Domains May Disappear After Search 379
Ponca City, We Love You writes "Daily Domainer has a story alleging that there may be a leak that allows domain tasters to intercept, analyze and register your domain ideas in minutes. 'Every time you do a whois search with any service, you run a risk of losing your domain,' says one industry insider. ICANN's Security and Stability Advisory Committee (SSAC ) has not been able to find hard evidence of Domain Name Front Running but they have issued an advisory (pdf) for people to come forward with hard evidence it is happening. Here is how domain name research theft crimes can occur and some tips to avoiding being a victim."
never use the web for such queries (Score:5, Informative)
Better still, simply use your registrar to do a registration, if that works then it was free
http://rndpic.com/ [rndpic.com]
Data mining (Score:5, Informative)
However, there is another matter - that of data mining of the query packets that arrive at root and top level domain servers.
ICANN's contracts do not prohibit data mining of the query stream, in fact they openly permit it. Thus Verisign has the right to look at incoming queries and generate a body of information about what domain names are being uttered by users. It's not a big step from that to come up with a list of names that would be nice things to have if one wants to spatter up a bunch of Google Adsense ads and collect click revenue.
(Also, because the entire domain name, not just the top level parts, hits root and top level domain servers, through a bit of statistical reduction, one can produce a data stream that is of interest not only to paying marketeers but, perhaps, to certain national intelligence agencies.)
Re:never use the web for such queries (Score:5, Informative)
http://technet.microsoft.com/en-us/sysinternals/bb897435.aspx [microsoft.com]
Not a new trend. (Score:4, Informative)
Maybe the community can come up with a list of guaranteed reputable domain search services that take measures to prevent this sort of activity, and support those organizations.
its actually pretty common (Score:4, Informative)
Re:never use the web for such queries (Score:1, Informative)
nope, they dont pay (Score:5, Informative)
Actually most of bigger squatting operations don't pay a dime on a per name basis. They hold the name for 30 days, then release it at no cost.
https://www.easywhois.com/ (Score:5, Informative)
One of the problems stem from the fact that any whois query can be sniffed (or SNORTed) if it passes over the wrong network hop anyway, so there isn't much you can do unless you're ready on the trigger to register the domain almost immediately. One thing you CAN do if you're going to do web queries (because not everybody has a whois command line installed) is query via;
https://www.easywhois.com/ [easywhois.com]
Note httpS. I can certify that Mark J doesn't do domain tasting [privateworld.com], that's not the business EasyDNS is in [www.cnw.ca]. So if you do do a query via EasyWhois it's not going to get snagged after 24 hours (at least not from our end).
[ Disclaimer: Yeah I work for EasyDNS
Comment removed (Score:5, Informative)
First domain name front running, now this (Score:3, Informative)
I guess from now on one will have to register a name blind and see what happens.
Re:This has been happening a long time (Score:5, Informative)
Omg don't do that! (Score:5, Informative)
"It is such a strong urge to type the domain name into the address bar and see what website comes up. Most users think perhaps there is already a company using the name and this will be a quick end to the question. Wrong! This is the most dangerous thing to do. Internet Service Providers (ISP) sell NXD (Non-eXistent Domain) data."
Comment removed (Score:5, Informative)
Re:its actually pretty common (Score:4, Informative)
Also - GoDaddy has a quite nice spam policy - which other cheap registrars often don't have and they actually do not care much because being too strict about spam would not give them income.
joker.com would be nice because their web interface is clean and they don't try to sell you a kitchen sink with your domain, but their spam policy has at least in the past been non-existant.
Re:This has been happening a long time (Score:3, Informative)
Comment removed (Score:4, Informative)
Re:MD5 lookup as defence (Score:1, Informative)
Re:its actually pretty common (Score:5, Informative)
Re:What registrar registers a domain for $2? (Score:2, Informative)
Re:never use the web for such queries (Score:4, Informative)
The perpetrator, in this case, was one Hank Ceigler, who, it turns out, was working for GoDaddy at the time. I'm not sure if he was a contractor or a full-time employee, but he was definitely involved in the domain business. I contacted him to see if he was interested in selling the domain, and he quoted a price over twice the appraised value of the domain.
I would love to know why GoDaddy is still allowed to register domains. They're scum.
Comment removed (Score:3, Informative)
Comment removed (Score:4, Informative)