* Posts by markjr

5 posts • joined 12 May 2015

Daily Stormer binned by yet another registrar, due to business risks

markjr

Re: First they came for the nazis ...

Yeah I saw that comment and was about to post a rebuttal but had to leave.... then I'm in the car and it hit me and I just burst out laughing. It was brilliant, really.

markjr

Re: Quick note from easyDNS

This is a good point, because, contrary to many other registrars, we also *do* have a reputation for being vigorous advocates for our customers.

We of course enforce our AUP, and DS would have been in instant violation of 2 specific points of our AUP (violation of the NAP, and knowingly bringing in a DDoS attack).

markjr

Re: Quick note from easyDNS

Forgive me, for copying and paste my response to the exact same argument over on our blog:

There are over thousands of registrars and pretty well anybody can become one (hell, after the drop catching bubble burst you can buy a registrar now for a few thousand bucks).

They all set their own acceptable use policies and have their own risk tolerance. Somebody running a website that absolutely nobody wants to touch sounds more likely their problem, not the registrars. (Gee, could it possibly be because nobody wants to do business with self-proclaimed fascists spewing utter hatred toward others, including our families and our customers? How unreasonable.)

Further:

If DailyStormer really wants somebody to take them on, they’re going to have to pony up a lot of money to do it (expecting some registrar to take on this risk for a $15 annual domain fee is delusional) and at some price level there will either be a taker, or somebody will enter the field to service the need (providing internet infrastructure to Nazis).

(Maybe DS can empty out that bitcoin wallet of theirs with over $80,000 and buy themselves a registrar)

As for us, we’re not interested at any price and that is totally our prerogative.

markjr

Quick note from easyDNS

To be clear, we don't bill ourselves as "The Free Speech Registrar". As I say in the post quoted, we have a *reputation* as such, and because of that reputation we felt the need to explain ourselves. Reputations are built on past actions and track records. If our decision around DS impairs that rep, so be it.

Further, this isn't really a "free speech" issue at all. DS were never clients and we did nothing to censor their content. They can say whatever they want, but they really shouldn't be surprised if nobody wants to enter into business with them to help them say it.

In that sense, the free speech subtext to this could be "everybody has the right to say no to a Nazi".

Finally, as I told a few other people who think we are somehow obligated to take on a specific client, it's easy to say that when you are sitting comfortably outside the blast radius. If you feel so strongly about it *you* do it, or call up some key vendor your business relies on and convince *them* to do it.

That is basically what capitalism is all about.

Thank you.

Small WordPress sites leaking like sieves

markjr

Re: Get patching. ®

You can't just edit your wp-login.php, if you look at it you won't see the infection code (it shows up when it renders in your browser).

Nearest I can figure (I don't know the internals of wordpress at all), there is a callback called "logins_script_WP" which is loading the javascript call to the hostile domain.

The bandaid fix I came up with was to edit wp-includes/plugin.php down around line 910 or so (v 4.1.5) in this block of code:

reset( $wp_filter[ $tag ] );

do {

foreach ( (array) current($wp_filter[$tag]) as $the_ )

if ( !is_null($the_['function']) )

call_user_func_array($the_['function'],

array_slice($args, 0, (int) $the_['accepted_args']));

} while ( next($wp_filter[$tag]) !== false );

Change the line:

if ( !is_null($the_['function']) )

to

if ( !is_null($the_['function']) &&

$the_['function']!='logins_script_WP' )

and the jscript call to conyouse.com goes away. But I still don't know how it gets in there, or where the code that function generates is hiding or coming from (my guess is it's obfuscated in the dbase ...somewhere).

Biting the hand that feeds IT © 1998–2019