China is putting in place rules that would require a formal paper-based application system for those seeking domain name registration. The change would allow only businesses that have been licensed by the state to register domains. Ostensibly the move is to stop the distribution of pornography and other “bad stuff,” but some observers believe it’s simply one more attempt on the part of the Chinese government to stifle critical political comment.
It would seem as though this process could clean up one of the world’s worst domains for malicious Web sites, but there are some big, big loop holes, the usual percentage of corrupt officials being an obvious one.
Researchers at Trend Micro also found a very large vulnerability in the system. The process allows applicants to register domains immediately, but gives them five days to submit their documentation. So, malicious sites will be able to operate in the notorious .cn domain for five days before obtaining a new five-day domain. Five days is a long, long time for the Internet criminal underground.
Sunbelt researcher Patrick Jordan said he’s observed that some rogues and other malware use an elaborate system to point to a new malicious download site every few hours, often in a cycle as short as 6-12 hours.
Trend blog here.