New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I've just issued a medium warning to the user in question
I provided proof of my payment in my ticket with the payment ID and confirmation from CoinPayments. That is enough to verify it was me.
We cannot give you 3rd party information, ever.
Email is Authentication.
Even after all the high pressure tactics a typical attacker, what an would be extortionist/attacker would use, giving you the shadow of the doubt; You do not have access to the email in question you are requesting data for. Therefore not authenticated.
We are not in the habbit of sending other people's information (or even confirm if they exist in our system) on hear say and without any authentication. Hell, one of our main selling points is exactly that, strong belief in personal privacy and security practices.
Infact, to the point that due to a court ruling in regards of VPNs in Finland, it looks like we don't have to indulge information of our users even with court order in criminal cases. Not a lawyer, it just looks like that way on the court case, where it was determined provider is not obliged to divulge anything. Court case; https://korkeinoikeus.fi/fi/index/ennakkopaatokset/kko202223.html
Keypoints from the court case:
ChatGPT Translation:
What you are asking is for us to break not only security, but our promise to our customers of privacy. The Very Reasons you have pointed out yourself as the primary selling point
But considering the high pressure tactics, immediate public attacks, spamming helpdesk, zero patience, not having (if there even is) billing account password even (If the email address exists in the system, you should be able to login even if that address does not function at all!), you are 98% likely to be attacker/fraud/scammer trying to gain access to 3rd party account.
If you truly created that account, and it exists, and you used fake email address which does not exist at all, how the ?!?!?! you didn't even save billing account password? Easy enough to just login and check emails sent to that inexistant email address from the history log.
Conclusion: You are trying to access 3rd party data, or even just seeking confirmation such account exists.
Respect 🫡
@PulsedMedia
Very nice, nvme and some very nice configs with good balance of cpu/ram/ssd. Appreciate that. I don't think I will survive the next sale without buying one...
These are on sale every day, every hour
Current Stock and Pricing
A few nodes came available
Stock and Pricing Update
Prices are on fast climb as stock dwindles. No ETA for new nodes.
Well have to dump my MD17 now that I got a MD23 with 64GB
The probability of this being a malicious request is like... the probability of you not being lazy and/or not having delusions of grandeur.
Even if the probability was almost zero, I’d expect nothing less from a provider that advertises itself as privacy respecting. Kudos @PulsedMedia
Providers should all have a no warrant no look mentality because even “legitimate” data requests are often abused.
That's fine, but decent customer service is paramount, and this clown is just ridiculous with his responses most of the time, however.
There are ways to help a customer and verify their identity without revealing any private information, but his response to someone who entrusted him with their hard-earned money is just shameful.
I don’t think so, His decision to stand behind the policy is a decision not a lack of effort. I genuinely don’t understand what people expect when they use a burner email for a seedbox as if theyre on the FBI most wanted list. It’s standard practice for all communication to go to the email you provide the service provider, and if you decide to use a burner email consider it school fees.
This.
There are no excuses, even if chances were near zero, they are not zero. In this case, ~every single possible red flag was triggered, including public pressure tactics. I know many companies cave in just by the fear of public scrutiny. Extorting small providers is daily and routine by bad actors, and they always use certain types of pressure tactics, the type of pressure tactics this person used.
We have chosen email as the secondary authentication method. Not email maybe, but sometimes chicken bones will do or maybe the position of the moon. But email, period.
No access to e-mail? No secondary authentication.
The weakest link of any security is the human element, always. Social engineering is the most successful attack vector in the history of cyber security. For any security to work, the primary goal has to be to remove human element from the equation. Humans are too easy to fool. Hard data cannot be fooled. Hard data in this instance is access to billing profile and/or email account.
You can register with us using 100% bogus e-mail, but you better not loose your password.
This whoever it was had neither access to e-mail nor did have the billing portal account, if said billing profile even existed in the first place. So that's 2 points of authentication failure.
Accepting his claims of being legitimate owner of an account would have been akin to saying "If you claim you own account XYZ, you only need to send us legit looking email and you can have access to it".
_Imagine if SSH allowed you to get only 10% of password correctly and let you login? Maybe SSH should allow anyone who knows the local hostname then to login as the root? That's the equivalent what that guy was asking for.
_
@angstrom i find it bizarre that obviously malicious activity from freshly created fake account deserves smaller punishment than having wrong opinions on this forum? Is it allowed to bypass accountability completely if you just create fake accounts on this forum? I'd like clarification on the rules you are setting forward, would think others would like a clarification as well.
I agree 100% based on my experience working with financial institutions
We were trained that even if my father walks in the bank, we are going to ask for ID, always
@PulsedMedia In that case, simply refund the transaction if no one starts using the said services?
But, no... you're going to blab on about money laundering then...
At the end of the day, the customer didn't get the ordered services, and they can't get their money back. Good business, definitely. Totally not a scam, now is it?
People are often stupid, and the amount of times this has happened (used the wrong email, etc) is pretty high, so I find your arguments very weak.
You're selling seedboxes to pirates and porn addicts, you're not the next Bahnhof hosting WikiLeaks.
If said service exists, it was delivered. If a person doesn't hold on to their password, and used fake email, it is their problem not ours.
He did not request refund, he requested access to 3rd party account. He said he paid via XMR, those are also non-refundable, as per our TOS (and myriad of legal reasons). Refund Policy: https://wiki.pulsedmedia.com/index.php/Pulsed_Media_Refunds_Policy
We have absolutely no means to check if a person uses their service or not, none what-so-ever. It would violate their privacy. As per our privacy policy; https://wiki.pulsedmedia.com/index.php/Pulsed_Media_Privacy_Policy
If we gave access to 3rd party accounts without proper authentication, we would be breaking not only our promises to all of our customers but probably the law as well.
What we host or do not host is no excuse not to have proper privacy and security policies in place.
Even your argument "people used wrong email" is stupid; You still should have your account password.
So in summary, that person had:
- No billing email access
- No billing account password
- Claimed still to know seemingly randomly typed throwaway fake email address WITHOUT having stored password ?!??! How the F* could you remember [email protected] but not have saved the password then knowing you do not have access to recover it?
- Used pressure tactics
- Used public pressure tactics
- Created fake account to do said public pressure tactics
- Created anon tickets, and if i recall right multiple to demanding immediate access to 3rd party unauthorized account
- Outright lied (said money was irrelevant, but completely lost it because he lost access -- person with money would just sigh and know it was their fault in the first place -- it's a huge mental & psychological difference between people for whom, was it 30AUD what he said, matters and for whom it does not -- it shows on everything they do subconsciously, the level of personal accountability)
- Used VPN and/or TOR
There is no truck load big enough of salt to say this was legitimate request in any manner or form, or that this is provider fault. Saying this is provider fault is utter ignorance, and shifting personal responsibility to 3rd parties.
I hope you are never ever responsible for any form of privacy or security manners, with that attitude anyone could walk in and request anything.
It's only common sense to assume that they will request a refund if they cannot start to use the ordered services. You really should be ashamed of yourself here... money is money.
Every order matters, and you shouldn't get to keep someone's money just because you have delusions of grandeur.
well according to TOS, certain kind of transactions are non-refundable
When one is using burner email address to sign up, be ready to own the consequences
It is just that simple
If that account exist, any refund request should come from that account owner, not a unauthorized 3rd party.
You believe everything you are being told? Do you open every phishing email too and fill the details? Because that's exactly how you are acting.
Those who use burner emails at least typically are smart enough to use a forwarding anonymizing service so they can receive the emails.
That being said, we have to keep blocking those since it's all bad actors of various types typically.
@PulsedMedia
I have had few “difference of opinions”, but I always respected your professionalism.
More so after how you handled this issue.
🫡
Stock State
On the main topic, this is what we have right now in stock:
Not sure when, but we might be able to get a few more nodes before end of the month. The DC build combined with workshop reorganization & retooling has really been consuming all our hours.
That being said, there's a lot of demand, so if you need a node and not sure you are able to wait potentially a month or two for proper resupply, now is the time.
Only after the new DC is online i think we can really start to produce these at quantities constantly and steadily.
10% Recurring Discount
Being this short on stock shouldn't do any promos, but here's one for those who follow this thread;
10% recurring :O :O :O discount promo for LET Only, limited number, and only valid for 1week: 2405-LET-MD-THREAD-10REC-0DR8GYXJ6I
Price updates on checkout page.
Bonus Month
If you use that promo / signed up within the last week, post yabs.sh & network-speed.xyz results (in code box, that yellow thing for easy reading) below with text !! Got One #[ORDER NUMBER HERE] for an extra month
Order number, not invoice number.
Stock and Pricing Update
Prices are on fast climb as stock dwindles. No specific ETA for new nodes (apart from the usual cancel)
That i5-10500t for 36 eur looks good!
Question, is it possible to get an additional ip and how much?
no addon IPs.
Is the extra month still available?
Anyone with a box with 2x NVME manage to get RAID0 going?
came to mind, i can force a node in new automation, just 1 or 2 nodes, to be installed there and see if it works out "on defaults".
Might be the current Deb11 preseed for 2xNVMe is buggered and the separated /home didn't work. It often takes 4-6hrs to complete any change on debian preseed.
change, reinstall, change reinstall, change reinstall, no logs, no feedback whatsoever, and even a single extra . or missing . or forgotten / or tab/space in wrong place breaks deb preseed -- and as said no loggin.
That being said, pass it to GPT-4o (ChatGPT NOW FREE!) what partitioning you have, fstab, mdstat etc. and ask it how to transform raid1 to raid0