One reason not to do business with GoDaddy

[giza]

Myspace and GoDaddy Shut Down Security Site

Apparently this was the sequence of events:

1) Thousands of MySpace usernames and passwords were posted to one of the mailing lists run on seclists.org, which itself is run by Fyodor of NMAP fame.

2) MySpace sees this and freaks out. Instead of dropping a line to Fyodor, complaining to law enforcement, or even filing a DMCA complaint, they instead complain to GoDaddy.

3) GoDaddy promptly removed the registration for the entire domain. No due process, no asking the domain owner to remove the passwords, nothing. They just up and pulled it.

4) After spending "hours and hours" on the phone, and after several phonecalls (being told that "the abuse department doesn't take calls" for the first few) Fyodor finally gets to the bottom of what happened.

Additional coverage:
CNET
Fyodor's post recapping the events

I had been on the fence before about GoDaddy, but I think I made the right choice not registering any of my personal domains with them. These people are completely willing to bend over for any company that complains, regardless of the merit of the complaint.

Comments

[shockwave77598.livejournal.com]

Who would you recommend and who could provide something like a Video Relay (Darwin server perhaps) for occassional video (QT) sharing with friends?

[giza.livejournal.com]

With the exception of the video relay thing, I've been happy with NearlyFreeSpeech (http://www.nearlyfreespeech.net) for the last few years.

I have no idea about a video relay as it's not my realm of expertise. I just use YouTube. :-)

[shockwave77598.livejournal.com]

At home, my cable gives enough uplink to pump a single video feed out. If ten familys across the country want to see it, I can't support them. I need a place with a fat pipe that can throw out 400Kbpsx10 video feeds to serve them. That's a video relay - one live stream in, multiple live streams out. YouTube is fine for showing recordings, but isn't helpful for live events.

[taral.livejournal.com]

Hmph. I tried to log in and:

-----
We're sorry, special permission is required to use the Tor network in conjunction with our service.

Please contact support@NearlyFreeSpeech.NET for assistance.
-----

I'm not impressed. My tor node has a no connections exit policy. I sent them an email asking them to remove my tor node from their list.

[giza.livejournal.com]

Wow, that's interesting. I wonder if they had problems with abuse from tor nodes before or something. I know that we excluded tor nodes from editing WikiFur for that very same reason.

[greenreaper.livejournal.com]

All too often, policies change. We've also found many no-exit Tor nodes are run by trolls who are just using the network to mask their activities. Vandal attacks dropped significantly once we banned all of them at WikiFur (http://furry.wikia.com/wiki/WikiFur:Anonymous_proxies).

It is unfortunate, but you are part of a network that has obtained a bad reputation due to the actions of its members, who you cannot control. I don't see a way you can fix that.

[taral.livejournal.com]

I don't understand. If it's a no-exit node, then all it does is forward traffic within the network. From your perspective, connections from the Tor network must come from exit nodes.

I can completely understand banning all exit nodes. I think it would be valuable for Tor to enable some kind of means to automatically detect a Tor-originated connection for this purpose.

[taral.livejournal.com]

Ah, I just read that link. I see -- people making their nodes exit nodes after the fact is understandably a problem. Hm.

[cheetah-spotty.livejournal.com]

It's both quite bizarre and ashaming that fyodor's posting mentions furry porn.

[shockwave77598.livejournal.com]

they have been assimilated...

[giza.livejournal.com]

I think Fyodor is referring to this guy (http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051588.html).

For further information about him: http://www.encyclopediadramatica.com/index.php/Duke_Otterland

[simbab.livejournal.com]

He just won't go away will he?

[zannyvix.livejournal.com]

My god, he really IS that stupid.

[jaesharp.livejournal.com]

Actually, that posting (on the mailing list) sounds like typical trolling... I'd seriously doubt someone could be that stupid or desperate for attention that they'd post a link to an encyclopedia dramatica article about them.

[silver-huskey.livejournal.com]

One way or another, I ended up reading excerpts from his book via the Encyclopedia Dramatica. I think part of my soul just died. =( You should have issued a warning with that Giza. *Cries fake tears and returns to the main part of the entry.*

[giza.livejournal.com]

I thought that the artwork on that page was warning enough! :-P

[silver-huskey.livejournal.com]

I'm used to seeing crappy art all the time. That really didn't phase me. However, the book, the writing, ugh! Quality control or a lack off is definitely a downside to self-publishing. X_x

[giza.livejournal.com]

> Quality control or a lack off is definitely a downside to self-publishing. X_x

You just described one of the problems that the software industry faces.

[woelfisch.livejournal.com]

No wonder, someone repeatedly flooded the Full Disclosure mailing list with furry porn, which seemed to come from Otterland's account. I'm not convinced that it was really him, especially as he has pissed off enough people that it is quite possible that someone broke into his mail account or simply did a joe-job.

Anyway, back on topic, GoDaddy didn't have a good reputation to begin with, and I hope that this incident either changes their mode of operation or break their necks. They register names, they do not host content, nor do they provide connectivity, for heaven's sake. What they did can be compared to removing an entry from the phone book just because someone claims that some caller did something illegal.

[giza.livejournal.com]

Oh, I'm sure it wasn't the real Duke Otterland or Prince Jeremy or whatever he calls himself now. At once point, his IM, email, LiveJournal, and webpage all got broken into. My guess is that he had an obvious password that was the same for all the accounts.

[simbab.livejournal.com]

[Myspace is] basically the new AOL.

Yup.

[taral.livejournal.com]

Mmm. *adds to personal blacklist*