Is Network Solutions Changing Your Guardian Settings? 11
i-don't-use-MAILFROM asks: "If you remember, someone hijacked the Nike's domain last summer. Nike claimed that they were using Crypt-PW protection, while the hijackers claimed they were only using Mail-From (the weakest Guardian scheme). I went to modify one of my domain names last week and discovered that, while I had set up PGP as my Guardian scheme in 1998, I am now using Mail-From. I didn't change it, and the only people who would have had the chance to are Verisign/Network Solutions. Did they lose all of their security settings and reset all domains without telling anyone?" I wouldn't be surprised if many people out there aren't just setting themselves to MAIL-FROM since it's the default option on the form when you modify your Network Solution's contact record. Has anyone had this happen to them? I went to Network Solution's site today to check this out for myself, only to discover that Network Solution's has some of the most confusing and unituitive administration forms on the planet. With this in mind, maybe now may be a good time to think about moving your domains
elsewhere.
"Frankly, I can't believe that I'm the only person that this has happened to, and I'd be interested in knowing if anyone else has had the same thing happen. How many Domain Name owners are assuming that their domain is safe from being hijacked as they set up an alternate Guardian scheme when they are now reduced (once again) to Mail-From?
I'm posting this, anonymously, as I don't want my domains hijacked while I get Network Solutions to return me to PGP protection, once again."
Did the key pair expire? (Score:1)
If I recall correctly, PGP key pairs have a finite lifespan. I think the default is 1 year.
Perhaps Network Solutions did the appropriate thing by disregarding an expired key. But a little warning would have been nice!
-Loopy
Transfer Your Domains (Score:1)
But at any rate, in all seriousness, no matter who you go with, transfer your domains away from NSI. They are simply too careless, IMO.
Still the Worst Registrar Ever! (Score:1)
Isn't this a little bit insecure? I mean, I doubt any jackass in the mail room at the post office cares about my domain renewal, but come on. I don't use the registrar because they suck, and this proves even more that the company sucks hardcore. Network Solutions can rot in hell for all I care.
Re:PGP (Score:2)
PGP signing a form seems a more secure method to me than seeing which (faked?) e-mail address it was sent from.
But I'm probably just too good at faking e-mails...
BulkRegister.com is bad (Score:2)
Someone i know put me on a domain handled by BulkRegister, because i used to host a couple of their web sites. When this person started being accused of S*P*A*M (may or may not be true), i was getting some heat since i was listed as tech, even though i had nothing to do w/anything at the time.
I contacted BulkRegsiter.com and said remove me. They said:
Thank you for your inquiry. Due to our registration policy, only the member of BulkRegister.com who originally registered the domain name has the access and responsibility to modify the domain record. Please contact the other contacts in the domain record for more information.
On repeated requests, they still refused. I really don't get this stupid policy. What is the point of being a contact if you have absolutely no ability to do anything?
At least NSI will allow a person to "commit suicide", i.e. remove themselves as a contact.
Re:Dealing with netsol is like dealing with kidnap (Score:2)
Don't wait 'til it expires. Just change the registrar.
Some places like easydns.com (using OpenSRS) will add your remaining time at NSI to your new domain registration. So even if you are cheap, you can move without losing time already paid for.
Re:PGP (Score:2)
I can't be karma whoring - I've already hit 50!
Worst registrar ever! (Score:2)
PGP (Score:2)
Just so you know: PGP has a minor flaw in it so dont feel that since you have PGP as your guardian scheme your safe. Cnet [cnet.com] has the full article here [cnet.com]. Basically A flaw was found by two Czech researchers in the popular OpenPGP digital signature standard and is said to be real but relatively minor Phil Zimmermann says. From what I know Two Czech researchers said that they had found a hole in it.
Move from Verisign. (Score:3)
Verisign have kept on billing us for these though even though their whois claims it's registered through someone-else. When I talk to them about this I get back totally random answers that don't pertain to the question asked.
Bottom line is that Network Solutions are no longer capable of operating a customer facing service and if you can find an alternative registrar who are efficient, courteous and give the right answer to your questions at the first attempt then you will be better off changing to them.
Re:Worst registrar ever! (Score:3)
Really, you would be hard pressed to find a worse place to register a domain name. I have had good luck with register.com [register.com], though they are quite pricey. But honestly, stay away from Network Solutions.
--