1. 30
  1. 11

    TIL I can buy domains and then cancel the money transfer

    1. 1

      This illustrates why 3rd party escrow services are important when doing legitimate transactions.

      1. 4

        She used an escrow service. I’m confused about that.

    2. 6

      This is what 2nd Factor Authentication is designed to prevent and why I turn it on and use it. It’s adds a step where the hacker would have to get HostMonster to turn off 2FA via a support ticket which would require them to verify my identity.

      1. 3

        I know for a fact at least one major domain registrar accepts forged IDs without questioning it.

        No further comment.

      2. 8

        TL;DR: I know nothing about technology and here’s how I got my domain name back, with little real details.

        1. [Comment removed by author]

          1. 15

            I agree that this was better than most write-ups by laypeople on such situations. Further, it details the experience one is likely to go through. It also makes it clear to other laypeople you can’t trust the hosting sites to help you protect your domains. I bet many would’ve assumed otherwise.

            1. 3

              Don’t forget that she ignored more than one sign that something was off, especially the notification from Google about a new login.

              1. 2

                I think the writeup is pretty good, and I also wonder if any writeup that is a better postmortem from our point of view would be harder to relate to (for the people with non-technical skill sets). I don’t know whether the original post as it is will make any people pay more attention to suspicious situations, though.

              2. 13

                I don’t understand why you felt this comment was warranted.

                1. 6

                  Don’t forget the “security advice” at the end.

                  1. 5

                    I think it illustrates why it’s a bad idea to share an account between multiple people, even if they’re your significant other.

                    1. 2

                      Not just «even if they’re your significant other» — even if you trust them not to do anything wrong and even if they do not betray that trust.

                    2. 7

                      So not too different from most Medium posts on technology.

                      1. 4

                        Admittedly they’re comparatively rare, but I have seen some pretty in depth technical write-ups on Medium.