New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
DigitalOcean Abuse Account Problem
This discussion has been closed.
Comments
I'm still a few weeks out but I'll ask that your case be reviewed again by another party. That isn't a promise for anything beyond that.
@jarland - irrespective of the outcome of this specific incident, don't you also think that it is only reasonable for a provider to give you a specific reason as to why whatever was done was done. In this particular case, there's no clarity at all on what the violation was (at least point out paragraph 3 of the ToS or some such).
Assuming that said user committed a crime, it is only fair and appropriate to say this is the crime you committed and so you are being punished. Hiding behind legalese makes me cringe from ever wanting to using DO again. And of course saying "law enforcement" or "National Security" makes it even worse (like those canary warrants that we can neither confirm nor deny).
It is not reasonable for a provider to come to a forum and speak openly about a customer's account and engage in discussion about their private matters. That is the point that I want you to grab on to. Violating a user's privacy is not okay. A forum post is not a proper verification channel. For all you or I would know someone posted a screenshot on IRC and someone else brought it here to social engineer account information. Social engineering knows no boundaries, and neither should account security.
So don't assume that you know the entirety of the event based on one side of the story, and assume that you won't get the other side from a professional provider.
I guess @nullnothere is talking about providing said information through the official ticket system that DO has. This information seems to be lacking for OP through the official ticketing system, causing him to open this thread on a public forum.
I agree with not providing it out here, but through the ticketing system it should be doable no?
@jarland - clarifying - I don't want the answer. I only think it is fair for the user (@eofsay) to know (privately via appropriate channels of communication between said user and DO).
My question would be: From what position are you able to determine that such has not been provided in one way or another? Wouldn't telling you more about that be discussing a customer's account in public?
That still assumes you know more than half of the story.
It is allowed IF (and that is checked) the user posted some screenshots (or took them from the user).
@jarland - to me it appears (again qualifying because of the limited one sided view of this issue) that there is no clarity/specificity on why the account was locked (apart from some sort of a carpet "violation of terms of use/service").
If I were in the user's position, from a fairness standpoint, I would at least expect to know that my account is terminated/locked because (examples) : multiple accounts (violation of clause xyz in ToS) or hosting illegal content (clause abc) or abusive process (clause def) etc.
The burden of proof should be with DO (and the proof should be "reasonable" enough that a neutral/uninterested third party aka "judge" should be able to accept it and sufficient opportunity must be provided to defendent to defend his/her stance with adequate proof).
That was a very proper reply.
Other than that, if DO has locked OP's account, and they're unable to unlock it, they surely have a very strong reason for doing so.
I agree with most other things, but not this. I refuse to provide proof when I know for sure the user knows what he did or knowingly gave access to a third party (like provide shells, for example). Since providing access to third parties is already a violation, I don't need to go further, same when the user started to blast spam within an hour of buying the VPS. I know for sure he knows he is blacklisted, so why should i bother to paste links and show him reports and warnings about high level smtp traffic? He wont oblige and show me his lists and proofs of double opt-ins. Being stuck with delisting is enough punishment for not spotting the spammer the first place, don't have to provide any other proof to him.
I won't speak poorly of you for following that guideline but I will refrain from considering that acceptable for myself, especially in this case.
I get where you're coming from. If you know me then you know that I have high standards for how customers should be treated. I'm afraid I cannot help you in offsetting how this appears to you today. I simply will not add information to the story here. I have my reasons.
Please do, I maintain that if the user posted the pictures, you can comment on that content. Not other things, of course.
It is fake, it is edited, it is photo shopped, whatever, you can say, The ToS/AUP gives us the right not to tell you why we locked you without providing the data, even if, for some reason, you cannot comment on the reason, which is pretty unlikely, but not impossible.
My comment on the content is that the two people answering that ticket, I would trust with my life. They are very skilled at locating accounts that engage in abuse. I've watched them identify and disable networks of spammers that I would have never connected had they not shown me the trail, which I then agreed were rock solid investigations on their part. These are best of the best, in my world. I would jump out of an airplane knowing one of them had the button to deploy my parachute.
When they say something matches a pattern, they're not meaning "came from same country." They're meaning something much more deeply connected. They would not be referring to something the user has no knowledge of.
OK - but at least inform me that you're terminating/suspending/locking my account BECAUSE I provided access to third parties via free shell or because I sent out a blast of spam (12345 emails) on port 25.
On a more generic note (again not specific/related to the OP), I think it is only fair for me to able to disprove your assertion - so for e.g. if you claim that I sent 12345 emails on port 25 and I claim that I didn't, how do we resolve this fairly? We need to agree on something - even to disagree - and I'm ok with that (you claim 12345 emails, I claim 10 emails), we've lost each other's trust and that's the end of the story (I'm packing my bits and moving my bytes to another provider).
I am arguing for the principle of fairness here. If you claim I sent 12345 emails, surely you have some logs/traffic that shows this - please show it to me (again I hope it is not cooked up or contrived just to boot me out).
In this particular instance there is NO detail on what the violation is/was.
(and again I don't want to know, the OP is entitled to know though is what I believe).
Once again you've assumed that you know more than half of the situation, have you not?
Look, we are talking of different things here.
1. I do not say YOU as Jarland, should answer this, I say the support people there should answer it more than our automated tools saw some pattern, or even ourselves. There is no pattern thing in the ToS/AUP, as I can figure.
2. I am not implying DO support is lacking or those guys or you suck. Not at all, I am just not satisfied with that answer. They can at least say we have the right to do whatever we please as per our ToS/AUP, end of story. The we saw some pattern is simply not enough, from a customer's point of view, regardless of what you know and trust.
You don't know that they haven't or that it was automated.
That's the thing though. You're not supposed to be. You're not the account holder, and I'm not going to tell you about their accounts.
I don't want to nitpick here. All I am saying is that IF I were a customer of a provider who locked/terminated/suspended my account without providing me a specific reason (preferably with some proof), I would be very very upset/angry.
Based on the information posted (publicly) in this discussion, would you consider that the OP has been treated fairly?
Then you can say it is fake, end of story.
Again, the straw man did it. I am not curious myself, I have seen many things, I just say that, as a customer, I would not be satisfied with that answer. I am running many weird application and who knows what "pattern" they might trigger. The user said he provided shells, I know what that means, everyone who worked in the industry knows. But telling him he violated point x of the ToS/AUP is not such a burden, if he insists and he insisted a lot. It gives the idea of stonewalling him, does not look good, even if you are right. I will not be telling my customer what people did with their access, but I would tell him he got suspended because people abused the ToS/AUP and used him as a front, so he pays the broken pottery, as we say here.
Moreover, if you do not tell him what a security risk that is, he will never learn anything and will do the same with the next provider.
Agreed. That would be wrong with exception of a few very specific and significant situations, none of which I'm suggesting have occurred here.
Based on the roughly 25% of the available information that was made public I would say that it paints the story that the painter intends to tell, and it does tell a story of a user treated unfairly.
I've already told you there's another side to the story. I know the story as of right now. I have high standards for the treatment of customers, and high standards for maintaining their privacy no matter how hard anyone tries to social engineer information out of me. If that doesn't offset your view of the situation that is perfectly fine, I won't ask for you to change your opinion based on it. This situation is larger than any one commenter's opinion.
Which, again, you don't know that he hasn't been told at one point or another. There are many places that someone can be told a variety of things. One could open a ticket with me on any of my 4 DigitalOcean accounts to reach me, for example. I could screenshot any of them as well, at any time.
Could it because of single referral? Or repeated multi account?
So it's confirmed... russian hackers...
Aliens, rather, illegal aliens...
Every damn time.
Thanks for the clarification. I get where you are coming from (and I'm not asking for any further clarifications on this specific issue/OP/discussion).
Thank you - this is all that I'm really arguing for and I feel comfortable enough to say we're on the same page.
You're not doing anything that I wouldn't do, and not at all bothersome btw. Sometimes you have to be on different sides of an issue, and it's internally frustrating to find yourself being someone you would poke at, doing the same things you would poke at them for.
I just have to trust that anyone who knows me knows that I've rolled out red carpet for users paying me $5 for a year of service. No one is of no value to me. I love my customers and I aim to treat them right, above and beyond what is considered acceptable. Sometimes taking care of customers means less obvious things, like removing users who cause other users trouble, etc. These are always difficult things, and not something I do with no weight on my shoulders when I do.
DigitalOcean customers are very much "my customers." If any are mistreated I take it personally and I will go on a war path just as I always have. I did it at HostGator, I'll do it at DigitalOcean if I need to. I don't need to be liked, I need my customers treated well. My job is to be an advocate for customers, not protect wrong doing.
Actually, judging by the repeated requests and "answers" he got, it does not look that way.
"You were already told the reason", does not appear there just meaningless bs.
I do not say "I" need to know the reason, I pretty much know it, or I am maybe close, even if not, that is not the point, the point is that, even if he was told elsewhere, you tell him again, link the ticket and close the this one.
Say, the guy was told in another ticket what happened, then instead of repeating the same meaningless shit (losing time to copy/paste) they could have copy/pasted the other answer and close the ticket.
It does not look like a ticket treating the same problem treated elsewhere, it looks like a stonewalling. Whether was right or not, you know better, I just say I would have not been satisfied with it.
I'd say you're knowledgeable about the subject to have picked up on a solid portion of it. Roughly half of it, I'd say. The other half you just don't have any information on so I couldn't expect you to pick up on it. There's no hint to it here anywhere.
And I don't need to, ffs, man, I am NOT asking information, I am commenting on the info at hand and it does not look like the guy got the answer he deserves, whether he is a criminal or not.
You were locked out because of article x and y, OR, we already told you the reason, stop opening more tickets on the same thing and fuck off.