5

Suppose registrant's whois details go public (can be retrieved with whois) for a relatively short amount of time (less than hour) after domain registration, before being redacted or hidden with a privacy service/registrar function.

Should this domain registrant's privacy be considered compromised 'for sure'? Are there services or software that do 'blanket' scraping for e.g. ranges of domain names? What usually are the rate/requests per IP limits for whois requests?

As far as my understanding goes there is nothing preventing this from happening.

Ivan
  • 183
  • 1
  • 5

1 Answers1

3

Correct. Information that can be seen, can be copied.

Your scenario portrays some amount of time where the information of the registrant that was submitted to the domain registration service is available publicly before being privacy-preserved with pseudo-fake data.

Since you do not control these scrapping services nor you know them all, and even if you do, anyone can still issue a query and collect the data, you are exposing the personal information for that (brief) amount of time.

Guille
  • 385
  • 1
  • 9
  • 1
    Upvoted. On the other hand, what I'd like have is a some sort of risk estimate. – Ivan Dec 24 '16 at 12:04
  • Mmm... risk estimate as in...? You need to be more specific in what you define as risk. For example, in this case, I can think of probability of getting compromised (with the assumption of such probability within major scrapping services) – Guille Dec 24 '16 at 14:49
  • I'm trying to understand how efficient such scraping tools/services are to have an idea of probability of data being collected. – Ivan Dec 24 '16 at 14:53
  • @Ivan but you don't even know if such a vulnerability exists! It's hard to estimate the risks of a non-event. – schroeder Dec 24 '16 at 22:08
  • @schoeder the question is more about whois data being open for a short amount of time than the exact vulnerability that made it open. – Ivan Dec 24 '16 at 22:12
  • @Ivan In this scenario you cannot talk about vulnerability because the whole system of WHOIS is designed as a 'public' database anyways (so any data will be public whether it is fake or not). I think this is more about that span of time you mention and the chances of 'anyone' scrapping the WHOIS relays which already have the information before they receive an updated version (for example, from the real data to a fake/anonymized one). And this is difficult to estimate (if not impossible), I don't even know if it is possible to measure honestly. – Guille Dec 30 '16 at 13:27