Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Domain Theft-for-Ransom Hits css-tricks.com and Others

timothy posted more than 2 years ago | from the low-down-dirty-rotten dept.

Australia 147

An anonymous reader writes "Chris Coyer at css-tricks.com has had his domain transferred from GoDaddy.com to a registrar in Australia where it's being held for ransom. Several other domains have experienced the same theft by what seems to be the same person, and the registrars seem helpless to do anything about it."

Sorry! There are no comments related to the filter you selected.

Damn (-1)

Anonymous Coward | more than 2 years ago | (#38246154)

Damn.....

First!

Re:Damn second (-1, Troll)

Revek (133289) | more than 2 years ago | (#38246190)

second so what?

Umm.... (4, Informative)

Bucky24 (1943328) | more than 2 years ago | (#38246182)

From TFA: "We have reviewed your claim and we will contact PlanetDomain and request an FOA (Form of Authorization) for the transfer. If their records also show the same registrant at the time of transfer, we will work with them to see if they can transfer the domain name back. However, they are not required to transfer the domain name back."

Not required? As in, he paid for it, it's legally registered to him, and then someone just stole it away and they don't have to give it back? Isn't that theft?

Re:Umm.... (1)

Anonymous Coward | more than 2 years ago | (#38246296)

Theft, Fraud, Wire/Postal Fraud, and given that there are "several", probably RICO charges. The best part about RICO is that it's a criminal offense with criminal penalties but can be tried in civil court rather than waiting for a DA or Attorney General to do something about it.

Re:Umm.... (4, Insightful)

Anonymous Coward | more than 2 years ago | (#38246386)

Yeah but thats not counting international law which would apply here. It's quite likely these people will need to sue in whatever country has the domain.

Re:Umm.... (4, Insightful)

Dan541 (1032000) | more than 2 years ago | (#38247288)

In this case it's lucky the domain was moved to an Australian registrar and not China, or Russia. Legal action against the gaining registrar isn't out of the question.

Re:Umm.... (3, Interesting)

Meshach (578918) | more than 2 years ago | (#38246324)

From TFA: "We have reviewed your claim and we will contact PlanetDomain and request an FOA (Form of Authorization) for the transfer. If their records also show the same registrant at the time of transfer, we will work with them to see if they can transfer the domain name back. However, they are not required to transfer the domain name back." Not required? As in, he paid for it, it's legally registered to him, and then someone just stole it away and they don't have to give it back? Isn't that theft?

I don't know about theft as much as mismanagement by GoDaddy. If the domain was not expired then it should be reverted back to the rightful owner. If it actually did expire he may be SOL (although that is pretty low of GoDaddy to not at least give him notice).

Re:Umm.... (3, Informative)

InsightIn140Bytes (2522112) | more than 2 years ago | (#38246362)

GoDaddy can't reverse the transfer once other registrar has it.

Re:Umm.... (3, Informative)

rickb928 (945187) | more than 2 years ago | (#38247040)

That would be the job of ICANN or WIPO.

Neither of which care to step in and make the effort unless forced to.

Re:Umm.... (3, Insightful)

MightyMartian (840721) | more than 2 years ago | (#38246366)

It's most certainly theft, and on top of that Godaddy is most certainly liable for civil damages.

Re:Umm.... (5, Informative)

John Hasler (414242) | more than 2 years ago | (#38246456)

It's certainly a crime, but it is fraud, not theft (just as copyright infringement is not theft). Theft involves deprivation of possession of chattel property.

Re:Umm.... (1)

tsm_sf (545316) | more than 2 years ago | (#38246692)

Interesting that the 'pirating == theft' brigade hasn't modded you into oblivion yet...

Re:Umm.... (0, Informative)

Anonymous Coward | more than 2 years ago | (#38247026)

Interesting that the 'pirating == theft' brigade hasn't modded you into oblivion yet...

I thought it was the pirating != theft brigade that modded people into oblivion.

Re:Umm.... (4, Funny)

Concerned Onlooker (473481) | more than 2 years ago | (#38247448)

"I thought it was the pirating != theft brigade that modded people into oblivion."

Well, I thought it was the pirating <= theft brigade that modded people into oblivion.

Re:Umm.... (2)

dmomo (256005) | more than 2 years ago | (#38248398)

I thought it was the modding == theft brigade that the pirates send into oblivion

Re:Umm.... (5, Informative)

the eric conspiracy (20178) | more than 2 years ago | (#38247188)

Legally fraud is a form of theft, i.e. theft by deception.

Re:Umm.... (4, Interesting)

wygit (696674) | more than 2 years ago | (#38247308)

And the perps haven't deprived the victims of their property? Not sure what you mean here.

With copyright infringement, the original owners still have their stuff. With this, the victim doesn't.

Re:Umm.... (4, Insightful)

jamesh (87723) | more than 2 years ago | (#38246800)

It's most certainly theft, and on top of that Godaddy is most certainly liable for civil damages.

I just transferred a domain from GoDaddy to a preferred registrar. All I needed, and all I should need, was my username and password.

If I let my username and password fall into the hands of somebody else, which I believe is the case here, and they transferred the domain then firstly, godaddy are not at fault, and secondly, godaddy can't actually do anything about it because they don't own the domain anymore. It's a bit rude of them to not offer more assistance in terms of providing evidence to help the owner prove his ownership to the new registrar, eg maybe the access was from an IP address in a different country than the owner resides, etc, but that's hardly grounds for a civil suit for damanges.

If you buy a domain from a registrar who doesn't charge you enough to offer assistance when something goes wrong, and have a reputation for this, then you kind of get what you deserve.

IMHO, GoDaddy aren't evil, just cheap, and are just a product of our collective race to the bottom in terms of not caring about quality of service when buying a product and only complaining about it when something goes wrong.

Re:Umm.... (5, Informative)

mysidia (191772) | more than 2 years ago | (#38247280)

and secondly, godaddy can't actually do anything about it because they don't own the domain anymore.

There are things they can do about it, the ICANN Inter-Registrar Transfer Policy [icann.org] says so, so does the ICANN Transfer Dispute Resolution Policy [icann.org] ,

The Gaining Registrar must retain, and produce pursuant to a request by a Losing Registrar, a written or electronic copy of the FOA. In instances where the Registrar of Record has requested copies of the FOA, the Gaining Registrar must fulfill the Registrar of Records request (including providing the attendant supporting documentation) within five (5) calendar days. Failure to provide this documentation within the time period specified is grounds for reversal by the Registry Operator or the Dispute Resolution Panel in the event that a transfer complaint is filed in accordance with the requirements of this policy.

If either a Registrar of Record or a Gaining Registrar does not believe that a transfer request was handled in accordance with the provisions of this policy, then the Registrar may initiate a dispute resolution procedure as set forth in Section C of this policy.

Registry Operator must undo the transfer within fourteen calendar days unless a court action is filed. The notice required shall be one of the following:

Agreement of the Registrar of Record and the Gaining Registrar sent by email, letter or fax that the transfer was made by mistake or was otherwise not in accordance with the procedures set forth in this policy;

Re:Umm.... (1)

Mindragon (627249) | more than 2 years ago | (#38248314)

ICANN also requires valid WHOIS domain data http://wdprs.internic.net/ [internic.net]

Re:Umm.... (1)

Dan541 (1032000) | more than 2 years ago | (#38247298)

It's most certainly theft, and on top of that Godaddy is most certainly liable for civil damages.

How? If Godaddy received a genuine transfer request then they did the right thing by not blocking it. Registrars are supposed to comply with requests from the domain administrator. If that person has poor security it isn't godaddy's fault.

Re:Umm.... (1)

Bucky24 (1943328) | more than 2 years ago | (#38246372)

The blog didn't read like the domain had expired, but you may be right.

Re:Umm.... (1)

GregC63 (1564363) | more than 2 years ago | (#38247170)

Hell, I've had my domain through Register.com for 10 years. It's set up to auto renew and they even provide domain lock which prevents the transfer of my domain without my consent.

What's the big deal? Sounds like Go Daddy needs to change the way they deal with domain transfers.

Re:Umm.... (1)

mysidia (191772) | more than 2 years ago | (#38247930)

GoDaddy locks the domain by default, and even if you do unlock the domain you need an EPP or Authinfo code for .COM and other major GTLDs to effect a transfer. None of that helps at all if your e-mail account is hijacked, though; and doesn't really protect you against intra-registrar transfers. As for the "auto-renewal" service, don't trust it necessarily. There have been reports in the past of registrars' auto-renewal failing to auto-renew certain highly desirable domains. Of course the story could be that you didn't update your CC.... credit cards do have expiration dates, you know... can't auto-renew when you can't bill, Isuppose.

Some registrars such as Moniker offer a service, where you can add a layer of security to registrar lock, by having the registrar call you for approval before unlocking the domain. That is more secure than e-mail confirmation; however, it comes at a very significant price increase for so called "Max Security" or "High security" features of some registrars.

Re:Umm.... (2)

mysidia (191772) | more than 2 years ago | (#38247202)

Not required? As in, he paid for it, it's legally registered to him, and then someone just stole it away and they don't have to give it back? Isn't that theft?

There's always an option to open a UDRP dispute. Although it is expensive to execute the process, it would likely result in the domain being returned to the rightful owner.

Re:Umm.... (1)

Anonymous Coward | more than 2 years ago | (#38247220)

Although it is expensive to execute the process, it would likely result in the domain being returned to the rightful owner.

So it's essentially choice between "Oh, fuck it" and "Oh, fuck me"?

Don't Use GoDaddy (5, Interesting)

sexconker (1179573) | more than 2 years ago | (#38246258)

Don't use GoDaddy.
If you needed any more reasons to stay far away from GoDaddy and their shitty advertising, RTFA.

        So far they have found this has happened to around 12 accounts, all within the "Web Design" genre (so most likely a targeted attack).
        There is no accessible log from with your GoDaddy account to see what/when things happened.
        They do [claim to] have access logs, but they can't [won't] share that information with me.
        The domain was transferred away from GoDaddy the evening of Nov 20th
        They [claim to] have, but cannot [won't] provide me with, the email address used to transfer the domain away.
        GoDaddy confirmed my global account email has never been changed, but it WAS changed for the domain css-tricks.com prior to the move.
        The request to unlock the domain happened on Nov. 14th at 4:30pm Mountain Time. Normally there is a 5-7 day waiting period, but GoDaddy offers instant transfer and they remarked that it was unusual that the hacker chose not to do that.
        They confirmed no other domains have left my account.

[Stuff in brackets is mine.]

Re:Don't Use GoDaddy (3, Informative)

InsightIn140Bytes (2522112) | more than 2 years ago | (#38246328)

1and1 and Network Solutions are on the list too.

Re:Don't Use GoDaddy (0)

Anonymous Coward | more than 2 years ago | (#38248400)

1and1 and Network Solutions are on the list too.

Yes 1&1 boy have i had a ding dong with that bunch of tossers over the clubs domain WOW Never go within a million miles of 1&1 shisters out and out the moment there is a problem you cannot contact the british number you always end up connected to the German help line and the could not give a monkey's

So out of curiosity, (2)

oGMo (379) | more than 2 years ago | (#38246408)

Who is a reputable registrar these days? Does such a thing exist?

Re:So out of curiosity, (5, Informative)

John Hasler (414242) | more than 2 years ago | (#38246470)

> Who is a reputable registrar these days?

Gandi.

Re:So out of curiosity, (4, Interesting)

Urza9814 (883915) | more than 2 years ago | (#38246586)

If only I had mod points. Gandi is by far and without a doubt the best domain registrar out there. Hell, if they were double or even triple the price of GoDaddy, I'd still be using them. (From what I've seen their prices are on par with everyone else.)

Re:So out of curiosity, (-1)

Anonymous Coward | more than 2 years ago | (#38246672)

They run Google-Analytics. How much can they really be trusted?

Re:So out of curiosity, (0)

Anonymous Coward | more than 2 years ago | (#38248098)

Everything runs Google Analytics.

Re:So out of curiosity, (0)

Anonymous Coward | more than 2 years ago | (#38248160)

Exactly.

Re:So out of curiosity, (4, Informative)

Anonymous Coward | more than 2 years ago | (#38246616)

:) We switched to them from Dotster. If you are from the USA the price is better than advertised too. They don't charge VAT and that is a HUGE percentage of the fee. The only complaint I have is the free SSL certificate is confusing/misleading. Or maybe it is just me not understanding things well enough although I doubt it. You have to install the free Gandi certificate in the browser you are using or something like that. In other words it isn't something you can actually use for business or even a personal web site unless you have control over the computers from where you/others will be accessing it from. Therefore what good is it over accepting your own ssl certificate? I know I sound like an idiot as I'm wrong in my explanation. Hopefully you understand what I'm trying to say though.

Re:So out of curiosity, (5, Informative)

The Blue Meanie (223473) | more than 2 years ago | (#38247208)

Nope, you misunderstand. I got them to issue one of the free certs for one of my domains (I use Gandi for all of my registrations), and it works perfectly with all major browsers out of the box.
All you have to do is add Gandi's intermediate certificate (the cert that links their signature on your free cert to the base CA cert that's in everybody's browser), but you do that on your server (web/mail/whatever) and offer it up as part of the SSL negotiation. It works perfectly, and transparently. It is definitely NOT like the hassle of a self-signed certificate, where you DO have to either add the "security exception" to every client's browser, or get them to install your cert into their browser ahead of time.

Re:So out of curiosity, (4, Informative)

efalk (935211) | more than 2 years ago | (#38246662)

Seconded. I register all my domains with Gandi. Clean user interface, no offensive advertising, no constant trying to upsell me. Easy to understand services and contract. Plus, they're outside of the U.S., which is a huge plus -- it makes it much harder for a U.S. court to seize your domain on a whim.

Re:So out of curiosity, (5, Informative)

tomp (4013) | more than 2 years ago | (#38247110)

Gandi rocks, no doubt about it. However, they cannot protect a domain owner from the US government.

I have my domain there because they respect the rights of a domain owner far more than other registrars, but there's nothing they can do if the US government wants a domain in a US-hosted top level domain. When it comes .com, .net, or .org, NSI is all that matters. And unfortunately, they don't care about domain owners.

Re:So out of curiosity, (2)

mysidia (191772) | more than 2 years ago | (#38247222)

it makes it much harder for a U.S. court to seize your domain on a whim.

It also much makes it much harder for you to sue them, if they do something bad and it hurts you or you lose the domain or uptime as a result.

Re:So out of curiosity, (1)

LordLimecat (1103839) | more than 2 years ago | (#38247696)

it makes it much harder for a U.S. court to seize your domain on a whim.

Wouldnt it make it easier for some other government to seize it on a whim?

I mean, that may be the determination that youve made, that this is less of a risk, but Im just saying.

Re:So out of curiosity, (2)

CyberVenom (697959) | more than 2 years ago | (#38246706)

Thirded. Been with them since they were one of the first ICANN registrars outside of Network Solutions. Like their motto says, "no bullshit"

Re:So out of curiosity, (1)

networkzombie (921324) | more than 2 years ago | (#38247182)

Wow. I have three domains with GoDaddy and I think I will switch. It is hard to resist the "No Bullshit" which is trademarked. Thank you. I have no problems with them running Google Analytics. Should I? Google will honor my robots.txt. Why should I care about Google Analytics? Anyone?

Re:So out of curiosity, (-1)

Anonymous Coward | more than 2 years ago | (#38247882)

wat ?

google analytics requires you to put javascript blurb into all your pages, and comes from wherever you're hosting your crap, not who's doing registrar duties.

if this registrar is doing things right, as a registrar should, they delegate forwards DNS authority to you, so you have control over what shows up on your pages.

maybe if they have some sort of free hosting or whatever bullshit, they'll add their own GA ping... but what's the freaking point ?

Re:So out of curiosity, (3, Informative)

hpa (7948) | more than 2 years ago | (#38246796)

Seconded the recommendation for Gandi. Another good one is Loopia in Sweden, loopia.se. Loopia got acquired reasonably recently, so they may or may not stay that way but for now they have been very good and for a long time they were the best-priced .se and .nu registrar (and may still be.)

Re:So out of curiosity, (3, Insightful)

mrbester (200927) | more than 2 years ago | (#38246892)

Status: clientTransferProhibited FTW. Set by a checkbox in a settings screen. GANDI never forget that your domain is yours (unlike other registrars who consider it theirs and you're just borrowing it from them).

Re:So out of curiosity, (4, Informative)

Animats (122034) | more than 2 years ago | (#38247918)

Who is a reputable registrar these days?

The top of the line is MarkMonitor [markmonitor.com] . If you have to ask how much they cost, you can't afford them. They're the registrar for "gm.com", "ford.com", "bankofamerica.com", etc. If something goes wrong with one of their domains, alarm bells ring at their monitoring center and DNS experts, investigators, and lawyers swing into action.

Network Solutions can be difficult to deal with, but they register enough corporate domains that they have a support organization that's not a joke.

GoDaddy is generally considered to be near the bottom of the heap. You might register your personal blog with GoDaddy. Maybe.

Down at the bottom is eNom, the leader in junk domain registration. That's where you register your 100,000 typosquatting domains.

Re:So out of curiosity, (0)

Anonymous Coward | more than 2 years ago | (#38247506)

DynDNS does sell domain names as well and their service is excellent.
You do pay more than GoDaddy.

Re:So out of curiosity, (1)

houstonbofh (602064) | more than 2 years ago | (#38247774)

SafeNames. They are NOT the cheapest, but they have amazing customer service. Absolutely rock. You actually have a real person as an account manager. Type "whois dell.com" for more.

Re:So out of curiosity, (1)

QuoteMstr (55051) | more than 2 years ago | (#38248014)

I've been happy with gkg.net. I like that they started offering IPv6 glue records very early.

Re:Don't Use GoDaddy (5, Interesting)

Anonymous Coward | more than 2 years ago | (#38247224)

Don't use GoDaddy.

To be fair, this wasn't strictly a GoDaddy Issue. TFA stated:

This is not isolated to GoDaddy. Original registrants varied, see below.

Which then listed multiple GoDaddy's, a 1and1.com, and a NetworkSolutions.com. This sounds more like the fact that GoDaddy happens to be the big horse (ala Microsoft) so it's likely going to be attacked me most. Not using GoDaddy might be good advice but it seems like it's also not a guarantee.

The bigger issue is that there's no authoritative way to quickly re-gain such lost domains. And domain name disputes are always a huge PITA. Given the value of a domain name and how easy it is to sit on it once stolen, costing some business tons of money, I wouldn't be surprised if this starts happening more.

One thing that keeps popping out is the fact that they're all being xfered to PlanetDomain.com. ICANN needs to revoke their ability to register domains.

Re:Don't Use GoDaddy (3, Informative)

houstonbofh (602064) | more than 2 years ago | (#38247804)

The difference is that with a real company, like SafeNames, you call your account rep, and he says, "I will handle this for you." And you get updates, not stonewalls. May still take a lot of time, but it will be less stress than GoDaddy's "not my problem" BS.

GoDaddy (1)

Anonymous Coward | more than 2 years ago | (#38246262)

GoDaddy. That right there is the problem. No end of horror stories from this company.

e-mail (2)

reiisi (1211052) | more than 2 years ago | (#38246524)

Actually, in this case, the problem seems to be hijacked e-mail.

What I'm trying to understand now is why they need a copy of a license to start checking about undoing the transfer, when they don't require the copy of the license to initiate it.

Re:e-mail (1)

Dan541 (1032000) | more than 2 years ago | (#38247356)

What I'm trying to understand now is why they need a copy of a license to start checking about undoing the transfer, when they don't require the copy of the license to initiate it.

Cost, people want cheap domain registrations and aren't prepared to pay for the extra security of document verification.

For the curious (5, Informative)

Anonymous Coward | more than 2 years ago | (#38246284)

That phone number looks like a valid aussie mobile number. Who answers?

Domain Name: CSS-TRICKS.COM
            Reseller..............: PlanetDomain Ltd Pty
            Created on............: 4 Jul 2007 16:26:57 EST
            Expires on............: 4 Jul 2019 16:26:57 EST
            Record last updated on: 21 Nov 2011 16:20:33 EST
            Status................: ACTIVE

      Owner:
            oca
              (465144)
                Bakulina 12,
            Kharkiv, gras 61166
            Austria
            Phone: +61.4354353455
            Email:
      Administrative Contact, Billing Contact:
            oca
              (465143)
                Bakulina 12,
            Kharkiv, gras 61166
            Austria
            Phone: +61.4354353455
            Email:
      Technical Contact:
            oca
              (465145)
                Bakulina 12,
            Kharkiv, gras 61166
            Austria
            Phone: +61.4354353455
            Email:

      Domain servers in listed order:

      No name servers present.

Re:For the curious (0)

Anonymous Coward | more than 2 years ago | (#38246344)

Fake phone number, too many numbers. Although assuming it's not fake and it just has too many numbers, it lies within the range assigned to Optus.

Re:For the curious (1)

Dan541 (1032000) | more than 2 years ago | (#38247340)

Mobile (cell phone) numbers in Australia are all ten digits and start with. 04 so that number in Australia would be 04354353455 which is of course 1 digit too many. I think it's a typo since anyone trying to fake a phone number would at least use the correct amount of digits.

Re:For the curious (1)

SeaFox (739806) | more than 2 years ago | (#38247652)

I notice the contacts are in Austria, not Australia.

Re:For the curious (0)

Anonymous Coward | more than 2 years ago | (#38247862)

Indeed, but +61 is Australia.

Re:For the curious (2)

Dan541 (1032000) | more than 2 years ago | (#38247992)

+61 is Australia but yes the postal address is Austria.

Re:For the curious (0)

Anonymous Coward | more than 2 years ago | (#38246358)

Oh wait. One extra digit and the country is listed as Austria not Australia

Also, forserver@yahoo.com is associated with about 3 domains according to domain tools

Perhaps contact the Aus federal police and send it in and get them to put a request in to yahoo?

Re:For the curious (3, Informative)

iluvcapra (782887) | more than 2 years ago | (#38246376)

Ummmm, Graz is a town on the Mur in Austria, not Austrialia. However +61 is the country code of Australia. Some sort of bizzare joke.

Re:For the curious (3, Informative)

OneMadMuppet (1329291) | more than 2 years ago | (#38248208)

Bakulina 12 is an address in Kharkiv, in Ukraine. Anyone can pick a random city or country, but picking a specific street in north Kharkiv is less likely. Start there.

Re:For the curious (1)

novakreo (598689) | more than 2 years ago | (#38246636)

One too many digits for an Aussie number.

phone number looks like hex string (3, Interesting)

jamesh (87723) | more than 2 years ago | (#38246666)

Did anyone else notice that the phone number looks like a hex string?

43:54:35:34:55 => CT54U

it doesn't look particularly meaningful unless they were stupid enough to encode a password or something in it.

Re:phone number looks like hex string (1)

jamesh (87723) | more than 2 years ago | (#38246710)

or "aCT54U" if you were to include the country code... still seems meaningless, maybe just a coincidence

Re:phone number looks like hex string (4, Insightful)

sconeu (64226) | more than 2 years ago | (#38247008)

1337-speek for "Acts for you"

Re:phone number looks like hex string (1)

Anonymous Coward | more than 2 years ago | (#38246934)

Um, they're also all in the same row of a numeric keypad. This, and that it's one digit too many, is probably a sign that the perp just reached for the keypad and typed random digits in a hurry until the on-screen looked long enough to be a phone number but without trying too hard.

Re:phone number looks like hex string (1)

moderatorrater (1095745) | more than 2 years ago | (#38247230)

Or a variable repetition of 3,4, and 5.

Re:For the curious (1)

ColaMan (37550) | more than 2 years ago | (#38246826)

Too many digits. Australian numbers are ten digits long.

adding the leading zero that gets dropped when you dial international numbers gives 11 digits.

And of course the fact that "Austria" and "Australia" are usually right next to each other in your average "choose your country" drop-down box.

Re:For the curious (0)

Anonymous Coward | more than 2 years ago | (#38247232)

Phone looks like random mashing on numeric row. In other news, Austria invaded Ukraine, taking Kharkiv.

GoDaddy no so bad. (1)

Anonymous Coward | more than 2 years ago | (#38246302)

They actually CALL me before doing anything. I've had a domain expiring that I don't care to renew, and a REAL person calls me to let me know that it will expire, as well as emails every so often as the end date comes close. I've SOLD domains to other people and I've had to tell them over the phone that the domain was up for a legit transfer. I think there is a ball on the floor, because it was dropped.

stolen (1)

reiisi (1211052) | more than 2 years ago | (#38246508)

RTFriendlyA

GoDaddy has the e-mail that requested the change, and the domain owner did not send it.

Or, are you the thief, trying to misdirect the conversation?

Re:stolen (2)

TheRealMindChild (743925) | more than 2 years ago | (#38246832)

Just because you are paranoid, doesn't mean they aren't after you

DAVIDWALSH.NAME stolen also (2)

Anonymous Coward | more than 2 years ago | (#38246346)

My domain, DAVIDWALSH.NAME has also been stolen. 1And1 yet to return the domain or give me a detailed response for 5 days.

Gmail problem (5, Interesting)

Albanach (527650) | more than 2 years ago | (#38246540)

it looks like the big problem here is that 4 years on it's still apparently possible for websites to silently create filters on gmail accounts if a logged in user visits their site. That effectively allows a malicious site to compromise hosting accounts, bank accounts and much more.

Re:Gmail problem (0)

Anonymous Coward | more than 2 years ago | (#38246558)

LOL, yeah. I blame AOL...f*U*in dial up. I have to sign in to check my mail!!

Re:Gmail problem (5, Informative)

cultiv8 (1660093) | more than 2 years ago | (#38246574)

As noted in 2008 on Mashable [mashable.com] :

According to a proof of concept by Geek Condition, there is a security flaw in Gmail that allows an attacker to forward GoDaddy account reset information to the offending party unbeknownst by the victim. This is done by creating a filter that forwards GoDaddy’s “change of password” mail to the attacker and deletes it from your inbox.

Re:Gmail problem (4, Informative)

MyFirstNameIsPaul (1552283) | more than 2 years ago | (#38246642)

That article states that the attacker must direct the victim to a site with a malicious script in order to get a Session Authorization Key.

Re:Gmail problem (4, Insightful)

HeyBob! (111243) | more than 2 years ago | (#38246602)

Exactly - why are you using a free email account to be the key to owning your domain name? Run your own email server! Become your own registrar - it's worth it if you have a bunch of domains.

Re:Gmail problem (0, Offtopic)

Skidborg (1585365) | more than 2 years ago | (#38247012)

And that one mod point I was saving for a post like this just expired.

Re:Gmail problem (4, Informative)

tftp (111690) | more than 2 years ago | (#38247618)

why are you using a free email account to be the key to owning your domain name? Run your own email server!

You shouldn't have a contact email on the domain that is being administered. Your suggestion is good only if you have several domains registered by different registrars, and if your email is very reliable (with reverse DNS and such.) Then you can cross-link these records. For everyone else Gmail is a rational choice; it's free, it's reliable, and it's always there.

Re:Gmail problem (1)

houstonbofh (602064) | more than 2 years ago | (#38247826)

I do not know a single network admin worth a damn that does not have at least 5 non-free e-mail addresses. And you only need 3. And, yes, none of them should be on the domain in question, and none of the mail servers should be with the registrar. Security through diversity.

Re:Gmail problem (2)

jtnix (173853) | more than 2 years ago | (#38247734)

There's nothing wrong with using a 'free' email account to register for domain services or any other product or service for that matter. I would however recommend some recursion, i.e. create a unique freemail account with a very high security password and set it up to forward (while still saving emails) to your master email account(s). Of course, it's a good idea to rotate a high security password on your master email account(s) as well. It's not rocket science, it's security. These crafty bastards have been at it for a good 10+ years now. If you haven't been paying attention to current security flaws on the intertubes and get hacked then you are part to blame, too.

Do you rotate high security passwords at least yearly? Monthly would be a better idea. Do you use a password agent/app to manage your passwords? There are dozens available, try one or two with a Really Good Password. Do you keep multiple, offsite backups of your encrypted password file? Make sure it's well encrypted with a 10 to 16 byte password that you can realistically memorize and rotate it at least once a year.

Re:Gmail problem (1)

cultiv8 (1660093) | more than 2 years ago | (#38246632)

Really, your comment was moderated as a Troll? Who are these moderators?

Re:Gmail problem (1, Offtopic)

Mashiki (184564) | more than 2 years ago | (#38246700)

You know, we had a discussion just the other day about group-think and the /. condition [slashdot.org] where people making good comments are shouted down. The GP is yet another example of this.

Re:Gmail problem (2, Interesting)

headkase (533448) | more than 2 years ago | (#38246812)

I don't even bother to moderate anymore. I read the comments at -1 because that is the only way to combat moderator abuse. It happens too often that you see a completely worthwhile comment moderated -1. Slashdot's game has been fixed. I blame the "Friend/Foe" system: that let's you instantly know whether to mod up/down if you were so inclined.

Re:Gmail problem (4, Interesting)

houstonbofh (602064) | more than 2 years ago | (#38247836)

It is only temporary... Go ahead and moderate. Read at -1 and just give points to people unfairly trolled.

Re:Gmail problem (1)

jamesh (87723) | more than 2 years ago | (#38246866)

It's at +5 now... what was the problem again?

Re:Gmail problem (1)

Mashiki (184564) | more than 2 years ago | (#38247772)

Give it 6 hours for a group of people to throw a hissy fit over what they read, and it'll be -0 troll or flamebait. You know much like how my post is 'offtopic' when it's not.

Same thing happened back in 2000 to me and others (5, Interesting)

Nethead (1563) | more than 2 years ago | (#38246610)

http://www.wired.com/politics/law/news/2000/01/33571 [wired.com]

Network Solutions' administrative policies are once again being blamed for Internet domain hijackings that took at least brief control over some major Web domains.
Beginning Saturday, an unidentified individual began attempts, some successful, to seize control over domains including major Web hosting service Exodus, Web standards body World Wide Web Consortium and Emory University.
And all the misappropriation required was a simple spoofing of email addresses.

The only good thing about it was getting my name in Wired.

ICANN (3, Interesting)

DaMattster (977781) | more than 2 years ago | (#38246886)

Does ICANN offer any assistance with this matter? Can't they just yank the domain back?

Re:ICANN (5, Informative)

Tacvek (948259) | more than 2 years ago | (#38247198)

ICANN cannot technically do that, since they don't actually control the content of the TLD. The Domain Registry (Verisign) could technically reverse the transfer, but are bound by ICANN policies that likely prevent them from doing anything. ICANN in conjunction with Verisign could get the transfer reverted, but since that requires two entities working in concert, I would not count on it happening.

Of course the Australian registry could determine that the transfer was fraudulent, and transfer it back to Go Daddy as a registrar (who is bound by contract to return it to the control of Chris Coyer), and provide information about the fraud to the police, but since that is not in their interests, they will never do that either.

Re:ICANN (2)

Nemyst (1383049) | more than 2 years ago | (#38247382)

It isn't in their interests? Surely siding against the web design community, a very large source of domain registrations, isn't the brightest of ideas?

Re:ICANN (0)

Anonymous Coward | more than 2 years ago | (#38247210)

http://www.icann.org/en/transfers/dispute-policy-12jul04.htm

Re:ICANN (4, Informative)

dissy (172727) | more than 2 years ago | (#38247800)

Does ICANN offer any assistance with this matter? Can't they just yank the domain back?

Yup, there is a process for this. Unfortunately a bit slow, but better than nothing.

The registrar the domain is with now must provide proof the owner submitted it that can be challenged. No proof in 5 days, ICANN reverses the transfer.

At that point they have two weeks to argue that the transfer was not authentic.
I believe a court order would cause the action to be taken immediately in reversing it, and ICANN states they will comply.

http://www.icann.org/en/transfers/ [icann.org]
All the forms and the policy itself (Items 1-4 on that page) plus some FAQ's that mention this type of thing.

I've never had to do a transfer dispute, so am not sure if their policy matches reality, but there it is.

AFP & Court (0)

Anonymous Coward | more than 2 years ago | (#38247176)

I have a feeling the australian high court would be absoluely facinated by this.. and quite angry.

If they don't give it back, take the registrar to court. it IS stealing, its also a cyber crime. Australian Federal Police could also probably help in this matter if you sent them a message..

It's a cyber crime.. which ... surprise surprise... comes under the australian terrorism act.. It's not tried in military courts here.. haha but its still cracked down on rather harshly.

Helpless? No. (3, Insightful)

macraig (621737) | more than 2 years ago | (#38247896)

... the registrars seem helpless to do anything about it.

Not helpless: careless, as in "we couldn't care less". How exactly do these thefts hurt their reputation or profits or bottom line? It doesn't, which is exactly why they don't care. These registrars will continue to not-care unless and until the victims can make the thefts affect the registrars in some measurable way.

Re:Helpless? No. (0)

Anonymous Coward | more than 2 years ago | (#38247924)

Registrars are above the law.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?