21 comments

[ 5.9 ms ] story [ 201 ms ] thread
For those looking for a good domain name registrar, I'd like to recommend https://gandi.net. They have virtually every TLD, an excellent management UI and a very friendly customer service. I wish they didn't use those stupid nick handles though... but hey.

I discovered them back when they did an anti-SOPA promotion. They were, along with Namecheap, really good with that (though the latter has much less TLDs and I personally prefer having everything in one place).

I second this! I switched my domains to them back when GoDaddy got caught endorsing SOPA. Haven't looked back. Very happy with their service!
This is exactly what the author recommends in the article.
Seconded, too. All my domains (httrack.com) have been registered since 2000 with us, and they are totally trustworthy. There are cheapest places, but probably not as safe...
Gandi now has offices in the USA and is obligated to spy on you and take your domains without notice or appeal and all the other USA PATRIOT garbage.
> spy on you

What are they gonna do that the NSA can't do themselves? They're just a registrar.

> take your domains without notice or appeal

I'd like to see them try. No really, I would - they're very vocally against the bullshit the USA is pulling, and if they try to double cross even one of their customers, their other customers will hear about it. As it stands, it hasn't been done.

tl;dr version -> If you are concerned with the U.S. government seizing your domain get a TLD from Switzerland(.ch)
Or from any other stable, human rights respecting country that isn't a Five Eyes member. Doesn't save you from DNS blocking (and many other things), though.

See https://www.pirateparty.ch/wikileaks_ch_blocked (EveryDNS stated it isn't taking a position on the content hosted on the wikileaks.ch website)

In addition, I'd like to say that I don't think there is a problem with .com, .net, or .org

It's way more important which registrar you have.

Indeed. But it is also important to understand that just because it's the Internet, doesn't mean speech is absolutely free and that there are not consequences.

As far as user-generated content, perhaps this is a nod to policing that content much more unless you have the resources to handle legal challenges that will almost inevitably come up.

Call it anecdata, but I found switch.ch really hard to deal with: raw admin interface, odd billing, etc. As far as I know, they control .ch
What do you guys think about OVH? I believe they stood by Wikileaks in the past. But their servers are listed in the top 10 spamming hosts.
I hate with a passion their admin interface. It sucks so much, they had to add a GPS on it to gives directions on where to click to do something. No kidding.
(comment deleted)
I am not concerned about a government stealing my domain. I am more concerned about a hacker stealing it by social engineering their way into my account with my registrar and transferring it away or modifying the nameservers.

With my perfect registrar, I'd be able to log into my account and check a box which says "Notify and delay all changes by 24 hours". So that even if somebody does get access to my account, if they try to transfer the domain away, an email/sms will immediately be sent to me to warn of the event, and the transfer wont begin until 24 hours later, giving me time to prevent it. Also, actions such as changing the account email address or phone number or the domains nameservers, or unchecking that "Notify" box, would also be subject to a 24 hour delay, and a notification. Also, I'd get a notification whenever a login occurred in my account from a new previously unseen IP address. Also, it would have 2FA, but that goes without saying.

There are services that do something like this. Mark Monitor springs to mind as one of the major ones, with a lot of complimentary services too: https://www.markmonitor.com/services/domain-management.php

I doubt they are cheap. I'm sure others HNers could weigh in with alternatives.

Wasn't Facebook's domain, or at least their whois record, hacked via Mark Monitor in February? At least that was the initial report; I'm not sure what happened and it's hard to find a credible source about it. Here's the best I found in a short search:

http://thenextweb.com/facebook/2014/02/06/uh-oh-syrian-elect...

Of course if it was hacked it wasn't necessarily Mark Monitor's fault; it could be Facebook's (though good security would anticipate that some customers will have poor security).

I had mil.af for a year (.af is part of CoCCA). When I tried to renew, the payment was refused and the domain was dropped. The NIC didn't reply to my emails.

While I expected something like that to happen eventually, it might raise a flag about registering domains with any CoCCA members, if you're considering security.

(Apart from anything else, I did wonder whether its similarity to af.mil would cause issues down the line anyway.)

CoCCA members: http://www.nic.net.sb/index.php/about/members.html

I am very concerned about the .onion and .namecoin suggestions I have seen recently. The primary advantage of the internet is that it is universally accessible, but now people are promoting fragmentation in favor of security.
To take control of your domain away from a central third party, use .bit with Namecoin. It's not mainstream yet, but fixes many of these issues.
united arab emirates? seriously? the guys who had facebook censored if not hijacked? come on, be serious. that makes this article untrustable, sorry.