Gray Flannel Dwarf

8/8/2006

Release a statement, MyHostCamp

MyHostCamp, it is time for you to cover your ass.At the time of this posting, if you go to Google news and search for lieberman hacked, you’ll see close to one hundred news stories perpetuating the Lieberman campaign’s story that their website was hacked. There are even two references on the front page:

* Democrat’s Senate campaign alleges (The Age)
* Lieberman campaign says Web site hacked (Seattle Post-Intelligencer)

The Lieberman campaign is making thinly-veiled statements that the Lamont crowd is behind it — but in the end, but for a system to be hacked, there would have to be either:

* A failure of the Lieberman campaign to adequately implement security in their PHP web-scripting, or
* A failure on the part of MyHostCamp to implement adequate system security measures.

In both situations, the onus falls, either directly or indirectly, on the host… and it’s for this reason MyHostCamp needs to release a statement.

You see, in the webhosting business, you’ve got to assume the inherent insecurity of your web customers’ scripts. Very few websites go through design review processes and/or security analyses… and even when these things are done, problems still go wrong.

Its for these reasons that hosting companies implement security measures on what clients can and cannot do. They might use chroot jails to assure break-ins are limited to one website, for example. They may limit the execution of certain types of scripts known to allow for malicious mischief. These are just a few rough examples.

Likewise, from a system security perspective, they generally have fallover, redundancy in case something gets compromised or DoS’ed — and they have abilities to block or redirect heavy DoS attacks when they are detected.

Long story short, when the Lieberman campaign implies that their website got “hacked” — it is, more than anything, a direct affront on the security model of their host web provider. Such accusations are black eyes to service providers and can have very real ramifications if it is implied that their facilities cannot hold up or recover from such an attack.

It is for this reason that MyHostCamp needs to make a public statement as to the veracity and accuracy of Lieberman camp’s claims. They need to release a statement as to the reason the Lieberman page (and indeed their own system…?) is down. Is it excessive traffic? Is it a DoS? Is it a failure of the Lieberman camp to pay their fees?

Whatever the case, MyHostCamp needs full disclosure. To do otherwise puts them in the the position of appearing as an ineffective provider. Failing any refutations of the Lieberman campaign’s statements only opens the door to larger questions about MyHostCamp’s capacity.

From your own website:

Overview
myHOSTCAMP’s center of operations in the heart of San Diego, California. We pride ourselves as a quality web host provider offering a simple choice of 3 hosting packages. myHOSTCAMP is an organization premised on the fundamental aspects of simplicity, security, reliability, and stability — driving forces in our current and future success.

MyHostCamp: That Lieberman’s crew is making most likely unfounded accusations at Lamont supporters is one thing. That they are claiming their system got “hacked” at all is a whole different issue, and it reflect squarely on your ability to provide adequate services to hosted customers. It would behoove you to come out and state the reasons for the Joe2006.com downtime.


Tags: , , , , , — cswiii @ 5:15 pm

Leave a Reply