TheJach.com

Jach's personal blog

(Largely containing a mind-dump to myselves: past, present, and future)
Current favorite quote: "Supposedly smart people are weirdly ignorant of Bayes' Rule." William B Vogt, 2010

Google WhoIs Protection Doesn't Protect

So, I own the domain ribbeh.com but not its content. All my domains I've registered through google (and they then register it with enom) because it used to be pretty simple to register and then configure, it was a consistent $10, they didn't try to upsell me a gazillion things, and their auto-renew policies are kind. (I lost a domain to iDotz before. Never Again.) Additionally they provided whois protection for free. I don't really care about that these days but it was more important to me then (and should have been more important to an old acquaintance I once freaked out when I discovered their name and address simply by checking whois...), in any case it's a nice to have, especially because I hate being forced to be dishonest to protect something. The last name I gave Google was fake as you'll see, but the address used to be a place I lived.

Tonight I was going through my spam folder because gmail's spam filtering has gotten a lot worse than it once was. Found a non-spam email of course. And then I found a spam email about the above domain name expiring this month and telling me to click a link to pay for renewal. (If you actually check the whois, you'll see that it doesn't expire until January.)

What startled me was that it contains the very fake last name and once real address (from which you could infer my last name of course if you wanted to do it the hard way) that google knows, but isn't part of the public whois record. So what gives? How did the info leak? Was there a DB breach I didn't hear about? Or is it trivial to just contact the whois privacy agents and get the real data?

Here's a picture of the email, and following that a picture of the actual whois info if you look up through icann's whois site.





In conclusion, don't ever trust something is private without cryptographic proof.

Posted on 2017-10-31 by Jach

Tags: rant

Permalink: https://www.thejach.com/view/id/347

Trackback URL: https://www.thejach.com/view/2017/10/google_whois_protection_doesnt_protect

Back to the top

Back to the first comment

Comment using the form below

(Only if you want to be notified of further responses, never displayed.)

Your Comment:

LaTeX allowed in comments, use $$\$\$...\$\$$$ to wrap inline and $$[math]...[/math]$$ to wrap blocks.


Archives

All posts, ever (405)

RSS Feed: RSS FEED

Selected Posts

Thoughts on Writings on Lisp The Last Choice Jump Game As Interview Problem, Domain Solutions OOP in C with Function Pointers and Structs What is customer trust? Correlation is evidence of causation Absence of Evidence is Evidence of Absence Mesh Current Method A new favorite equation? Mindlessness Meditation Sephira Su Archives

Recent Posts

Japan Trip 4 and 5
2024-02-29
Possible errors and downtime
2024-01-18
Parting is such sweet sorrow
2024-01-14
Leaving a mark
2023-12-20
Keep saying no to unionizing tech
2023-11-21

Recent Comments

@ Anon October 31, 2023 Well, Sapphirus isby Anonymous on Furcadia is Dead
December 18, 2023 03:08 PM
At least this page will remain up. If the siteby Jach on Furcadia is Dead
November 03, 2023 09:35 AM
The forums were closed because Sapphirusby Anonymous on Furcadia is Dead
October 31, 2023 07:16 AM
Just a random internet user passing by. Iby Anonymous on Furcadia is Dead
October 05, 2023 07:04 AM
Welp, guess this thread is now dead. Kind ofby Anonymous on Furcadia is Dead
June 21, 2023 11:00 AM

Tag Cloud

aliens
 (1),

altruism

 (3),

Anarchy

 (14),
anime
 (2),

anti-anarchy

 (3),

artificial intelligence

 (9),
assembly
 (1),

atheism

 (9),
awesome
 (1),
bash
 (1),
basics
 (1),

bayes

 (8),

books

 (8),

business

 (3),

c

 (9),

c++

 (4),
cars
 (1),
circuit analysis
 (2),

clojure

 (13),
cloning
 (2),
cognition
 (2),
college
 (1),
comics
 (1),
computer engineering
 (2),
couchdb
 (1),

cryonics

 (3),
curl
 (1),

daily life

 (15),

databases

 (3),

debate

 (3),
demo
 (1),
design
 (1),
disaster
 (1),

economics

 (3),
evolution
 (2),

existentialism

 (3),
FFP Machine
 (1),

fiction

 (4),

flex

 (5),

fodder

 (31),

food

 (3),
forth
 (1),
FPGA
 (2),

free will

 (4),
french
 (1),
furcadia
 (1),
future
 (1),

games

 (6),
git
 (2),

government

 (33),
grammar
 (1),

hacking

 (3),
HDL
 (1),
hiring
 (2),
history
 (1),
immigration
 (1),

intellectual property

 (9),
italy
 (1),

japan

 (5),

java

 (5),

jMonkeyEngine

 (4),

language

 (5),

learning

 (5),

lisp

 (16),
LucidDB
 (1),
management
 (1),

math

 (25),

memo

 (8),
money
 (1),

morality

 (27),
music
 (1),

nanotech

 (3),
NaNoWriMo2009
 (2),

NaNoWriMo2010

 (3),
nature
 (2),
nim
 (2),
non-cooperation
 (1),

non-violence

 (12),

open source

 (5),
PARODPY
 (1),
patents
 (1),

personal

 (65),

philosophy

 (86),

php

 (9),

physics

 (3),

pithy

 (3),
poetry
 (1),
privacy
 (1),

probability

 (7),

programming

 (100),
psychology
 (2),

pygame

 (3),

python

 (14),
quality
 (1),
quotes
 (1),
race
 (1),

rant

 (33),
rap
 (1),

rationality

 (19),

religion

 (15),

religious thinking

 (4),
response
 (2),

reviews

 (6),
safety
 (1),

school

 (12),
science
 (1),
scifi
 (1),
scripting
 (1),

security

 (3),
services
 (1),
silly
 (2),

singularity

 (6),
soldiers
 (2),
song translation
 (1),
sql
 (1),
statistics
 (2),

stupidity

 (17),

taoism

 (5),
teaching
 (2),
technology
 (2),
testing
 (1),
The Void
 (1),

thought

 (42),
tip
 (2),

tips

 (13),

travel

 (6),

uberman

 (4),
unicode
 (1),
utility
 (2),

vim

 (3),
vtuber
 (2),
words
 (1),
work
 (2),
xml
 (1)

Better Websites

Overcoming Bias Dan Luu's Blog Coyo's Channel 🐺🐾 Hacker News Less Wrong Sequences Gwern's Essays Current Events Moldbug's Essays Paul Graham's Essays Ridiculous Fish Kim Øyhus's Home Page Paul Nylander's Web Site Evo Psych Articles Warp's Rants