New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
So if I get it right:
1. @spycrab101: imma download my fav coolish video shows illegally, yay, I love my VPS!!!!!
2. @KuJoe's bots: omg, i haz suspecious crap here
3. @KuJoe: kindly asks spycrab to make his illegally downloaded stuff gtfo
4. @spycrab101: omg, you look in my files, imma want refund after breaking tos!!!
So basically he got caught and wants his money back so he can continue his actions on a different VPS provider that doesn't give a shit about him pirating...
@24khost
You seem to be missing the point. It should have never came to this as there is no legal reason to scan someones files. (also as I say I'm sure its illegal under us law, it is under UK law I know that for a fact)
You're missing the other main point. You have no right to a refund.
What if I decide I want to rotate pictures of penguins on my VPS and I decide to overcomplicate it and a script will physically rename one image to another (cron) and I name it ddos.pl?
Expect an e-mail :P
Of how you enjoy pictures of penguins?
Everyone loves penguins.
@jarland
Expect a thread afterwards of someone who can't read TOS nor use common sense
I'm alright with that, because what they can't say that I did is went digging through their files with my own eyes and reading the contents of them.
@spycrab1 do the walk!!!
So is it acceptable for a script (i.e. non human) to do that, which then flags up to a human if it finds anything untoward?
@spycrab101 nope not missing the point. Point is your broke a rule, your bad. In the US there are no laws that prevent your provider from looking at things hosted on thier server. In fact if you look at the US vs Napster by not scanning thier system they were violating US law. They were ordered that they should have better scanning on thier system.
@averell I don't see the difference at all. If it could get my servers siezed, or cause me legal problems. It is the same to me. The funny thing is you ask me 5 years ago, I am right along with you. I would be pirating everything. Time to grow up. Realize that you brake the rules you end up broke. And playing stupid doesn't work for the government or the law.
My opinion here is a thin line. I use what I do as a reference because it perfectly outlines where my opinion lies. When I scan for a list of, let's say 5 unquestionable files, I don't even get a return telling me which one it found. Only a container ID. I suspend and open a ticket. These are high risk files (could bring the node down), not "I might get a DMCA" files. DMCA exists for a reason, I'll react when I get one. DMCA prevention is too far for me. Physically opening client files to view them with human eyes is too far for me. I've watched what I'll call "tame" spammers go at it. I know how to recognize them, I'm rarely wrong, but if it's not conclusive or abusive I'm not investigating...I'm refreshing my blacklist IP checker app on my phone.
If you take action after a DMCA you're not going your servers seized from a tv show download.
Not everyone. Bill Gates and Steve Jobs hated penguins with a passion and spent a good part of their careers trying to snuff out Tux the Penguin.
Yet in the end Steve turned to the penguins with Darwin!
I would generally agree however I'm referring to a script here. What you're saying is you actively scan yourself for files that might be 'questionable' - surely you're invading their 'privacy' then? If, however, you used a script that ran every X amount of Y time to scan for a predefined list of files/processes there's no real privacy invasion there as it's not done by a human. If the script identifies something, action can be taken based on the content that was flagged.
I think it's more a question of 'appeasing' the customer who's doing something dodgy versus keeping the majority of customers who are perfectly legit and legal. There has to be a line somewhere, though. Do you suspend people for torrenting carte blanche or do you only suspend those who are obviously sharing copyright content - how do you know it's copyright if you haven't checked yourself? There's no easy way to police this other than having some element of human intervention somewhere a long the line.
I don't think Joe should have mentioned what the specific files were (on here) but I don't disagree with the reasoning behind his actions.
Also, worth noting again, DMCA is relevant to the US, not the rest of the world.
There is nothing to sort out. I stated in the ticket we do not provide refunds for TOS violators. I provided a partial refund against my better judgement. End of story.
I don't have time to keep up with this thread even with my awesome new tablet so here's the deal:
We did not violate any laws, US or other to my knowledge. No human accessed his VPS or files until an automated system (that does not keep logs, reports, or even keep track of VPS IDs or IPs, it simply scans the running processed on the node, it never goes inside any VPSs or even scans files) alerted us. I checked a log file from an lsof -p output at no time knowing who the user or the IP of the VPS (I did know the VPS ID but that tells me nothing since I don't have time to memorize all of them). After finding the illegal content the VPS was powered off (not suspended and not from inside the VPS) and only then was the user identified so we could contact them to remove the content that violated our TOS. We attempted to explain our stance on illegal activity and how we cannot afford the risk to knowingly allow our services to be used for anything illegal. We offered the client multiple chances to continue using his VPS for anything that did not violate our TOS but he was unable to accept these chances. I invested at least an hour into trying to explain the situation to him but all for nothing (as this thread can show).
TLDR: We did not violate any privacy laws. We did not spy on the client. We do not allow our services to be used for illegal activity.
Unquestionable was the word here. If it could have any potential second use that I wouldn't consider the kind of abuse that can immediately harm other clients and stand in my way of dealing with the issue once it starts (like an effective DDOS), I'm not scanning for it. The list is very small and prone to missing things, of course.
Right, and I'm comfortable with actions like suspension, ticketing, etc. @KuJoe said he opened dialogue before terminating, and that I respect.
Personally I just watch the resources, if it's not abusive of CPU or disk then I assume it's legal until I get a complaint.
It's the "until" part that bothers me. Again, don't take this the wrong way. I just don't want to watch this turn into encouragement of this activity without opposition being heard here. Encouraging this behavior from providers would be positive for my business, not discouraging it, so please don't misunderstand my angle.
A picture is worth a thousand words.
Therefore.
@KuJoe
This response was priceless. Well worth the $1 investment.
Unfortunately there will always be an until...
"Until the DMCA came in..."
"Until the lawyers contacted me..."
"Until the subpoena came to our door..."
"Until our other clients were impacted..."
Right, but the rest of those don't involve you reading the contents of their files. Does every provider who gets DMCA notices go searching for the offending content? I always ticket them and then suspend within 24 hours of the notice. Second chances in some cases.
@jarland I see your point. I like to be proactive though so our data center doesn't kick us out.
By all means, it's in your policy. If I had any bad motive here I'd encourage the activity I disagree with, so I could say "Hey look at me I don't do that." I care about the rest of you guys too :P
The lack of any number of these complaints above 1 means you're not really offending people.
Everyone knows my terms, and the don't be a dick clause, do you really think you'd pass the muster? You've been term'ed not for violating SD's terms, but for violating their don't be a dick clause.
To be honest I would avoid a provider who did not pro-actively check what's going on inside a node. I am a customer along side many others, I don't want to be suffering because someone is doing something they should not that could result in my container running like a bag of shit or worse the DC shutting down the server all together.
So yeah, if your terms say no DDoS and you scan for signs of it fine, if your terms say no torrents and you scan for it fine. If your scan finds something you don't like and you go into my container to investigate as a result, fine.
If you are randomly trawling through my files with no reason, GTFO!
I'm curious though in terms of all the "OMG... you looked at a customer's VPS", are there any US or UK based providers who completely ignore the customer's VPS until repeated abuse is reported to them, or worse yet their servers get yanked due to letting it slide until final actions were required? IF they exist, where are they now? What's the quality of their service? How much do they charge?
Just seems like if you don't want to agree to those kinds of terms you lease yourself a dedicated server (or colo it), deal with the legalities yourself when the reports start coming in, then course call the datacenter scammers when they finally take your box offline from excessive reports/complaints. But I'm guessing one can't be arsed to spend that much money for that connivence.
I love these "You broke the data protection act" threads, orly, which part specifically?
That would require him to share it with a third party or use it for promotion of products not belonging to SD.
Data you choose to put on a VPS is not covered by the DPA folks, putting data you don't own the copyright too on the VPS after agreeing to TOS specifically forbidding it on the other hand comes with HEFTY fines so I hear.
I would not try to take the legal high ground here buddy
Hosts work hard to provide good service, do not threaten their livelihoods because you don't think the rules actually apply to you.
OVH seem to not spy on customers and respect the law. I think they are one of the biggest providers in the Dedi/VPS market.
Just cause they don't do it, doesn't mean its not right!