http://www.redherring.com/Article.aspx?a=20513 By Sean Wolfe December 29, 2006 Blueprint Ventures is back online. A week after their site was seized by a porn-spammer, the VC concluded it was easier to pay up rather than take the issue to court. The case is instructive for two reasonsfirst, getting one's domain back after hackers seize it is more difficult, and takes longer than one might think. Second, that keeping ones domain registered, and staying on top of when that registration comes due, is a vital component of any Internet-era brand defense. In mid-December, the South San Francisco-based venture capital group got a rude awakening. According to managing director Bart Schachter, a UK-based hacker found that Blueprints hosting company had been asleep at the switch, and had not re-upped the firms domain registration in a timely fashion. Evidently, he said, there are now software programs that spider the Web for domains that are about to come up for grabs, and pounce on their unwary prey. So, on Friday, December 8, everyone at Blueprint went home for the weekend (See our prior story Blueprint Ventures Hacked [1]), and by the following morning, the Blueprint Ventures site had been changed, email had been cut, and visitors to the firms homepage were being redirected to a number of pornography sites. For the next two weeks, Mr. Schachter and others at the firm were embarked on a series of negotiations, one with lawyers, and another, with the culprit. What we found was there are a bunch of legal means by which we can get the domain back. But they cost money. So relative to paying a lawyer, paying a squatter is cheaper. We had someone who is a mutual friend who knows the person who helped us settle the issue, he said. The identity of the culprit, who goes by the name Andy Placid, as well as other aliases remains unknown. And the crime, if there was one, is nebulous. Arguably, all he did was snap up an unregistered domain. As of a week ago, we had 30,000 Google references to our site, so theres no doubt we had the trademark, Mr. Schachter said. Soyou could say he got it legally through Register.com, but illegally when it comes to trademark law. But the price to defend that trademark was $2-3,000 just to file the claim, but getting a lawyer to do it - that'd be more like $15-$20,000. So how much did he pay the squatter? Low thousands was all he would say. Lessons learned? A good defense is the best offense. The company has registered its former domain for the next seven years. What this does is suggest that any domain owner move from a reactive to a proactive posture. When you lease comes due, you write the check. When your insurance is due, you renew it. Same thingyou have to get ahead of it to make sure all is well. All in all, the firm kept an open mind, and the sense of humor the firm is known for (an example can be found in their latest holiday card [2]). For one, there are a number of interesting start-ups in the fraud protection businessed for domain addresses - though he wouldnt mention names. [1] http://www.redherring.com/Article.aspx?a=20229 [2] http://www.blueprintventures.com/holiday06.html _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Tue Jan 02 2007 - 00:47:43 PST