|
|
|
|
|
|
by fwlr
1175 days ago
|
|
|
It shouldn’t be hard for someone making these claims to show whois data before and after. Maybe the whois before requires some foresight, but the whois after does not. I will note that despite putting “Confirmed” in the title of their Reddit post and saying they did a whois search that showed Namecheap had bought the domain, the user has not provided that whois data, nor the domain name so that others can independently confirm. The price of a domain registration going up in real time as you’re trying to buy it is obviously a frustrating experience. Domain name frontrunning is a legitimate concern, shady registrars have done it in the past (e.g. NetworkSolutions), and there are many other entities besides registrars that might do it as well. Trying to register a domain name is notably not a hygienic process at the best of times, the information that someone might be willing to pay money for a particular domain name could leak and be exploited at many different stages of a typical search process. Unfortunately, the user only finds out they’ve been exploited when they try to pay on the registrar’s site. Registrars concerned about being unfairly accused might find that providing some transparency into the process can assuage this reaction - perhaps a “why did this price go up?” button/link that shows excerpts from your log history of whois calls for that domain name, or if the problem is the gTLD provider changing their prices on the fly, maybe a log of that information over time. (Exhaustive potential conflict of interest disclaimer: I hold ~$40/year worth of registrations through Namecheap and another ~$30/year worth of registrations through Gandi. Besides these two aforementioned purchases, I do not and have never been employed by, held an investment position in, or maintained any other kind of financial relationship with any domain registrar [lookup service, TLD provider, etc.] in any form.) |
|
|
I chose three domains, and for each of them, did a whois query from a local terminal then looked them up on Namecheap. All three are domains I can imagine someone registering (i.e. not just keyboard mashing).
They have these SHA1 hashes (echo -n '$domain $salt', all salts are the same string):
3ded27709bfcbba44ce893262f531c595ee82f72
78eb52058b915fde23df7289250146e4a6622a9e*
e5db7a02eec8ce2b351a5955d84cc6daa561a41f*
These three I did not whois first, and only looked up on Namecheap:
8d59b003b9261bbb7f8268d8f56fbebb1574688f
68a87269d6011110c43ec6bb928ca008de4fcb6e
fa636723fb66d2fb4e93b317f185eb058149e53b*
I will check them again sometime tomorrow and report back (and reveal the domains then).
(I have four domains registered with Namecheap, no other allegiances of any sort. I was not logged in while testing this.)
* Edit: Well, this is embarrassing. I posted this, then closed the Termux session on my phone where I was hashing them... without saving the hashes. Apparently that doesn't write to .bash_history. I recovered three of them from memory by brute forcing words I'd used against a list of TLDs. I'll update again if I remember any of the others.
If this sounds incredibly suspicious to you given the entire point of this comment, I don't blame you. I encourage people to try the same experiment on their own anyway, especially sometime when this isn't in the news.
Archive link of this comment from before I edited it: https://web.archive.org/web/20230329003044/https://news.ycom...