The Wholesome Photo of the Month Thu May 09, 2024 11:01 | Anti-Empire
In 3 War Years Russia Will Have Spent $3... Thu May 09, 2024 02:17 | Anti-Empire
UK Sending Missiles to Be Fired Into Rus... Tue May 07, 2024 14:17 | Marko Marjanović
US Gives Weapons to Taiwan for Free, The... Fri May 03, 2024 03:55 | Anti-Empire
Russia Has 17 Percent More Defense Jobs ... Tue Apr 30, 2024 11:56 | Marko Marjanović Anti-Empire >>
A bird's eye view of the vineyard
Alternative Copy of thesaker.is site is available Thu May 25, 2023 14:38 | Ice-Saker-V6bKu3nz Alternative site: https://thesaker.si/saker-a... Site was created using the downloads provided Regards Herb
The Saker blog is now frozen Tue Feb 28, 2023 23:55 | The Saker Dear friends As I have previously announced, we are now “freezing” the blog. We are also making archives of the blog available for free download in various formats (see below).
What do you make of the Russia and China Partnership? Tue Feb 28, 2023 16:26 | The Saker by Mr. Allen for the Saker blog Over the last few years, we hear leaders from both Russia and China pronouncing that they have formed a relationship where there are
Moveable Feast Cafe 2023/02/27 ? Open Thread Mon Feb 27, 2023 19:00 | cafe-uploader 2023/02/27 19:00:02Welcome to the ‘Moveable Feast Cafe’. The ‘Moveable Feast’ is an open thread where readers can post wide ranging observations, articles, rants, off topic and have animate discussions of
The stage is set for Hybrid World War III Mon Feb 27, 2023 15:50 | The Saker Pepe Escobar for the Saker blog A powerful feeling rhythms your skin and drums up your soul as you?re immersed in a long walk under persistent snow flurries, pinpointed by The Saker >>
Interested in maladministration. Estd. 2005
RTEs Sarah McInerney ? Fianna Fail supporter? Anthony
Joe Duffy is dishonest and untrustworthy Anthony
Robert Watt complaint: Time for decision by SIPO Anthony
RTE in breach of its own editorial principles Anthony
Waiting for SIPO Anthony Public Inquiry >>
Voltaire, international edition
Netanyahu soon to appear before the US Congress? It will be decisive for the suc... Thu Jul 04, 2024 04:44 | en
Voltaire, International Newsletter N°93 Fri Jun 28, 2024 14:49 | en
Will Israel succeed in attacking Lebanon and pushing the United States to nuke I... Fri Jun 28, 2024 14:40 | en
Will Netanyahu launch tactical nuclear bombs (sic) against Hezbollah, with US su... Thu Jun 27, 2024 12:09 | en
Will Israel provoke a cataclysm?, by Thierry Meyssan Tue Jun 25, 2024 06:59 | en Voltaire Network >>
|
GoDaddy Yanks Seclists
international |
consumer issues |
news report
Thursday February 08, 2007 14:52 by R. Isible
![Report this post to the editors Report this post to the editors](../graphics/report.gif)
NAZI Porn Domain Registrars Lend A Hand
The domain name registrar GoDaddy distinguished itself in Ireland when it unceremoniously stopped directing traffic to the website of RateYourSolicitor without apparently providing their paying customer time to resolve the situation. In another controversial case GoDaddy has repeated this failure to notify their client, in this case an important network security site. A popular and useful resource for security professionals (on both sides of the white-hat/black-hat divide) is seclists.org [1]. It is primarily a vulnerability and exploit discussion mailing list centered around the essential network security tool nmap.
The original author of nmap and head-honcho behind seclists.org is a hacker [2] known as "Fyodor", a well-respected and responsible researcher in network security circles for many years and primary author of nmap [2a].
Subscribers to the mailing-lists noted that there were problems accessing the mail archives, and were incredulous to read Fyodor's account [3] of what had happened: with very little warning the registrar [4] had effectively shut down the site. This action was taken ,according to Fyodor, very summarily. Even more appalling is the high-handed manner in which GoDaddy refused to deal promptly with the situation when contacted by Fyodor.
There are differences from the RateYourSolicitor case (previously reported here [5] on indymedia.ie) in that Fyodor had not submitted bogus details for his contact information, and that the type of information posted in Fyodor's case was to do with security vulnerabilities and not alleged slander. Specifically, some security researchers believe in the idea of "full disclosure" [6] which usually means that if a problem is discovered then it should be published so that everyone is aware of it. There are a spectrum of interpretations on how long the discoverer should wait to publish after informing those that could be affected negatively by the disclosure. The contentious item on the seclist site was a list of username/password combinations that someone had obtained from the social-networking/blogging site Myspace. This is not the first time that such a list has been published as there are a lot of incautious people using Myspace. Apparently after receiving a complaint from Myspace, GoDaddy without forewarning or discussion effectively shut down seclists.org [6].
Bizarrely, there is no security advantage in removing the archived post: the information was obtained by people that probably have already passed it on to others that trade in such things. In fact the file is still available if you know where to look. Also, Fyodor has complied with reasonable requests to remove material in the past and would have done so if he had been contacted by MySpace. A suspicion remains that what is happening is that MySpace is attempting to pretend that no problem exists and is trying to cover up a vulnerability (this is the second leak (56,000 user/pass) and the previous was 34,000), thus leaving their customers in the dark.
The similiarity in the two cases clearly lies in the fact that GoDaddy are willing to favour those that complain about sites as opposed to those that are actually their paying customers. It can be pointed out that this is completely in accord with the contract that the customers entered into (GoDaddy's TOS and AUP are ridiculous) and so the only alternative is to find a registrar with a more acceptable history and contract. GoDaddy has already ruffled the feathers of GNU/Linux supporters by allowing Microsoft to claim [7] a large migration from GNU/Linux servers to Microsoft based servers, and the CEO Bob Parsons is an advocate of torture of prisoners [8], added to which many people have poor experiences [9] with their budget services. So, to some extent Fyodor and others got what they paid for: a service run by someone that is an unethical admirer of brute force.
But it is hard to find a domain registrar that will not offer AUP/TOS similar to GoDaddy. One of the best is Gandi.net [9a], and free-speech diehards "nearlyfreespeech.net" [9b] have a history of providing services to organisations and individuals with fairly disgusting [9c] opinions.
Fyodor has set up a website [10] NoDaddy which aims to collate all of these negative customer experiences into a single place in order to provide a warning to other consumers that they should probably search out a company with a more attractive corporate ethos.
1. http://seclists.org/
2. http://www.stallman.org/articles/on-hacking.html
2a. http://www.securityfocus.com/columnists/384
3. http://seclists.org/nmap-hackers/2007/0000.html
4. A registrar is a company that for a fee publishes electronic records that directs computers to a particular IP address (e.g. 123.456.789.012) when the more human readable FQDN is entered into for example a web browser (e.g. http://www.nakedpds.com )
5. http://www.indymedia.ie/article/78436
6. I say effectively as it should still have been possible to use the IP to access the site archives
7. On further reading it seems that GoDaddy probably still rely heavily on GNU/Linux but that they may have colluded with allowing Microsoft to convey the impression that the migration was large in order to falsely impute that IIS is a widely deployed platform
http://business.newsforge.com/article.pl?sid=06/04/20/1...id=37
8. The original URL for Bob Parson's post in his blog (in which he delivers homilies to the faithful devotees of success) has been redacted from his blog and Mr.Parsons backed down fairly quickly when a large number of customers told him they would never do business with him again:
http://www.bobparsons.com/CloseGitmoNowayThinkourinterr....html
If anyone has an archived copy of this or can find one I'd be grateful if they could repost it in full here as a comment. There's much discussion if it at the time, one of which quotes extensive sections:
http://mccarthy.vg/articles/05/06/21/1238206.shtml
http://www.darrenbarefoot.com/archives/2005/06/godaddy-....html
9. http://error.wordpress.com/2006/01/01/godaddy-sucks/
9a. http://www.gandi.net/
9b. https://www.nearlyfreespeech.net/services/domains.php
9c. http://www.boingboing.net/2004/08/20/bugmenotcom_return....html
10. http://nodaddy.com/
|