Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
News

Is Network Solutions Changing Your Guardian Settings? 11

Posted by Cliff from the worst-web-forms-EVER! dept.
i-don't-use-MAILFROM asks: "If you remember, someone hijacked the Nike's domain last summer. Nike claimed that they were using Crypt-PW protection, while the hijackers claimed they were only using Mail-From (the weakest Guardian scheme). I went to modify one of my domain names last week and discovered that, while I had set up PGP as my Guardian scheme in 1998, I am now using Mail-From. I didn't change it, and the only people who would have had the chance to are Verisign/Network Solutions. Did they lose all of their security settings and reset all domains without telling anyone?" I wouldn't be surprised if many people out there aren't just setting themselves to MAIL-FROM since it's the default option on the form when you modify your Network Solution's contact record. Has anyone had this happen to them? I went to Network Solution's site today to check this out for myself, only to discover that Network Solution's has some of the most confusing and unituitive administration forms on the planet. With this in mind, maybe now may be a good time to think about moving your domains elsewhere.

"Frankly, I can't believe that I'm the only person that this has happened to, and I'd be interested in knowing if anyone else has had the same thing happen. How many Domain Name owners are assuming that their domain is safe from being hijacked as they set up an alternate Guardian scheme when they are now reduced (once again) to Mail-From?

I'm posting this, anonymously, as I don't want my domains hijacked while I get Network Solutions to return me to PGP protection, once again."

This discussion has been archived. No new comments can be posted.

Is Network Solutions Changing Your Guardian Settings? More

Is Network Solutions Changing Your Guardian Settings?

Comments Filter:

  • Did the key pair expire? (Score:1)

    by Anonymous Coward

    If I recall correctly, PGP key pairs have a finite lifespan. I think the default is 1 year.

    Perhaps Network Solutions did the appropriate thing by disregarding an expired key. But a little warning would have been nice!

    -Loopy

  • Transfer your domains away from Network Solutions. Right now, it seems that register.com [register.com] is our biggest competitor. I'm not going to comment on their policies but I will say I'd prefer you transfer your domains to us [tiernetworking.com]. :-)

    But at any rate, in all seriousness, no matter who you go with, transfer your domains away from NSI. They are simply too careless, IMO.

  • So, after my earlier rant, I get my snail mail today, and find a renewal notice from Network Solutions for a domain I purchased with a different registrar. Ok, this may be acceptable, but thats not the point. Through the address window on the envelope, 1 line above my address is the line "Log on with you PIN: -pinnumber-"

    Isn't this a little bit insecure? I mean, I doubt any jackass in the mail room at the post office cares about my domain renewal, but come on. I don't use the registrar because they suck, and this proves even more that the company sucks hardcore. Network Solutions can rot in hell for all I care.

  • Re:PGP (Score:2)

    by Zwack ( 27039 )
    Reading the Article it's only a problem if they have access to your private key.

    PGP signing a form seems a more secure method to me than seeing which (faked?) e-mail address it was sent from.

    But I'm probably just too good at faking e-mails... :-)
  • They refused to remove me as a tech contact from a domain.

    Someone i know put me on a domain handled by BulkRegister, because i used to host a couple of their web sites. When this person started being accused of S*P*A*M (may or may not be true), i was getting some heat since i was listed as tech, even though i had nothing to do w/anything at the time.

    I contacted BulkRegsiter.com and said remove me. They said:

    Thank you for your inquiry. Due to our registration policy, only the member of BulkRegister.com who originally registered the domain name has the access and responsibility to modify the domain record. Please contact the other contacts in the domain record for more information.

    On repeated requests, they still refused. I really don't get this stupid policy. What is the point of being a contact if you have absolutely no ability to do anything?

    At least NSI will allow a person to "commit suicide", i.e. remove themselves as a contact.
  • The moral of the story is:
    Don't wait 'til it expires. Just change the registrar.

    Some places like easydns.com (using OpenSRS) will add your remaining time at NSI to your new domain registration. So even if you are cheap, you can move without losing time already paid for.
  • It only applies to detached sigs, the kind you don't use for this type of stuff. And it's a software implementation problem. Your keys aren't affected, so upgrading your software fixes the problem unless you have a bunch of detached sigs floating around.

    I can't be karma whoring - I've already hit 50!
  • Network Solutions has got to be the worst registrar ever. Their administration tools just plain suck. I prefer Registrars Asia [registrarsasia.com], their administration site is very well thought out. I like being able to change parameters for all the domains I control with one click instead of letting some idiot reading email change it for me. Maybe they have scripts that read email now, who the hell knows. FUN!

  • "while I had set up PGP as my Guardian scheme"
    Just so you know: PGP has a minor flaw in it so dont feel that since you have PGP as your guardian scheme your safe. Cnet [cnet.com] has the full article here [cnet.com]. Basically A flaw was found by two Czech researchers in the popular OpenPGP digital signature standard and is said to be real but relatively minor Phil Zimmermann says. From what I know Two Czech researchers said that they had found a hole in it.

  • Move from Verisign. (Score:3)

    by matthew.thompson ( 44814 ) <matt&actuality,co,uk> on Thursday April 12, 2001 @04:13AM (#297563) Journal
    I've been moving all the domains I control over to A.N.Other registry because of inconsistencies like this - plus you can get a domain for $10 a pop at some places helps.

    Verisign have kept on billing us for these though even though their whois claims it's registered through someone-else. When I talk to them about this I get back totally random answers that don't pertain to the question asked.

    Bottom line is that Network Solutions are no longer capable of operating a customer facing service and if you can find an alternative registrar who are efficient, courteous and give the right answer to your questions at the first attempt then you will be better off changing to them.

  • Re:Worst registrar ever! (Score:3)

    by yamla ( 136560 ) <chris@@@hypocrite...org> on Wednesday April 11, 2001 @08:12PM (#297564)
    I agree. I have had nothing but problems with Network Solutions. Currently, they are EIGHT MONTHS behind changing some of my settings after I requested it (and mailed back the form). In that time, I have actually moved house and so I no longer care about the pending change. The place where I work has had similar problems, resulting in more than two weeks of lost email.

    Really, you would be hard pressed to find a worse place to register a domain name. I have had good luck with register.com [register.com], though they are quite pricey. But honestly, stay away from Network Solutions.

    --

Slashdot Top Deals

Two can Live as Cheaply as One for Half as Long. -- Howard Kandel

Close