Hacker News new | past | comments | ask | show | jobs | submit login
Freenom, the free domains website, is a scam (is-a.dev)
307 points by hackermondev on July 25, 2021 | hide | past | favorite | 163 comments



A) You get what you pay for.

B) The top-level domains offered here are absolute garbage and are generally seen as problematic. See A.

C) Freenom has a lot of power as the holder of its namespace. Don't like that? Bring it up with ICANN.

Because the Internet is built around a lot of abstractions that only make sense in light of the historical context at the time the technology was originally adopted, it really doesn't lend itself to being friendly to newbies. These people are actively preyed upon by a hostile industry full of shady operators.


Fwiw, ICANN doesn’t govern ccTLDs, only gTLDs. They try to help advise ccTLDs though: https://www.icann.org/resources/pages/cctlds-21-2012-02-25-e...


well, in that case bring it up with the third-world government body that oversees the ccTLD.


I use a .gd domain. I know that if my brothers in Grenada have a government unwilling to play ball, the US will invade them.


In many cases, that body may not exist. Freenom has placed themselves in the role of the registry.


At the invitation of the governments in question. Those governments could withdraw their authorization. They won't, but they could.


You don't get what you pay for. Plenty of high-prized scams around.


Also I have a .gq domain from freenom which works fine and I'm feel I'm getting more than the $0 paid.


... Until you get less.


i think they had free .ml at some point which has become a decent domain because of machine learning


jeez. people should absolutely know better because the ccTLD is for Mali, a somewhat unstable central African country. who cares what the letters alternatively stand for? Any website built on this is already on a shaky foundation.


Is there any domain other than com/edu/gov that’s actually used for its official meaning, and isn’t hosted by a government body?

I feel like 99% of .ly sites have nothing to do with libya


If you live outside of the US, yes quite a lot. That's what cctld's are for, the weird part you are observing is that nobody in the us seems to want to use their cctld.


That's obviously because we view .com as our primary cctld, not .us. The .com tld has been the common commercial domain space for the US since long before the Web existed and long before you could freely register .us domains.

Why would we switch over to primarily utilizing .us given the very early adoption of .com in the culture and economy? It would be nonsensical to do so.

You can see that early adoption well represented here:

https://en.wikipedia.org/wiki/List_of_the_oldest_currently_r...

northrop.com 1985, dec.com 1985, att.com 1986, xerox.com 1986, ibm.com 1986, sun.com 1986, intel.com 1986, ti.com 1986, boeing.com 1986, alcoa.com 1986, adobe.com 1986, amd.com 1986, 3com.com 1986, tandy.com 1986, and so on.


I think they mean less private for-profit companies, and more NGOs, little municipal-government projects, and the like. The types of things where it's natural to get your city's or state's official registry to nest your project under their namespace.

In Canada, all our federal-government stuff is under .gov.ca, and all our provincial-government stuff is under .gov.[province].ca. But those .[province].ca domains can also be used by any org located in the province, that asks the province nicely. (Examples: http://www.bccancer.bc.ca/, https://spca.bc.ca/)

This same pattern is, AFAIK, followed by pretty much every other country. .gov.[province/state/region].[country] reserved for the regional governments; .[province/state/region].[country] available upon request to orgs that make sense to be nested there.

I understand that the US uses .gov for its federal-government stuff; but why is e.g. the Legislature of Idaho at https://legislature.idaho.gov/ rather than being at e.g. legislature.gov.id.us ? Why weren't swathes of the .us ccTLD reserved for this use, to mirror what basically every other country does with its ccTLD?


They were; there's a whole complicated set of namespace reservations for government entities under .us. https://en.wikipedia.org/wiki/.us#Locality_namespace

However, state governments don't have to use this if they don't want to, and they're allowed to have .gov domains. Different states made whatever decisions for whatever idiosyncratic reasons. I strongly suspect that .gov has better name recognition as "this is definitely the government" among the American public, so that might be a reason why state and local government entities might choose to use it.


Until recently, non-federal entities weren't allowed to use .gov. So states and municipalities had to actively switch (and advertise that switch).


To nitpick slightly, most Canadian federal government websites are under .gc.ca, not .gov.ca. For example, pm.gc.ca and travel.gc.ca. But the top-level federal government website is located at Canada.ca (gc.ca actually redirects there).


> Why would we switch over to primarily utilizing .us

Precisely because .com is used by all the world and his dog. It gives no indication where the organisation presents its home to be.


Which is why I check the 'About' page on a site new to me.


As a consumer, why do I care?


The fact that you view an international space as belonging to the US is precisely what's weird and objectionable. Most countries don't do that sort of thing and most intranational companies are happy to use a domain from their own country, except for the US.

(Most of your list are multinational corporations which is a perfectly reasonable use for .com).


Are you familiar with the history of the Internet?


Yes, and as such I'm aware that it was not the Silicon Valley-only project that a certain crowd likes to portray it as. The specific implementation of TCP (and indeed DNS) that ARPANET used came from UC, but it's derived from the French CYCLADES project via the INWG. So it was an international effort from the start, and that's even more true for the complex stacks that today's commercial websites run on.


Those websites running that Swiss originated hypertext protocol? The one that won because the US protocol (gopher) was monetized?


> an international space as belonging to the US

Do you mean .com or the Internet as a whole?


It would probably seem redundant in the USA to use a .us domain, since the default assumption seems to be that everything is US-centric.


Because .com is the defacto US cctld at this point.


It is also widely used for non-USA domains (I put my own there as there is lower risk of .com-wide problems - see recent .org attempted hijacking and .weirdtopextensions are very risky)


It's a interesting fact that .com is also very popular in china. Alexa says 8 of top 10 sites in China use .com. https://www.alexa.com/topsites/countries/CN


Even the "isn't everything so US-centric!" criticisms are US-centric, it seems.


That is a fun fact!


You can’t anonymously hold a domain in .us.


You can't anonymously hold a domain in any *TLD. Yes, even in freenom's TLDs (you're not a domain holder with free domains)


Only in the US or everywhere? I see there are anonymizing services to mask the domain details so that any whois query returns a pointer to their office rather than the effective domain owners. A service that does the opposite might be handy for example to expose spammers.


Anywhere. Yes, there are "whois guard" services, but that's actually email relays (like aliases). You must provide your identity information (name, surname, other passport/id data, address, etc.) to buy a domain name.

Any "privacy-oriented" registrar just hides that information from whois records, but you still share it to registrar, so in case of government requests or data leak your PII will be exposed.

There is no anonymity in internet, only pseudoanonymity.


I have yet to be asked for a passport and I own a few region locked domains (ex. .EU). That said there are anonymous domain resellers that basically register the domains on themself. It's more expensive than the usual free whois guard but it's not unheard of.


What about njalla?


...except that it's also used by companies from every other country as well. It's more of a slush-bucket "everything goes here" TLD than anything.


I'd guess most ccTLDs are primarily used for the country, only a few get commonly "misused".


/me looks at .io and wonders.


My point. There's 300+ ccTLDs, or 250+ if you only count ASCII ones. There's maybe about a dozen regularly "misused" ones. (.tk is actually the largest ccTLD, but the rest of the top 10 is normal)


Most Brazilian sites use .br and I've not seen a non-Brazilian site use it


Most French-only websites are .fr


Here in Uruguay most of the .uy sites are local businesses.


Only one off the top of my head is ebay. The Canada site is: ebay.ca Really the only place I use regularly that has it...


Alexa also lists amazon.ca, google.ca, canada.ca, kijiji.ca, realtor.ca, (ebay.ca), walmart.ca, cbc.ca, bestbuy.ca, airbnb.ca, homedepot.ca, and several *.gc.ca sites.

In my experience, outside the USA many ccTLDs are commonly used – including the "domain hack" ones, in their own country.


It helps that .ca domains are not available for all. As an individual, you need to be a Canadian citizen or permanent resident to purchase one. For companies, they need to have presence in Canada.


Yeah, seriously. Spend any time in Europe. Most local websites are at their ccTLD.


> who cares what the letters alternatively stand for?

Lots of people, in fact the letters don’t even need to stand for anything they just become part of SV tech culture and spread from there. For example look at all the tech companies that utilize .io without any real reason. Or from an eastern perspective .cc (cocoa island) has become popular in China because 1. simplicity and 2. repetition is culturally meaningful.


.io comes from I/O. .ly (Libya) fits as a better example.


https://en.wikipedia.org/wiki/.io

.io is assigned to the British Indian Ocean Territory

The point I was trying to make above ("who cares...") is that you can use any domain you want! You don't need to use a specific ccTLD (.ml would be the example I was referencing) in order to insinuate your machine learning applications.


But I/O is SV culturally derived secondary meaning to .io (British Indian Ocean Territory), there is no reason to have ascribed it. At least with .ly people are incorporating the ly as part of the name like when people register a .in (India) for their cryptocoin project [name]co.in


clearly the success of .ml is only because of marxism-leninism's strive to acquire domains


Mumbles something about collectivists and squatting


Oh funny story. I have a .tk domain with freenom (used to be with dot.tk before the Dutch invaded, I guess) that was a free domain and I broke the ToS by not setting an A record for it. Unfortunately for me I had an MX record pointed to my email and some low value accounts registered to it that were now locked out to me.

Determined to get this domain back, I tried all email contact methods and this failed. Never once received a response to an email asking for help. However, I did search around and discovered a phone number.

This began months of me calling this number and speaking to the same Dutch woman asking about unsuspending this domain so I could purchase it. Every once in awhile I called her back during Dutch business hours (so late night for me) and had a conversation with her about it. Finally after around 4 months of persistence I got the domain back and was able to register it.


I'm surprised that an A record for a .tk domain was even possible. If I remember correctly, those .tk domains were actually a webpage that displayed an iframe of your choice.


There were two variants. One was the iframe service you described, but another was an actual full-on DNS-capable service. I can't remember exactly how you'd sign up specifically for each, but both were going on at the same time.


Freenom and Dot.tk are one and the same, and the same Dutch owner since start



That last company name definitely looks like it's related to the CEO -- it's some kind of "translation" of his last name.



.tk domains have been unreliable since at least since 2005:

http://tailsteak.com/archive.php?num=388


Good for you! My nearly 20 year old .tk registration suddenly disappeared last year. No warning whatsoever, and an enquiry gave no satisfactory answer. I only ever used it as a shortcut to my slightly longer actual domain, and I chose to not pursue on the 'you get what you pay for' idiom.


From the article: "When you get the domain, it will be added to your account but when your website starts to get a lot of traffic, Freenom will remove the domain from your account without notifying you and then put it on sale. You won't be able to get the domain back unless you pay a fee."

Now, where else can that business model be applied? You could let people post videos for free, and when they get enough traffic, ads are added. That might be a successful business.


The important part of this alleged business model is that the domain goes on sale, which basically forces a serious user to pay whatever the sale price is. Bait-and-switching on “ad free” is not exactly admirable but its tame by comparison.


What are you even talking about?

YouTube has had ads ever since shortly after it launched, and it never did anything like promise it would be ad-free. There's no bait and switch, nor is it anything like Freenom.

If YouTube acted like Freenom, it would wait until your video got popular, then remove it unless you paid YouTube a bunch of money. Which it doesn't do.

So how on earth are you trying to connect Freenom to YouTube...?!


>If YouTube acted like Freenom, it would wait until your video got popular, then remove it unless you paid YouTube a bunch of money.

Sort of like offering a free credit to use Google Compute Cloud, using opaque pricing, then once it gets popular, removing it until you pay Google a lot of money.


Is it true that they will put ads on your video whether you want them or not?


Of course. Why would you expect them to host your video for free when it costs them money?


That is true, take the fast upload/bandwidth/storage for granted. Just thought you could opt out of it somehow maybe if you paid them but not sure how much it would be.


Nope, that's not their business model.

If you want that, that's literally why Vimeo Pro exists -- you pay Vimeo to host your stuff and they won't show ads on it.

Two companies, two business models, consumers (video creators) get to choose the model they like best.


Right I have it, Vimeo paid just sucks no one watches it haha. I guess that's why you put it on a website or something that people already go to.


And a completely different one from what you quoted.

1) On Youtube, you can opt out of ads for your own videos.

2) If you get enough traffic to where you can add the ads, you don't lose access/ownership of the video on your account. Youtube doesn't force you to pay to keep your own videos, either.

I've seen people not read the article when they post a comment, but it seems you didn't even read the part of the article you quoted before making your snarky allusion.


> On Youtube, you can opt out of ads for your own videos.

You can opt out of monetization, but I don't think you can opt out of ads anymore.

https://www.cnbc.com/2020/11/19/youtube-will-put-ads-on-non-...


We have you now! Muahahahahaha!


This doesn't just put ads on your site. It shuts it down.


Which kills the traffic. So this is a take the money and run scam, not a long-term one.


I don't think the video ad example is particularly unethical, assuming it's disclosed to the video uploader. Or at least it's no more unethical than ad tech is by definition (which is pretty unethical, admittedly).

This domain registration scam is more like https://en.wikipedia.org/wiki/Front_running and https://fortune.com/2016/04/20/amazon-copies-merchants/, i.e. inferring from the inside information you have as the market maker/platform that the value of something is going up, and using that knowledge to make trades or business decisions that are profitable to you, not something a platform is normally expected to do, and costly to the source of the information, i.e. your customers. These are considered unethical/illegal because the possibility they might happen is not disclosed to the user of the platform.


yoink!


I don't mean to complain, but where are the details? I have two (very low traffic, so likely to never have come close to hitting this) domains at FreeNom because they're the easiest way to register emoji/punycode domains in obscure gTLDs.

How does FreeNom know how much traffic your domain is getting, especially if you've set up your own DNS servers (which you can do on free domains)?

There are no particulars here and I am very curious to know how this popped up.


I think it's got to do with this clause in the terms and conditions [0]. An all-caps post on a weird domain isn't exactly convincing me of this supposed scam, but there is a catch hidden in the T&C.

Their DNS servers will collect all top-level DNS requests. When someone visits a given website, the TLD is queried for the authoritive nameservers for the domain if that information hasn't been cached yet. In practice, every ISP will end up sending a DNS request every once in a while when the cache expires. When loads of DNS requests come in from all over the world, you could flag a domain as high-traffic or high-value.

[0]: ---

11.2. Renewal

As long as you have remained in compliance with each of the terms of this Agreement from the date you agreed to be bound by this Agreement, including without limitation the minimum use requirements set forth in Section 10.1, we may elect in our sole discretion to (i) allow you to upgrade to the Paid Service at the prevailing applicable rate, (ii) automatically renew this Agreement for a term, determined by Freenom, from such date (the "Renewal Period") and (iii) continue providing you with FREE DOMAIN subject to the terms and conditions of this Agreement (including a renewal of the registration of the domain name provided to you in connection with FREE DOMAIN).

---


They own the entire TLD.

To reach your DNS you have to go through the TLD. On free domains, the TTL is set to 300 seconds (or 60 seconds).

So to reach your ns1.example.com, it goes through {a,b,c,d}.ns.tk first and refers to ns1.example.com.


> They own the entire TLD.

Ah, that's the piece I was missing. I get how DNS works but I hadn't fathomed that FreeNom was the root for those TLDs they handle.

Still curious how / if / when they tell you about the thresholds.

Fortunately none of the domains I have registered there are used for anything important but it does hurt if someone does use one they register for something important.


They own what entire TLD? .tk, .ml, .ga, .cf, and .gq? I don't think so.


They do own .tk [0] and completely service others [1][2][3][4], actually. They run the TLDs (in the name of poor countries).

[0]: https://en.wikipedia.org/wiki/.tk

[1]: https://en.wikipedia.org/wiki/.ga

[2]: https://en.wikipedia.org/wiki/.cf

[3]: https://en.wikipedia.org/wiki/.gq

[4]: https://www.businesswire.com/news/home/20130407005038/en/Mal...


Poor countries are often eager to sell some right their country has, as a sovereign entity, but is not using - even for a relatively modest sum of foreign currency. In a corrupt country the money might never see the treasury, going straight into some official's pockets.

Of course, such arrangements are not very reliable. The relationship between a sovereign entity and an individual, or even a small corporation, is unbalanced. The rules of the game are set by one party, and varied at their whim. "But that's not fair" might work in countries that pride themselves on fairness, such as the United States of America (though don't count on it) but it won't get you very far in Equatorial Guinea.

If these arrangements annoy the other sovereign entities, they might do something about it. For example, the Paris MOU (and subsequently similar Port State Control rules in much of the developed world) - is what happened when European states were annoyed that places like Panama were not pulling their weight when it came to safety and employment standards on commercial shipping, and operated Open Registers (which the Europeans argued were in fact mere "Flags of Convenience") to earn money without spending that money where it was needed.

But if they just annoy you, a mere individual with no rights on the world stage at all, you can go whistle. You are not even eligible to complain to most of the bodies that claim jurisdiction over sovereign entities, another sovereign entity would need to take up the complaint.


They are the registry operator[0] for at the very least[1], .tk and .ml:

[0] https://icannwiki.org/Registry

[1] https://icannwiki.org/Freenom


  a.ns.cf has address 185.21.168.17
  a.ns.gq has address 185.21.168.65
  a.ns.ml has address 185.21.168.1
  a.ns.ga has address 185.21.168.49
  % Abuse contact for '185.21.168.0 - 185.21.168.15' is 'abuse@freenom.com'
  % Abuse contact for '185.21.168.16 - 185.21.168.31' is 'abuse@freenom.com'
  ..and so on

I may have not been clear enough by "own", but Freenom are the technical operator end to end for all of these TLDs (and .tk, from much earlier before) and exercise total technical control over them.


I too have registered emoji domains with Freenom and my experience has been good.

In fact most of my domains I have upgraded to paid registrations.

I’d love to see these allegedly high traffic domains that were just taken and sold to 3rd parties. My guess is if there is any truth to the complain the free registration expired and the domain was scooped up.


"Tampering with FREE DOMAIN and Freenom Traffic-Check. You understand that a viewer is engaged in Freenom server infrastructure to record the number of visitors to your Freenom domain name (Freenom Traffic-Check). By accepting this Agreement, you hereby agree that you will not tamper with, disable or limit the functionality of the Freenom Service or the Freenom Traffic-Check in any way, including, but not limited to, disabling or otherwise tampering with the viewer displayed when your domain name is accessed by you or a third party."


Freenom free domains only grant you usage rights. The registrant listed in WHOIS is still their company. You don't own the domain.

I have a few Freenom domains, but they are only for short-term use (e.g. try out a new ACME client). Nobody should use a Freenom domain on a serious website.


If you need a free domain, I would recommend to rather use a free subdomain from https://dynv6.com/ which has a featureful managment UI and API.


Note that according to browsers every subdomain of such a service is in the same origin, they can read each other’s cookies and run Javascript in each other’s sites.


dynv6.net is on the public suffix list: https://publicsuffix.org/list/public_suffix_list.dat The other domains they offer apparently aren't.


Same site, not origin, at least for the domains that aren't on the public suffix list as mentioned below. The origin will always differ.


I run an email forwarding service for custom domain (https://hanami.run) and I have to ban the usage of those “free” domains. they are a frequent amount of spam. those users also never paid. none of them.

So i ended up just prevent signed up with those tlds or add those tlds into our system


I had a similar service with the same issue in the past. When I banned tk I did not really see less spam, after a few weeks i just saw more legit domains doing shit.


This makes sense, It'd be pretty easy for them to sign up for a domain, and then use the trial credits for sending spam/telemarketing from your SMTP servers. Though how do you deal with people using subdomains? Do you block the whole domain? How does that work for eTLDs like co.uk


I use freenom for a small website I run, they're definitely weird. That said, I've never paid them anything. Freenom combined with 000webhost was the perfect tech stack to host a small website for a friends gaming guild. Weird stuff happens, but I've not paid a dime and I don't think anyone got malware. I keep regular backups of everything and if it goes down I can just rehost elsewhere and let my friends know.


This was my exact stack for every little project under friends for years. But 000 burned me way to much, mostly because they disallow bon English content or did at least


Ah, this again. Freedom is fine, it's just that people don't read the terms and conditions before clicking "I agree".

I have a .tk domain that I bought in 2008, never had a problem, and I've been using that for all sort of things (including running a mail server).

The thing is, you're supposed to read the terms and conditions before using something, AS FOR EVERYTHING.

When I registered (and later bought) the domain the terms and conditions clearly stated that you do not get legal ownership of the domain with the free offering (which is more akin to a lease than to a registration).


> The thing is, you're supposed to read the terms and conditions before using something, AS FOR EVERYTHING.

Doing it for everything is impossible. Reading it for critical things is fine and needed, but for everything I would need to hire several lawyers.


You can have a good understanding of most T&C by just having basic understanding of the law and using common sense. Obviously you’ll miss one thing or another due to not being a specialist. Also, a lot of these contracts have very standard clauses that you can pretty much skip once you realise you read it before. If you’re used to always reading those it’s not really an effort, it takes 10 minutes or less.


This seems to be a pure scam if it's true. Not even a bait and switch.


I get the sentiment, but can something free really be a scam?


Yes, because it's not a net-zero outcome. More harm has been done to you than if you hadn't used their service at all.

If I give you a free car under the pretense that I'm a cool guy who gives away free cars, and you use that car to get a job delivering pizza, then I take back the car unless you give me money, that's a scam. You've been scammed. I've committed fraud to make money from you after I've put you in a vulnerable position.


Is that actually a scam? Sounds like you just got free use of car for a while, how are you worse off?

In Freenom's case, you are giving the domain name value by using it and driving traffic to it. It didn't have value to begin with. The same thing isn't true in the car analogy.


Yes, it's still a scam. The domain was not provided with the assumption that it would be taken away. Nobody starts an online business with the expectation that they're only borrowing the domain and will need to pay what essentially a ransom.

If you replace the car in my analogy with a house, it's even clearer. It's hard to change where you live for a ton of reasons. Demanding unexpected payment is a scam, because I wasn't anticipating paying under the agreement, and I'm left with little choice in the matter (lest I become homeless).

If I start a profitable business with a domain that's taken from me, I'm either forced to pay this ransom or start my business from scratch.

> It didn't have value to begin with

But your use of it created value, with the expectation that you would be able to keep that value. The deception that the value is not actually yours to keep makes it a scam. It's especially scammy, since they seemingly only do this to domains valuable enough to extract meaningful value from: they're selectively targeting valuable properties to extort.


To be clear, I agree that Freenom's behavior is a scam. I've been on board with that the whole time.

The car analogy seems questionable-at-best to me though, yeah it doesn't have the same elements. A car isn't hard to switch out, and you're not adding any value to it by using it. At worst you're right back where you started. The house analogy does seem better because it's hard to switch.


Agree it wasn't the best analogy. How about a storefront instead?

Realtor gives you a great deal on a nice location in downtown. You spend months putting it together, making it look good, advertising. Opening Day comes around, and if more than 100 people come he tells you you now owe him 10x the rent or he's kicking you out.


Imagine if someone gave you a free bookshelf. You took it home and loaded it up with books. Then they came back and said that unless you gave them $1000, the bookshelf and all the books on it were theirs now. Would you not consider that a scam either?


I don't believe any physical metaphor counts here. No goods exchange hands here. In fact, in many cases, customers aren't even the technical owners of the domain, merely the licensees.

DNS, especially dealing in domain names, is a service. In this case, I'd say they provide you with free newsletters if you sign up. If you send out enough newsletters to others, they stop giving you free stuff and you have to pay.

I've found this in the terms and conditions:

---

11.2. Renewal

As long as you have remained in compliance with each of the terms of this Agreement from the date you agreed to be bound by this Agreement, including without limitation the minimum use requirements set forth in Section 10.1, we may elect in our sole discretion to (i) allow you to upgrade to the Paid Service at the prevailing applicable rate, (ii) automatically renew this Agreement for a term, determined by Freenom, from such date (the "Renewal Period") and (iii) continue providing you with FREE DOMAIN subject to the terms and conditions of this Agreement (including a renewal of the registration of the domain name provided to you in connection with FREE DOMAIN).

---

This seems pretty clear to me. At the end of a term (which can be a month or a year) they can decide to require upgrading to a paid subscription. If you choose not to renew for the paid plan, your domain will be resold like any domain reseller will do.

The main problem I see here is the lack of a renewal notice. I've always received renewal warnings myself, but always with high spam scores (because free TLDs are often used for sending spam). This could be a problem with the customer's spam filter filtering out the right renewal notices.

This doesn't look as much like a scam as it looks like looking a gift horse in the mouth in my opinion.


You also own the domain only if you paid:

> As a PAID domain name registrant, you receive the benefits of holding the legal license rights of the domain name.


A bookshelf is a problematic comparison since we do have devices that people buy that has a built in bookshelf, one that can remove books at the company discretion. The digital books you loaded it up with at home is not owned by you, nor do you have any natural right to the book or the bookshelf.

However, they won't lock it up and demand payment. They simply just lock it up at the discretion of the company.

The digital bookshelf will record and analyze what you read which is a bit of switch-and-bait tactic.


It’s more akin to any other domain registrar that offers a discount for the 1st year of registration. Or a hosting company that gives you a “free” 1 year domain registration with paid hosting.

That’s not a scam or fraud when the renewal period rolls around and the annual fee increases from the discount rate or you have to pay for the 1st time.

The scam/fraud seems to be the review alleging the reviewer had a high traffic domain name that was just taken without notice so Freenom could sell it.


Freenom doesn't sell the domain at the nominal fee, they put it up for auction. They also hide this fact from their victims until it's too late.


I have registered at least a dozen for the standard fee (~$10/year).


When a service operates in bad faith, it is a scam.


Look at this page: https://www.freenom.com/en/freeandpaiddomains.html

"Our mission is to bring people online and help countries develop their digital economy."

"Pricing: FREE!"

"Payments: No payment needed"

This sounds a lot like a scam if they are later charging for those domain names.


Merriam-Webster defines scam as a "fraudulent or deceptive act or operation". So yes.


It’s still an agreement. Countries sign those all the time and nobody pays anything.


If I install an internet-connected smart lock on your door for free, then after a few months, I remotely lock you out of your apartment and demand money for letting you in, am I really scamming you? It was free after all!


If you buy a Tesla and they give you a certain driving mode for Free for X months, then Tesla disables it after X months unless you pay for it that’s not a scam.

When I register a domain with Godaddy and they charge me $12.99 for the first year and then $18.99 for subsequent years it’s not a scam.

But when Freenom give you a free domain registration for up to 12 months and then makes you pay for it to renew after the free registration period or to transfer to 3rd parties it is a scam?

Note, I do actually think the Tesla thing was a scam and fraud because they never disclosed to buyers certain software features were temporary as part of a trial period and would cost thousands of dollars after the trial period. Freenom on the other hand discloses the limited free registration period and the $10 annual registration fees, like Godaddy discloses the 1st year discount.


>Freenom on the other hand discloses the limited free registration period and the $10 annual registration fees

When the company literally has FREE in its name, and their site is covered with ads boasting “FREE DOMAIN NAMES”, I don’t think that disclosing the true nature of their offer in the fine print legitimizes their business model. It’s a scam, because people didn’t have informed consent, and I don’t care about the legalese.


That’s pretty disingenuous, it’s not “hidden” in terms and conditions. And it’s not complicated legalese.

If it’s a scam why do they have sections explaining “paid and free domains” why do they have a “price chart”.

Free is in their name because they offer a free 12 month domain registration unlike other domain registrars which typically all offer discounts for the first year.


This is nothing new.

I ran into this in the 1990s. I had to basically arm-wrestle one of these organizations to get a domain released. I think they gave it to me, because I made such a pain out of myself, that it wasn't worth it.


You can buy their domains - in that respect, they function like “regular” domains. Also, they support emoji


I, too, once had a domain from them. The site got zero popularity (had only a static "hello world"), then suddenly got removed with no response from support. Suspected it was some glitch and since it was free then thought nobody is actually looking at it. Never dug further.

Interestingly enough the domain is online again with apparently legitimate (no spam or adds) content.


I think they delete your domain without warning or notification if it stops serving (e.g. server goes down for a while without you noticing). That or their renewal reminders were not working correctly at some point. "Lost" one of my domains that way (was able to re-register it once I noticed).

They're an option for fun projects that you don't expect to last a year and don't care about, definitely not for anything serious.


When will we move to some kind of decentralized domains from this "always pay for rent" model?



From linked page:

> Several systems which exhibit all three properties of Zooko's triangle have now been created, including:

> Computer scientist Nick Szabo's paper "Secure Property Titles with Owner Authority" illustrated that all three properties can be achieved up to the limits of Byzantine fault tolerance.

> Activist Aaron Swartz described a naming system based on Bitcoin employing Bitcoin's distributed blockchain as a proof-of-work to establish consensus of domain name ownership. These systems remain vulnerable to Sybil attack, but are secure under Byzantine assumptions.

> Several platforms implement refutations of Zooko's conjecture, including: Twister (which use Swartz' system with a bitcoin-like system), Blockstack (separate blockchain), Namecoin (separate blockchain), LBRY (separate blockchain and peer-to-peer file-sharing), Monero OpenAlias and Ethereum Name Service.


I’m going to assume that the scam is likely buried deep within the TOS somewhere? Has someone checked?


The ToS have plenty of "gotchas" that allow them to pull the domain out under your feet.

The content policy bans domains that show errors (last bullet point): http://www.freenom.com/en/dottk_contentpolicy_version21.pdf

So if the DB behind your CMS crashes and you don't notice it quickly, bye-bye domain. I believe a variant of this is what happened to one of my domains (just a joke/toy project, and was able to re-register it once I noticed).

The TOS itself http://www.freenom.com/en/doc_tcfree_freenom_v0110.pdf basically says they can do whatever they want (removed some of the redundant legalese):

> you ... agree that if we determine in our sole discretion that you have violated any of the terms of this Agreement ... we shall have the right, which may be exercised in our sole discretion, to terminate this Agreement ... in such event you will forfeit to us all of your right, title and interest in and to the domain name ... we may hold, cancel, sell, transfer or otherwise assign or dispose of such domain name at our sole discretion.


I don't remember finding it when I checked (can't remember whether that was before or after I learnt about this practice, though).


not really. In the terms and conditions you can check when the contract can be canceled. See above a citation.


I have been suspecting that freenom is a scam for some time. I used several free domain names for some testing that I did and although one of them did have a website up for it (which is required according to their terms of service), The domain was reclaimed after one year and I would have had to pay money to renew it.

Honestly though I have to admit that I wasn't surprised and I didn't go posting on the internet about it. I already knew that it is impossible to get something for nothing these days. Especially domain names! These days if I want to throw away domain name I'll go to name cheap and spend $0.88 on one.


How ia the traffic to your website measured? Is it based on the DNS records or what?


Maybe through a third-party, like alexa. They just send the domain name then they get back traffic stats?


They own the DNS for all (?) of the free domains (tk, ml, ga, cq, others) thus can track lookup counts


I have some experience with Freenom. In fact after seeing a Show HN for Mailoji (single character emoji emails) I found the TLD .gq and registered a number of county flag single emoji domains.

In my experience it is not a total scam at all, rather they offer a freemium business model which is unique in the domain space.

Like many other freemium services the free tier is limited and just a means of getting you to upgrade. For example the free domain registration is limited to a maximum term of 12 months, they do not allow you to transfer ownership of the free domain registrations and they even froze my account after registering maybe a few dozen single character emoji domains in rapid succession.

I was actually so please with registering single character country flag emoji domains I paid the fee to upgrade and unlocked all the features.

I don’t think I can use emojis on the HN comment but for reference I registered (all .gq extensions): Cuba Flag, Israel Flag, Palestinian Flag, Ireland flag, South African Flag, Nigerian Flag and a few other middle eastern county flags.

As a side note the Mailoji service used the official Kazakhstan (.kz) registrar and I was interested and registered two single character country flag emoji domains with them (including Russia Flag) and they took that domain from me and gave it to a Developer in Kazakhstan that is clearly connected with employees that work for the registrar.


> Like many other freemium services the free tier is limited and just a means of getting you to upgrade.

The part that makes it a scam is that the trigger to start extracting money from you happens once you have something to lose by not doing so. Think about cloud storage providers with a 2GB free tier. Now imagine if instead of just forbidding uploads that would put you over your limit, that once you hit your limit, they held all of your existing files hostage until you paid them $100. Wouldn't you then consider them a scam?


It’s not apples to apples, a domain name is an asset and a Dropbox account isn’t an asset. However the logic is the same, Dropbox extracts value once they have a reasonable belief I am so invested into their service I would be more likely to pay to upgrade than migrate my data to another freemium service.

Also in my opinion Freenom makes very clear disclosures about the differences in the paid and unpaid features and rights. Just like Dropbox.

To say Freenom is defrauding people would be more on par with saying GoDaddy is defrauding customers when they offer a discount on the 1st year registration and then they “extract more money” subsequent years after I have invested in the domain and have something to lose.

The complaints against Freenom are clearly manufactured as well, and my guess is people like you calling it fraud haven’t used their service or customer service.


> Also in my opinion Freenom makes very clear disclosures about the differences in the paid and unpaid features and rights.

They are not making it clear.

> would be more on par with saying GoDaddy is defrauding customers when they offer a discount on the 1st year registration and then they “extract more money” subsequent years

If it is not made clear to user - then yes, it is a fraud.


Perhaps English isn’t your first language or some other issue, but as an example on the homepage under services there is “free and paid domains” with a chart that explains the difference between the free and paid feature akin to any other freemium service that provides a chart to compare free vs paid accounts/features. It’s also in the footer, they also have a price chart under services and in the footer, they also show you these options when checking out.

I guess what everyone is arguing here is that they shouldn’t allow any free registration but charge a discounted rate the first year like every other domain registrar.

https://www.freenom.com/en/freeandpaiddomains.html


now it claims that every single domain name is not available. But when I checked the main flow starting from the main page - there was no clear mention that "your" free domain is not actually yours


I have no idea what you are trying to say, but a domain name is never “yours” they are all licensed.

In the page I linked for you which is available on their homepage menu and footer on every page the chart explaining the difference between the free and paid domains contains at least 3 rows on point:

> Legal rights:

Free: Registrant acts as user of domain name, not as licensee

> Transfer rights:

Free: None

> WHOIS:

Free: Freenom or one of its subsidiaries appears as the licensee in the WHOIS

Disclosures aside it is immaterial to the more important point, Freenom is not going into user account and taking domain names (free or paid) and selling them to 3rd parties. The review complaining that this happened is fake, hence why they can’t establish this actually happened. Freenom is a legit company with real assets, they are a ICANN licensee of its own TLDs and official servicer of a few country TLDs, if they actually stole someone’s high traffic or high value domain name and sold it to a 3rd party as alleged in the fake review, then the user could sue for damages and specific performance to get the domain back just the same as if Godaddy or Namecheap or any other registrar were to just steal user domain names.


I would consider the contents of a Dropbox account to be as much or more so assets than a domain name.


Yes, the contents of a Dropbox account can be assets for sure.

But a Dropbox account isn’t an asset anymore than a GoDaddy/Namecheap/Freenom account.

A domain name on the other hand is an asset, of course like any asset (including Dropbox contents) some are more valuable than others.


So I actually purchased .tk domain when it was still dot.tk. Unfortunately it switched to freenom. Since then it's horrible experience, is there any possibility to move the domain?

Since I paid it I technically own them like a normal domain, but I just don't want to deal with them and their broken UI.


My registrar (INWX) offers .tk for about 10 EUR, so it's not just them.


I believe this is known. But no harm in making it re-known.

Trying to register a throwaway domain on Freenom a few months ago (trying over several days) it was impossible. Quite literally impossible, not from UI, it just didn't let me log in.


Who is behind Freenom? Shouldn't they have to disclose this method of business in their TOS?


Applied for a job with them. Have off a really creepy vibe. Didn’t follow it up.


Thanks to share that news. I think it will help me in future


Your caps lock is on


No one should be surprised by this


The good old .tk business model :-)


This seems to be the same company. Clicking on "Policies" on dot.tk forwards to Freenom.


Again, like “free software”, payment is always extracted by other means.

If you want something just buy it.


Are you mixing up free software with freeware and/or shareware?


nah, this is nothing like free software.

it's 2021 are we still doing the FUD thing here?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: