How to keep your who is private.

[Diomed]

So what I'm wondering,

is if you have a domain that is currently using a proxy or domain privacy, but wasn't when you registered it.. How easy ie it to find that original who is info BEFORE it went private?

Say it has been regged for 2 years. First year it wasn't protect, second year renewal privacy was added.

My question is.. If you had a good domain but wanted to use it and stay completely anonymous (lets say a blog with sensitive but not illegal info, nothing to do with porn) what steps would you take to assure anonymity?

[Paul&John]

Not sure if you can do anything about the cached information before it went private.. however maybe i would transfer the domain to a new registrar with no private whois enabled, but with fake info.. then move it back to private whois.. so maybe the new fake stuff will overwrite existing records where it was cached..

[ErectMedia]

I wouldn't trust any private whois to keep it 100% private. I've been selling/brokering domains for over 11 years and without saying too much let's just say I can get info on almost any domain. You're better off using a PO Box and google voice or throw away cell number so if shit ever does come loose it's not gonna reveal your home address/home phone.

[AdultKing]

Quote:

Originally Posted by Diomed

So what I'm wondering,

is if you have a domain that is currently using a proxy or domain privacy, but wasn't when you registered it.. How easy ie it to find that original who is info BEFORE it went private?

Very easy, the historical data is available for every domain that exists.

As for WHOIS Privacy, don't rely on that either.

If you're going to use false information on your domain registrations then you risk losing the domain.

[NALEM]

Write me directly at alex AT nalem DOT com
Every method has its risks and benefits.

[VikingMan]

Change the whois and registrars a few times to distance yourself. Then it will look like it has been bought and sold a few times by people and companies in different parts of the world. If someone emails you off the new bogus whois then respond in broken English to make it seem legit. Then if someone ever comes to you and says "hey I see your name in the whois history you can just say "yeah I buy and sell hundreds of domains". Make sure the last registrar you use when you launch your site is based in another country to complete the illusion. That is what I did so that I will never be linked to domains like Straightmenwholovehungcollegeguys.com

[signupdamnit]

Quote:

Originally Posted by ErectMedia

I wouldn't trust any private whois to keep it 100% private. I've been selling/brokering domains for over 11 years and without saying too much let's just say I can get info on almost any domain. You're better off using a PO Box and google voice or throw away cell number so if shit ever does come loose it's not gonna reveal your home address/home phone.

Good advice on the PO Box and the Google number but keep in mind that the USPS has a policy where basically if anyone asks for your home address based on your PO Box they have to give it out. There is a form which they simply fill out to get the info.

The other thing is watch the ARIN (IP ownership data) data if you have a dedicated host. Once that gets out it's hard to get it back and you may not notice until it is too late.

The good news is that typically the public free services drop the old data after a few years or at least it is inconsistent on Google. If your info does get out on something embarrassing the best policy I have found is to change it so it is no longer valid to minimize the damage. For instance if your phone number gets out then change the number (obviously this doesn't work so well for your name). Soon people will forget your old number and it is far less likely to have the embarrassing info associated with you. Then NEVER give out sensitive info to anyone ever again. Enforce the barriers and make no exceptions going forward.

[L-Pink]

Quote:

Originally Posted by ErectMedia

I wouldn't trust any private whois to keep it 100% private. I've been selling/brokering domains for over 11 years and without saying too much let's just say I can get info on almost any domain. You're better off using a PO Box and google voice or throw away cell number so if shit ever does come loose it's not gonna reveal your home address/home phone.

Thanks

[signupdamnit]

For instance PhoenixNAP will automatically use the address and contact info you give them for your ARIN IP data. Be mindful of what you give them or you may get a nasty surprise.

[ErectMedia]

Quote:

Originally Posted by signupdamnit

Good advice on the PO Box and the Google number but keep in mind that the USPS has a policy where basically if anyone asks for your home address based on your PO Box they have to give it out. There is a form which they simply fill out to get the info.

Can't speak for all of them but my buddy works at the one I use and they don't release without a court order and the form.

[signupdamnit]

Quote:

Originally Posted by ErectMedia

Can't speak for all of them but my buddy works at the one I use and they don't release without a court order and the form.

My info is probably a bit dated but as of 15 years ago when I researched it the physical address you put on the form when applying for the PO Box can be given out to someone if they ask. Especially if it is for business.

I don't have a lot of time to research but in five minutes I found this which is more for the old PMBs but I bet it applies to regular po boxes in some way too.

Quote:

In the name of fighting mail fraud, as of June 24 the USPS will deliver only to CMRA customers who have filled out a new Form 1583 and produced two forms of identification, including a photo ID. Copies of each ID will be kept by the CMRA and the USPS. Customers using their boxes for business will have to provide home addresses and phone numbers, and the information will be made available to anyone for the asking.

All private box holders will have to contact every person or entity that might send them mail in the future and advise them that the acronym ?PMB? (Private Mail Box) must proceed the renter?s box number on a separate line in the address, because, starting in mid-October, the USPS will not deliver mail to CMRAs without this code.

http://www.cato.org/publications/com...-right-privacy

Quote:

Ehat (4/20/06)

I have never once had a problem because I never once have asked the UPS store franchisee for the information. I have always asked the U.S. Postal Service itself, which has always come through, and very, very promptly, too. I send out (with a postage-paid reply envelope) a Request for Boxholder Information form, in accordance with 39 C.F.R Section 265.6(d) (1989). There is no fee for providing boxholder information. http://www.usps.com/foia/_rtf/39CFR265-266.rtf I personalize the form and that does not seem to matter. It is used, of course, only for service of process but if that is your goal, you might want to try it. Look up the address of the correct post office to send it to using the USPS Web site.

http://www.junkfax.org/fax/misc/pobox.htm

[ErectMedia]

Quote:

Originally Posted by signupdamnit

My info is probably a bit dated but as of 15 years ago when I researched it the physical address you put on the form when applying for the PO Box can be given out to someone if they ask. Especially if it is for business.

I don't have a lot of time to research but in five minutes I found this which is more for the old PMBs but I bet it applies to regular po boxes in some way too.



http://www.cato.org/publications/com...-right-privacy



http://www.junkfax.org/fax/misc/pobox.htm

Wouldn't matter to me as doing nothing illegal and ya would have to get through 3 deadbolted doors to get to me anyway

[signupdamnit]

Quote:

Originally Posted by ErectMedia

Wouldn't matter to me as doing nothing illegal and ya would have to get through 3 deadbolted doors to get to me anyway

Yeah it doesn't matter that much to me either. But I guess if you are really pissing people off and/or have crazed stalkers you might want to know.

Here is the working form for getting the info:

https://about.usps.com/who-we-are/fo...older-form.pdf

This is under the guise of wanting to serve process. However it explicitly allows pro se filings. So really if someone wanted to find out badly enough they could.

[ErectMedia]

Quote:

Originally Posted by signupdamnit

Yeah it doesn't matter that much to me either. But I guess if you are really pissing people off and/or have crazed stalkers you might want to know.

3 deadbolts, time to lock and load.

Since were on the topic saw this at another forum if your registrar doesn't offer free whois privacy...

http://anonymize.com/how-it-works/

Disclaimer: I have nothing to do with this site. Don't personally use it. Didn't research who's running it so use at your own risk.

[InfoGuy]

Quote:

Originally Posted by Paul&John

maybe i would transfer the domain to a new registrar with no private whois enabled, but with fake info

This is a bad idea. Using fake info in your WHOIS record is against ICANN rules and grounds for cancellation of your domain.

[edgeprod]

Historical domain data is how I've unmasked a lot of GFY trolls, like VenusBlogger. Best of all, it's not even against GFY rules -- WHOIS is public info.

[Klen]

Quote:

Originally Posted by signupdamnit

For instance PhoenixNAP will automatically use the address and contact info you give them for your ARIN IP data. Be mindful of what you give them or you may get a nasty surprise.

Mojohost do same,tho not with every client only for problematic ones like me lol.

[Klen]

Quote:

Originally Posted by ErectMedia

3 deadbolts, time to lock and load.

Since were on the topic saw this at another forum if your registrar doesn't offer free whois privacy...

http://anonymize.com/how-it-works/

Disclaimer: I have nothing to do with this site. Don't personally use it. Didn't research who's running it so use at your own risk.

Looks quite fine.Beside privacy whois is nothing spectacular,basically you put your data instead client data and that's it,anyone can offer it.

[Diomed]

All good advice,

I guess it's pretty fucking difficult to run a website anonymously these days.

But listen to this..

Once when I was younger and an idiot.. I used a trademark in a domain of mine that was privacy protected but also had the original who is info faked.

Well sure enough they got that form so they could snag the domain off me, but in the formal litigation papers they had my real name.

How the fuck did they do that when I had faked the who is? Can they actually go pull up the credit card the domain was regged on as well?

And for the record again, the problem with my current situation is that it is a good domain. I want to publish sensitive info that might offend people but it's all legal and above board.

Faking the who is is one thing.. But apparently it doesn't work anyway so what is the point?

People talk about anonymous prepaid debit cards, but every prepaid debit card I've ever used requires your real name and address and double checks it. But I could perhaps just not have found the right card yet..

Regardless, thanks for the helpful incites.

I hate to give up this domain just because I didn't register it private the first year.