Domain Theft-for-Ransom Hits css-tricks.com and Others 147
An anonymous reader writes "Chris Coyer at css-tricks.com has had his domain transferred from GoDaddy.com to a registrar in Australia where it's being held for ransom. Several other domains have experienced the same theft by what seems to be the same person, and the registrars seem helpless to do anything about it."
Re:Umm.... (Score:4, Insightful)
It's most certainly theft, and on top of that Godaddy is most certainly liable for civil damages.
Re:Umm.... (Score:4, Insightful)
Yeah but thats not counting international law which would apply here. It's quite likely these people will need to sue in whatever country has the domain.
Re:Gmail problem (Score:5, Insightful)
Exactly - why are you using a free email account to be the key to owning your domain name? Run your own email server! Become your own registrar - it's worth it if you have a bunch of domains.
Re:Umm.... (Score:5, Insightful)
It's most certainly theft, and on top of that Godaddy is most certainly liable for civil damages.
I just transferred a domain from GoDaddy to a preferred registrar. All I needed, and all I should need, was my username and password.
If I let my username and password fall into the hands of somebody else, which I believe is the case here, and they transferred the domain then firstly, godaddy are not at fault, and secondly, godaddy can't actually do anything about it because they don't own the domain anymore. It's a bit rude of them to not offer more assistance in terms of providing evidence to help the owner prove his ownership to the new registrar, eg maybe the access was from an IP address in a different country than the owner resides, etc, but that's hardly grounds for a civil suit for damanges.
If you buy a domain from a registrar who doesn't charge you enough to offer assistance when something goes wrong, and have a reputation for this, then you kind of get what you deserve.
IMHO, GoDaddy aren't evil, just cheap, and are just a product of our collective race to the bottom in terms of not caring about quality of service when buying a product and only complaining about it when something goes wrong.
Re:So out of curiosity, (Score:3, Insightful)
Re:phone number looks like hex string (Score:5, Insightful)
1337-speek for "Acts for you"
Re:Umm.... (Score:5, Insightful)
In this case it's lucky the domain was moved to an Australian registrar and not China, or Russia. Legal action against the gaining registrar isn't out of the question.
Helpless? No. (Score:4, Insightful)
... the registrars seem helpless to do anything about it.
Not helpless: careless, as in "we couldn't care less". How exactly do these thefts hurt their reputation or profits or bottom line? It doesn't, which is exactly why they don't care. These registrars will continue to not-care unless and until the victims can make the thefts affect the registrars in some measurable way.
Re:Umm.... (Score:5, Insightful)
Erm, that argument doesn't fly here... because the -control- over the domain was seized away. It's not like it was just copied, like the whole "pirating != theft" argument has at it's heart.
Re:Helpless? No. (Score:5, Insightful)
I actually prefer them not to care. It seems in this case email was hijacked and GoDaddy is not supposed to deny the transfer if everything is done properly. It is a real pain in the ass trying to obtain an "utility bill" or other "proof" from $5 / month web service customer when all they want is to get their domain transferred from the previous $15 / month provider (provided of course that the previous ISP who registered the domain was generous enough to put a real owner contact email to whois data...). It *should* be that easy for you average low-cost domain.
If you want your domain provider to "care" - which in this case is that you get personal service and are not just using automation yourself - you pay (actually GoDaddy also offers phone verification option for extra fee...). If you are bankofamerica.com or microsoft.com you should really do take a bit more expensive option - it is not likely that you change your registrar yearly to the cheapest alternative. But if you are a random website (this is first time I heard about css-tricks.com, I really don't know if they are big and famous site on web design field) looking for the cheapest option this is how it should be, because on the other side you have very angry customers complaining that registrars hold their domains hostage; been there in the middle answering to customer on the other side that no, this is not that easy because your registrar requires this and that and I have to bill you by the hour and on the other side having the registrar jump me through obstacle course to transfer ordinary domains by just flagging transfer "suspicious" and everything from first tier customer support is some form of "sorry, I can't do that".
By the way US registrars - identification by utility bill is something we do not do in Europe - the whole concept is strange, so please do not ask me for my clients electricity bill, they most likely can't provide one.