Usually if someone has a problem with a page on a Web site, the Web site owner or hosting provider is contacted. YouTube gets nastygrams over Saturday Night Live copyright violations. Barney's lawyers send nastygrams to Baltimore sysadmins who post photos of plush toys in unflattering poses. And so on. This is the normal order of the universe, and it could be a whole lot worse. (The DMCA's notice-and-take-down section could be tilted heavily in favor of content owners, for instance.) This week we caught a glimpse into what a whole lot worse might look like. MySpace was upset because a list of some 45,000+ user names and passwords were floating around online (I'm guessing because of shoddy security practices at MySpace, but I don't know for sure). They were posted to a mailing list that's archived at seclists.org, which is a kind of list repository. Politech is featured there, for instance: http://seclists.org/politech/2007/Jan/index.html Instead of contacting Seclists.org owner Fyodor Vaskovich, MySpace went directly to his *domain name registrar*, which is GoDaddy. GoDaddy yanked his site by, as far as I can tell, pushing an immediate update to the .org registry to make his domain name invisible. It appears as though GoDaddy gave Fyodor just 52 seconds of notice: http://seclists.org/nmap-hackers/2007/0000.html GoDaddy's general counsel Christine Jones defended the deletion when I talked to her today, saying it's good corporate citizenship. See: http://news.com.com/2100-1025_3-6153607.html >When asked if GoDaddy would remove the registration for a news site like CNET News.com, if a reader posted illegal information in a discussion forum and editors could not be immediately reached over a holiday, Jones replied: "I don't know...It's a case-by-case basis." She was even more blunt in an interview with Kevin Poulsen at Wired News, saying 52 seconds of notice in a voicemail was "pretty generous": http://blog.wired.com/27bstroke6/2007/01/godaddy_defends.html "I think the fact that we gave him notice at all was pretty generous," she said. Fyodor has given me permission to post some of the correspondence here (note how long it took him to get an answer about why his domain was zapped): http://politechbot.com/docs/fyodor.godaddy.myspace.seclists-1.012507.txt http://politechbot.com/docs/fyodor.godaddy.myspace.seclists-2.012507.txt -Declan _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Fri Jan 26 2007 - 01:27:42 PST