Non-English Domain Names Likely Delayed

Crist Clark crist.clark at globalstar.com
Tue Jul 19 17:21:37 UTC 2005


Iljitsch van Beijnum wrote:
> On 19-jul-2005, at 1:43, Crist Clark wrote:
[snip]
>> If almost none of the phishing emails I get now bother
>> to play these kinds of games today, how much does this really help?
> 
> 
> And burglars also manage to get inside your house even though you  lock 
> the door. So better not lock the door then?

I lock the door. But it's just a regular door, I haven't spent the
time and money fitting a bank vault door to the front of the house.
That would be silly.

If the homograph problem isn't too hard, yeah, fix it. If it is hard,
it may not be worth it. From what I know, this isn't easy, but
technically, not impossible. However, it seems rather expensive to
implement to me, since it requires buy-in from lots of independent
groups, and if one group decides not to play, it really screws up
the whole works.

If that's what we're arguing about, where the cost-benefit line lies,
reasonable people can disagree.

> Expansion of 1: don't trust any unsollicited communication. This  
> includes all incoming email (unless it's signed but it never is) and  
> phone calls.

Good advice. Always weigh the risks. This message might not really
be from Iljtch van Beijnum, but how would I really know the difference
anyway? This mail here might not be from my mom, but why would someone
impersonate her to send me some fake stories about their trip to
Maine? Maybe that link in the mail isn't really to their snap shots
from the trip... but they sure did find an actor that looks an awful
lot like my dad. This other mail might not really be from my manager.
If he asks me to kill the circuit to our alternate site, I might lean
over and ask him or give him a call about it.  This other email says
I won a lottery in Amsterdam that I've neve heard of. Somehow, I'm not
buying that one at all. If someone calls me and claims to be my new
account representative at my bank, I'd probably believe her and listen
to her sales pitch, but if she were to start asking a lot of questions
that she should already know the answers to, I'd get suspicious.

> (Law enforcement at your door? How do I know those  badges 
> are real?)

Are guns drawn? They, whoever they are, gonna bust the door
down if I don't open it? Do I have a choice? Are they asking
questions that I would answer if this was just anyone at the
door whether it was someone claiming to be a reporter, a private
detective, or just curious neighbor? Is anything about them
making you uncomfortable? Do feel free to call up the police
station (non-emergency though, please) to check up on them.

Some do advise people, especially women travelling alone, not
pull over for what appear to be police vehicles in secluded
areas, but to have them follow to someplace with other people
around. Not sure I would give that advise. For similar reasons,
some police departments have policies whereby unmarked police
cars never make routine traffic stops at night.

But I would definately advise someone who feels vulnerable to
not let in someone like a utililty employee who shows up
unannounced at their house even if they produce an ID badge
without calling the utility to check up on them (and don't get
the number from the person at the door).

 > Never give out your password to ANYONE, EVER.

Always sound advice. Unless you watch _Seinfeld_ and have a bank
that violates fire codes. Then you know when you may need to give
it away to save a life, "Bosco! Bosco!"
-- 
Crist J. Clark                               crist.clark at globalstar.com
Globalstar Communications                                (408) 933-4387



More information about the NANOG mailing list