Home > Site Related > I’ve Become a Cyber Pan Handler

I’ve Become a Cyber Pan Handler

**Update on this on another blog post -- fees have been paid in full, should anyone chose to donate at this point, I'll use it to pay future fees**

Every now and then I encounter websites that have donate buttons, especially if they provide a service. I've always wondered about this but figured "Hey, if people want to give money why not". I've decided today to become one of these "Cyber Pan Handlers"

For quite a while I've been hosting DamnVulnerableLinux without any problems. About 6 months ago, my transfer limit was exceeded due to DVL and I had to pay a bit extra. I decided that I would stop hosting DVL and it went to being only available via torrent. A couple of months later my hosting provider, 1and1, sent out an email stating that all hosting accounts had been upgraded to unlimited transfer, so I re-enabled my hosting of DVL. This month DVL appeared on Slashdot and what followed was a bill for a couple of thousand dollars. 1and1 is claiming that my account is a grandfathered account that no longer exists, and is therefore not eligible for the unlimited transfer. Yet they had still sent me the email and when I had checked at that time my account stated unlimited. I'm guessing that they made a mistake in their system when they initially implemented it and then silently fixed it. Either way, they are unwilling to honor the email they sent me and the DVL direct download has been removed. Should I come out of this, I will upgrade my account (which will increase my current monthly costs) and resume hosting DVL for download.

In the mean time, I'm going to ask for donations to help cover this large bill. During this push, there were over 30K downloads of DVL. I'm hoping that some of those downloaders (or anyone else) will realize the value they gained from the direct download and donate a few bucks to help cover costs. I just don't have the cash to cover it right now, and not only will the DVL direct download go away, a number of other things will as well:

  • ComputerDefense.org blog, hosted web pages, mailing lists, and email addresses
  • SSLFail.com blog, hosted web pages and email addresses
  • Hosted DNS
  • Shell Accounts
  • SecurityBloggers.net domain name and associated email forwards / url redirects
  • Hosted Domains

If you are someone affected by any of these services, maybe you want to donate too :)

As I said, once I manage to get this worked out, the DVL direct download will resume. Those who donate, I'm also willing to consider any requests you have for a shell account, dns hosting, email or whatever else. If any companies want to donate... Well, I'll add a banner with your logo to the top of CDO.org and SSLFail.com. Let's say for companies, every $20 buys you a month of banner :)

Anyways... that's it... figured I'd give this a try.... now for the lovely download button.

Thanks For Reading!

I've been asked what will happen if I get more money than the cost of the bill. If that happens, I'll gladly donate the rest to HFC.
Categories: Site Related Tags:
  1. Steve Pinkham
    July 22nd, 2010 at 15:28 | #1

    As to current bills, if you have proof in writing, I’d recommend the BBB, or your local government consumer advocate office depending on your location.

    For the future, I recommend hosting with sourceforge.

    Both Web Security Dojo and Samurai WTF are hosted there, with tons of downloads and no complaints.

  2. July 22nd, 2010 at 16:23 | #2

    I am happy to donate $25 just for the value we receive from DVL, keep up the great work.

  3. Spallina
    July 22nd, 2010 at 17:02 | #3

    Hi Tyler,

    What you have experienced is called 'unlawful business practice'. If you received an email from a company stating that you were being provided with a service that you were not and took steps due to the notification of said service, you are entitled to either:

    The service described
    Freedom of any encumbrance gained from your actions under impression of existence of said service.

    If 1and1 does not offer to negate the bill or refund any amount paid toward it, I would suggest the following course of action:

    1. Contact 1and1 and make a final request for cancellation of any charges accrued from your actions undertaken with impression of availability of service offered in the email. Inform the representative that you contact that you will take legal action if the problem is not resolved (it also helps that you are a media source).

    2. Contact an attorney and provide him with your service contract, the email you received, any records of previous contact with 1and1 regarding this issue, and the bill you were sent.

    3. File suit if 1and1 refuses to honor your request.

    Best of luck to you.

  4. spinkham
    July 22nd, 2010 at 17:41 | #4

    As to current bills, I’d recommend contacting the BBB or your local government consumer advocate office depending on your location.

    For the future, I recommend hosting with sourceforge.

    Both Web Security Dojo and Samurai WTF are hosted there, with tons of downloads and no complaints.

  5. July 23rd, 2010 at 08:41 | #5

    Good luck. Finding a reliable hosting provider is not easy. I feel dreamhost is pretty good!


  6. July 23rd, 2010 at 13:01 | #6

    Can I help by hosting a mirror for you?

  7. Will Hughes
    July 23rd, 2010 at 23:43 | #7

    Can we ask how much 1and1 charged you for this screwup on their part?

    (Did the comment system just change to intensedebate? Got a totally different comment form a few minutes ago)

  8. Will Hughes
    July 24th, 2010 at 00:12 | #8

    Can we ask how much 1and1 charged you for this screwup on their part?

  9. July 24th, 2010 at 14:20 | #9

    @Major Hayden: I'm sure that they would love addition direct download mirrors. To give you an idea of traffic, while I was Slashdotted it was 1 – 1.5TB per day, normally downloads are usually about 100GB per day.

    @Will Hughes: At this point the bill is at $1988.25, however the billing period isn't over, so I just have their sketchy expense tracker to monitor this one, and it's always 48+ hours out of sync. So I don't have a final charge yet.

    To those who donated: It was greatly appreciated… thank you.

    To those with advice for dealing with 1and1: It was also appreciated, I'm currently waiting on a response from them (been waiting 24 hours at this point)… I'm hoping to hear back on Monday.

  10. July 24th, 2010 at 21:11 | #10

    @Tyler we have used 1and1 what package are you on? I will go through my e-mail to see if I have the same letter and start an e-mail thread with them to see if they give me the same answer….

  11. July 26th, 2010 at 03:10 | #11

    Donation submitted!

    I've used DVL in the past – thank you for your efforts :)

  12. Marek Mackiewicz
    September 12th, 2011 at 06:40 | #12

    Hello Tyler,
    I am enjoying reading the information that has been set up on computerdefense.org. I feel
    that you should pursue some legal action against the company as most of the time
    companies will take your “minor” or “major” threat seriously once legal action has been taken and work with you to come to a resolution. In your case it seems you were in the right and if i am correct, if you have developed DVL and provided it to the public as a ‘favor’ then i have all the power with you considering i did download the .iso after you provided us with the link here at Fanshawe Collge in London, Ontario. If you are providing this software as an educational purpose then i strongly believe 1and1 has an obligation to continue to provide this service despite their miss-communication and simply “suck up” their ‘possible’ losses as an attempt to allow the IT industry to continue it’s efforts in providing free and informative software that allows students and experts to develop their skills and submit new information to the IT industry and continue it’s ways of free information. Free information works for all of us. This availability for free information is what has contributed to the amazing growth of the IT industry and has many times proven why IT is a ‘team’ industry that works for the benefit of all. It seems that you enjoy what you do and help others at the same time. Props to you and your efforts in passing new information to the IT community.

  1. July 24th, 2010 at 10:30 | #1