Monday, September 29, 2014

How not to Transfer Your Domains Between Registrars

UPDATE IV - Dec 2018 - Four years on from my original debacle I've given Gandi another shot. The main reason being that I've bought a pair of FIDO u2f keys and have managed to drop all TOTP sites. Gandi is one of the few registrars to offer u2f support and I was really unimpressed with Hover support's reply when I asked about it. Gandi also seems to be very well respected amongst people that I respect.

The good news is that Gandi appears to have seen sense and has overhauled their system to allow an account to use a different email address to the domains that it manages. Having said that I wasn't taking any risks this time and made sure all the owner info matched up with the Gandi account.

The small hitch with the transfer this time seemed to be at the Hover/Tucow end as I only received their Transfer Away email after manually prompting their support and then I found the email to be rather misleadingly worded. Reading the description below would you expect to be able to confirm the transfer to proceed immediately at the linked page?



Original post:

TL;DR: i) Before transferring your domains to a new registrar Gandi.net make sure every single piece of contact information on them is EXACTLY the same. ii) I can't recommend Gandi.net.

I own several domains, one of which I use for my primary email address. A while ago I read Naoki Hiroshima's account of being held to ransom due to someone taking over the domain he used for his primary email address. At the time I contacted my registrars to ask what security measures they had in place to make sure this wouldn't happen to me (not that I think I have much of value to steal). Their replies didn't fill me with confidence. More recently I read of a registrar that can enforce two step authentication on accounts, Gandi.net. I decided to take the plunge and initiated the transfer of my two .co.uk domains (free), three .com domains (£8.63 each) and one .it domain (£9.20) to Gandi.net.

The .co.uk domains transferred very quickly, apparently without issue, however I noticed that the "owners" of the two domains were two different accounts to the one I was currently logged in as. Upon contacting Gandi they told me that because my details were slightly different for each of the two domains and for the administrative/technical contacts three accounts had been created. I could have used the two owner accounts and ditched the admin/tech account, but that was the account that I had also requested the .it and .com domains be transferred to. Gandi told me that to transfer the domains between accounts I would effectively be changing the owner of the domain. So I initiated the process to transfer the two domains to my main account, which would apparently cost me £4.60 per domain, not too expensive, and hopefully they'd be renewed in the process. But after following their instructions I was further notified that I would need to initiate the transfer with Nominet and pay them a further fee of £12 per domain. Considering I wasn't even transferring the domains between people I felt this was getting a bit ridiculous and gave up.

After three days I was notified that there had been an error transferring the .it domain. Gandi's wiki said that the error message meant that my previous registrar had blocked the transfer, so I contacted Livetodot. Livetodot said that the domain had been successfully transferred away from them and pointed out that the whois record even specifically said so. So I went back to Gandi. Another day later I got an email confirmation from Gandi saying that the domain transfer was complete, but gave no explanation as to what had gone wrong. During this period DNS had been failing on my domain for at least three days. It was at this point that I realised how stupid it was to use my primary email address on the domain that my primary email address uses, and I started to get nervous. While the .it transfer had now been successful, the domain owner apparently didn't exactly match any of my three Gandi accounts and so a fourth account had been created and marked as owner.

Luckily my three .com domains, including my primary email domain, eventually transferred without incident, and with the original Gandi account as the owner. I can now use this account as a central account to administer all of my domains as it is at least the technical contact for all my accounts. However I now have another issue besides the four accounts. As I said above I think it's stupid to have the contact email address of a domain using that same domain, so I would like to change the email address on just that domain. However Gandi's system doesn't seem to allow for that, only allowing one account to have one email address, so to change the email address for one of my .com domains I have to change it for all the domains owned by that account.

All in all I don't think I can recommend Gandi.net. Their system seems to be based on the incorrect assumption that each account is a different entity and each entity will only have one email address. I also wonder if other registrars (and why Gandi doesn't) just recognise an email address as a unique identifier and not worry if other details are slightly different.

Having done a bit more research there are other registrars that can do two step authentication, including Hover and EuroDNS. Reading Naoki Hiroshima's post again I notice that the hacker actually recommended NameCheap and eNom as secure registrars, although that information is a bit dated now and besides, I'm not sure if we should trust a hacker.

UPDATE: When I was initially thinking of going through with transferring the .co.uk domains to a single account I created an account with Nominet and I seem to remember being able to see both of my domains, but now I can only see one. Nominet and Gandi both say that this is because the two domains have different email addresses on the owner contact, but in the Gandi control panel they both look the same to me.

UPDATE II: After getting pretty much nowhere with their support I emailed their batline, nobullshit(at)gandi.net. Coincidentally or not the very same day their support agreed to transfer my .co.uk domains to my central account if I were to change my email address at Nominet. Nominet let you change your email address without any sort of confirmation with the old email address or the new email address, something that I pointed out to them was likely to get domains lost or stolen. A week later my domains still haven't been transferred. I also got a direct reply from Gandi's COO and "Chief Evangelist". Unfortunately this email confirms that their "no bullshit" tag line is just that, bullshit.

UPDATE III - Sept 2015 - A year on my renewals have come up again and I decided to put my money where my mouth is and join Hover. So far the move has been a joy by comparison and the transfer has worked the way that I would expect, you create one account and transfer your domains to that account. The one gotcha being that they don't automatically update your domains to use their DNS servers.

Thursday, February 27, 2014

Recommended Apps for Windows Phone 8

True Calendar 8

The native WP8 calendar sucks, it defaults to viewing one day, but doesn't fit it onto one screen, it doesn't have a week view at all, the month view is pretty much useless because you can't read the appointments and if you try to click on them or click on a day it switches to the crappy day view.

I can't recommend True Calendar 8 highly enough, it possibly has too many configuration options, and you can only have a maximum of one account each of Google, MS and Facebook, but apart from that it's pretty much perfect and is what the native calendar should have been.

Ocell (Twitter)

Ocell is buggy, crashing and refusing to load tweets relatively often, however in my experience, and given my demands, it is still by far the best WP8 Twitter app that I've seen. My demands mainly being configurable, swipeable columns, mainly consisting of my lists, just like Tweetdeck and then Hootsuite let me do.

Flickr Central / Flickr Booth

Flickr Central and Flickr Booth are both very good apps. They both allow you to automatically upload images, periodically update the lock screen image from particular pools of Flickr photos and view activity on your photos and your contacts' latest uploads. They also both improve on the manual uploading of images.

Flickr Central has a better photo page and a better page for showing you activity on your own photos, however it doesn't show replies to your comments on other people's photos.

UPDATE Aug 2014: I don't know if it's WP8.1 or what but recently I've been finding FC's auto-upload buggy and I can no longer share photo URLs and the developer is no longer responding to emails.

Flickr Booth has a nice tile for the start screen that can show you recent uploads from your contacts or activity on your photos. It also allows you to specify what album to auto upload from and what date to start uploading them from. However the lock screen image rotates too often IMHO and only uses your 10 most recent favourites.

The official Flickr app sucks, mostly because the logo and title always cover half the screen. Yes, really. It's also missing auto uploading and uploading multiple images from the share context menu.

Flickr Auto-Uploader

Flickr Central's auto-uploader stopped working for me, and then so did Flickr Booths. I uninstalled Flickr Booth in order to reinstall it only to find that it was no longer available in the store. I have now written my own Flickr Auto Uploader for Windows Phone which has the added bonus of being able to upload videos and high resolution images from Lumia 1020s, as well as the option of choosing any albums to upload from.

Phone Tracker

I don't expect this will be on everyone's essentials list, but I really like having a record of my location, mostly so that I can geo-tag my photos. Phone Tracker is just the ticket, very simple and straightforward, it can upload kml files nightly to SkyOneDrive. My only two complaints are that a) it puts the files in the root, cluttering them up, it would be much better if it used its own subdirectory and b) time stamps are saved without a time zone, which is a real pain in the arse.

SMS to Speech

Not an app, but the other day I found a setting which covered an app that I used to find very useful on Android, Settings -> Speech -> Read incoming text messages aloud. Unfortunately it's crippled somewhat by the fact that it asks you whether you want it to read the text message or not. Somehow I don't think that's going to be very practical when I'm riding through London :-/

Others

Authenticator for accounts that use such two step authentication like Google and MS. Has a handy copy feature. TV Guide for UK TV schedules.

Obviously

Facebook, Instagram, eBay and Whatsapp. Although I wish Whatsapp would use different colours for different people in group chats.

MIA

Firefox. I'd also really like a decent IMAP client. The native mail client is fine for basic stuff, but I'd really like something that handled folders with more finesse. Note that Mail Plus is not an email client, it's for sending emails with attachments.

Saturday, January 04, 2014

Script to set Firefox zoom/dpi/devPixelsPerPx on the command line


#!/bin/bash

PREF=~/.mozilla/firefox/*.default*/prefs.js
BAK="$PREF.bak"
SETTING="layout.css.devPixelsPerPx"

CURR=$(grep $SETTING $PREF)

cp $PREF $BAK
grep -v $SETTING $BAK > $PREF
echo "user_pref(\"$SETTING\", \"$1\");" >> $PREF

/usr/bin/firefox

cp $PREF $BAK
grep -v $SETTING $BAK > $PREF
echo $CURR >> $PREF