Transfers out of Stargate bad

**domains** · 02-28-2003, 09:26 AM

I am transferring names out of Stargate because I like to renew my domains with Amex. Also, when I do try to renew with a Visa, it doesn't work and I have to call tech support. Nice price of 7.95, but their interface has never been ready for prime time. I placed a ticket and then called them, asking them to ack the transfers, but they won't. I have to wait the full 5++++ days. I think that's inexcusable.

**Banned: DrWho** · 03-01-2003, 06:20 PM

It took 3 attempts to transfer a name away from Stargate. Keep trying...

**Domainaholic** · 03-04-2003, 06:27 PM

I transfer 5 to 10 domains daily out of one registrar to another for my customers. StarGate is one I have never had trouble transfering out of - but I did have other Big problems with them on other issues.

**Nexus** · 04-17-2003, 03:50 PM

-- Thought I had a problem transferring out of StarGate. I didn't. They just approved it though, without confirming further.

Ok... I guess...

~ Nexus

**domains** · 04-17-2003, 07:49 PM

Thanks, yes they make you wait the full 5+ days with no notification. I recently renewed a domain at Stargate with a Visa card and it worked, so I guess they fixed that problem.

**Steen** · 04-19-2003, 01:16 AM

I hear StarGate has a HUGE security flaw in it that allows ppl to steal names that are even locked.

http://www.dnforum.com/showthread.ph...urity+stargate

**Domainaholic** · 04-19-2003, 09:32 PM

I told StarGate about that hole over a year ago, got bored trying to explain it and it is so easy to fix.

**starg8** · 04-19-2003, 11:13 PM

Originally posted by domains
. I have to wait the full 5++++ days. I think that's inexcusable.

You should probably take that up with Verisign. They determine the protocol. Stargate chooses to wait the 5 day transfer period for it's own internal reasons.

Tom

**starg8** · 04-19-2003, 11:19 PM

Originally posted by Domainaholic
I told StarGate about that hole over a year ago, got bored trying to explain it and it is so easy to fix.

I have had my engineering team review every possible security hole, I assume you are referring to SQL injection, and to my knowledge none currently exist.

Tom

**mole** · 04-19-2003, 11:27 PM

Welcome, Tom. Any clue as to what the security hole that people are accusing Stargate of is?

**starg8** · 04-20-2003, 09:02 AM

I believe they were referring to SQL Injection, which has been corrected.

Tom

**mole** · 04-20-2003, 10:31 AM

Oh okay, sounds good.

**Domainaholic** · 04-20-2003, 03:13 PM

Hi Tom!

I really do like SG, Chicken almost kicked me off WHT a while back when complained becuase he banned SG there.

I explained it on WHT a while back. To make it short:
the lost password function on SG: enter a domain name and the SG reseller's password and ID are send to the admin of that domain.

So - just make the lost password work on a handles.

I do have 3 reseller accounts at SG. I can steal my wife's SG account ID and password anytime I feel like it - really

**starg8** · 04-20-2003, 07:49 PM

Originally posted by Domainaholic
Hi Tom!

I really do like SG, Chicken almost kicked me off WHT a while back when complained becuase he banned SG there.

I explained it on WHT a while back. To make it short:
the lost password function on SG: enter a domain name and the SG reseller's password and ID are send to the admin of that domain.

So - just make the lost password work on a handles.

I do have 3 reseller accounts at SG. I can steal my wife's SG account ID and password anytime I feel like it - really

Ahh...but this only pertains to those domains that you have your user/pass on a doman with a different admin, correct? In this case you should make yourself the admin contact or issue a different user/pass on domains that you do not administer. Make sense? If not, shoot me an email.

Actually, alot of our current functionality is being overhauled and replaced. The new interfaces and control panels should launch toward the end of this week.

Feel free to send comments, feedback or suggestions directly to me at tomc@stargate.com

Tom

**Domainaholic** · 04-20-2003, 08:24 PM

Hi Tom,

Not good enough - I know over 100 SG resellers here and elsewhere. I did contact SG support, and my wife and I phoned the boss to. The "new" programmer at SG was contactaced by Roy - my main server admin.

That all did no good. I can still get the SG reseller handle and password of any SG resller who does not know this hole and lists my admin email in any domain he/she buys for me.

I do hope you use "handle" in lost password from now on instead of "domain" - and if any SG reseller here wants to check this they can list any one of their names with me as admin of any domain they have - that includes you TC

**starg8** · 04-20-2003, 08:37 PM

Your logic seems flawed...Why would I list you as admin on any of my domains and keep the user/pass the same. Common sense would dictate that I would change the user/pass on the domain name if I was changing the administrator of the domain.

Regardless, I'll bring this up with my programming team.

What "boss" did you speak with? I run the whole show and it was never mentioned to me.

Tom

**Banned: timechange.com** · 04-20-2003, 09:22 PM

Just to make this clear, this is for reseller accounts correct?

**Domainaholic** · 04-21-2003, 01:40 PM

Correct TC, and I will explain it to you in detail on your forum if you like. Tom and I can also PM over there

Thanks Tom, and my logic is flawed a lot of times, but I think in this case it is correct. Just please do not take this as me against SG - I really do like SG and their system. My problem might be in "phraseing" but others explained it better than me to.

**starg8** · 04-23-2003, 11:52 AM

Originally posted by Domainaholic
Correct TC, and I will explain it to you in detail on your forum if you like. Tom and I can also PM over there

Thanks Tom, and my logic is flawed a lot of times, but I think in this case it is correct. Just please do not take this as me against SG - I really do like SG and their system. My problem might be in "phraseing" but others explained it better than me to.

Domainaholic,

Nothing taken wrong. I appreciate the constructive criticism, that's what makes us better.

Tom

**GypsyBee** · 04-26-2003, 04:05 PM

Hey Tom,

I agree with my husband Domainaholic.

Although it's been a while, I recall speaking with a programmer Jeff, who was new at the time. I had been told that the reason SG's system wasn't functioning properly was due to a former programmer and that the new programmer is working towards bettering the system. I had spoken to the new programmer, Jeff, at that time, a long while back and although he was very nice, I found him to be more of a novice than expert.

I've been with SG for about 2 years, and it seems that you're always saying that the functionality is being overhauled. The SG 'overhaul' story has been ongoing for the 2 years I've been with you.

I summized that SG needs to be shelling out more money and hire experienced programmers.

Enom has become very successful as the majority of their staff comprise of very competent programmers, numbering over 30 of them.