Yet another reason to avoid Fasthosts like the plague

Via Dave Cross:

The Register – Fasthosts customer? Change your password now: Fasthosts, “the UK’s number 1 web host”, has fired off emergency emails telling customers to change all their passwords after police were called in to investigate a major data breach… We’ve asked Fasthosts why the passwords were not encrypted in the first place. It said: “Historically, Internet companies have rarely encrypted passwords to aid customer service.”

As many people under comments at El Reg have pointed out, that last bit (probably from the desk of Richard ‘I get paid to hide under my desk’ Stevenson) is absolute bullshit.

Poor security is not a usability feature. They should have done far better far earlier.

Additionally, yesterday it was reported that Fasthosts admitted to a botched update to its mail server that permanently deleted customer emails. As with this latest disaster, they then went on to assure customers that they had taken new measures to ensure that such a disaster would not happen again when, by most accounts, with a quality host it wouldn’t have happened in the first place.

If you are currently using Fasthosts, I urge you again to start your move to an alternative provider TODAY.

I’ve read many published reports from other Fasthosts users that would appear to suggest that Fasthosts make it difficult for their customers to move on without fuss and fees, but after these two disasters, I’m sure you can throw their terms and conditions in their face and see how they like it.

Fasthosts do, after all, make the following promise;

“We will endeavour [sic] to provide a continuous high quality service.”

And – just between you, me and the gatepost – I’m not seeing much endeavouring going on, just a fuck of a lot of dawdling.

UPDATE – Those with a taste for irony may appreciate that Fasthosts released their first press release for months yesterday, offering a new range of dedicated servers. In it, they claim:

Servers are located within Fasthosts’ superior data centre in Gloucester, where all data is continually protected against fire, gas, water, power failure and unauthorised access.

For added irony, if you go back to earlier press releases (i.e. before recent incidents highlighting extremely poor examples of customer communication on their part) you’ll see a release titled; Slow response to customer emails fatal for UK businesses.

For added extra high-octane über-irony with sprinkles, revisit yesterday’s post, which includes – totally coincidentally, I assure you – a hypothetical situation involving those moments when public confidence and awareness is key and cites a new product launch as a primary example.

UPDATE – Via this discussion thread comes this worrying claim and call to action; If anyone has an account on Fasthosts, I would advise them to keep an eye on their credit card / bank details, as these used to be held unencrypted along with the passwords.

I’ll give Clive a heads-up, just in case historical data has been compromised in this way.

UPDATE – Clive has received the following response from Fasthosts (What? Suddenly they’re talking to us again?): Fasthosts: I can confirm that credit card details are stored in an encrypted format on our systems and we do not currently have any evidence to show that those details have been accessed at this time.

Posted in The Political Weblog Movement | 1 Comment

Rest in carefully manipulated pieces

Guardian/PA – Menezes image ‘dishonestly changed’: A composite image comparing Jean Charles de Menezes and Hussain Osman shown to a jury by lawyers for the Metropolitan Police was dishonestly manipulated, it has been claimed. The picture, containing half the face of innocent Brazilian Mr de Menezes and half the face of terrorist Osman was produced at the force’s Old Bailey trial. It was claimed to illustrate the difficulties officers would have had in differentiating the two. But Clare Montgomery QC, prosecuting, told the court that it had been altered “by either stretching or resizing so the face ceases to have its correct proportions”. The judge, Mr Justice Henriques, told the jury: “A serious allegation has been made that a picture has been manipulated so as to mislead.”

Telegraph – Picture of Menezes and bomber ‘manipulated’: The image was used to show how officers, who shot Mr de Menezes dead in July 2005, may have had difficulty telling the difference between the two men… Michael George, a forensics consultant, produced an alternative image, which was shown to the jury, in which the two faces have different skin tones and their mouths and noses are not aligned.

BBC – Menezes picture ‘was manipulated’: Ronald Thwaites QC, defending, asked Mr George whether there had been any manipulation “of the primary features of the face”. Mr George replied: “I don’t believe there has been any… but making the image brighter has changed the image.”

Posted in Photoshopping | 2 Comments

Finally, the BBC shows some balls…

The Great Architect – Wogan’s Woes

Your ‘compare and contrast’ link is here:
Media Watch Watch – ‘Bloody Cartoons’ shown on BBC2

Posted in Old Media | Comments Off on Finally, the BBC shows some balls…

Fasthosts and UKreg: why you should look elsewhere

[Note – UKreg is part of the Fasthosts Internet group, which in turn is a subsidiary of United Internet AG.]

If Fasthosts were a human being, I would have them rushed to the nearest hospital for observation; they appear to be operating without a spine, and the lack of coordinative function between the left and right hand alone is a clear sign that there is something seriously wrong with the brain.

Late last Wednesday, the UK-based site BobBear was the victim of a dual attack involving a DoS attack and a joe job; a clumsy effort to damage the site’s operation and reputation which was almost certainly the work of one of the many scam artists the anti-fraud website targets.

Early on Thursday, the highly reputable IT security company Sophos reported the joe job, and BobBear site administrator Bob Harrison was in touch with his provider Fasthosts informing them that a joe job was in progress.

On Friday, Fasthosts removed the website from service – without warning – by suspending the domain.

Bob Harrison tried repeatedly to find out why, but received nothing beyond the initial domain suspension notification.

It wasn’t until late Monday afternoon that Fasthosts reactivated the domain name, and that was only after a round of (yet more) negative publicity for the company and the support of the police!

Fasthosts then responded by refusing to respond to related enquiries from the press: – Spammers trash anti-money laundering site (with a little help from the hosting company): The British site, run by Bob Harrison, is frequently targeted by malware writers eager to take it down. Now, after a new attack, his domain host UKReg has done it for them. A dual-pronged assault launched this week consisted of a denial-of-service attack against the site, and a spam campaign which purported to come from the site and requested that money be sent to support the operation via an e-gold account… No-one at UKReg was available for comment at time of going to press.

The Register – Anti-fraud site turfed offline after joe job attack: Bobbear’s host Fasthosts responded to the bogus emails by suspending the domain, much to the annoyance of site administrator Bob Harrison. “They [Fasthosts] took the website down on Friday morning without any warning, despite the fact that I had notified them on Thursday that there was a massive ‘joe job’ in progress and that they would probably receive lots of unwarranted abuse reports,” Harrison explained. “Since Friday morning I have tried via email and telephone to get an answer from them as to what was going on but I never received anything apart from the initial domain suspension notification. The spam emails, which were badly worded and full of grammatical errors, were coming from zombie machines – none of which were on Fasthost’s domain.” … Bobbear enlisted the help of Sophos and its contact at Scotland Yard on its behalf, bearing fruit on Monday afternoon when the site was restored. “To have the domain go down so soon after a spam attack has hit the credibility of the domain,” said Harrison. “Without the publicity and help from the police I don’t think the service would have been restored.” … No one from Fasthosts was available for comment at the time of going to press.

All of this sounds strikingly familiar (and newcomers can see a timeline of my own personal experiences here), but Bob Harrison should count himself lucky that Fasthosts didn’t also respond to their foul-up by bad-mouthing him while they held all the cards.

Let me make the guts of this absolutely clear; it was the intention of an unknown money-laundering criminal scumbag to bring the BobBear site down and damage its reputation, and it only managed to do so with the (hopefully unwitting) cooperation of Fasthosts.

To paraphrase Craig Murray, I think I should make my views on Fasthosts quite plain to you…

If you are currently hosted by Fasthosts, and/or if your domain name is managed by them via UKreg, you should move to another service provider and you should do it TODAY. Otherwise, you risk the sudden removal of your website as a result of a nuisance complaint.

A false or baseless complaint could come from a political or business rival, someone with a personal beef, or even a mischief-maker simply out to cause trouble. There is no certainty about where it will come from or what form it will take; the only thing you can rely on is that you should not rely on Fasthosts when such problems arise.

They will leave you high and dry, they will shut you out, and when it finally becomes clear to them they that got it wrong, they will either refuse to admit it, or simply refuse to speak of it.

And if you doubt my word on that, check out what I did (and didn’t) manage to wrestle out of Fasthosts yesterday:

At midday yesterday, I called Richard Stevenson, who is in charge of PR for Fasthosts. He initially claimed to be rushing off to a meeting, but did take the time to express surprise at any suggestion that he was contacted by or The Register and subsequently “unavailable for comment”. He asked me to put my questions(s) in writing, so I did.

In my email, I put 7 questions to him, and informed him that I planned to publish a report on the matter (and how it related to the Alisher Usmanov affair) that afternoon, and would therefore appreciate a timely response.

Richard Stevenson, who appears to earn a living from hiding under his desk most of the time, responded by taking it right down to the wire with an email response at – get this – 5:26pm!

Just before scuttling out the door for a well-earned pint? I’d ask, but wouldn’t expect a straight answer. My first and primary question related to him claiming over the phone that he had not been approached by or The Register for comment, and he skipped right over it.

Here’s that statement in full:

Concerns were brought to our attention regarding a website being hosted by Fasthosts. In this case, Fasthosts received in excess of 20 separate SPAM complaints regarding UCE spamvertising In line with Fasthosts’ set procedure, the company’s Abuse Team reacted to the complaints and in adhering to our Terms & Conditions, took the single domain off-line.

Once Fasthosts had received validations that the site was legitimate, the website was restored as soon as possible.

Fasthosts hosts hundreds of thousands of websites and manages over 1 million domain names. It is therefore not possible for the company to routinely monitor the content of these websites. Our anti-SPAM policies are an important aspect of our service and are in place for the protection of all Fasthosts customers.

I’ll get back to the questions that were ignored in a moment; first, I want to spell out what Fasthosts are saying here and how it reinforces my point:

Contrary to what this statement suggests, nobody asked Fasthosts to routinely monitor over 1 million websites; they were only asked to take certain circumstances into account for one single website in pretty extraordinary circumstances. This is called customer service. Bob Harrison informed them directly that this was a ‘joe job’ and he had the backing of Sophos at this time!

In this statement, Fasthosts deny that the circumstances were in any way extraordinary and send a message to their customers that – if put in the same situation in the future – they would act in exactly the same way…. i.e. favour a bunch of money-laundering gangsters ahead of their victim, just to be on the safe side, and not reinstate the website until Scotland Yard speaks up for the victim!

I’ve been threatened with false submissions to “distributed blacklists” and the like by the administrator of a certain high-profile right-wing website that shall remain nameless, but I can’t help but wonder if that person knew how easy it would be to shut me down as a then-customer of Fasthosts.

If you are hosted by Fasthosts and/or your domain name is controlled by them, all I have to do to have your site taken offline – manually or via a joe job – is generate roughly 20 false complaints that you have violated their terms of service.

Further, the Alisher Usmanov affair teaches us that – if you are persistent/convincing enough – there is a very good chance that Fasthosts will eventually decide that they’re better off out of it and terminate their relationship with you entirely.

The resulting downtime could stretch into days or weeks. Often, in this busy world, that marks the beginning and the end of a story, even if there is no conclusion.

Am I reaching you yet?

You do not have to run a political website or say anything contentious about a business rival to be a potential victim. You could lead a blameless life running an ethical business and eventually come to the attention of a rival not unlike this truffle-squishing moron.

He simply chooses a time when public confidence and awareness is key (say, the launch of a new product or a vital moment on the stock market) and engineers a series of false complaints about your website to coincide with this.

Result? Regardless of whether or not he gets caught, the damage is done. Your entire website is out of action just when you need to communicate with the public the most.

So allow me to repeat:

If you are currently hosted by Fasthosts, and/or if your domain name is managed by them via UKreg, you should move to another service provider and you should do it TODAY. Otherwise, you risk the sudden removal of your website as a result of a nuisance complaint.

To close, here are all of the questions that Richard Stevenson of Fasthosts ignored. I present them to you in the hope that you will gain some idea of what it feels like to be shut out after being shut down by this pisspoor excuse for a service provider:

From: Tim Ireland
Sent: Tue 10/16/2007 12:03 PM
To: Fasthosts Press Officer
Subject: Journalist / press enquiry (Fasthosts)

Dear Richard,

This should do for starters:

1. Did either of these parties attempt to make contact with you, your department, or your organisation seeking a comment about the suspension of the domain name?

The Register:
“No one from Fasthosts was available for comment at the time of going to press.”

“No-one at UKReg was available for comment at time of going to press.”

2. Do you stand by this statement issued regarding the Alisher Usmanov matter?,,2174406,00.html

“In this case, we examined a website for potentially defamatory material and communicated to the customer that they had indeed breached the terms and conditions for Fasthosts Internet hosting. The customer was repeatedly advised of the breach and upon failing to permanently remove the content in question, their customer account was terminated, the unfortunate result being the possible downtime of other unrelated websites … of which we understand was one.”

3. Why has there so far been no response to any of the requests made in this post?

4. Can we expect a response to any of the requests made in that post?

5. Why has your weblog been removed from service?

6. Has your company been in contact with Schillings since Thursday 20 Sep 2007?

7. What comment do you have, if any, regarding this published assertion from Schillings?
“But Mr Usmanov’s spokesman blamed a technical glitch by the web host.”

I plan to publish a report on the matter and how it relates to the Alisher Usmanov affair this afternoon, and would appreciate a timely response.

UPDATE – It may interest you to know that neither Fasthosts nor UKreg appear on the list of members of the Internet Services Providers’ Association. All members of the ISPA are expected to follow the ISPA Code of Practice; Fasthosts and UKreg are not.

Move. Today.

Dump Fasthosts before they dump you.

Posted in The Political Weblog Movement | 19 Comments

Makers of weak game defend themselves with weak threats

Media Watch Watch – Left Behind makers sue for bad reviews

Bartholomew’s Notes on Religion – American Libel News: Left Behind Games Attacks Bloggers

It’s a lovely story with a delicious punchline. Check it out.

(PS – Bartholomew: welcome to my blogroll.)

Posted in Christ... | Comments Off on Makers of weak game defend themselves with weak threats

Arsenal Muse is a sock-puppeting liar

[Note – This is somewhat Usmanov-related, but as it relates primarily to the use of sock-puppets, I’m filing it here. Cheers all.]

Recently, someone using the name ‘Trat Urug’ has been making comments on Craig Murray’s website.

You can see those comments here and here.

The IP address used to make all of these comments (some 5 days apart) was

In one exchange (where I asked ‘Trat Urug’ if they wished to declare an interest) it was claimed by another commenter, who no doubt recognised the incoherent writing style, that ‘Trat Urug’ was in fact Arsenal Muse, the lone blogger who has taken it upon himself to defend Alisher Usmanov and/or attack Craig Murray. Mostly the latter. While claiming to be an oasis of balance.

It seemed to me that the fairest thing to do would be to ask Arsenal Muse about it. So I did.

Both the email I sent (to the primary contact address provided at the Arsenal Muse website) and the reply I received appear below in full:

—– Original Message —-
From: Tim Ireland
Sent: Monday, October 15, 2007 1:30:16 PM
Subject: comments on Craig Murray’s website

Are you the same person who has been commenting under the name ‘Trat Urug’ on Craig Murray’s website?

—– Original Message —–
From: Arsenal Muse []
To: Tim Ireland
Sent: Monday, October 15, 2007 11:20 PM
Subject: Re: comments on Craig Murray’s website

No. Is he another of his suck ups?

Note that in his reply, Arsenal Muse not only denies making the comments, but also appears to deny all knowledge of them… which in itself stretches things a bit, given how focused his attention has been on Murray recently.

Sadly for him, the IP address used to send this denial was exactly the same as the one used by ‘Trat Urug’ to leave those comments…

Received: from [] by via HTTP; Mon, 15 Oct 2007 15:20:39 PDT

Conclusion: Either something quite unique and magical is happening in the world of NTL, or Arsenal Muse is a sock-puppeting loser and an outright liar.

I’m betting on the latter for reasons I’ll spell out if Arsenal Muse cares or dares to deny it.

Over to you, Arsenal Muse.

UPDATE (3:30pm) – Arsenal Muse has just been in touch via email (see comments) and has also published a response on his website. Here he expands on his claim that any attempt to ensure that a debate is conducted in a fair and open fashion is an attack on free speech:

It seems to me, you can have freedom of speech on the internet but as long as you side with the majority of internet users and bloggers and if you don’t, then you enter a form of cyber guerrila warfare… So if we fire all our ammunition at one man, be it Usmanov, be it Arsenal Muse, you’re being just as hypocritical as those individuals lashing out human rights abuses around the world… We’re talking about the type of behaviour where you take advantage of the power you have, the connections you have to bring down another. A bit like being a blogger and bringing down another blogger and posting sensitive information about that as well. – Arsenal Muse

Sensitive information? My arse.

Free speech denied? Spare me.

A lone voice of balance tragically silenced in a manner that’s worth evoking “human rights abuses around the world”? Pass me a sick-bucket; this one’s full.

Arsenal Muse has not been chased from the field with unsportsmanlike tactics; he thinks that he has no choice but to retire from the field because he cheated and got caught.

He also thinks that he can somehow move on to a new field of play with no consequences if he pretends otherwise.

On both counts he’s spectacularly wrong.

Nothing is stopping Arsenal Muse from speaking his mind on his own weblog and elsewhere on the web. (Craig may choose to ban Arsenal Muse from his weblog for this abuse of the comments system, but that’s not my call.)

The only voice silenced in this exchange was that of the alternative personality Arsenal Muse used. The only thing crippled by this revelation is Arsenal Muse’s ability to do the same in the future, and his credibility when he denies it.

Of course, the reputation of his primary personality Arsenal Muse has also taken a hit, but it’s his own damn fault for cheating and he should be aware that it is only likely to be a career-ending injury if he continues to use a combination of bluster and bullshit to avoid the central issue (i.e. that he cheated and got caught).

After all, people might then get the idea that he always uses a combination of bluster and bullshit to avoid the central issue.

Posted in The Political Weblog Movement | 12 Comments

The ‘war’ on Christmas comes earlier every year

The Sun – New laws pull plug on Xmas

They wheel this tired old nonsense out every year… but they’re disturbingly early this year.

See also: The Guardian – The phoney war on Christmas

UPDATE – Hehehehehe. Snap.

Posted in Rupert 'The Evil One' Murdoch | 3 Comments

Usmanov oozing ‘charm’ again

This Sunday Times article has been fisked here. Do let me know if I’ve missed anything.

Posted in The Political Weblog Movement | Comments Off on Usmanov oozing ‘charm’ again

Blair continues his belated fact-finding mission

Independent – Blair admits he is shocked by discrimination on the West Bank

Funny… he seemed so sure of himself when making relevant policy in the past. Are we to take it from this that he did so without knowing all of the facts?

Posted in Tony 'King Blair | Comments Off on Blair continues his belated fact-finding mission


Some of you may have missed the busy day over at the Alisher Usmanov blog yesterday.

Go see.

Posted in The Political Weblog Movement | Comments Off on Psst!