Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
The Internet

NSI Changes the WHOIS Rules 98

Have you run 'whois' lately? Alex Prestin has. And he noted (as did several dozen others) that NSI has changed the message that appears. The most amusing part is that submitting a whois means you agree to this agreement: there's not normal way to cancel should you disagree with the policy. (which in all fairness is designed to slow down spammers and whois server abusers). Anyway, hit the link to read what you're agreeing to without agreeing to it.

The Data in Network Solutions' WHOIS database is provided by Network Solutions for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Network Solutions does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this Data only for lawful purposes and that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its systems). Network Solutions reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.

This discussion has been archived. No new comments can be posted.

NSI Changes the WHOIS Rules

Comments Filter:
  • Seriously, shrink wrap is enforceable for provisions on a web site you haven't even read.

    If you don't like the new UCITA laws that are being approved over the next two to three months in every state in the US, complain to your governor, attorney general and state senators/reps. Because this is what the new UCITA regulations mean.

    And, if you don't live in the US, tough. We will enforce our laws on you anyway. Sure, we have no right to do so, but we do it anyway.

  • I don't know too much about international tax law, but I do know that if a person is a citizen of one country but works in a second country, generally both countries try to get their sticky fingers into it.

    Example: Say I happen to be a resident of the United States of America. (God bless her; she needs it) But, I'm taking advantage of our good relations with our northern neighbor, Canada, and driving 'cross the border to go work for a lumber company. ("Oh, I'm a lumberjack and I'm okay.. sleep all night and I work all day")

    So who gets to tax that income? Canada gets first dibs, because the work was done there, paid for there, etc. The US can (and would) tax me again because I'm a citizen, and more importantly, a resident.

    Like I said, I'm not exactly sure how it works, but you can get into some pretty sticky situations that way. (citizen of US, living in Canada, working for a Japanese corporation, etc, etc)

  • No, actually, they have not. The message displayed for the last month was roughly the first half of the current message. This new one was implemented in the past 2 days or so.
  • Seriously, it's still enforceable even if you didn't know it was there.

    Which is why MSFT and a number of other software companies are forcing the UCITA consumer laws through the individual states, hoping noone complains to their governor, attorney general, or state senators and representatives.

    Have a nice day in Orwellian America.

  • Under UCITA, they can impose new rules on you without agreement or notification. You don't even have to know they exist. And it is legally enforceable, plus they can disable any and all software (e.g. your browser which has a WHOIS component) remotely and not be liable for negative side effects (e.g. it don't work no more).

    That's the beauty of UCITA. Which is a series of regulatory laws going through every state legislature in the US, which we will enforce on the entire world (why? because we can). Of course, you might want to give your opinion of this to your governor, attorney general, and state senators and representatives.

    Have a nice day.

  • Well, all they are saying is that you can't misuse the information they gave you. Its like as if I handed you a document that said written across the page "Top Secret, for your eyes only" Sure you probably already looked at some of the document before you noticed the top secret and its really too late at that point to say no I don't want to look at this document. You just simply keep your mouth shut and try and follow the legal order which the document gave you.

  • As far as I can remember for the past 3 months
    InterNIC has been hell on crack. Domain registrations fail, don't go through at all, are
    not entered into the whois database. Domain moves are a joke, I had to move 60 (yes, 60) domains from one nameserver to another. 60 update requests out of which 10 came through, about 20 returned without going through claiming incorrect information and the other 30 just vanished into
    a big deep black hole. It cost me 2 months to get 60 domains moved. I also had to move about 10 .nl domains. Guess what? After 3 days they all went through without a hitch. Well, one returned but that was my typo :)

  • Seriously. We can and we will. After all, don't we (the US) own the Net? Of course we do.

    It's not like we care what the rest of the world thinks (common non-US mistake #1 - assuming we care about what you think).

    Have a nice UCITA day. Aren't you glad you were more worried about the Red Hat IPO than UCITA? Aren't you glad you never contacted your state's governor, attorney general, state senators and representatives?

    Of course you are ...

  • They don't even have to tell you that the license agreement changed.

    Just like in the @Home case.

    And it is or will be legally enforceable, because noone contact(ed) their state's governor, attorney general, state senators or state reps.

    And we will enforce it on the rest of the world. Why? Because we can.

  • Can't do it... try that with microsoft.com, and see how much you miss with only 7 lines of output.
  • I have been on /. for quite a while and until recently I hadn't asked that question, even in my head. It seems, however, as of late that there are numerous repeat stories, numerous old stories, and an apparently random selection process as to when and why a story gets posted. This was particularly annoying since I remember a number of us posting about the (evidently previous, sorry for that bit) whois change and thought I was now seeing the story a month later.

    As for links, hm:

    this one [slashdot.org], or this one [slashdot.org] will probably suffice. Forgive me for not posting them originally, but I was tired and cranky enough to post the original which might be a valid excuse.

    My general point is that, while I still greatly enjoy /. (and find it useful), I am beginning to have to take every story with bigger and bigger grains of salt because I don't know if they're current, their presence on /. is part of someone's private agenda, etc. I also am much less likely to submit a story due to a feeling of futility.

  • Maybe there just isn't much news, and Taco man had time on his hands.
  • As this message appears at the top of the whois query why don't they say something along the lines of: "by using the results of this query you agree to abide by the above rules..."
  • By reading this reply to the article posted on Slashdot "NSI Changes the WHOIS Rules" you agree to take off all your clothes, run round the world naked 3 times shouting "I'm a penguin!" and eat bananas for the rest of your life. I reserve the right to modify these terms at any time. By reading this article you agree to abide by this policy.

  • by drwiii ( 434 )
    under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam)

    Too bad they don't have to agree to their own terms.

  • As I recall, a citizen living and working abroad still has to file for income tax in america. I don't remember all the details from my business law class, but there are some games that are played... like you were a resident here for one month so you have to pay all the taxes - vs - you didn't live here so you get a discount, but you're still paying.

    anything the government can get you for they will, especially when its something like this that doesn't effect john q. public and the handful that are effect just cant scream loud enough...
  • I wonder if this "agreement" would be somehow enforcable (AFAIK the agreements in EULAs are enforcable in the US by the court ruling in ProCD v. Zeidenberg).

    The difference is that my whois client doesn't say anything to the effect of "Use of this software is governed by a license" WRT the results of a query like "Use of the results of a query are governed by a license". This is the reason the courts said EULAs are enforceable in the US. You know there's a license when you purchase the product. With a whois query, I don't know in advance that there's a license when I make that query (and it could change from one time to the next). And although IANAL, I'd guess that NSI's agreement is unenforceable simply.
  • link to it

    Um, his whole complaint was that they DIDN"T use his 1st post. Course, his old post isn't new anymore (Changed agreement) and it's an old, feeble complaint, but you gotta admit that he couldn't have linked.
  • Actually, the original idea of putting the admin information in whois was so that if I made a technical error in, say, my routing that bogged down the network, people who saw the problem would know who to contact. That's perfectly sound. Of course that was in the good old days when everyone trusted everyone else. :-(

    I run my own domain and mail server, amazing.com. There has always been only one valid email address for amazing.com, the rather obvious david@amazing.com . Recently, I've seen spams to other users at this domain, like brian@amazing.com . So I can only assume spammers are just inventing addresses in the hopes that they will work.

    I find it interesting that people are selling these addresses to spammers - I would think the poor fools who buy these lists have a valid cause of action for fraud.


  • Ahh. Back in the day.

    Really though, I liked that licence. What we don't need is a book that on the last page...

    Okay. I think we all get the implausability of the not know ahead licence.

    This is a foolish move on their part - US law is not going to allow any agreement that you cannot examine in any way ahead of time. You need to know a) that you are making a decision, and b) what the criteria is.

    What is foolish about this is the same as any other legalism that is weak and unenforceable. It can weaken the law overall, and is a waste of legal jargon that could better serve us in a litterbox.


  • The text of the agreement has changed (again). So, yes, they've posted before (twice, I think) that NSI has changed their agreement, but that's because this is the third time they've changed the agreement.
  • So you can't spam them if you don't like agreeing to something you didn't agree to?

    ...and you can't look up their e-mail address in whois if you plan to spam them anyhow?

    That's no fun...
  • they don't say anything about who owns the data.. and the limitation they put on it is one that i can't really see a legitimate user complaining about. the shrink-wrap-ish clause seems harmless; i'd figure it falls under the same not-really-enforceable limitation that ordinary EULAs, do.. but i'm not a lawyer. can a lawyer comment on that? they didn't give me an option to refuse to continue..

    maybe release a patch to /usr/bin/whois so that we can stop before receiving the data itself, in case we don't agree?

  • By that, I mean legally bind someone to an agreement without first presenting the agreement for acceptance, modification, or whatever. Thats like taking a section of sidewalk, and at the end having a big sign that says "By walking down this sidewalk you agree to pay the guy next to the sign the sum of 10 american dollars". It just so happens that something important or useful is on the other end of said sidewalk.

    Don't get me wrong, here, I am all for anything that gives power to attack spammers. I am just curious about the legality, the possible annoying precedent set here (think of the software licensing, the install is a program that presents a single "press enter" button then a screen that says "By pressing enter, you agreed to...").
  • I'm all for no spam. But why would anyone in their right mind register a domain, and use their every day e-mail. Just use a hotmail account! Thats what I put in for my e-mail for internic. I get at least 300 msges their every time i check it, which isn't very often...maybe once a month... why? Because spammers are collecting e-mails using the whois database. Their are easily available programs such as Autoposter [autoposter.com] that skim through webpages getting the e-mails off the pages html code. And the whois is FULL of e-mails. Well, I'd day the agreement doesnt do jack shit, because who the hell reads it when they are planning on spamming?
  • By clicking on the preceding link, you hereby agree to send me US$10.00. (Of course, collecting my money is going to be rather difficult...)

    I am so not a lawyer, but my gut reaction is that placing conditions on an action that happened in the past is not really enforceable. (Were you born? Ever? Then you owe me twenty dollars. On top of the ten above.)

    Of course, my impression of website "disclaimers" is usally along the same line; that is, the ones I've bothered reading basically say "by viewing this site, you agree to blah blah blah..." So just by loading the site -- any page -- you "agree" to a long list of restrictions etc. You didn't know that by loading the XYZ site you agree to have a $5.00 charge appear on your next phone bill? Well, gosh, it was right there in the disclaimer. Oh, that's right, you have to load the site to read the disclaimer in the first place. Don't ya just hate that?

    Now I'm just rambling. Sleep deprivation will do that to you.
  • Did this appear on /. before?

    I know this is at least a month old, because
    a number of people in my local LUG submitted
    this story to /. at least a month ago!

    Why was that chump's submission deemed newsworthy
    a month later than any of ours?

    Old News for Nerds: Stuff That Mattered

  • by Anonymous Coward
    By reading the above article, you agree to send $50 to CmdrTaco. Send the money to:

    Rob Malda
    116 East 18th St
    Holland, MI 49423

    Thank you, thank you very much.

  • ...there reads a message. By having opened this box you legally agree to give me all your money.

    Somehow it's not legally binding. Anyone with legal know-how(US or other law) care to explain to the class why?

    -- James
  • yes you can.. sadly..

  • maybe release a patch to /usr/bin/whois so that we can stop before receiving the data itself, in case we don't agree?

    From the server side this will be hard to do, given the complex nature of the WHOIS protocol <g> (see RFC812 for details).

    I wonder if this "agreement" would be somehow enforcable (AFAIK the agreements in EULAs are enforcable in the US by the court ruling in ProCD v. Zeidenberg [columbia.edu]).
  • Ach... quit your kvetching. The new agreement is far better than the prior agreement; at least NSI kowtow'd to the US Government and is no longer claiming the WHOIS database is its (and only its) property.

    Now the real problem with NSI lately has been getting them to actually update the WHOIS database. Been six weeks and I still haven't gotten an update on my NIC handle (NT1213).

    This is a serious problem.

    Notably, the fax option works, but paper is soooo 1985 ;-) Seriously though, has anyone had any luck with online change requests?

  • There are several requirements for a valid contract. One of these is consideration. What do I get in exchange for giving up all my money? If I get nothing, there's no consideration.
    In your black box example and similar examples given here about writing on the sidewalk there is no consideration.

    Another is called Meeting of the Minds -- everyone has to have all of the terms of the contract available to agree to them. This dosn't mean the terms have to be negotiable. (Contracts where you are offered terms take it or leave it i.e. insurance contracts are called contracts of adhesion and are very much enforcable. Though ambiguous clauses are interpreted against the drafter of the contract.)

    This agreement, while perhaps not enforcable on the first lookup, is likely enforceable on subsequent lookups. The agreement itself is really not onerous. Here is some information (that may be valuable to you -- consideration), in exchange for that information you agree to two things:
    (a) don't spam with it.
    (b) don't put too big a burden on our servers.

    That's quite an improvement over the old agreement.

  • Yesterday in the mail I got a credit application from Discover for an "Information Techonolgy Platinum" card. It was addressed to the non-existant company I slapped into the contact information. Well, a company of one (me) kinda like blockstackers. :) And of course I get lots of spam at the e-mail account I signed up for it with offering to help me advertise my domain and get it in search engines and such.

  • This is sort of along the lines of those software license agreements you have to approve before installing stuff (esp Microsoft stuff). I mean, who actually reads those things before clicking 'OK'? Historically, American courts take the consumers side in these matters. They do not expect the person to have fully approved of it, and they do not consider it a legally binding document.

    That WHOIS statement would be judged along the same lines I'm sure. NSI is obviously trying to cover their asses here. This is probably not the best way however.

  • All this is entirely out of context for the discussion of NSI's 'license', but as far as taxes go... A large amount of tax agreements exist between countries to lift the burden of double tax collection. It tends to have some finer differences between the different agreements, but in general it boils down to the fact that the country where you spend more than 183 days in a year can tax you, while the other won't.

    So most of the time, you only pay taxes in the country where you work and reside (in a living sense, not by what e.g. the US INS considers residing).

    In my personal case, I am a citizen and resident of Belgium, I live in the US, and I work in the US. And by tax agreement between Belgium and the US, only the US will tax me.
  • Come on guys, how many of you have ever hit the "disagree" or "i do not accept button" in your life?
  • Sounds a lot like those software packages that put the EULA on the CD.. "By Opening this package, You agree to abide by the EULA contained in 'EULA.TXT' On the CD" ISTR that IBM did that for a bit.
  • Just incase you want to strip out the legalise internic has stuck in their whois, put this into your .bashrc or .bash_profile:

    alias whois=`whois $* | tail -7`



  • Only to cancel out of poorly-designed installation programs. Oh, you mean because I didn't agree with the licensing terms? Well, yeah... never...
  • Well, this is a small improvement, at least. They're no longer claiming to own my name, address, phone number, and other personal information.

    Now if only NSI would abide by their own terms and stop using the database to send me spam...
  • They take half your income because you work there. If you move to another country, your birth country won't be able to collect taxes from you.

    That's not true in his case. The United States and Libya are the two countries in the world for which you still owe taxes regardless of what country you live and work in. This means that Amercians living and working overseas have often to pay taxes twice -- once to the US and once to their country of residence.

    No, I don't think it's quite fair either.

  • Well, you got nearly all of that wrong...

  • >alias whois=`whois $* | tail -7`

    it would make more sense to pipe it to 'wc -l', then to tail -([wc -l]-[length of agreement]).
    or something. that may need multiple lookups then,tho
    i dunno how to do subtraction under sh tho;...
  • altho i don't particularly agree with
    the new "license" i'd rather see the
    whois prog ask y/n once, the first
    time you run it instead of each time
    cuz i work for a web hosting company
    and have to use whois at least 50 times
    each day... :)

  • I'd hate to actually have them notice it, but last year when NSI renewed my domain name, they sent me their contract by e-mail. I modified it carefully (it's amazing what you can do by adding "not" in a few strategic places) and returned it to them. One of the clauses specified that if they accepted my money, they also accepted my version of the agreement.

    The beautiful part is that they answered my mailback with a confirmatory message that quoted the contract in its entirety. That means that if it ever came to court (in my home state, as allowed by the contract they accepted), I could demonstrate that they received the contract. That puts them in a rather tough position: if they want their original e-mail contract enforced, they have to argue that e-mail contracts are legal. But I never agreed to their contract -- and they accepted mine!

    IANAL, and I am certainly not stupid enough to actually force a court test. But if NSI ever decides to give me a hard time (not impossible, given the similarity of my UUCP-vintage domain name to that of a much larger Johnny-come-lately), I at least have some ammo. Heh heh.

  • At least this is more inline with what the 'net would like to see... is this just a pr stunt or a real change in the core of the company?
  • You are lucky! At least your domain still has DNS records in the root servers. NSI, I assumed they are the one managing the database for the root servers, has managed to "LOSE" DNS records for two of my domains in the past two months!!!

    The latest incidence started last Friday to a domain, saigon.com, that I've had since 1980. It's always paid in full. Friday, mail started bouncing and when I checked the root servers, there were no record of my domain. Complaints to them just got stupid replies back about there is a record in the whois database. Well, no duh. I specifically stated in my message that the DNS record is missing and even provide nslookup sessions showing it.

    What a bunch of yahoos! I am going to start moving all my domains to the other .com and .net registrars.

  • NSI has had that notice for the last month.

    You Slashdot guys gotta read your e-mail more often. 2 late news stories in one day (see l0pht article).
  • The wording is pretty reasonable. The terms are unenforcable for your first /whois until the UCITA passes, and then only in the USofA in those states where it passes. Until then, your first /whois is license-free and all following /whois's are not .. since by then you know what the license terms are:)
  • >(Were you born? Ever? Then you owe me twenty dollars. On top of the ten above.)

    My government takes half my income, and somehow I agreed to that because I was born here...
  • I doubt that this is a very heavily used function on the internet but please tell me why anyone would add so much additional verbiage to something that gets transmitted across the internet. Even if it doesn't hurt most peoples' response time, you think that NSI would realize that what ever box is supplying the whois responses now has twice as much data to pump out. I did a sample whois query and it took well over 10 seconds for the response to complete. Not that whois has ever been all that speedy to reply but that EULA-type statement sure came out fast! I guess NSI wanted to give me time to read the legalese before I hit ^C, eh? Don't they care about the extra load they're putting on their own systems? Is this negligible to them? Are they just being stubborn boneheads since Congress has been looking at them more closely? I suppose that the truth is that they don't care since they've already got your registration fee.

  • sure it sounds reasonable. on the surface alot of unilateral agreements sound reasonable. but there's a point where this type of agreement becomes out of hand and we'll be agreeing to all kinds of weird things.

    case in point: shrinkwrap software agreements/elua [fenwick.com].remember like 10 or 12 years ago when these things used to be fairly legable? now they're totally out of control, type set in 3 point type, and have more verbage than war and peace! and it's not like you can understand them either, unless you have a legal degree... so everyone who needs photoshop, quark, office, code warrior, or any commercial software for that matter just blow right past them and quickly get to the installation screens.

    so back to the topic at hand...
    it wouldn't surprise me if within the next 18 months some type of recognition to the agreement will be enforced, similar to software installs, i.e. there'll be a "click here to agree" button on the web page or a type "y" in commandline to agree license compliance from nsi for whois.

    what might seem draconian will be if nsi(maybe thru echelon?) keeps a database of who does whois...
  • infer (sorry, I had to do it)
  • It's news because they changed the agreement completely, again. It's an entirely different agreement than what was there a couple weeks ago.
  • If you're going to modify /usr/bin/whois, modify it to point at "whois.crsnic.net" instead of "rs.internic.net", since InterNIC no longer holds the final canonical information regarding domain dispositions.
  • The 300 msgs per month you're getting at hotmail aren't all from NIC records. Where spammers harvest email addresses still baffles me -- addresses that have never been published _anywhere_ have gotten SPAM. Maybe it was a lucky guess? Maybe Bellsouth sold their subscriber list?

    I agree with you, however, in that the agreement doesn't do a damn thing to prevent spammers from grabbing email addresses if NSI never actually stands up and enforces it. Personally, I rather they not publish email addresses at all. The only reason they're there is for them to contact you.

    This is yet another "good thing" that's been perverted by a handful of morons out to make three cents more than anyone else without lifting a finger.
  • Would be to put in the whois response:

    "Repeated use of the whois query service is subject to terms and conditions"

    And provide a link to a web page with those terms on it.
  • The problem, is that the 'whois' program connects, internic spews their agreement, then whois sends the query without waiting for the user to accept/cancel the agreement, I'm sorry to say it but I see no problem with the way internic has done this.
  • There's a fence post error which they should correct by saying: "By running this query in the future, you agree to these terms:..."

    On the other hand, what the fuck does "or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its systems)." mean?
  • Well, under the newly proposed UCITA laws for software, this is totally legal.

    Oh, you mean you didn't know that the states are already taking away your rights? Then you should be contacting your state's governor, attorney general, state senators, and state representatives or else you're stuck with it.

    More info on www.infoworld.com and www.pcweek.com

  • Whoa. I'm a dual citizen of the US and Canada and have filed dual income tax forms a number of times. The Canadian one taxed some of my US income, but the US one just said "Do you make more than $70K? If so, you owe us money. If not, get lost."

  • They take half your income because you work there. If you move to another country, your birth country won't be able to collect taxes from you.
  • Back in March of this year I started the transfer of (sigh) 25 url's from old server addresses and remote hosts.What a mess NSI made of the process! Once i did all the obligatory steps there were still 12 that didn't make it through and I had to go through the process again. Of those 12, 6 had to be hand done (fax and fone). I actually had a personal account reps' real name since i was making daily calls to md. Gotta love a process made easier by technology, but maybe they (NSI) should hire another person or two to monitor these transfers (what does that $70.00 pay for anyway??). (I think they have two or three real persons working in that department).

    On the other hand the submission of new urls is painless and usually takes less than 24 hours...
  • Well these legal agreements are fair enough, but do we really have to have an ever-increasing amount of legalese before we can actually find out the result of a /whois? Its going to get to the stage where a /whois query requires waiting for a few minutes while the disclaimer downloads.
  • So how are they going to inforced the non web
    interface to get the user to confirm before
    getting the query results back ?

    They are not in control of ever whois binary
    out there and not even incontrol of most of
    the source versions ethier.

    So surely an easy get out for anyone is that the
    client they used didn't ofer then the chance to
    agree or disagree
  • Sorry people, but given the litigious nature of business these days, I only see things like this getting much worse before they get any better.

    Is it a reasonable to expect simpler agreements concerning the use of technology as technology gets more and more advanced? If not, I'm half-tempted "jump out of my BMW and run off into the hills somewhere" (stolen from old Phil Hartman SNL skit "Unfrozen Caveman Lawyer").

    Seriously though, I'm feeling a bit overburdened these days by legal mumbo-jumbo. Are you conscious of ALL the regulations regarding usage of your telephone? Your credit card? Car insurance? Rent? Mortage? Employment? Or do you think you know the important points and just dismiss the rest as trivial details?

    What happens if/when "ubiquitous computing" actually becomes commonplace--when we are wearing computers or when we are as dependant on them as our eyeglasses? How much legal BS will that involve?

    Like wrapping up methods and data inside of an object, I've recently begun looking for ways to encapsulate complex things. Like my phone--I recently found a local carrier that advertises 7.5 cents/minute 24/7. No fooling around with attempting to call grandma only after a certain time of day. I hope other businesses catch onto this--packaging technology with simplicity.

To do two things at once is to do neither. -- Publilius Syrus