Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Post is lacking information on whether the site was actually a phishing site and who (or which entity) submitted a complaint.

I think verification of the legitimacy of a complaint should be a critical step before disabling a site, otherwise you're prone to DoS.

It would also be good to know what steps the complainant took. Did s/he try to contact Pandaform, or immediately go to Rackspace as the owner of the IP?

Without knowing whether the complaint was legitimate, and what steps Rackspace took to verify this (or not) its tough to say whether their actions were appropriate.



Their actions are inappropriate.

The majority of commentors here assume guilty until proven innocent.

In fact, the author of the article has still been unable to identify the "phishing" form. Was there even really a phishing form?

With all this anti-phishing technology built into modern browsers, why is it Rackspace's responsibility to "protect" users from "alleged" phishing sites?

For copyright, we have the DMCA (for better or worse). Perhaps we need some similar sort of due process for hosting providers or cloud providers.

Most appalling is Rackspace's lack of transparency in handling this.

Pandaform was never contacted by the complainant. The complainant only contacted Rackspace. Rackspace assumed, without investigation, the complaint was legitimate and gave the guy notice via email.

Also, the real rub, is the fact the Rackspace would terminate his account if he got a second complaint.

So, it is not necessary to have an actual phishing form on his site to have his Rackspace hosting terminated. Someone simply needs to allege this to Rackspace, and his account and data will be gone forever.

That is fanatical? Again, I cannot recommend Rackspace.


I'm also wondering if this person has a history of complaints.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: