The EC-GC spoof is toast, whodunnit?
(Screenshot snagged from straight.com.)
I remember when Telus shut down thousands of websites to take down their union’s website. Serverloft might have just done the same. The Seattle Post-Intelligencer has an article on the takedown of the Yes Men site. I did find an article from straight.com which claims to have the original complaint. The IP address in the complaint there is the same one that ec-gc.ca is currently hosted on. Ole Tange is the contact for PiWeb listed in the IP address for that whois.
At first I was convinced that Serverloft did in fact pull the plug on PiWeb’s netblock. A slashdot comment gave me pause. After all, the message from Mr. Tange is on a website controlled by the Yes Men, and his contact details are publicly available. As of this writing, the PiWeb status page makes no mention of related downtown. Maybe the Yes Men took down their own site as a PR stunt. Here’s a paste from the disputed website.
Website suspended
Serverloft blocked the IP-range for this server because of the content of the client’s website and would only unblock the IP-range if we suspended the website. The website was used in a spoof by The Yes Men.
Serverloft blocked the IP-range without a warrant and without calling us and thus affecting servers hosting 4500 of our customers’ websites until we ourselves discovered the problem, and convinced Serverloft to unblock. Serverloft did send us an email explaining that they would not unblock the IP-range until the websites were taken offline. The email was sent 5 minutes after they cut of the access to the mail server, so we only received the email after the 4500 websites were back online.
Convincing Serverloft that their systems had blocked access on purpose was hard because Serverloft frontline support claimed that all their systems were working fine and they therefore assumed that the problem was a configuration problem on our server. They refused to help troubleshooting the issue.
Serverloft could simply have called us and asked us to deal with the situation. We would then have asked the Canadians for a warrant. If the Canadians had shown us a warrant we would have taken down the site immediately. As others have pointed out the Canadians could probably just have gone through CIRA and have the domain suspended, which would not have affected any of the other 4500 websites.
As we cannot go through every single page that our customers put on their websites we anticipate a similar situation may arise again. We have therefore asked Serverloft to revise their procedures so we at least would get a phone call before they cut our connection. They have so far refused to do so. They have answered:
your net was blocked because of hosting phishing sites. I’ve attached the information, we have, below our signature. I’m sorry, but we cant call every costumer for abuse. In some cases we’ve to respond very fast and have to block the net or server.
While I appreciate Serverloft respond fast, it is no good if the collateral damage is more than 1000 times as big. Had they called I am sure we would have found an arrangement that would satisfy both of us.
For more information: contact Ole Tange <ole@tange.dk>
The only other website I can find running on the listed IP is good-cop15.org, which is also the default vhost for that IP. It’s a site about the Copenhagen conference and links to the Yes Men hoax. Judging from the reverse lookup on the address it’s probably a virtual machine, quite possibly run by the Yes Men. It turns out that there is actually a Bruce Moore at CCIRC, but he wasn’t on duty when I called. Ec-gc.ca isn’t on any phishing list that I can find so that charge was overblown.
I don’t particularly like the Yes Men. They go from satire to impersonation. I’d have loved to see CIRA close down their ec-gc.ca domain but the domain dispute takes a long while. I can understand the letter from the CCIRC. The Yes Men website will do the most damage now, not in the time after CIRA is through with its dispute process. I find it very plausible that the Canadian Government would send such a request.
I also find it very plausible that Serverloft would issue a knee-jerk takedown. It’s relatively common for service providers to take down material immediately after a complain, especially among low margin resellers. From the WHT opinions, it sounds like that fits Serverloft. If that IP address was limited to a virtual machine run by the Yes Men, and Serverloft was okay with risking their reputation by acting on the complaint rather than following up with PiWeb, they could have at least minimized damage by only nullrouting the VM’s IP address.
There’s enough negative material on WebHostingTalk that I wouldn’t want to use Serverloft regardless of the outcome of this case. I’d like to see some official statement from PiWeb on an official channel before I believe the details though.
Update Jan 2nd 2010: It looks like Ole Tange has updated his personal website with details of the takedown.
Related articles by Zemanta
- Yes Men take credit for Canada climate hoax (nationalpost.com)
- Canadian Censorship Takes Down 4500 Sites (yro.slashdot.org)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_c.png?x-id=6da5685c-21b7-48cd-91d9-931d53ed58e5)
