Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica |
MarkMonitor accumulates Internet Power - to what end?MarkMonitor started out as an Internet Brand Protection Service. Pay for their services and they'd go pummeling folks w/ similar domains to yours, registering *sucks.com domains, etc. More recently, they perform ICE-like corporate protection of tradmarks and IP. In 2010 they acquired anti-Piracy software company DtecNet, in order to take a more direct (again, ICE-Like) role in taking down copyright infringement. What's curious is how they've placed themselves among internet titans and some of the abilities they've acquired in the process. said by USCyberLabs :MarkMonitor Internet Kill Switch Or Wiretapping?
Recently run any whois queries on Google? No? How about Facebook? MSN, or Hotmail? Yahoo? You might be surprised, comparing the results.
Nice, innit? See the Last Updated part also.
Domain Name: google.com Updated: 4 hours ago - Refresh
Registrar: MARKMONITOR INC. Whois Server: whois.markmonitor.com Referral URL: »www.markmonitor.com Status: clientDeleteProhibited, clientTransferProhibited, clientUpdateProhibited, serverDeleteProhibited, serverTransferProhibited, serverUpdateProhibited
Expiration Date: 2020-09-14 Creation Date: 1997-09-15 Last Update Date: 2011-07-20
The brand-protecting, anti-piracy company MarkMonitor Inc. has had all these DNS names under its control for several months now.
They also control the Wikimedia name services, even though that doesnt show up on the Wikimedia.org whois record. There are many others. Apple.com falls under their jurisdiction, as does ubuntu.com. Nokia.com? Yep, under MarkMonitor. See a pattern here?
MarkMonitor is also a trusted Certificate Authority; they have, in essence, the means to fabricate safe-looking SSL connections for you, to whichever host they want. Your browser will not sound any warnings of possible man-in-the-middle attacks.
MarkMonitor is a company that can own most peoples Internet in minutes. It now controls all three top free e-mail providers directly, and I suppose its safe to say, most currently active social media sites too.
See for yourself. Whois yahoo.com, whois google.com, whois gmail.com, whois facebook.com, whois fbcdn.com, whois hotmail.com, whois msn.com
the list seems endless.
Howd all this happen?
This company has acquired complete access to monitor, eavesdrop, censor and fake any user of these popular Internet services in about one year (2011).
In almost complete silence.
For several of the sites, it also provides firewall proxy services, which means it is actually paid to intercept all communications. In and out. Looks like a new 400lb gorilla has quietly slipped into the room. |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI |
Snowy
Premium Member
2012-May-19 7:28 pm
said by Noah Vail:said by USCyberLabs :MarkMonitor Internet Kill Switch Or Wiretapping?
MarkMonitor is also a trusted Certificate Authority; they have, in essence, the means to fabricate safe-looking SSL connections for you, to whichever host they want. Your browser will not sound any warnings of possible man-in-the-middle attacks. Looks like a new 400lb gorilla has quietly slipped into the room. You agree that MarKMonitor can fabricate safe-looking SSL connections to my banking site » www.boh.com/small-busine ··· ndex.aspthat will trick my browser into believing it's @ » www.boh.com/small-busine ··· ndex.aspwhen in fact it is not? |
|
nonymous (banned) join:2003-09-08 Glendale, AZ |
to Noah Vail
If Markmonitor started fabricating things those companies didn't agree to what is to stop all those companies instantly pulling their domains or any control thereof from Markmonitor?
If the gorilla as you call it starts abusing it's power in any way those companies do not like or their customers scream at them about wouldn't Markmoniter get dumped like a hot potatoe. |
|
Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica |
to Snowy
I wouldn't say that scenario is in harmony with their current business models. MM provides internet "image protection", copyright and IP enforcement for major corporations. Any certificate spoofing they might perform would likely be to secure the interests of the deep pockets that fund them. |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI |
Snowy
Premium Member
2012-May-19 8:27 pm
said by Noah Vail:I wouldn't say that scenario is in harmony with their current business models. My question went to the technical issue not the ethical issue. |
|
Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica |
said by Snowy:My question went to the technical issue not the ethical issue. It is technically possible? In theory it is. It's mind bogglingly unlikely, however. |
|
|
to Snowy
said by Snowy:My question went to the technical issue not the ethical issue. Yes, they could fabricate the certificate if your browser trusts their root certificate, but there is another piece that they would have to do. They would have to alter the DNS resolution of the domain to direct your browser to the fake site, instead of the real one. This could happen by tricking the DNS provider to resolve to the ip address of the fake site. Alternatively, if they managed to place an entry in the computer's host file, the browser could be directed to the fake site. So, as far as I can tell, there are two pieces, (1.) fake certificate, and (2.) alter DNS. |
|
2 recommendations |
to Noah Vail
I think it's much ado about nothing. Markmonitor has several functions, not only IP protection. They also are a domain registrar. This guy debunks the whole thing and explains what is really going on. |
|
EGeezer Premium Member join:2002-08-04 Midwest |
to Noah Vail
Would a look at the spoofed or proxied SSL certificate show it's from Geotrust (the legit issuer) or would it display as some other issuer? I always check the issuer of sensitive sites to verify that it's the proper issuer before submitting credentials. I'm reminded of Comscore/Marketscore when they slipped a proxy in the middle when somebody downloaded one of their "free" PC utilities. Here's a post I made awhile back - I wonder if anything has changed regarding SSL substitution. » Re: Cheap GPUs are rendering strong passwords useless |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2012-May-20 4:08 pm
said by EGeezer:I'm reminded of Comscore/Marketscore when they slipped a proxy in the middle when somebody downloaded one of their "free" PC utilities. Don't get me started again on Comscore/Marketscore et al. It is interesting to note that those organizations and their subsidiaries are using MarkMonitor registered domains. However, that does not necessarily mean that MarkMonitor is guilty of any of their transgressions (but still, it is interesting). |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to Snowy
BOH online banking doesn't use Geotrust. (Geotrust is for the main site). It uses Verisign. I have NEVER accessed BOH logged in via the main site. I always use » cibng.ibanking-services. ··· 21301028. I would assume if you do use the main BOH site to login to online banking that you would get the Verisign cert at that time. I've had BOH online banking from the very beginning back sometime toward the end of 1999. I have the original portfolio BOH sent me but it doesn't have a date on it (and I didn't keep the cover letter and other instructions). I think I recall BOH was the first major bank in the nation to do online banking and they were quite proud of it and I was excited to be in on the first wave of online banking. Then Chase, I think, was second because I got online banking with them in late 1999. BOH's was always good (unless you access late on any evening and then you get absolute wacko stuff and cannot make any sense of your accounts). Chase's was horrible for years. And First Hawaiian is so terrible (website and online banking) that I won't use it. |
|
|
to Noah Vail
I just happened to notice 2 blocked entries from MarkMonitor in my pfSense firewall logs yesterday.
It was the first time I'd ever heard of them and was surprised to see them mentioned here. |
|