Preventing WHOIS

Discussion in 'Computer Security' started by tobito85@gmail.com, Feb 23, 2009.

  1. Guest

    Hello!

    I LOVE privacy. Is there a way to set up a website anonymously? Right
    now anyone can use whois http://www.yourwebsite.com and he'll find out
    who the domain is registered to. There is the possibility to use a
    company that offers you a proxy server but then that company legally
    becomes the holder of that domain.

    I'd like to be the sole owner of the domain and yet be impenetrable to
    the whole whois gestapo thing. Is there a way?

    Are there some top level domains that are more suitable for this than
    other?

    Is there anybody out there who can offer me some help, give me some
    pointers of something?
     
    , Feb 23, 2009
    #1
    1. Advertising

  2. Ari© Guest

    On Mon, 23 Feb 2009 08:06:35 -0800 (PST), wrote:

    > Hello!
    >
    > I LOVE privacy. Is there a way to set up a website anonymously? Right
    > now anyone can use whois http://www.yourwebsite.com and he'll find out
    > who the domain is registered to. There is the possibility to use a
    > company that offers you a proxy server but then that company legally
    > becomes the holder of that domain.
    >
    > I'd like to be the sole owner of the domain and yet be impenetrable to
    > the whole whois gestapo thing. Is there a way?
    >
    > Are there some top level domains that are more suitable for this than
    > other?
    >
    > Is there anybody out there who can offer me some help, give me some
    > pointers of something?


    Lie.
    --
    Meet Ari! http://tr.im/1fa3
    "To get concrete results, you have to be confrontational".
     
    Ari©, Feb 23, 2009
    #2
    1. Advertising

  3. No One Guest

    On Mon, 23 Feb 2009 11:10:02 -0500, Ari© wrote:
    The person who calls himself "No One", but who's real name is Dan
    Camper, used this as his signature in his post above:

    Meet Ari! http://tr.im/1fa3

    Only thing is, the person depicted in the photograph at
    http://tr.im/1fa3 is *not* Frank J. Camper, or as he calls himself,
    "Ari".

    That is a photo of "Kinky" Friedman, who has a webpage at
    http://www.kinkyfriedman.com/

    FYI
     
    No One, Feb 23, 2009
    #3
  4. Gerard Bok Guest

    On Mon, 23 Feb 2009 08:06:35 -0800 (PST),
    wrote:

    >I LOVE privacy. Is there a way to set up a website anonymously? Right
    >now anyone can use whois http://www.yourwebsite.com and he'll find out
    >who the domain is registered to. There is the possibility to use a
    >company that offers you a proxy server but then that company legally
    >becomes the holder of that domain.
    >
    >I'd like to be the sole owner of the domain and yet be impenetrable to
    >the whole whois gestapo thing. Is there a way?


    Sure. Host your website on 10.0.0.1
    Or on 127.0.0.1
    Absolute privacy guaranteed. And cheap too.

    --
    Kind regards,
    Gerard Bok
     
    Gerard Bok, Feb 23, 2009
    #4
  5. wrote:

    > I LOVE privacy. Is there a way to set up a website anonymously? Right
    > now anyone can use whois http://www.yourwebsite.com and he'll find
    > out who the domain is registered to.


    $ whois yourwebsite.com

    Registrant:
    yourwebsite
    36480 Peugeot Place
    Newark, California 94560
    United States

    Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
    Domain Name: YOURWEBSITE.COM
    Created on: 02-Jan-98
    Expires on: 01-Jan-10
    Last Updated on: 29-Dec-08

    Perhaps you would want to use "example.com" (reserved for the purpose)
    instead of a domain name actually owned by someone.

    > There is the possibility to use a company that offers you a proxy
    > server but then that company legally becomes the holder of that
    > domain.


    Got a cite for that? I've a couple of domains and the privacy company
    does *not* own them.

    > I'd like to be the sole owner of the domain and yet be impenetrable
    > to the whole whois gestapo thing. Is there a way?


    Yes. Avail yourself of the privacy services offered by your registrar.
    Normally, it is an extra-cost option, maybe $9USD or about 78 Swedish
    Kronor per year.

    > Are there some top level domains that are more suitable for this than
    > other?


    No.

    > Is there anybody out there who can offer me some help, give me some
    > pointers of something?


    Explore your registrar's site for the privacy option. Ex:
    http://www.godaddy.com/gdshop/dbp/landing.asp?ci=9002

    --
    -bts
    -Friends don't let friends drive Windows
     
    Beauregard T. Shagnasty, Feb 23, 2009
    #5
  6. nemo_outis Guest

    wrote in news:86f6648a-5e21-4078-ac89-b7069fd25f62
    @n2g2000vba.googlegroups.com:

    > Hello!
    >
    > I LOVE privacy. Is there a way to set up a website anonymously? Right
    > now anyone can use whois http://www.yourwebsite.com and he'll find out
    > who the domain is registered to. There is the possibility to use a
    > company that offers you a proxy server but then that company legally
    > becomes the holder of that domain.
    >
    > I'd like to be the sole owner of the domain and yet be impenetrable to
    > the whole whois gestapo thing. Is there a way?
    >
    > Are there some top level domains that are more suitable for this than
    > other?
    >
    > Is there anybody out there who can offer me some help, give me some
    > pointers of something?



    It can be done very privately but it requires *your own* company.

    I give the strongest way below but using any company (either one you
    already own or a newly-set-up one - I believe *everyone* should own at
    least one company) will go a long way to shielding your personal privacy.

    For ordinary privacy (not, say, thwarting a multi-million-dollar lawsuit)
    the **simple unadorned version** (i.e., any old company with no
    embellishments, with all domain registration addresses, etc. as the
    company's) is plenty.

    But if you want *maximum* privacy, here's how:

    A (USian) LLC is preferable to a traditional company. And the best LLC
    is a New Mexico one (permits bearer shares, etc.). An LLC has an address
    for its New Mexico "agent" but the address of the actual LLC can be (and
    usually is) elsewhere (in fact, the mailing address can be different from
    the place of business address and both can be different from the agent's
    NM address). There is no list of LLC members, etc. (well, there is, but
    it's at the LLC's - possibly offshore - place of business :) It will be
    next to impossible to trace you personally if you set this up right
    (e.g., have an intermediary set up the LLC and then you buy all the
    bearer shares, etc.).

    Domain registration (I'll speak of .com; requirements can be different
    for some others) is in the company/LLC's name (not a person's). The
    other names that must be given (administrative contact, technical
    contact, etc) will not have personal data for address, etc. but rather
    will use the *company's* address, phone number, email, etc. Anyone
    trying to compromise the privacy of a real live human being (whose name
    may itself be fictitious - the LLC fired and replaced its "administrative
    contact" last month if anyone inquires :) will dead-end at the LLC agent
    (or the LLC's mail drop address) or the actual domain site. (In fact, if
    the domain is hosted, it is common for the "technical contact" to be the
    hosting site fellow.)

    This is much better than lying (it would be a real PITA if, after using a
    domain name for years, you lost it because of a registration
    irregularity) or going through a registration intermediary like Godaddy
    (who then becomes the *real* owner of your domain name).

    Regards,

    PS Initially setting up the LLC (or just a company in your home
    jurisdiction) will typically cost only a few hundred dollars ($300-500)
    and annual operating costs (essentially just for the NM agent) are
    typically $100-200. Not free, but well within reach of anyone who truly
    values his privacy. Pay the LLC fees and the domain name fees with cash
    or money orders.

    (Incidentally an LLC - or better, several of them - have many other uses
    for privacy purposes. There will be no tax complications if your LLC does
    no serious business and/or operates on a flow-through basis.)

    PPS If you are paranoid a number of additional layers of security can be
    added such as having any mail directed to a mail-drop, ideally in a
    foreign country (again, can be done for $100 or so). Similar precautions
    can be done with telephone (e.g., use VOIP, etc.) You can even have the
    LLC itself "owned" not by a person but by a different company (LLC, etc.)
    possibly offshore (usually this level of security is only needed for
    major tax fraud, asset hiding, etc. and not for ordinary privacy).
     
    nemo_outis, Feb 23, 2009
    #6
  7. VanguardLH Guest

    wrote:

    > I'd like to be the sole owner of the domain and yet be impenetrable to
    > the whole whois gestapo thing. Is there a way?


    Sure. Use a registrar that provides for private registrations. ICANN
    requires that registrars provide a name for whomever is responsible for
    the domain registration. The loophole is that the registrar volunteers
    to be responsible. So you register your domain with them but the
    registrar list themself as the contact for that domain. There are
    several registrars that now provide private registrations and the number
    is growing: GoDaddy with their Domains by Proxy service, Network
    Solutions, and WildWest Domains (known for having lots of spam sources
    and affiliate to GoDaddy) are some of them.

    If customers see that you are hiding that they figure there is a
    negative reason to do so and they may not trust you. That's how I feel
    when I find a domain owner that tries to hide. There are better ways to
    block domain registration related spam. For example, in the e-mail
    address you provide for registration (required and is supposed to be a
    valid, active, and monitored account), just use a rule in that account
    to block all e-mails that don't originate from your registrar. You'll
    get their e-mails regarding your registration but dump everyone else's.

    http://help.godaddy.com/topic/248
    http://www.godaddy.com/gdshop/dbp/landing.asp?ci=9002
    https://www.networksolutions.com/domain-name-registration/private.jsp

    However, I've heard that many of them will divulge the actual domain
    registrant when pressed for the information and without requiring a
    subpoena. If the plantiff provides sufficient cause for divulging that
    info, the registrar will release it. You can try to hide. That doesn't
    mean you cannot be found.
     
    VanguardLH, Feb 23, 2009
    #7
  8. > I'd like to be the sole owner of the domain and yet be impenetrable to
    > the whole whois gestapo thing. Is there a way?


    I have one domain registered under a fake name and address, this goes
    against the ICANN rules and they will take it away from me when they
    find out. But they need to find out first.

    If you go down this road I advice you use a working email address to
    get your registrar emails and avoid bouncing them.

    >
    > Are there some top level domains that are more suitable for this than
    > other?


    Many Ltd domains do not allow whois privacy. I would stick to .com and
    ..net
    >
    > Is there anybody out there who can offer me some help, give me some
    > pointers of something?


    You can use the whois protection service at http://www.namecheap.com

    Or Ixquick "Registrar that offers whois protection"

    --
    Privacylover: http://www.privacylover.com
     
    Frank Merlott, Feb 23, 2009
    #8
  9. Gerard Bok Guest

    On Tue, 24 Feb 2009 00:22:49 +0100, Frank Merlott
    <> wrote:

    >> I'd like to be the sole owner of the domain and yet be impenetrable to
    >> the whole whois gestapo thing. Is there a way?

    >
    >I have one domain registered under a fake name and address, this goes
    >against the ICANN rules and they will take it away from me when they
    >find out. But they need to find out first.


    Next problem you may face is proving you are the owner if in fact
    the "registered owner" doesn't exist at all :)

    --
    Kind regards,
    Gerard Bok
     
    Gerard Bok, Feb 24, 2009
    #9
  10. On Feb 23, 8:07 pm, Guy Macon <http://www.GuyMacon.com/> wrote:
    > Gerard Bok wrote:
    >
    > > wrote:

    >
    > >>I LOVE privacy.

    >
    > Why, then, are you posting to USENET in a way that reveals IP
    > address information and details about what kind of operating
    > system and browser you are using, through a company that is
    > well-known for its lack of privacy?


    Don't flame me just because I'm a n00b... :-(


    > >>Is there a way to set up a website anonymously? Right
    > >>now anyone can use whoishttp://www.yourwebsite.comand he'll find out
    > >>who the domain is registered to. There is the possibility to use a
    > >>company that offers you a proxy server but then that company legally
    > >>becomes the holder of that domain.

    >
    > Nonsense. I use 000Domains and they were quite specific in saying
    > that their WHOIS privacy service is done by them providing their
    > information in the WHOIS database rather than yours, and that you
    > still have the same ownership rights (subject to ICAAN policies)
    > as before.


    This contradicts what nemo_outis says.
     
    Torbjörn Svensson Diaz, Feb 24, 2009
    #10
  11. On Feb 23, 8:45 pm, VanguardLH <> wrote:

    > However, I've heard that many of them will divulge the actual domain
    > registrant when pressed for the information and without requiring a
    > subpoena.  If the plantiff provides sufficient cause for divulging that
    > info, the registrar will release it.  You can try to hide.  That doesn't
    > mean you cannot be found.


    What I want to do is percetly legal. I just don't want some animal
    rights/feminist/far left/far right/whatever acitivst to call me in the
    middle of the night and threaten me because of my website. That's the
    amount of protection I want presently. Later on I might want some
    more. Still, if authorities want to find out about me, that's OK.

    I am neither a criminal, nor a terrorist, nor a freedom fighter, nor
    an advocate of extreme ideologies or creeds, but only a slightly
    controversial citizen in need of some basic privacy that I thing is
    being compromized if any random punk can call me in the middle of the
    night and go bananas towards me.

    That's all.

    Kind regards,

    Tobito
     
    Torbjörn Svensson Diaz, Feb 24, 2009
    #11
  12. On Feb 24, 12:22 am, Frank Merlott <> wrote:
    > > I'd like to be the sole owner of the domain and yet be impenetrable to
    > > the whole whois gestapo thing. Is there a way?

    >
    > I have one domain registered under a fake name and address, this goes
    > against the ICANN rules and they will take it away from me when they
    > find out. But they need to find out first.


    Is it heavily trafficed?


    > If you go down this road I advice you use a working email address to
    > get your registrar emails and avoid bouncing them.


    Thanks for pointing it out.


    > > Are there some top level domains that are more suitable for this than
    > > other?

    >
    > Many Ltd domains do not allow whois privacy. I would stick to .com and
    > .net


    What is an Ltd domain? Is it a domain owned by a corporation? Ldt as
    in limited. Or do you mean TLD as in top-level domain?

    I know that e.g. .se doesn't allow privacy.

    > > Is there anybody out there who can offer me some help, give me some
    > > pointers of something?

    >
    > You can use the whois protection service athttp://www.namecheap.com
    >
    > Or Ixquick "Registrar that offers whois protection"


    Thanks.

    Best regards,

    --
    Tobito
     
    Torbjörn Svensson Diaz, Feb 24, 2009
    #12
  13. On Feb 23, 7:31 pm, "nemo_outis" <> wrote:
    > wrote in news:86f6648a-5e21-4078-ac89-b7069fd25f62
    > @n2g2000vba.googlegroups.com:
    >
    >
    >
    >
    >
    > > Hello!

    >
    > > I LOVE privacy. Is there a way to set up a website anonymously? Right
    > > now anyone can use whoishttp://www.yourwebsite.comand he'll find out
    > > who the domain is registered to. There is the possibility to use a
    > > company that offers you a proxy server but then that company legally
    > > becomes the holder of that domain.

    >
    > > I'd like to be the sole owner of the domain and yet be impenetrable to
    > > the whole whois gestapo thing. Is there a way?

    >
    > > Are there some top level domains that are more suitable for this than
    > > other?

    >
    > > Is there anybody out there who can offer me some help, give me some
    > > pointers of something?

    >
    > It can be done very privately but it requires *your own* company.
    >
    > I give the strongest way below but using any company (either one you
    > already own or a newly-set-up one - I believe *everyone* should own at
    > least one company) will go a long way to shielding your personal privacy.
    >
    > For ordinary privacy (not, say, thwarting a multi-million-dollar lawsuit)
    > the **simple unadorned version** (i.e., any old company with no
    > embellishments, with all domain registration addresses, etc. as the
    > company's) is plenty.  
    >
    > But if you want *maximum* privacy, here's how:  
    >
    > A (USian) LLC is preferable to a traditional company.  And the best LLC
    > is a New Mexico one (permits bearer shares, etc.).


    I don't understand "permits bearer shares, etc". How is that
    important? Does bearer shares give me additional privacy, control of
    the company, etc? Bear in mind that I'm a n00b.



    > An LLC has an address
    > for its New Mexico "agent" but the address of the actual LLC can be (and
    > usually is) elsewhere (in fact, the mailing address can be different from
    > the place of business address and both can be different from the agent's
    > NM address). There is no list of LLC members, etc. (well, there is, but
    > it's at the LLC's - possibly offshore - place of business :) It will be
    > next to impossible to trace you personally if you set this up right
    > (e.g., have an intermediary set up the LLC and then you buy all the
    > bearer shares, etc.).


    In case I earn some money, where do I pay the taxes? Do I pay Swedish
    income tax only or do I have to pay some kind of American corporate
    tax as well?

    > Domain registration (I'll speak of .com; requirements can be different
    > for some others) is in the company/LLC's name (not a person's).  The
    > other names that must be given (administrative contact, technical
    > contact, etc) will not have personal data for address, etc. but rather
    > will use the *company's* address, phone number, email, etc.  Anyone
    > trying to compromise the privacy of a real live human being (whose name
    > may itself be fictitious - the LLC fired and replaced its "administrative
    > contact" last month if anyone inquires :) will dead-end at the LLC agent
    > (or the LLC's mail drop address) or the actual domain site.  (In fact, if
    > the domain is hosted, it is common for the "technical contact" to be the
    > hosting site fellow.)


    Good thinking.

    > This is much better than lying (it would be a real PITA if, after using a  
    > domain name for years, you lost it because of a registration
    > irregularity) or going through a registration intermediary like Godaddy
    > (who then becomes the *real* owner of your domain name).


    PITA = pity?

    > Regards,
    >
    > PS  Initially setting up the LLC (or just a company in your home
    > jurisdiction) will typically cost only a few hundred dollars ($300-500)
    > and annual operating costs (essentially just for the NM agent) are
    > typically $100-200.  Not free, but well within reach of anyone who truly
    > values his privacy. Pay the LLC fees and the domain name fees with cash
    > or money orders.


    What an NM agent?


    > (Incidentally an LLC - or better, several of them - have many other uses
    > for privacy purposes. There will be no tax complications if your LLC does
    > no serious business and/or operates on a flow-through basis.)


    Why is it better to use several of them? Is the idea that company A
    owns company B that owns company C that owns www.somewebsite.com?

    > PPS  If you are paranoid a number of additional layers of security can be
    > added such as having any mail directed to a mail-drop, ideally in a
    > foreign country (again, can be done for $100 or so).  Similar precautions
    > can be done with telephone (e.g., use VOIP, etc.)  You can even have the
    > LLC itself "owned" not by a person but by a different company (LLC, etc.)
    > possibly offshore (usually this level of security is only needed for
    > major tax fraud, asset hiding, etc. and not for ordinary privacy).


    Does this really work? I mean, are there lots of assets that's
    successfully hided this way?

    Regards,

    Tobito
     
    Torbjörn Svensson Diaz, Feb 24, 2009
    #13
  14. On Feb 23, 5:42 pm, (Gerard Bok) wrote:
    > On Mon, 23 Feb 2009 08:06:35 -0800 (PST),
    > wrote:
    >
    > >I LOVE privacy. Is there a way to set up a website anonymously? Right
    > >now anyone can use whoishttp://www.yourwebsite.comand he'll find out
    > >who the domain is registered to. There is the possibility to use a
    > >company that offers you a proxy server but then that company legally
    > >becomes the holder of that domain.

    >
    > >I'd like to be the sole owner of the domain and yet be impenetrable to
    > >the whole whois gestapo thing. Is there a way?

    >
    > Sure. Host your website on 10.0.0.1
    > Or on 127.0.0.1
    > Absolute privacy guaranteed. And cheap too.


    Wouldn't this make my computer a server? Is it possible to set up a
    website this way? What would the URL of my site be?

    Regards,

    --
    Torbjörn Svensson Diaz
     
    Torbjörn Svensson Diaz, Feb 24, 2009
    #14
  15. Gerard Bok Guest

    On Tue, 24 Feb 2009 04:39:00 -0800 (PST),
    =?ISO-8859-1?Q?Torbj=F6rn_Svensson_Diaz?= <>
    wrote:

    >On Feb 23, 5:42=A0pm, (Gerard Bok) wrote:
    >> On Mon, 23 Feb 2009 08:06:35 -0800 (PST),
    >> wrote:
    >>
    >> >I LOVE privacy. Is there a way to set up a website anonymously? Right
    >> >now anyone can use whoishttp://www.yourwebsite.comand he'll find out
    >> >who the domain is registered to. There is the possibility to use a
    >> >company that offers you a proxy server but then that company legally
    >> >becomes the holder of that domain.

    >>
    >> >I'd like to be the sole owner of the domain and yet be impenetrable to
    >> >the whole whois gestapo thing. Is there a way?

    >>
    >> Sure. Host your website on 10.0.0.1
    >> Or on 127.0.0.1
    >> Absolute privacy guaranteed. And cheap too.

    >
    >Wouldn't this make my computer a server? Is it possible to set up a
    >website this way? What would the URL of my site be?


    It would:
    a) guarantee you absolute privacy
    b) prevent anyone from claiming ownership of your content.
    And:
    c) It would prevent anyone outside your own network from viewing
    your pages.
    (And in case you still don't get it: it basically reads: "don't
    commit your website to the internet".)

    The whole idea behind 'Internet' is universal access.
    If you want to publish your opinions anonymously, that can be
    done. If you want to retain ownership of your material, that can
    also be done (heck, that's even the default situation!).
    If you want to hide behind some anonimizer's service, that's also
    quite possible.

    What you cannot accomplish is: publish matter on the World Wide
    Web AND retain the material's ownership AND refrain from using
    some proxy organisation's services AND remain anonymous at the
    same time.

    And as to some other comment in this thread: maybe governements
    are much dumber elsewhere (which I doubt), but practically,
    anything that is accessible to the government is also accessible
    to keen activists. (The latter commonly using governmental data
    sources to digg information the government itself is unable to
    extract from it's resources :)

    --
    Kind regards,
    Gerard Bok
     
    Gerard Bok, Feb 24, 2009
    #15
  16. nemo_outis Guest

    Torbjörn Svensson Diaz <> wrote in
    news::

    > I don't understand "permits bearer shares, etc". How is that
    > important? Does bearer shares give me additional privacy, control of
    > the company, etc? Bear in mind that I'm a n00b.


    There are two levels to my advice. The first, more important one, is to
    do the domain registration in the name of a company you own. The second,
    more complicated and unnecessary for ordinary privacy, is the
    recommendation to use a particular kind of company (a US New Mexico LLC)
    because it can be structured to provide some very strong privacy features
    approaching anonymity. You probably only need the first level - much of
    the info on how to use an LLC (the second level) is moderately
    complicated and technical.

    One of the "extreme" privacy features of a NM (NM = New Mexico) LLC is
    the ability to use "bearer shares." This means that the share does not
    have to be in the name of a particular shareholder (e.g., John Smith) but
    belongs to whoever holds the share certificate in his hand (the
    "bearer"). A bearer share works just like a cheque that says "Pay to:
    cash" or "Pay to: bearer" rather than "Pay to: John Smith". Obviously
    this permits the owner (i.e., the bearer) of the share to remain
    completely anonymous with no record anywhere. This (and other) tricks
    make it next to impossible to find out who really owns the NM LLC (i.e.,
    the company owning the domain). You hide not only the owner of the
    domain but even the owners of the company from almost any search (except
    that of an intelligence service of a major government). That's privacy!

    (Incidentally, the NM terminology uses "member" and "membership
    certificate" rather than "shareholder" and "share" but the meanings are
    almost the same.)

    ....
    > In case I earn some money, where do I pay the taxes? Do I pay Swedish
    > income tax only or do I have to pay some kind of American corporate
    > tax as well?


    The normal way a NM LLC is set up is 'as if it wasn't there" for tax
    purposes - all income and expenses (and therefore the taxes owing on
    them) are passed through to the members (roughly, shareholders). The
    members pay any taxes (in whatever country they reside), not the company
    (This is called "flow-through"). There is no US tax (but the company
    must file a US form saying so).

    However, it is best to not have the LLC make any money (use a different
    LLC for that). Keep the domain-owning LLC just for that single purpose:
    privacy - don't mix privacy and money-making in the same LLC.

    By making sure you never make any money in the LLC that owns the domain
    name, you ensure that the US tax authorities will never become
    "interested" in you. You also make sure there is no money for anyone to
    get from the LLC if someone sues it because of the website, etc. Use that
    LLC for privacy only, not privacy and business.

    ....
    >> This is much better than lying (it would be a real PITA if, after
    >> using a  
    >> domain name for years, you lost it because of a registration
    >> irregularity) or going through a registration intermediary like
    >> Godaddy (who then becomes the *real* owner of your domain name).

    >
    > PITA = pity?


    PITA = pain in the ass = nuisance, bother, hassle

    > What an NM agent?


    NM = New Mexico

    If you form an LLC (in any US state, but I'll confine myself to NM) you
    must have a person/company **IN** New Mexico who can receive any
    "official" documentation (including service of legal processes, state
    communications about the LLC, etc.) on behalf of the LLC (which usually
    has an out-of-state mailing and business address).

    There are any number of companies/persons who will perform this "NM
    agent" function for about $200/year - it's usually done as part of the
    process of setting up the NM LLC. There are also annual state fees of
    about $80/year.

    Incidentally, there are lots of websites that (for a fee) will set up a
    NM LLC for you. The problem is that their quality varies tremendously
    from reputable firms to outright con artists.

    >
    >> (Incidentally an LLC - or better, several of them - have many other
    >> uses for privacy purposes. There will be no tax complications if your
    >> LLC does no serious business and/or operates on a flow-through
    >> basis.)

    >
    > Why is it better to use several of them? Is the idea that company A
    > owns company B that owns company C that owns www.somewebsite.com?


    I have shown one way to use LLCs - for privacy regarding domain
    ownership. There are many others. For instance, an LLC could be used to
    own a house in a different country. That country might have a large tax
    if a house is sold. But by having the LLC own the house you can just
    sell the LLC to someone else, effectively transferring the house
    "invisibly." Of course, you must do a lot of checking if this is legal
    in whatever jurisdictions apply.

    Other uses for an LLC are to put your assets out of reach from being sued
    (many doctors do this in the litigation-crazy US). Or for tax purposes.
    But one good principle to follow is: one major asset = one LLC. That
    guarantees that you you don't have all your eggs in one basket if you are
    sued, ownership gets exposed, etc.

    In short, many people use an IBC in a tax haven jurisdiction (e.g., Turks
    & Caicos) for privacy/business purposes (some legal, some illegal).
    Incidentally, IBC = international business corporation. Well, a New
    Mexico LLC is really one of the best IBCs in the world (better and
    cheaper and more private than one, say, in the Cayman Islands).

    > Does this really work? I mean, are there lots of assets that's
    > successfully hided this way?


    Yes, there are lots of folks who do this but using 'chains" of companies
    around the world only begins to make sense (in terms of complication,
    cost, etc.) somewhere above $100,000 (some would say above $1,000,000).

    But returning to YOUR situation and skipping the fancy stuff:

    I suggest that, for simplicity, you do the following without any LLC:
    Form a small company in your home jurisdiction (if possible with just one
    director and one shareholder). Ask your lawyer if he will "host" the
    company (which really means the paperwork, including *his* address as the
    company address, just stays in his bottom desk drawer and you pay him a
    small annual fee). A lawyer is best because he acts as a barrier/buffer
    using client-solicitor privilege to shield you from inquiries.

    Register the domain in the name of the company with the lawyer as
    administrative contact (using the lawyer's/company's address but a
    separate VOIP line routed to you, and email to you at your domain. Same
    for technical contact, etc. If anything comes up regarding the domain
    your lawyer will contact you (but will invoke client-solicitor privilege
    to not reveal your name to any inquiries). This will stand up to all but
    the most serious privacy attacks (and will "buy time" even against the
    very serious ones).

    (If company directors, etc. are a matter of public record (which could
    reveal you), consider having the lawyer "own" the company instead of you
    with you holding an irrevocable option to purchase the company at any
    time for one dollar. However, this extra protection is unnecessary for
    "ordinary" WHOIS privacy.)

    Regards,
     
    nemo_outis, Feb 24, 2009
    #16
  17. on 24/02/2009, Torbjörn Svensson Diaz supposed :
    > On Feb 24, 12:22 am, Frank Merlott <> wrote:
    >>> I'd like to be the sole owner of the domain and yet be impenetrable to
    >>> the whole whois gestapo thing. Is there a way?

    >>
    >> I have one domain registered under a fake name and address, this goes
    >> against the ICANN rules and they will take it away from me when they
    >> find out. But they need to find out first.

    >
    > Is it heavily trafficed?
    >


    Of course not, this is a domain paid yearly that I use it for testing
    purposes mainly, I would not want to risk a worthwhile domain name
    giving fake name.

    But I have had that domain registered with fake details for over five
    years now, I think it is very hard for the ICANN to find that out.

    It is when problems arise, ie a complaint is made against you, that
    this will come to light, but otherwise as far as I know the ICANN does
    not go around checking on people's real registration details.

    >
    >>> Are there some top level domains that are more suitable for this than
    >>> other?

    >>
    >> Many Ltd domains do not allow whois privacy. I would stick to .com and
    >> .net

    >
    > What is an Ltd domain? Is it a domain owned by a corporation? Ldt as
    > in limited. Or do you mean TLD as in top-level domain?


    That was meant to be a Top Level Domain TLD, sorry, Ltd. stands for
    Limited Company I think, totally irrelevant for this case.

    --
    Privacylover: http://www.privacylover.com
     
    Frank Merlott, Feb 24, 2009
    #17
  18. nemo_outis Guest

    Guy Macon <http://www.GuyMacon.com/> wrote in news:kcidnUN-
    :

    >>This contradicts what nemo_outis says.

    >
    > This is one of the interesting things about anonymous communication.
    > You hve no way of knowing who nemo_outis is, or even if he is the
    > same nemo_outis who posted yesterday. That doesn't make what he
    > writes wrong, but it does mean that you have to evaluate it on its
    > own merits.


    Guy is completely right about this. Both he and I are only incorporeal
    voices across the internet. You are unwise to rely on either of us but
    instead you must do *your own* investigations and due diligence. The
    most you should use us for is as signposts to possibly fruitful lines of
    inquiry for YOU to pursue.

    > All I can say is that I read the contract with 000Domains quite
    > closely and with the way some registrars asserte ownership in
    > mind, and would not have agreed if I thought I was signing away
    > my ownership rights. GuyMacon.com may be of little value to
    > anyone else, but it has great value to me.


    A good place to start is to RTFM (read the f**king manual :) In this
    case it's the "Registration Agreement" for 000domains to perform
    registration for you. You can find it here:
    https://secure.registerapi.com/order/register/agreement.php?siteid=35427

    It is up to you to decide if this meets your needs. However, although
    Guy may find it satisfactory, I find a number of its clauses very, shall
    we say, dsquieting!

    For instance, Clause 5.3 says (in part):
    ___

    Use of registration information and additional registration information.
    You agree and acknowledge that 000Domains will make available the
    Registration Information and the Additional Registration Information to
    ICANN; to other third parties such as VeriSign, Inc. Global Names
    Registry Ltd., Neustar, Inc., Afilias USA, Inc., Global Domains
    International (collectively, "Registry Administrators"); AND AS
    APPLICABLE LAWS MAY REQUIRE OR PERMIT. [my caps]
    ___

    I think you can drive a truck through that gaping hole (especially the
    final "OR PERMIT")!

    Clause 5.4 goes on to say (in part):
    ___

    You further agree that your failure to respond in less than ten (10)
    calendar days to inquiries by 000Domains concerning the accuracy of the
    Registration Information or IMMEDIATELY UPON DISCOVERY OF ANY WILLFUL
    INACCURACY (including i.e. phone number of 555-1212, 000-0000) associated
    with your domain registration shall constitute a material breach of this
    Agreement and WILL BE SUFFICIENT BASIS FOR CANCELLATION OF YOUR DOMAIN
    REGISTRATION. [my caps]
    ___

    This puts you completely at the mercy of 000domains in deciding whether
    to cancel your domain registration if it (in its sole discretion as near
    as I can tell) decides you are in breach. I don't know about you but that
    scares the shit out of me!

    Oh, but you could appeal, of course - not to an impartial court system
    but instead using a special "Dispute Policy" that is incorporated by
    reference into the "Registration Agreement" That "Dispute Policy" can be
    found explicitly here:
    https://secure.registerapi.com/order/register/dispute.php?siteid=35427

    This dispute policy can completely destroy your privacy (even arising
    from a pretty frivolous complaint) **even if you are lucky enough to win
    the appeal and keep your domain registration.** I think it sucks - HARD!
    Others may differ.

    In short, your ass is hanging in the wind and some very chill breezes
    could blow on it. Not because 000domains is a disreputable or dishonest
    company (their terms don't seem any more onerous than most others
    offering similar services) but because - as is completely obvious on even
    the most cursory reading! - the "agreements" are designed to PROTECT
    THEM, NOT YOU! The "agreements" are specifically crafted to give them
    the latitude to throw you to the wolves at the first sign of trouble!

    > As always with anything having to do with security, you need to
    > consider the threat model. If your name is really Osama Bin
    > Laden, no private WHOIS service will protect you. If you are
    > someone wanted by the FBI, 000domains won't protect you - they
    > will give you up as soon as they get a court order - but an
    > offshore registrar might. If you are like me and just want
    > to stop the stupid letters and emails selling hosting/registrar
    > services, the 000domains version of a private WHOIS works fine.


    Once again Guy is completely right - 00domains just wants to make money
    off you **providing you don't cause them any trouble.** If you run a
    completley "vanilla" site and never generate complaints you could happily
    use 000domains for years entirely satisfactorily.

    Nut, on the other hand, if you want your privacy to not be totally
    dependent on 000domain's goodwill and forebearance, and not to collapse
    at the first serious challenge, you would be wise to use stronger
    measures such as the ones I suggest.

    Your ass, your call.

    Regards,

    PS If you not already sufficiently frightened by 000domains "agreement"
    you should read clauses 10 & 11 regarding 000domains' control of the
    content of YOUR domain! You might also read clause 14 about
    Indemnification.

    Why are these clauses there? Becuase 000domains IS THE REAL REGSTERED
    OWNER OF THE DOMAIN - NOT YOU! and is doing all sorts of legal "bobbing
    and weaving" to make sure it doesn't become liable for YOUR actions on
    ITS DOMAIN! Very understandable (I'd do the same if I were 000domains)
    but it leaves YOU out in the cold if anything goes wrong!
     
    nemo_outis, Feb 24, 2009
    #18
  19. nemo_outis Guest

    Guy Macon <http://www.GuyMacon.com/> wrote in
    news::

    > nemo_outis wrote:
    >
    >>https://secure.registerapi.com/order/register/agreement.php?siteid=3542
    >>7

    >
    > (Excellent comments deleted for space reasons only)
    >
    > Please note that my original claim (which I can see I was very unclear
    > about in my later restatement of same) was *not* that the 000Domains
    > contract is particularly fair or sheilds privacy, but rather that
    > the ownership status does not change when you use the private WHOIS
    > option.


    I agree with your clarifications. It seems that ownership is not
    compromised. However, the privacy protections they offer are quite weak.
    (Well, not really weak when they're in place, just *potentially* very
    easy to revoke.)


    > As for the larger issue, ICANN (Internet Corporation for Assigned
    > Names and Numbers) has been "studying" the issue of WHOIS privacy
    > for eight years now and has failed to make a final decision.
    > The whole thing is a huge legal mess. See
    > [ http://gnso.icann.org/issues/whois/ ]
    > and
    > [ http://blog.internetgovernance.org/blog/_archives/2007/10/23/3309763.
    > html ] for a taste of the issues involved.


    Yeah, I followed the ICANN privacy story for a while back in the mists of
    time and then just gave up on them and used my own privacy mechanisms.

    For an example of how one big business (Microsoft!) handles the privacy
    aspect (well, not really privacy but not using real persons' names) take
    a look at their WHOIS registration. Note that the "administrative
    contact" and "technical contact" are really *roles* not *names* (you can
    also use a corporate name, including that of the corporate registrant or
    some agent company, rather than a human's name) And of course, the
    address, telephone numbers and email addresses are Microsoft's. Nice
    tight closed loop.

    http://www.networksolutions.com/whois-search/microsoft.com

    This is similar to what I did with my LLC (except the address is a mail
    forwarder and the telephone just leads to a recorded message saying how
    to send email or snail mail). My LLC is owned by a Canadian company
    which I control.

    Regards,
     
    nemo_outis, Feb 25, 2009
    #19
  20. On Tue, 24 Feb 2009 22:36:06 +0000, Guy Macon wrote:

    > Content-Transfer-Encoding: 8Bit
    >
    > nemo_outis wrote:
    >
    >>Torbjí¶†í¼ Svensson Diaz <> wrote:
    >>
    >>> I don't understand "permits bearer shares, etc". How is that
    >>> important? Does bearer shares give me additional privacy, control of
    >>> the company, etc? Bear in mind that I'm a n00b.

    >>
    >>There are two levels to my advice. The first, more important one, is to
    >>do the domain registration in the name of a company you own. The second,
    >>more complicated and unnecessary for ordinary privacy, is the
    >>recommendation to use a particular kind of company (a US New Mexico LLC)
    >>because it can be structured to provide some very strong privacy features
    >>approaching anonymity. You probably only need the first level - much of
    >>the info on how to use an LLC (the second level) is moderately
    >>complicated and technical.
    >>
    >>One of the "extreme" privacy features of a NM (NM = New Mexico) LLC is
    >>the ability to use "bearer shares." This means that the share does not
    >>have to be in the name of a particular shareholder (e.g., John Smith) but
    >>belongs to whoever holds the share certificate in his hand (the
    >>"bearer"). A bearer share works just like a cheque that says "Pay to:
    >>cash" or "Pay to: bearer" rather than "Pay to: John Smith". Obviously
    >>this permits the owner (i.e., the bearer) of the share to remain
    >>completely anonymous with no record anywhere. This (and other) tricks
    >>make it next to impossible to find out who really owns the NM LLC (i.e.,
    >>the company owning the domain). You hide not only the owner of the
    >>domain but even the owners of the company from almost any search (except
    >>that of an intelligence service of a major government). That's privacy!
    >>
    >>(Incidentally, the NM terminology uses "member" and "membership
    >>certificate" rather than "shareholder" and "share" but the meanings are
    >>almost the same.)
    >>
    >>...
    >>> In case I earn some money, where do I pay the taxes? Do I pay Swedish
    >>> income tax only or do I have to pay some kind of American corporate
    >>> tax as well?

    >>
    >>The normal way a NM LLC is set up is 'as if it wasn't there" for tax
    >>purposes - all income and expenses (and therefore the taxes owing on
    >>them) are passed through to the members (roughly, shareholders). The
    >>members pay any taxes (in whatever country they reside), not the company
    >>(This is called "flow-through"). There is no US tax (but the company
    >>must file a US form saying so).
    >>
    >>However, it is best to not have the LLC make any money (use a different
    >>LLC for that). Keep the domain-owning LLC just for that single purpose:
    >>privacy - don't mix privacy and money-making in the same LLC.
    >>
    >>By making sure you never make any money in the LLC that owns the domain
    >>name, you ensure that the US tax authorities will never become
    >>"interested" in you. You also make sure there is no money for anyone to
    >>get from the LLC if someone sues it because of the website, etc. Use that
    >>LLC for privacy only, not privacy and business.
    >>
    >>...
    >>>> This is much better than lying (it would be a real PITA if, after
    >>>> using a  
    >>>> domain name for years, you lost it because of a registration
    >>>> irregularity) or going through a registration intermediary like
    >>>> Godaddy (who then becomes the *real* owner of your domain name).
    >>>
    >>> PITA = pity?

    >>
    >>PITA = pain in the ass = nuisance, bother, hassle
    >>
    >>> What an NM agent?

    >>
    >>NM = New Mexico
    >>
    >>If you form an LLC (in any US state, but I'll confine myself to NM) you
    >>must have a person/company **IN** New Mexico who can receive any
    >>"official" documentation (including service of legal processes, state
    >>communications about the LLC, etc.) on behalf of the LLC (which usually
    >>has an out-of-state mailing and business address).
    >>
    >>There are any number of companies/persons who will perform this "NM
    >>agent" function for about $200/year - it's usually done as part of the
    >>process of setting up the NM LLC. There are also annual state fees of
    >>about $80/year.
    >>
    >>Incidentally, there are lots of websites that (for a fee) will set up a
    >>NM LLC for you. The problem is that their quality varies tremendously
    >>from reputable firms to outright con artists.
    >>
    >>>
    >>>> (Incidentally an LLC - or better, several of them - have many other
    >>>> uses for privacy purposes. There will be no tax complications if your
    >>>> LLC does no serious business and/or operates on a flow-through
    >>>> basis.)
    >>>
    >>> Why is it better to use several of them? Is the idea that company A
    >>> owns company B that owns company C that owns www.somewebsite.com?

    >>
    >>I have shown one way to use LLCs - for privacy regarding domain
    >>ownership. There are many others. For instance, an LLC could be used to
    >>own a house in a different country. That country might have a large tax
    >>if a house is sold. But by having the LLC own the house you can just
    >>sell the LLC to someone else, effectively transferring the house
    >>"invisibly." Of course, you must do a lot of checking if this is legal
    >>in whatever jurisdictions apply.
    >>
    >>Other uses for an LLC are to put your assets out of reach from being sued
    >>(many doctors do this in the litigation-crazy US). Or for tax purposes.
    >>But one good principle to follow is: one major asset = one LLC. That
    >>guarantees that you you don't have all your eggs in one basket if you are
    >>sued, ownership gets exposed, etc.
    >>
    >>In short, many people use an IBC in a tax haven jurisdiction (e.g., Turks
    >>& Caicos) for privacy/business purposes (some legal, some illegal).
    >>Incidentally, IBC = international business corporation. Well, a New
    >>Mexico LLC is really one of the best IBCs in the world (better and
    >>cheaper and more private than one, say, in the Cayman Islands).
    >>
    >>> Does this really work? I mean, are there lots of assets that's
    >>> successfully hided this way?

    >>
    >>Yes, there are lots of folks who do this but using 'chains" of companies
    >>around the world only begins to make sense (in terms of complication,
    >>cost, etc.) somewhere above $100,000 (some would say above $1,000,000).
    >>
    >>But returning to YOUR situation and skipping the fancy stuff:
    >>
    >>I suggest that, for simplicity, you do the following without any LLC:
    >>Form a small company in your home jurisdiction (if possible with just one
    >>director and one shareholder). Ask your lawyer if he will "host" the
    >>company (which really means the paperwork, including *his* address as the
    >>company address, just stays in his bottom desk drawer and you pay him a
    >>small annual fee). A lawyer is best because he acts as a barrier/buffer
    >>using client-solicitor privilege to shield you from inquiries.
    >>
    >>Register the domain in the name of the company with the lawyer as
    >>administrative contact (using the lawyer's/company's address but a
    >>separate VOIP line routed to you, and email to you at your domain. Same
    >>for technical contact, etc. If anything comes up regarding the domain
    >>your lawyer will contact you (but will invoke client-solicitor privilege
    >>to not reveal your name to any inquiries). This will stand up to all but
    >>the most serious privacy attacks (and will "buy time" even against the
    >>very serious ones).
    >>
    >>(If company directors, etc. are a matter of public record (which could
    >>reveal you), consider having the lawyer "own" the company instead of you
    >>with you holding an irrevocable option to purchase the company at any
    >>time for one dollar. However, this extra protection is unnecessary for
    >>"ordinary" WHOIS privacy.)

    >
    > The above is excellent advice. Normally I would trim while quoting,
    > but in this case it is all really good advice.


    Good, yes, but incomplete and inaccurate.
    --
    http://tr.im/1fa6
     
    Alpha Romeo India ©, Feb 25, 2009
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Geomancer

    Re: Authors Wanted - WHOIS itc2.org???

    Geomancer, Jun 23, 2003, in forum: Microsoft Certification
    Replies:
    2
    Views:
    2,288
    Geomancer
    Jun 24, 2003
  2. MK

    Re: Authors Wanted - WHOIS itc2.org???

    MK, Jun 24, 2003, in forum: Microsoft Certification
    Replies:
    0
    Views:
    1,984
  3. MK
    Replies:
    0
    Views:
    2,077
  4. J Alex
    Replies:
    1
    Views:
    1,796
    Geomancer
    Jun 24, 2003
  5. Cuanto

    WHOIS

    Cuanto, Dec 11, 2003, in forum: Computer Support
    Replies:
    27
    Views:
    17,403
Loading...

Share This Page