MySpace and GoDaddy Shut Down Security Site 344
Several readers wrote in with a CNET report that raises novel free-speech questions. MySpace asked GoDaddy to pull the plug on Seclists.org, a site run by Fyodor Vaskovich, the father of nmap. The site hosts a quarter million pages of mailing-list archives and the like. MySpace did not obtain a court order or, apparently, compose a DMCA takedown notice: it simply asked GoDaddy to remove a site that happened to archive a list of thousands of MySpace usernames and passwords, and GoDaddy complied. Fyodor says the takedown happened without prior notice. The site was unavailable for about seven hours until he found out what was happening and removed the offending posting. The CNET article concludes: "When asked if GoDaddy would remove the registration for a news site like CNET News.com, if a reader posted illegal information in a discussion forum and editors could not be immediately reached over a holiday, Jones replied: 'I don't know... It's a case-by-case basis.'"
Re:What's the problem? (Score:2, Informative)
Re:How timely (Score:2, Informative)
Re:Am I the only one wondering this? (Score:3, Informative)
Ordering a takedown in pointless...I can't believe that those users weren't informed that they should change their passwords, and if they were, what's the problem?
Re:Umm, GoDaddy? (Score:2, Informative)
The IP in the A record for seclists.org is registered to "MEER NET," who is either hosting the site or reselling the hosting, and had nothing to do with what GoDaddy did.
Pulling my sites (Score:4, Informative)
Re:Overkill (Score:5, Informative)
Hmmm.......
RTFA people, it was an archive (Score:4, Informative)
I believe MySpace and GoDaddy are both to blame here for reasons that any sensical person can see. I think I'll be looking for a new registrar now.
GoDaddy and the DMCA... (Score:5, Informative)
I got an email from GoDaddy saying "please take this down and respond that, under penalty of perjury, you did so."
I happened to be checking my email at this moment, 12:30 at night, so I looked into the issue and responded to the email that the issue was resolved.
The next morning, my server wasn't responding to pings. So I email again saying, "hey, I took care of the complaint before you unplugged my machine, can you, you know, plug it back in?"
Day goes by. Eventually I get a response:
"Thank you for your response to the Copyright Department. In order to reactivate the site in question we will need you to provide the following information in a single email response:
A. An electronic signature. (This can be a scanned copy of your physical signature, or as simple as typing your full name.)
B. Identification of the material in question.
C. A statement, under penalty of perjury, that the material has either been removed or will promptly be removed."
So I write back again, explaining the details. Again.
Day goes by. I call the tech support number and explain the situation. The tech support guy (who was very nice) told me he couldn't help, and I should try emailing the address I already had, twice. Sigh. I do it again.
Day goes by. I get the following response:
"Thank you for contacting the Copyright Claims Department. Unfortunately your previous email did not include a statment under penalty of perjury. Please submit a complete content removal statement at your earliest convenience to have your services reactivated. For your reference an example of a complete copyright removal statement is listed below.
I, John Doe, under penalty of perjury, will remove the offending content at http://www.mydomainname.com/myfile/page.htm [mydomainname.com] promptly after the reactivation of my services.
John Doe
(Please accept the above as an electronic signature.)"
Okay, great. I finally found the magic formula. I copy the template exactly and fill in my details, send it out.
Day goes by. I get this back:
"Thank you for your email. We appreciate your responsiveness and cooperation on this matter. We have re-activated the account and services associated with your site. As some services require some time for propagation to take full effect, please allow 1-2 hours for the changes to take effect."
Ok, progress, finally.
Day goes by.
Day goes by.
Server still isn't responding. I email tech support to see if there's a problem. They tell me to try using the automatic reboot request form on the web panel. Sure enough, the system responds within minutes.
So basically, they were really on top of that from every angle. In the week my server was unavailable, I arranged for hosting at one of their competitors, Dreamhost.com, who rocks quite a bit. Specifically because of this incident, I probably won't renew the GoDaddy contract when it expires, but I also wonder if I'm really safer at any other ISP in America.
It's partially a shame because I really was perfectly satisfied with GoDaddy's hosting before this incident, and they just flat out botched it. The server provides bandwidth offloading for my main site, so I could survive without it for a week, but I couldn't imagine someone trusting their business to GoDaddy if they can callously cut your oxygen for a week.
It's also a shame because the DMCA required GoDaddy to have a knee-jerk reaction in the first place. I was basically accused, tried, and convicted by my service provider without any evidence or chance to defend myself. They should be looking at this as bad for business in even well-handled situations, and recognize that the best thing to do is take
Re:Question is... (Score:3, Informative)
GoDaddy was the domain registrar [wikipedia.org], not the hosting provider. There is a big difference. I would never use GoDaddy or any other domain registrar that would alter a registration without a court order.
Personally, I use directNIC [directnic.com] and Domain Contender [domaincontender.com].
Re:I see a giant drop in revenue for GoDaddy (Score:2, Informative)
Parsons the evil man in charge of godaddy is running I consider something of pyramid like scheme - if you cause no problems (as defined by them) you get cheap domain names
but if you break there rules (which they decide on) - they hit you for $$$$ on you pre authurised credit card hmmm nice. I bet the mafia would like that racket.
Parsons screwed up on .eu and then whined and also whined about domain name knitting. As a european i'd not trust Bob Parsons with anything.
I'd rather give my money to a chinese registrar than go daddy if they where the only two registrars left on the planet. There are other registrars but if Parsons thinks im stupid enough to give him our money and hope for the best he better think twice.
Im not suggesting a free for all - but if you go to a higher power and not ask the people in charge then that means if a crime was commited i'd have to hold Bob Parsons responsible for all myspace hacking crimes/spamming. - After all as a board director he admitted his guilt.
Re:Case-by-case basis... (Score:1, Informative)
For better searching (Score:3, Informative)
Re:Overkill is an understatement (Score:2, Informative)
Be careful with comments like that. While I sympathize with you and might've done something similar, your credit card company might try to get you for fraud if they ever link that comment to you.
Re:Case-by-case basis... (Score:3, Informative)
Any reputable domain registrar will give you credit for all the remaining time on your current registration. You lose nothing by transferring.
Don't put it off. Do it today.