Author: Olly

  • WHOIS GDPR – What is going off?

    Urgh. Another GDPR post I hear you cry?

    Well this one is specifically about WHOIS information changes since GDPR came into force.

    (Note: If you’re unsure what GDPR is then go here)

    So in a nutshell, GDPR has been brought in to protect an individual’s right to data privacy. No longer can we be auto opted into newsletters and stuff. Sounds decent and for an individual, its a great move.

    HOWEVER GDPR only applies to B2C – NOT B2B.

    That means that if you sell to the public, then you need to adhere to GDPR. If you sell to other businesses then it doesn’t really change anything.

    You can imagine my surprise when I did a whois lookup and saw this;

    The Data Validation aspect of these reports is new, and its replaced the section that used to list our company details. Useful info if you are trying to find who owns a domain name.

    But, it seems since GDPR NOminet have taken the decision to remove all registrant info from the whois – just in case! This was confirmed by a Nominet employee to me today;

    Thank you for your email. You are correct that you used to be able to hide you details on the WHOIS if the domain name was not being used for commercial purposes, however this option was based on the use of the domain name and not the registrant name itself. With the introduction of GDPR, the decision was made to redact all the registrant data from the WHOIS. This decision was made to redact all details in the first instance to avoid any individual names being disclosed in error. There can be cases where individual's names are incorrectly classified as companies and vice-versa. With this in mind, the same policy was applied across all .uk domain names, irrespective of the registrant type. This policy was taken to consultation in advance of being implemented. It is still possible for all registrants to opt-in to the WHOIS database to display their details if they would like to do so, it is just that we are no longer publishing these details without their explicit consent. This policy may be reviewed periodically going forward. If you need anything further, please do contact us on +44 (0) 1865 332233, or by email at support@nominet.uk.

    Hmmm..

    So “just in case” someone registered a domain wrong, you removed this extremely important and useful piece of info from every UK Whois?

    So now domain squatters are actually protected?

    What do you think of this move from Nominet? Do you feel this gives squatters an advantage?

     

  • Email Phishing Scam – uk-c.co – Very sneaky!

    Despite me going back to normal style blogging, I can’t help still being interested in attempted internet scams.

    A customer at work has asked me for help as they spotted a phishing scam that used their domain name, and upon closer inspection I spotted something I had not seen before. Perhaps this scammers undoing!

    I have changed the domain name to safeguard my customer.

    The emails read like this;

    Subject: Settle up this payment
    Date: Mon, 21 May 2018 13:14:53 +0200
    From: Kevin Playwright <kevin@playwright.me.uk>
    Reply-To: Kevin Playwright <kevin@playwright.me.uk-c.co>
    To: accounts@playwright.me.uk

    I need you to process a faster payment for a new beneficiary, payee details attached.

    I will send the documents once i’ll be at my desk.
    Leave a reply once completed or in case you get any problem while setting it up.

    Regards,
    Kevin Playwright.

    Sent from my iPhone

    The email is flawed in a few ways, firstly there is no-one called Kevin in this organisation, and secondly, there is certainly no-one called Kevin who carries the surname which happens to be the same name as the organisation Kevin is supposed to be part of.

    The next point which my customer didnt notice, was the reply-to address. As regular readers of my scam blogs will know, this is one of the first things I check as this often leads straight back to the crook!

    Usually, if the reply-to address isn’t the same as the send address (IE email account fully hacked) then it will be completely different – but in this case it was a hybrid!

    Let’s take a closer look at those email addresses.

    kevin@playwright.me.uk <- Sending address
    kevin@playwright.me.uk-c.co <- Reply-to address

    Notice the bit at the end of the reply to address?

    If we reverse that to make a domain name, the extension is .co and the bit before that, before the next dot is uk-c – which means that this email address is fake, but has been created to fool you into thinking you are replying to the original sender.

    Their domain is: http://uk-c.co

    If you visit it, you spot that its a mail server;

    They can apply this scam to any UK email address;

    test@domain.co.uk-c.co

    It would be so easy to miss.

    Be careful peeps, if something doesn’t feel right STOP and pick up the phone. Call the person who emailed you, call your IT mate, comment on one of my blogs – just dont brush it off as nothing.

    Stay safe peeps.

    PS I’ve reported them to ICANN hopefully they have their domain taken off them.

  • The Tim Westwood Challenge

    Ok, so since re-hosting the Original Tim Westwood Soundboard, we’ve been on  a bit of a Westwood ting!

    DJB found every westwood album ever, hosted on his very own soundcloud (what a legend!) so we have started from the top and are working our way through every single Tim Westwood album since 2001.

    Heavy hit, after heavy hit.

  • I’ll probably regret this…

    I had an hour or so to burn last night and I was on my laptop sorting some crypto stuff and tidying up my local backed up files, when I found a page that I had saved from the Wayback machine, it was a page of blogs from 2006 that I posted on here, but when this website was powered by some other software.

    I then realised that since its birth, this website had been made in roughly 4 different operating systems, and I know for a fact I didnt port posts from all of them, so I spent the next hour or so trawling the wayback machine from 2003 to the present day, ensuring all the posts I have ever made since 2003 are on this website.

    Now, I have a few comments missing and possibly one or two posts missing, but I’m pleased to announce that this blog is now an (almost) complete story of my life for the last 15 years.

    Many of the posts from the early days dont exactly read very well, it was very much a “weblog” back in the day, and some of the content is extremely incriminating but you know what – I have nothing to hide, im not ashamed of my past, and for that very reason I am today lifting the paygate that I’ve had on the website for the last few years. My posts are no longer censored.

    0lly.co.uk (or 0lly.uk more recently) for the last 15 years, in pure uncensored glory.

    Enjoy.