MySpace And GoDaddy Shut Down Huge Archive Of Security Mailing Lists

from the silly-companies dept

Rich Kulawiec writes in to point out that Seclists.org, a site that archives various security-related discussion email lists (and run by Fyodor, author of nmap, and generally well-known within the security realm) was yanked offline completely yesterday thanks to a bogus complaint from MySpace to the registrar/hosting company Fyodor used, GoDaddy. It seems that MySpace was freaking out that yet another big list of MySpace usernames and passwords had leaked (and spread all over the net). So, they went into damage control mode. A few copies of the MySpace list had been mailed to one of the security mailing lists archived as Seclists, and rather than simply asking that they be removed, MySpace went straight to the hosting company to get the entire domain turned off -- which GoDaddy did without question (or giving Fyodor a chance to appeal). In other words, they shut down a huge domain full of useful information that was used by a lot of people, over one complaint on some information that is widely available all over the internet. Fyodor also notes that these types of bogus requests to hosting companies and registrars are only increasingly lately. It seems like there may be an opportunity for a registrar hosting company to advertise that they don't wilt at the first sign of legal language, and at least give their customers a chance to respond.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Bryan Price, 25 Jan 2007 @ 7:48pm

    That's another company

    for me to not do business with. Not that I have.

    27B Stroke 6 carries some good details.

    GoDaddy got back to me. General counsel Christine Jones defends taking down SecLists.org, saying that Fyodor had close to an hour to respond to GoDaddy's voicemail and e-mail warnings yesterday, and didn't.

    "We couldn't reach him, and because the content was hundreds and hundreds of MySpace user names and password, we went ahead and redirected the domain to remove that content," she says.



    "For something that has safety implication like that, we take it really seriously," she says. "For spammers, we give people a little bit of time to respond to us."



    Jones stands by the decision.

    "Should registrars be involved in this? I'm not sure," she says. "We're the largest domain registrar in the world, and my view is, for $8.95 its not okay for somebody to come and use our services to harm other people."

    -----

    Update

    Fyodor responds:



    Fyodor also sent in his timeline of events, supported by copy of the voicemail (.wav) from GoDaddy telling him he was scheduled for suspension, and the e-mail message telling him he'd been suspended. The difference between the two appears to be one minute, not one hour.

    I called back Jones, and she admits she doesn't know exactly how much notice he had.

    "I think the fact that we gave him notice at all was pretty generous," she said.


    That's absolutely sad and horrible. I will refuse to do any business with them.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.