Markmonitor.com - The Internet Kill Switch; With Global Wiretapping Capability?

pastie.org/3867284

The Internet Kill Switch; With Global Wiretapping Capability?

One company to rule them all
One company to find them;
One company to bring them all
And in the darkness bind them


Recently run any whois queries on Google? No? How about Facebook? MSN, or Hotmail? Yahoo? You might be surprised, comparing the results.

Nice, innit? See the "Last Updated" part also.

The brand-protecting, anti-piracy company MarkMonitor Inc. has had all these DNS names under its control for several months now.

They also control the Wikimedia name services, even though that doesn't show up on the Wikimedia.org whois record. There are many others. Apple.com falls under their jurisdiction, as does ubuntu.com. Nokia.com? Yep, under MarkMonitor. See a pattern here?

MarkMonitor also is a trusted Certificate Authority; they have, in essence, the means to fabricate safe-looking SSL connections for you, to whichever host they want. Your browser will not sound any warnings of possible man-in-the-middle attacks.

MarkMonitor is a company that can own most people's "Internet" in minutes. It now controls all three top free e-mail providers directly, and I suppose it's safe to say, most currently active social media sites too.

See for yourself. Whois yahoo.com, whois google.com, whois gmail.com, whois facebook.com, whois fbcdn.com, whois hotmail.com, whois msn.com... the list seems endless.


How'd all this happen?

This company has acquired complete access to monitor, eavesdrop, censor and fake any user of these popular Internet services in about one year (2011). In almost complete silence. For several of the sites, it also provides "firewall proxy" services, which means it is actually paid to intercept all communications. In and out.

The situation reminds me of Joseph Lieberman's 2010 initiative to create an "Internet kill switch" for the U.S.

The government only needs to control this one company, and most social media, most free e-mail, most search engines will be under its control. Not to mention most operating systems, for both computers and mobile devices.

Not only inside U.S., but globally. One company to rule them all.

I, for one, would like to ask; WTF is going on? How did these guys, this relatively small domain-hogging and pirate-chasing company, get the resources to simply acquire the DNS records of all the most popular Internet services? How can this be so totally ignored by the media, and even privacy advocates? Even conspiracy theorists seem to be completely ignoring the situation.


Secure communication is an illusion

Only one company to rule them all? As if all this doesn't sound bad enough, the problem is far more widespread. MarkMonitor could easily act as a global "kill switch" for the sites under its rule. But as it turns out, most anyone with some resources could just as easily impersonate MarkMonitor itself.

Because, as one might have noticed in the past few months, the whole SSL certificate scheme is broken. Not in a technical sense - there's no known inherent weakness in the algorithms. But the whole SSL protection is based on trust, and that trust has failed us.

According to several sources, SSL CA certs are routinely given out to anyone willing to pay for them. As The Register points out in its analysis on TrustWave spying scandal:

"Those defending Trustwave suggested that other vendors probably used the same approach for so-called "data loss prevention" environments - systems that inspect information flowing through a network to prevent leaks of commercially sensitive data."
...
"In fact Geotrust was openly advertising a 'Georoot' product on their website until fairly recently."

www.theregister.co.uk...

Oh, so the ability to impersonate anyone is normal day-to-day practise for big business? Just imagine what government agencies must be doing - for example in Sweden, where the military intelligence organisation FRA has the mandate to monitor all traffic across borders.

Who can seriously claim they trust all the hundreds of different CA companies, several of which have been caught red-handed with selling out their customers' security, or covering up very serious breeches (up to and including their root certificates being stolen).

nakedsecurity.sophos.com...


MarkMonitor is a "brand-protecting" company. Traditionally its business has been reserving domains to protect brands. You buy its service, it makes sure that nobody else can have "mybrandsucks.com".

Also, they're an anti-piracy outfit. Their entire business is based on protecting IP.

www.marketwatch.com...


Just saying, someone should probably question them and their customers. Why does Google, who always "do things themselves", externalise these vital parts of its network? How come all the competing phone and OS vendors, who sue each other all the time, suddenly trust this one company?

And then there's all those competing social media companies, who practically thrive on what others call "IP theft", including their users sharing text, images, music, videos and links?


Big questions. Defy common sense. Need answers.

who.is...

got to love the None of your business.

MARKMONITOR.COM SITE INFORMATION
IP:
IP Location: Boise, United States
Website Status: active
Server Type: NOYB
Alexa Trend/Rank: Down Arrow 1 Month: 52,879 3 Month: 48,095
Page Views per Visit: Up Arrow 1 Month: 2.8 3 Month: 2.7

Weird DP

en.wikipedia.org...

nothing from ATS ??? i am kinda confused

GLP censored this topic in seconds

we'll see how much ATS is worth, depending on how long this topic will last.

the bad thing is, before shutting as much as possible down, they can impersonate people and companies, monitor their emails, gain access to their bank accounts and so on. what's even worse, some politicians are using gmail and other sites as their email providers - probably just some, but as far as i know, some certainly do. some people have no issues with trusting big companies and they will end up being very, very surprised.

I can't believe this thread just died like this.
This is way too important to shove under a rug.
Who's to say Markmonitor is private company and not a government run front?
That's where I'd put my money.
Why bother to pass a law about an internet kill switch and get everybody upset?
Just start a company that does the same!

Most people probably don't even understand what the OP is saying.

Also it doesn't have a doom date so its boring

Well I subbed the thread, I might as well let others know I was interested!

But, I only subbed because topics like this die quick deaths around here. So they are only good for reading while/when posted (or new).

This is highly suspicious behavior, to me (The topic, not topic deaths.)

Markmonitor is phishy, to say the least...
(Ha! Pun intended!)

We'll find out soon enough I suppose, if it is indeed for killing the net. Once it is big enough, they will use it. Otherwise, they won't and it isn't suspicious anymore. How's that for an if-by-whisky?

This thread is misguided at best and fearmongering at worst. MarkMonitor does brand protection and happen to specialize in very large clients. Almost every web property with at least a modicum of traffic utilizes a proxy (or reverse proxy) to increase throughput capacity and site responsiveness. If you had done the same whois lookups a few years back they all would have said "Network Solutions".

Even IF MarkMonitor is a nefarious company it really doesn't matter. If you do not believe that everything you do on the Internet is far from anonymous then you are a fool.

MarkMonitor cannot monitor anything from the sites they manage.

The majority of what they do is check to see if other people are infringing the trademarks by registering similar sounding domains. They also act as a domain registrar, which means they manage the registration of the name, they get to tell the internet's root nameservers which nameservers to use for google.com.

But since MarkMonitor does not control Google's nameservers (Google does), it cannot interfere with, or monitor, the traffic IN ANY WAY.

Technically it could hijack the nameservers, and point them to it's own nameservers, however this is a cumbersome process, which takes hours to propagate across the world, and would be blatantly obvious, and is something that Google would not want.

You can see Google's DNS info here:
www.intodns.com...

ns2.google.com. ['216.239.34.10'] [TTL=172800]
ns1.google.com. ['216.239.32.10'] [TTL=172800]
ns3.google.com. ['216.239.36.10'] [TTL=172800]
ns4.google.com. ['216.239.38.10'] [TTL=172800]

And prove that those nameservers are owned directly by Google here:
www.networksolutions.com...

NetRange: 216.239.32.0 - 216.239.63.255
CIDR: 216.239.32.0/19
OriginAS:
NetName: GOOGLE

More explanation here:
metabunk.org...

I wonder if MarkMonitor does what Stratfor does with their customers, and retain ALL credit card information, (as exposed by the Stratfor hackings) tauristercus had a thread on that which died unfortunately,

www.abovetopsecret.com...&flagit=791147

We all need to be realistic, the internet is not confidential, will never be. A kill switch, I'm not so sure.

People panicking over this have no clue how this works.. a domain name registrar is not the owner per-say .. they are the service paid by the owner to register the domain with the root servers ... in this case, Marksmonitor is the registrar .. Godaddy is registrar also, so is Network solutions .. tucows.. and MANY others are out there, often as resellers of a larger registrar. But if you look at those whois records, you see Google for example owns it.. they are listed as the owner, they control the dns servers listed... this is paranoia at it's best ...

MarkMonitor caters to large corporations, the main focus is brand name protection.. which is a pain in the butt for large companies to handle .. AOL pays ( or paid ) lawyers to just do that all day .. I know because I got sued by them for using the term ICQ in a domain name back in the 90s ..

Want a list of their customers? www.markmonitor.com... .. there's nothing to this .. nothing at all.