Security Strategy, Plan, Budget

Canadian sued for black hole security “research”

A New York law firm is suing a Canadian for alleged federal cyber squatting after he conducted what he claims was research into a “black hole email vulnerability”.

In June, New York-based law firm Gioconda Law Group filed suit in a Manhattan court against Arthur Wesley Kenzie, a Vancouver, British Columbia-based programmer. Kenzie had registered the web domain “Giocondolaw.com”, which is similar to “Giocondalaw.com,” the website owned by the law firm.

Gioconda Law alleges that Kenzie has a history of registering domain names typographically similar to his targets, and intercepting emails intended for the targets' domains that have been mistyped. The mistyped emails can be collected by the owner of the misspelled domains, the complaint points out.

Kenzie was involved in a similar case before, registering web domains very similar to LockheedMartin.com, and claiming that he was merely conducting research into blackhole email vulnerabilities. The court ruled against him, and the domains were ordered to be transferred.

“Clearly, I did create and exploit for this vulnerability, but that in itself does not cause me to be some malevolent black hat,” Kenzie said on his blog in May, responding to the Lockheed Martin decision. “The only way to gather evidence was to create the exploit, and what I do with the eventual evidence (if there is any) is what determines the legitimacy of good/bad faith of my efforts.”



Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.