.hk the worlds most dodgy domain - The standard

Closed Thread
Page 1 of 2 1 2 LastLast
  1. #1

    Join Date
    Apr 2006
    Location
    Kwun Tong
    Posts
    1,242

    .hk the worlds most dodgy domain - The standard

    Classic story.

    The Standard - Hong Kong's First FREE English Newspaper

    2nd time this year I've made it to the front page. Woo Hoo!

    Last edited by hk.com; 05-06-2008 at 04:48 AM.

  2. #2

    Join Date
    Apr 2006
    Location
    Kwun Tong
    Posts
    1,242

    scmp article on the subject

    ‘.hk’ tops Net danger list
    McAfee finds 19pc of HK domain name sites not safe to visit
    Associated Press in San Jose
    12:02pm, Jun 04, 2008


    When surfing the Internet for safe websites, not all domains are equal – and the “.hk” domain is reportedly the least equal of all.

    Companies that assign addresses for websites appear to be cutting corners on security more when they assign names in certain domains than in others, according to a report to be released later on Wednesday by antivirus software vendor McAfee.

    McAfee found the most dangerous domains to navigate to were “.hk” (Hong Kong), “.cn” (China) and “.info” (information).

    Of all “.hk” sites McAfee tested, it flagged 19.2 per cent as dangerous or potentially dangerous to visitors; it flagged 11.8 per cent of “.cn” sites and 11.7 per cent of “.info” sites that way.

    A little more than 5 per cent of the sites under the “.com” domain — the world’s most popular — were identified as dangerous.

    More spammers, malicious code writers and other cyber-criminals can establish an online presence when domain name registry businesses cut requirements for registering a site in order to boost their profit and profile. The report does not identify domain name registration companies McAfee believes are responsible for those lapses.

    Hundreds, perhaps thousands, of companies are in the business of registering domain names; some are large and well known, while others are small and less reputable, offering their services on the cheap and with flimsy or no background checks to lure in more customers.

    The fact that internet scam artists gravitate to domain name services with lower fees and fewer requirements is not new.

    What McAfee’s “Mapping the Mal Web” report, now in its second year, tries to do is identify the domains that are populated with the highest concentration of risky sites.

    The servers for “.hk” and “.cn” Web sites do not have to be in China; Web site operators can register sites from anywhere to target different geographies.

    Other risky domains include “.ro” (Romania), with 6.8 per cent, and “.ru” (Russia), with 6 per cent of sites flagged as dangerous.

    Shane Keats, research analyst for McAfee and lead author of the report, said the increase in dangerous sites registered under the “.hk” and “.cn” domains over last year’s report was caused in part by better data collection on McAfee’s part on those domains and by apparent security lapses in some registrar companies’ processes for registering addresses.

    “My advice about surfing behaviour is that if you’re really desperate for cheap Prozac and the pharmacy ends in ‘.cn,’ don’t do it. Just don’t do it,” Mr Keats said. “Find another place to get your Prozac.”

    Many internet frauds involve fake sites for pharmaceuticals.

    The McAfee report is based on results from 9.9 million websites that were tested in 265 domains for serving malicious code, excessive pop-up ads or forms to fill out that actually are tools for harvesting e-mail addresses for sending spam.

    Mr Keats said domain name registrars that were strict about authenticating that website owners were operating a legitimate business saw far fewer malicious websites using their services.

    Where McAfee found some of the least-risky domain names:

    * “.gov” (government use), with 0.05 per cent flagged;

    * “.jp” (Japan), with 0.1 per cent flagged and

    * “.au” (Australia), with 0.3 per cent flagged.


  3. #3

    Join Date
    Nov 2003
    Location
    Not friggin' Lamma no more!
    Posts
    2,181

    I hope you have framed it and put it up on your wall!


  4. #4

    Join Date
    Apr 2003
    Posts
    12,383

    I read that on Slashdot earlier ..

    As long as its not hk.com ...


  5. #5

    Join Date
    Apr 2006
    Location
    Kwun Tong
    Posts
    1,242

    KIA, in that case you probably read my comments on slashdot also.

    HKDNR as usual believe that they fixed the problem but according to MacFee there is still a few thousand dodgy .hk sites out there.


  6. #6

    Join Date
    Apr 2003
    Posts
    12,383

    How can a DNR fix the problem of dodgy sites?

    Did not read the comments, just saw the story and was in a bit of a hurry. Time to waste some more time.


  7. #7

    Join Date
    Apr 2006
    Location
    Kwun Tong
    Posts
    1,242

    As an ongoing basis - they can advoid dodgy registrations by hiring me as grossly overpaid consultant. I would put the systems in place to stop it. We have fraction of the resources that they do to run SARNIC and the run loops around them.

    Firstly they need to clean up what they have out there using Macfee's list of sites.

    Secondly there will be a pile of domarnt dodgy domains which will be brough online later.

    They need to data mine the IP of their where the registrations where made from and then search for patterns and kill anything that comes from the same IP's.

    Even at first sight, the reigstrations from the ruskies and canadian viagra boys are just blatantly bullshit. I mean you have to a total idiot to not realize they are not geniuine.

    Anyway I am sure they will cock up the clean up operation and knock out a bunch of leggit .hk domains.

    Personally, I would always get a .com.hk for my business than a .hk. I will always trust a .com.hk company more than a .hk one... and of course if they have a .hk.com they are bound to be pucker (maybe ).

    Last edited by hk.com; 05-06-2008 at 04:52 PM.

  8. #8

    Join Date
    May 2008
    Posts
    9

    i read this on headline.hk....


  9. #9

    Join Date
    Apr 2003
    Posts
    12,383

    but surely badly hosted sites on piss poor windows based hosting services does not mean a DNR should get involved.

    God forbid someone added a malicious script to geoexpat. Are you then proposing that the DNR should disable my domain?


  10. #10

    Join Date
    Jun 2006
    Posts
    2,161
    Quote Originally Posted by hk.com:
    HKDNR as usual believe that they fixed the problem but according to MacFee there is still a few thousand dodgy .hk sites out there.
    Easy spin until next time McAfee release a list, although it would be great for them to release frequently to highlight HKDNR business as usual.

Closed Thread
Page 1 of 2 1 2 LastLast