Owning a .com anonymously and securely. Is it possible?

Discussion in 'privacy technology' started by Gnikf, Nov 2, 2012.

Thread Status:
Not open for further replies.
  1. Gnikf

    Gnikf Registered Member

    Joined:
    Aug 15, 2012
    Posts:
    40
    Ok, there are quite few domain providers that accept liberty reserve or bitcoins to register a domain for you. So the payment is anonymous but

    a. You use whois guard with your real info underneath, so the registrar has it and most of them will provide it even before the court order.

    b. you use fake info for the whois (regardless you have whois guard on top or not). Ok, you can't be traced back, but the domain can be suspended at any moment for failing to complain the ICANN regulation for having real contact info.
    Which has a sub-questions btw. Does that actually happen, and how do they check if the info isn't real?


    c. some of those registrars offer a real whois protection where the domain is registered under the name of a company, usually in a free speech friendly country. So you have your anonymity, technically the ICANN regulation is fulfilled BUT actually the domain isn't yours.
    So if for example the site you run becomes super profitable or attractive to the whois company for some reason, they can take control point it to their server*.


    I just wanted to start a discussion about it to see if i'm missing an angle here or if someone can suggest a better way where you have anonymity AND security that you can keep the domain.
     
    Last edited by a moderator: Nov 2, 2012
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    If you're concerned about the possibility of takedown, don't use domain extensions that are controlled by likely censors. I don't see a way around trusting your hosting provider. Unless you've taken suitable precautions, don't assume that Bitcoins (or even LR) are anonymous.

    If anonymity is that important, you could run a Tor hidden service site. But you still need to trust your hosting provider. You could host from home/work via VPN and/or Tor. That's more secure, but you're likely hosed if discovered.
     
  3. Gnikf

    Gnikf Registered Member

    Joined:
    Aug 15, 2012
    Posts:
    40

    I might be wrong here, but isn't ICANN (US based company) the highest autorhity even for country code domains. After all the create the country codes and give them to countries.
    Still it would be nice to be able to use .com for this project. I suppose those are fully depending on the mood of the US government?

    I don't care about the hosting provider, because it's not an asset, you can change them in an hour. While domain, once well known and visited, that's an asset which if you lose, you basically start the marketing from scratch.

    While bitcoin and LR are not 100% anonymous out of the box, they could be made so.

    Tor hidden service site, will automatically make the site like 99% less visited.

    Anyway, lets not drift it about hostings, that's another topic, lets see what's the best way to get domain anonymously and keep it yours.
     
  4. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    WhoisGuard and other whois privacy services are known for giving up your information at the slightest hint of trouble. I wouldn't rely on them for keeping your identity truly secret.
     
  5. tooth

    tooth Registered Member

    Joined:
    May 21, 2009
    Posts:
    32
    Depending what you are running on the website, you could always also add Cloudflare on the DNS side to add another layer of hassle for the would be reporter...

    This isn't on the whois side, but it would help provide some protection. If you don't need email functions on your site, you can remove the MX record (depending how much control over the domain you have) which when the person tries a lookup on your site, they can't directly find your web hosting provider, it only shows Cloudflare info.

    If you do use email, I think you have to configure it separately of Cloudflare or it will show the primary IP on the site. (since last I check CF doesn't route email traffic traffic through their servers).

    Fake Info + Private Whois + Cloudflare = More hassle of getting reported for something, but in the end it depends on the determination of the person looking and what you are hosting that warrants being so much "privacy".
     
  6. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    There's either one thing has to be present - anonymous payment (with no paper trails) OR domain obtained via free/third party means.

    This is based on personal experiences since the beginning of domain buzz in the early 1990s.
     
Loading...
Thread Status:
Not open for further replies.