Fasthosts and UKreg: why you should look elsewhere

This entry was posted on
Wednesday, October 17th, 2007
at
10:14 am and is filed
under The Political Weblog Movement.

[Note – UKreg is part of the Fasthosts Internet group, which in turn is a subsidiary of United Internet AG.]

If Fasthosts were a human being, I would have them rushed to the nearest hospital for observation; they appear to be operating without a spine, and the lack of coordinative function between the left and right hand alone is a clear sign that there is something seriously wrong with the brain.

Late last Wednesday, the UK-based site BobBear was the victim of a dual attack involving a DoS attack and a joe job; a clumsy effort to damage the site’s operation and reputation which was almost certainly the work of one of the many scam artists the anti-fraud website targets.

Early on Thursday, the highly reputable IT security company Sophos reported the joe job, and BobBear site administrator Bob Harrison was in touch with his provider Fasthosts informing them that a joe job was in progress.

On Friday, Fasthosts removed the website from service – without warning – by suspending the domain.

Bob Harrison tried repeatedly to find out why, but received nothing beyond the initial domain suspension notification.

It wasn’t until late Monday afternoon that Fasthosts reactivated the domain name, and that was only after a round of (yet more) negative publicity for the company and the support of the police!

Fasthosts then responded by refusing to respond to related enquiries from the press:

vnunet.com – Spammers trash anti-money laundering site (with a little help from the hosting company): The British site, run by Bob Harrison, is frequently targeted by malware writers eager to take it down. Now, after a new attack, his domain host UKReg has done it for them. A dual-pronged assault launched this week consisted of a denial-of-service attack against the site, and a spam campaign which purported to come from the site and requested that money be sent to support the operation via an e-gold account… No-one at UKReg was available for comment at time of going to press.

The Register – Anti-fraud site turfed offline after joe job attack: Bobbear’s host Fasthosts responded to the bogus emails by suspending the Bobbear.co.uk domain, much to the annoyance of site administrator Bob Harrison. “They [Fasthosts] took the website down on Friday morning without any warning, despite the fact that I had notified them on Thursday that there was a massive ‘joe job’ in progress and that they would probably receive lots of unwarranted abuse reports,” Harrison explained. “Since Friday morning I have tried via email and telephone to get an answer from them as to what was going on but I never received anything apart from the initial domain suspension notification. The spam emails, which were badly worded and full of grammatical errors, were coming from zombie machines – none of which were on Fasthost’s domain.” … Bobbear enlisted the help of Sophos and its contact at Scotland Yard on its behalf, bearing fruit on Monday afternoon when the site was restored. “To have the domain go down so soon after a spam attack has hit the credibility of the domain,” said Harrison. “Without the publicity and help from the police I don’t think the service would have been restored.” … No one from Fasthosts was available for comment at the time of going to press.

All of this sounds strikingly familiar (and newcomers can see a timeline of my own personal experiences here), but Bob Harrison should count himself lucky that Fasthosts didn’t also respond to their foul-up by bad-mouthing him while they held all the cards.

Let me make the guts of this absolutely clear; it was the intention of an unknown money-laundering criminal scumbag to bring the BobBear site down and damage its reputation, and it only managed to do so with the (hopefully unwitting) cooperation of Fasthosts.

To paraphrase Craig Murray, I think I should make my views on Fasthosts quite plain to you…

If you are currently hosted by Fasthosts, and/or if your domain name is managed by them via UKreg, you should move to another service provider and you should do it TODAY. Otherwise, you risk the sudden removal of your website as a result of a nuisance complaint.

A false or baseless complaint could come from a political or business rival, someone with a personal beef, or even a mischief-maker simply out to cause trouble. There is no certainty about where it will come from or what form it will take; the only thing you can rely on is that you should not rely on Fasthosts when such problems arise.

They will leave you high and dry, they will shut you out, and when it finally becomes clear to them they that got it wrong, they will either refuse to admit it, or simply refuse to speak of it.

And if you doubt my word on that, check out what I did (and didn’t) manage to wrestle out of Fasthosts yesterday:

At midday yesterday, I called Richard Stevenson, who is in charge of PR for Fasthosts. He initially claimed to be rushing off to a meeting, but did take the time to express surprise at any suggestion that he was contacted by vnunet.com or The Register and subsequently “unavailable for comment”. He asked me to put my questions(s) in writing, so I did.

In my email, I put 7 questions to him, and informed him that I planned to publish a report on the BobBear.co.uk matter (and how it related to the Alisher Usmanov affair) that afternoon, and would therefore appreciate a timely response.

Richard Stevenson, who appears to earn a living from hiding under his desk most of the time, responded by taking it right down to the wire with an email response at – get this – 5:26pm!

Just before scuttling out the door for a well-earned pint? I’d ask, but wouldn’t expect a straight answer. My first and primary question related to him claiming over the phone that he had not been approached by vnunet.com or The Register for comment, and he skipped right over it.

Here’s that statement in full:

Concerns were brought to our attention regarding a website being hosted by Fasthosts. In this case, Fasthosts received in excess of 20 separate SPAM complaints regarding UCE spamvertising bobbear.co.uk. In line with Fasthosts’ set procedure, the company’s Abuse Team reacted to the complaints and in adhering to our Terms & Conditions, took the single domain off-line.

Once Fasthosts had received validations that the site was legitimate, the website was restored as soon as possible.

Fasthosts hosts hundreds of thousands of websites and manages over 1 million domain names. It is therefore not possible for the company to routinely monitor the content of these websites. Our anti-SPAM policies are an important aspect of our service and are in place for the protection of all Fasthosts customers.

I’ll get back to the questions that were ignored in a moment; first, I want to spell out what Fasthosts are saying here and how it reinforces my point:

Contrary to what this statement suggests, nobody asked Fasthosts to routinely monitor over 1 million websites; they were only asked to take certain circumstances into account for one single website in pretty extraordinary circumstances. This is called customer service. Bob Harrison informed them directly that this was a ‘joe job’ and he had the backing of Sophos at this time!

In this statement, Fasthosts deny that the circumstances were in any way extraordinary and send a message to their customers that – if put in the same situation in the future – they would act in exactly the same way…. i.e. favour a bunch of money-laundering gangsters ahead of their victim, just to be on the safe side, and not reinstate the website until Scotland Yard speaks up for the victim!

I’ve been threatened with false submissions to “distributed blacklists” and the like by the administrator of a certain high-profile right-wing website that shall remain nameless, but I can’t help but wonder if that person knew how easy it would be to shut me down as a then-customer of Fasthosts.

If you are hosted by Fasthosts and/or your domain name is controlled by them, all I have to do to have your site taken offline – manually or via a joe job – is generate roughly 20 false complaints that you have violated their terms of service.

Further, the Alisher Usmanov affair teaches us that – if you are persistent/convincing enough – there is a very good chance that Fasthosts will eventually decide that they’re better off out of it and terminate their relationship with you entirely.

The resulting downtime could stretch into days or weeks. Often, in this busy world, that marks the beginning and the end of a story, even if there is no conclusion.

Am I reaching you yet?

You do not have to run a political website or say anything contentious about a business rival to be a potential victim. You could lead a blameless life running an ethical business and eventually come to the attention of a rival not unlike this truffle-squishing moron.

He simply chooses a time when public confidence and awareness is key (say, the launch of a new product or a vital moment on the stock market) and engineers a series of false complaints about your website to coincide with this.

Result? Regardless of whether or not he gets caught, the damage is done. Your entire website is out of action just when you need to communicate with the public the most.

So allow me to repeat:

If you are currently hosted by Fasthosts, and/or if your domain name is managed by them via UKreg, you should move to another service provider and you should do it TODAY. Otherwise, you risk the sudden removal of your website as a result of a nuisance complaint.

To close, here are all of the questions that Richard Stevenson of Fasthosts ignored. I present them to you in the hope that you will gain some idea of what it feels like to be shut out after being shut down by this pisspoor excuse for a service provider:

From: Tim Ireland
Sent: Tue 10/16/2007 12:03 PM
To: Fasthosts Press Officer
Subject: Journalist / press enquiry (Fasthosts)

Dear Richard,

This should do for starters:

1. Did either of these parties attempt to make contact with you, your department, or your organisation seeking a comment about the suspension of the bobbear.co.uk domain name?

The Register:
http://www.theregister.co.uk/2007/10/15/bobbear_joe_job/
“No one from Fasthosts was available for comment at the time of going to press.”

VNUnet
http://www.vnunet.com/vnunet/news/2201110/spammers-money-laundering-site/
“No-one at UKReg was available for comment at time of going to press.”

2. Do you stand by this statement issued regarding the Alisher Usmanov matter?
http://media.guardian.co.uk/newmedia/story/0,,2174406,00.html

“In this case, we examined a website for potentially defamatory material and communicated to the customer that they had indeed breached the terms and conditions for Fasthosts Internet hosting. The customer was repeatedly advised of the breach and upon failing to permanently remove the content in question, their customer account was terminated, the unfortunate result being the possible downtime of other unrelated websites … of which we understand boris-johnson.com was one.”

3. Why has there so far been no response to any of the requests made in this post?
http://b-heads.blogspot.com/2007/09/requesting-response-from-fasthosts.html

4. Can we expect a response to any of the requests made in that post?

5. Why has your weblog been removed from service?
http://www.fasthosts.co.uk/blog/

6. Has your company been in contact with Schillings since Thursday 20 Sep 2007?

7. What comment do you have, if any, regarding this published assertion from Schillings?
http://www.timesonline.co.uk/tol/news/politics/article2508108.ece
“But Mr Usmanov’s spokesman blamed a technical glitch by the web host.”

I plan to publish a report on the Bobbear.co.uk matter and how it relates to the Alisher Usmanov affair this afternoon, and would appreciate a timely response.

UPDATE – It may interest you to know that neither Fasthosts nor UKreg appear on the list of members of the Internet Services Providers’ Association. All members of the ISPA are expected to follow the ISPA Code of Practice; Fasthosts and UKreg are not.

Move. Today.

Dump Fasthosts before they dump you.








About Tim Ireland

Tim is the sole author of Bloggerheads.
This entry was posted in The Political Weblog Movement. Bookmark the permalink.

19 Responses to "Fasthosts and UKreg: why you should look elsewhere"