Dear All,
I received the following fax today and would like some
advice. The company that faxed me this letter also
faxed me a newspaper clipping from 2004 about this
Internet Keyword Service/system.
(Internet Keyword Service(IKS) allows the user to
enter a 'keyword' on the location bar of the
browser and it will then go directly to the
company's website. ie. if Securityfocus.com
registered "SecurityFocus", and a user typed
in "Securityfocus", instead of going to whatever
search engine, it will go directly to
securityfocus.com.) [personally, I don't know
how this will work without needing the user
to set the 'search engine' to some China-based
one, and whether or not it will work with non-
registered ones.]
------8><---
Internet Keyword Service was launched by CNNIC (China
Network Information Centre), an official department in Mainland
China, in April 2001. CNNIC has been receiving lots of applications
in mainland China including the registered names and brand names of
Hong Kong companies. Apart from the famous brand names, it is not
required by law to verify the true identities of the applicants
who apply for Internet Keyword Service and also basis by first-come
first serve. Any individuals or companies can therefore apply
for the Internet Keyword Service as they so wish.
As an exclusive registration centre in Hong Kong for Internet
Keyword Service, we would like to inform you that one
applicant in Mainland China is going to register the keywords
of your company name: <company name here, and other combinations
as well as Chinese-based names.>
To guard against impostors using your company name to conduct
any illegal activities in either Mainland China or Hong Kong,
CNNIC strongly recommend your company protect your brand
names or company names by registering with CNNIC immediately.
According to the guidelines of Internet Keyword Service
registration priority, we are under obligation to formally
inform you that:
1. If your company decides to give up the protection of your
company's reregistered name, kindly ignore this letter.
Also, if no reply is received from your company within
five working days, we will assume that your company is not
considering protecting your brand names.
2. If your company wishes to be granted priority to be the
lawful and exclusive user of the subject Internet
Keyword Service, please kindly contact our Hong Kong
branch office within _five working days for completion
of appropriate application for internet keyword service.
------8><---
Can someone please point out how this system would 'aid'
Web Security? Furthermore, is this an example
of 'social engineering' (due to the 'scare tactics'
and 'pressure' of getting a response)?
The news clipping I have (The Standard, 24-May 2004, P.A6)
states that the "China Internet Network Information Center
(CNNIC), the country's official authority for Internet
domain name registration has announced a new web-security
product to tackle recent cases of fraudulent web sites.
Called the Internet Keyword(IKS), the product allows
Internet users to reach their intended websites just by
entering keywords instead of the full web addresses."
I personally do not see any relevance as to how this
will improve 'web security'. I'm getting the 'this
seems more like a cash-cow' than an incentive to
protect businesses.
I'd appreciate any comments on this.
Thanks
Ed
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
