.=E2=80=9D This statement 
   is factually incorrect, and was completely unverified by Knujon. 
   Knujon did not even bother to contact ICANN in this regards to get 
   the right facts. The truth of the matter is that all 48 companies 
   which belong to Directi and its clients, are in existence and are 
   duly incorporated and validly existing under law.

2. Other Online reports further claim that these 48 registrars are 
   involved in illicit activities. This allegation is made without 
   providing ANY evidence to corroborate the same. This statement is 
   grossly inaccurate. The reporters did not bother to support such 
   claims with any factual evidence, nor contacted us for clarification. 
   All 48 companies combined have under a few thousand customers who 
   have registered legitimate domains with these registrars and have not 
   received any abuse complaints. Yet these companies have been dragged 
   in, without evidence, into an issue that is unrelated to them.

3. Garth of Knujon further claims that the Directi Group owns a company 
   by the name of ESTDomains. This is another blatantly false 
   insinuation. Directi has never owned ESTDomains. Garth has no 
   documentation that shows Directi owning ESTDomains. We have 
   challenged Knujon to produce any evidence with respect to this. In 
   fact the only relationship between Directi and ESTDomains is that 
   ESTDomains has purchased certain software from Logicboxes a few years 
   ago to power their Registrar operations. They are otherwise an 
   independent company and we do not control their actions or their 

4. Another claim in the reports is that Directi sponsors illegal 
   pharmacy related domain names and that If and when the site content 
   is closed by the ISP host, Directi/PublicDomainsRegistry (sic) just 
   helps them set up at a new IP This accusation is once again baseless 
   - we certainly do not condone any abusive behavior, much less 
   facilitate it. Despite the fact that policing the Internet does not 
   fall under the purview of a domain name Registrars=E2=80=99 responsibility, 
   we work hard to clamp down abuse, from a moral standpoint. Infact the 
   report again contains no evidence of a single domain name where WE 
   have explicitly assisted a miscreant in migrating from one IP address 
   to another. Quite the contrary, despite not having any legal 
   obligation to do so as a Registar, we still takedown over 95% of the 
   domains for which we receive abuse complaints within 24 hours of 
   receiving these complaints. We invest significant resources towards 
   ensuring that all abuse complaints are thoroughly investigated and 
   swiftly acted upon.

5. The reports state that the privacy protection service that we provide 
   intentionally harbors abusive domain names and should not be offered 
   for domain names. was created to safeguard genuine 
   domain owners from the very threats that KnujOn perceives it to 
   protect. Millions of genuine domain registrants and customers of 
   Directi are using the privacy protection services we offer and are 
   very happy that we provide the same since it protects their email 
   addresses from being harvested and protects their identity from 
   spammers and miscreants. We also maintain a strict zero-tolerance 
   policy w.r.t. abuse of our privacy protection services, and any 
   domain name proven to indulge in illegal activities has its 
   protection immediately revoked. We challenge Knujon to find an 
   example wherein a complaint was made to our privacy protection 
   service and was not actioned upon.

6. The report claims =E2=80=9CEstDomains is a Registrar that also makes heavy 
   use of the service for masking the ownership of 
   fake pharmacy domains.=E2=80=9D Long before this report was ever published, 
   we had already discontinued our privacy protection services to 
   ESTDomains as per our zero tolerance policy. Knujon again choose not 
   to verify their facts before publishing such assertions.

7. Further updates from Garth and other sites state that we are in the 
   process of severing our relationship with ESTDomains making it sound 
   as if we were harboring ESTDomains all this while and are now 
   canceling their services This assertion is incorrect. The only 
   relationship Directi has had with ESTDomains is that of a software 
   vendor. We have discontinued providing privacy protection services to 
   them a few months ago. However ESTDomains continues to use software 
   that they purchased from Directi since several years. We do not 
   control their actions in this respect. None of our steps in terms of 
   abuse prevention are knee jerk reactions to these reports because 
   these reports do not carry any factual data. We are not responsible 
   for domains registered through ESTDomains in any manner and cannot 
   suspend them or prevent abuse on them.

The second false and inaccurate report in question is one published by 
Jart Armin and James Mcquad at Hostexploit. Here are our responses to 
the claims in that report -

1. This report deals with the purported abusive and illegal activities 
   of a company called Atrivo, goes on to associate the Directi group 
   with Atrivo. Most of the accusations in this report are based on the 
   notion that the Directi Group has some association with Atrivo. In 
   fact, the report states one of =E2=80=9Cthe most important of these (cyber 
   crime) Atrivo associations=E2=80=9D as =E2=80=9CPrivacyProtect (anonymous 
   registrant), LogicBoxes (hosting servers)=E2=80=9D.This statement is 
   completely incorrect. Neither is Atrivo associated with LogicBoxes, 
   nor is it being hosted by LogicBoxes, nor have they registered their 
   domain name through LogicBoxes. In fact there is no link between 
   Atrivo and LogicBoxes, except the fact that Atrivo is a customer of 
   ESTDomains and ESTDomains is a customer of LogicBoxes. The Directi 
   Group does not have, and has NEVER had, any association with either 
   Atrivo or their business practices. Directi and Logicboxes are 
   neither a vendor nor a customer nor a business associate of Atrivo. 
   Directi received no courtesy information request from the authors of 
   this report to verify this claim. The report shows no evidence of any 
   such association.

2. This report, in its investigations of our privacy protection service, 
   goes on to detail the name server and whois information of (which is not affiliated with us) instead of, which perhaps epitomizes the quality of research 
   on which the report is based. From a simple whois query, and a quick 
   visit to these websites, it is amply clear that these two entities 
   are in no way connected with each other.

3. Like the previous report, this report also claims that ESTDomains 
   provides use of Directi=E2=80=99s privacy protection services - which, as 
   clarified above, is absolutely false and inaccurate at the time the 
   report was published.

If you are a news agency or a blog or a news site that has quoted any of 
the above mentioned reports with false allegations about Directi and 
LogicBoxes, we request you to post this update in its entirety in a 
visible manner with a link from the existing article=E2=80=99s headline with a 
byline that can state =E2=80=9CUpdate: Directi disclaims all allegations in the 
knujon / hostexploit reports as baseless and factually incorrect=E2=80=9C, since 
you are currently carrying false and defamatory statements without 
verification or evidence on the same and have caused considerable 
reputation loss to our organization. Several of you who have already 
updated your respective websites, and confirmed the same to us - we 
thank you for your cooperation and urge you to ensure that in the future 
when referencing reports of this nature, you at least extend the 
subject, a basic courtesy of confirming the facts. The reputation damage 
that has been caused as a result of this incident is considerable.

Today, Directi continues to be one of the most proactive Registrars in 
combating abuse and implementing strict AUPs. We have a significant 
investment in terms of manpower and processes to achieve just this. We 
do so, not because we=E2=80=99re contractually obligated, or to protect our own 
business interests, but because we sincerely believe in the ideology of 
making the internet a safer and more secure medium for conducting 

However it is reports and claims like these that are disappointing to 
any white hat, genuinely conscientious Registrar, wherein despite our 
continuous efforts, organizations such as Knujon and HostExploit, 
without attempting to verify facts, publish libelous and false 
allegations. Even a basic common courtesy of contacting us was not 
extended prior to publishing these reports.

While Directi will take all steps necessary to protect its interests, we 
hope that this type of an incident is not repeated in the future and 
that online press and media take some basic steps to verify their 
stories before maligning someone falsely on the Internet at large.

View this message in context: 
Sent from the Info Security News (ISN) mailing list archive at

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 

Site design & layout copyright © 1986-2014 CodeGods