TECHSPLOITATION On the morning of Jan. 24, Fyodor Vaskovich awoke to discover that his Web site, SecLists.org, had been transformed into a giant error message. The message said his domain couldn't be resolved. This troubled him greatly: SecLists is an archive of several computer security–related mailing lists that contains more than 50,000 pages of technical information. It has thousands of visitors per day and nets Vaskovich a fair amount of income from Google ads. Where had the site gone? He checked with the registrar that sold him his site, GoDaddy, and discovered the megacorporation had changed the site's name servers — addresses that tell your browser how to find the place where a Web site is hosted. Instead of his Web host's name servers, he found this name server: ns1.suspended-for.spam-and-abuse.com
What the hell? Vaskovich checked his answering machine and found a message from somebody in the abuse department at GoDaddy telling him they were going to pull the plug on his domain. Based on his logs, it appeared that his name servers had been changed less than a minute after the call was made.
Essentially, he'd been given a few seconds' notice before a major Internet resource (and source of revenue) was shut down.
For the rest of the day Vaskovich was on the phone with GoDaddy trying to untangle what had happened. Luckily, he kept careful records. These records corroborated his story that he'd been given less than a minute's notice and that GoDaddy repeatedly refused to give him customer service for several hours. At last he learned that SecLists had been yanked offline because MySpace contacted GoDaddy and requested it. One of the 50,000 pages on SecLists contained an e-mail in which somebody had listed the names and passwords of several MySpace users. Instead of asking Vaskovich to take down the page with passwords — which is standard industry practice — MySpace asked GoDaddy to squash the whole site. GoDaddy should have contacted Vaskovich first, and they could have asked for a legal takedown notice. But they didn't.
What makes GoDaddy's actions even more disgusting is that the passwords in question had been leaked about 10 days before GoDaddy took SecLists down. They appeared on dozens of other security-related and hacker Web sites. Security expert Bruce Schneier had even written a column in which he analyzed the quality of about 30,000 of the leaked passwords. (Among the top 10 popular passwords was "fuckyou," which completely mirrors my feelings for MySpace.)
So the point is passwords were already circulating, and MySpace needed to tell its customers to change their passwords. Squelching SecLists wasn't going to protect anyone. And yet GoDaddy's general counsel, Christine Jones, defended its actions because she believed pedophiles would get access to children's names and passwords. "For something that has safety implications like that, we take it really seriously," she told Wired News editor Kevin Poulsen. "I think the fact that we gave him notice at all was pretty generous."
Writing in his blog about the incident, Poulsen added, "Every link in internet service — network operators, hosting companies, and now domain registrars — willing to take on a censorship role ...
Their technical "support" people were clueless in the extreme, demonstrating confusion over the most fundamental of concepts. When pressed, their service representatives would clam up and fall back to what must surely be a scripted response, "we don't provide scripting support," even when I was asking non-programming-related questions like "on my account, is this feature turned on or not?"
Horrible, horrible horrible. Avoid at all costs.
Good customer service is worth a few extra bucks a month if you have any sense of pride and ownership in your website. Don't skimp; it's just not worth it.
Analee Newitts laments the sad fate of these douchebags when they get busted, their sites get shut down and they're forced to return to their rightful place in society, asking if we want whip on our non-fat latte, describing in a rather awkward, high school essay-type fashion how GoDaddy's "disgusting actions" led to "this GoDaddy Disaster."
LOL.
Comment on: The self-appointed censors at GoDaddy
In order to comment on an article, you must Log In.
