

Secure Your Domain – Where Is Safe to Register a Domain Name? (2012) - ozh
https://gun.io/blog/secure-your-domain-where-is-safe-to-register-a-domain-name/

======
scrollaway
For those looking for a good domain name registrar, I'd like to recommend
[https://gandi.net](https://gandi.net). They have virtually every TLD, an
excellent management UI and a very friendly customer service. I wish they
didn't use those stupid nick handles though... but hey.

I discovered them back when they did an anti-SOPA promotion. They were, along
with Namecheap, really good with that (though the latter has much less TLDs
and I personally prefer having everything in one place).

~~~
WildUtah
Gandi now has offices in the USA and is obligated to spy on you and take your
domains without notice or appeal and all the other USA PATRIOT garbage.

~~~
scrollaway
> spy on you

What are they gonna do that the NSA can't do themselves? They're just a
registrar.

> take your domains without notice or appeal

I'd like to see them try. No really, I would - they're very vocally against
the bullshit the USA is pulling, and if they try to double cross even one of
their customers, their other customers will hear about it. As it stands, it
hasn't been done.

------
mike-cardwell
I am not concerned about a government stealing my domain. I am more concerned
about a hacker stealing it by social engineering their way into my account
with my registrar and transferring it away or modifying the nameservers.

With my perfect registrar, I'd be able to log into my account and check a box
which says "Notify and delay all changes by 24 hours". So that even if
somebody does get access to my account, if they try to transfer the domain
away, an email/sms will immediately be sent to me to warn of the event, and
the transfer wont begin until 24 hours later, giving me time to prevent it.
Also, actions such as changing the account email address or phone number or
the domains nameservers, or unchecking that "Notify" box, would also be
subject to a 24 hour delay, and a notification. Also, I'd get a notification
whenever a login occurred in my account from a new previously unseen IP
address. Also, it would have 2FA, but that goes without saying.

~~~
zhte415
There are services that do something like this. Mark Monitor springs to mind
as one of the major ones, with a lot of complimentary services too:
[https://www.markmonitor.com/services/domain-
management.php](https://www.markmonitor.com/services/domain-management.php)

I doubt they are cheap. I'm sure others HNers could weigh in with
alternatives.

~~~
hackuser
Wasn't Facebook's domain, or at least their whois record, hacked via Mark
Monitor in February? At least that was the initial report; I'm not sure what
happened and it's hard to find a credible source about it. Here's the best I
found in a short search:

[http://thenextweb.com/facebook/2014/02/06/uh-oh-syrian-
elect...](http://thenextweb.com/facebook/2014/02/06/uh-oh-syrian-electronic-
army-meddling-facebooks-domain/)

Of course if it was hacked it wasn't necessarily Mark Monitor's fault; it
could be Facebook's (though good security would anticipate that some customers
will have poor security).

------
pidg
I had mil.af for a year (.af is part of CoCCA). When I tried to renew, the
payment was refused and the domain was dropped. The NIC didn't reply to my
emails.

While I expected something like that to happen eventually, it might raise a
flag about registering domains with any CoCCA members, if you're considering
security.

(Apart from anything else, I did wonder whether its similarity to af.mil would
cause issues down the line anyway.)

CoCCA members:
[http://www.nic.net.sb/index.php/about/members.html](http://www.nic.net.sb/index.php/about/members.html)

------
Revex
tl;dr version -> If you are concerned with the U.S. government seizing your
domain get a TLD from Switzerland(.ch)

~~~
id
Or from any other stable, human rights respecting country that isn't a Five
Eyes member. Doesn't save you from DNS blocking (and many other things),
though.

See
[https://www.pirateparty.ch/wikileaks_ch_blocked](https://www.pirateparty.ch/wikileaks_ch_blocked)
(EveryDNS stated it isn't taking a position on the content hosted on the
wikileaks.ch website)

In addition, I'd like to say that I don't think there is a problem with .com,
.net, or .org

It's way more important which registrar you have.

~~~
weathertop
Indeed. But it is also important to understand that just because it's the
Internet, doesn't mean speech is absolutely free and that there are not
consequences.

As far as user-generated content, perhaps this is a nod to policing that
content much more unless you have the resources to handle legal challenges
that will almost inevitably come up.

------
chrisBob
I am very concerned about the .onion and .namecoin suggestions I have seen
recently. The primary advantage of the internet is that it is universally
accessible, but now people are promoting fragmentation in favor of security.

------
curyous
To take control of your domain away from a central third party, use .bit with
Namecoin. It's not mainstream yet, but fixes many of these issues.

------
shared4you
What do you guys think about OVH? I believe they stood by Wikileaks in the
past. But their servers are listed in the top 10 spamming hosts.

~~~
ozh
I hate with a passion their admin interface. It sucks so much, they had to add
a GPS on it to gives directions on where to click to do something. No kidding.

------
stayparanoid
united arab emirates? seriously? the guys who had facebook censored if not
hijacked? come on, be serious. that makes this article untrustable, sorry.

