Since 1999, this site has been hosted by Addr.com, a small Web-hosting operation out of San Jose, California its administration is now in Denver and like a lot of low-end hosts, it offers a heck of a decent price and not a whole lot of tech support. For advocates of "You get what you pay for," this is not much of an issue. On the other hand, the service has had some frustrating failures from time to time, and while they always were eventually cleared up, getting through to the actual staff has proven to be more difficult than anyone might like.
During a couple of those difficult periods, email came in from something identified as "Expert Hosting", which offered to switch my domain (and presumably others) over to their servers. Inasmuch as I was paid up for a year, I didn't bite.
Then, early this spring, MSNBC reported that a chap from the Netherlands had hacked into the Addr.com database and obtained the customer password (and associated credit-card) list. Presumably to demonstrate his prowess, the thief furnished a few dozen entries from the database to MSNBC, which contacted the customers in question and verified that yes, this is real data. Expert Hosting, true to form, was back in my mailbox with a link to the MSNBC story, and offering, once again, to switch me over. I was otherwise occupied cancelling a credit card, as a matter of fact and didn't bite.
Since that time, MSNBC has added a few more details to the story, though it is currently not on their site. Addr.com is now charging that Expert Hosting is nothing more than a front for a credit-card theft operation, which EH denies. And there's more to come. Expert Hosting (along with Dotcom Avenue, another operation at the same street address) is apparently owned and operated by one Peter Francis-Macrae, aka David Jarvis, a British youngster (not yet twenty, I am given to understand), the former operator of True Hosting, whom some would argue is about the worst excuse for a service provider in all of dotcom-dom. Letters similar to the ones I received have been sent to aggrieved customers of other Web hosts on behalf of Dotcom Avenue, which suggests a fairly standard modus operandi for the lad.
And then, Thursday night, came this email:
Dear Addr.com customer,
I read this over twice, and the first time it seemed to make sense, but the second one yielded up some oddities. For one thing, why would an American company use a typically-British phrase like "our management team have been working"? "Team" is generally plural in this context in British usage, but Americans would say "our management team has been working".
And then a coworker who also has a site at Addr.com advised me that the phones are indeed working, contrary to claims, so the first order of business was to pull this email out again and look at the message headers:
Return-Path: <firstname.lastname@example.org> Received: from proxy1.addr.com (addr.com [220.127.116.11] (may be forged) by addr.com. (8.9.3/8.9.1) with ESMTP id TAA52226 for <email@example.com> Thu, 12 Apr 2001 19:55:05 -0700 (PDT) (envelope-from firstname.lastname@example.org) Received: from get.freewire.net (get.freewire.net [18.104.22.168]) by proxy1.addr.com (8.9.3/8.9.1) with ESMTP id TAA45638 for <email@example.com>; Thu, 12 Apr 2001 19:55:03 -0700 (PDT) (envelope-from firstname.lastname@example.org) Received: from yahoo.com (d231-220.dial.mistral.co.uk [22.214.171.124]) by get.freewire.net (8.8.7/8.6.9) with SMTP id DAA19907 for <email@example.com>; Fri, 13 Apr 2001 03:40:42 +0100 Message-Id: <200104130214.TZQ5156@yahoo.com>
The obvious question, of course, is why a California (or Colorado) company would have to send mail through a dialup in the United Kingdom (dial.mistral.co.uk).
So the reports of Addr.com's death are greatly exaggerated, and then some, and while it hasn't been proven as yet that Peter/David/Expert Hosting had anything to do with it or, for that matter, with the original hacking of the Addr.com database (though I refuse to believe that someone who can't spoof an email header could possibly gain root on a Unix server) this reeks of scammage, and not good scammage at that. As this story unfolds, I'll pass along the details.
Update, 28 December 2001: The following email notice from something identified as <firstname.lastname@example.org> was received here today:
Your website at https://dustbury.com/vent/vent241.html contains false and misleading information about Dot Com Avenue and its American subsidiary, Expert Hosting.
Inasmuch as the sender was unable or unwilling to state exactly which information contained herein was "false and misleading", I read over the material, and found some dead links which could, I suppose, be considered "false and misleading", since they no longer pointed to sources of corroboration. The links have since been corrected. In addition, one particularly-ragged sentence has been spruced up somewhat to clear up any ambiguity as to who holds the opinions indicated in the linked pages.
Update, 14 December 2002: Another horror story or two to report.
| Vent menu |
Copyright © 2001 by Charles G. Hill