Friday, November 30, 2012

HostDime, SoftLayer, et al, Need to be Federally Bitch-Slapped For Violating Syrian Sanctions

Source: HostDime.com website
When the New York Times released its story that some of the Syrian government's websites were hosted outside of Syria, I wasn't surprised to see SoftLayer Technologies as one of the hosts. They are also the company that hosted StopGeorgia.ru, the Russian forum which coordinated many of the cyber attacks against Georgian government websites during the Russia Georgia war (2008).

Other U.S. ISPs in addition to SoftLayer who are hosting Syrian government websites in violation of an Executive Order by President Obama (EO 13582) are HostDime.com, WeHostWebSites.com, 383Inc., HopOne, Net2EZ, Tiggee, and PEER 1. Of those seven, HostDime and Softlayer are consistently among the world's 50 worst hosts for serving malicious content.

Furthermore, this isn't the first time that Softlayer and the other offending ISPs learned of their violation of EO 13582. CitizenLab first created their report The Canadian Connection: An investigation of Syrian government and Hezbullah web hosting in Canada in November 2011. A blog posting by HostJury.com shows that SoftLayer didn't respond to their inquiry back then and still hasn't. A spokesperson for HostDime responded on the HostJury blog last November by saying "We are currently aware of all OFAC (Office of Foreign Assets Control) rules and regulations and continue to comply and monitor to the best of our ability." Since they have continued to hosting a Syrian government website (MOW.GOV.SY) more than a year ago and have done nothing about it, they and the other ISPs involved are knowingly in violation of EO 13582.

In my opinion, these ISPs need to be federally bitch-slapped for this. I hope that one or more of my federal government readers takes the hint and sets a much-needed example with HostDime, SoftLayer and the others.

UPDATE (30NOV2012 0634PST): VF (Vicki Fraser) of HostDime (@HostDime) responded to me on Twitter shortly after I published this article: "We do not host any Syrian websites and are not in violation of federal sanctions.   ^VF". Say, Vicki. Do you know how to use ROBTEX?


VF responded via Twitter: "@jeffreycarr it is hosted within our datacenter but not by us, we've reached out to our direct client expressing our concerns ^VF".

UPDATE (30NOV2012 0829PST): @HostDime announced via their Twitter feed: "@jeffreycarr Update: Our client (the host of the Syrian site) has taken action and taken the site offline. ^VF"

5 comments:

  1. It is not by accident such illicit and mal-hosting would resolve to the likes of Softlayer & HostDime. As you point out within the recent HostExploit Q3 world host report.

    As of today out of 42,848 ASes currently in world's routing system, AS36351 Softlayer is #17 world's worst host (see jart.me/VaJsBF) and AS33182 HostDime is #26 world's worst host (see jart.me/RobFYb)

    ReplyDelete
  2. Thanks for your comment, Jart, and for continuing to produce an excellent resource with your world host reports.

    ReplyDelete
  3. Data Center Facilities as large as Softlayer and HostDime who operate as wholesale hosting providers have little to no control over what their clients host. In many, if not all, cases the facility itself has no knowledge of the hosted sites. However when the facility is made aware of violations immediate action is taken. It is similar to a mall owner with tenants. The mall owner has no control over what type of clients enter the tenant's establishment. However if there is some sort of illegal activity action is taken there.

    ReplyDelete
  4. Hi Bodyz, I don't accept that they have no control. It's a relatively easy matter to create crawlers to evaluate website content. Further, all of the ISPs involved were informed when CitizenLab broke the news a year ago, yet they did nothing about it. HostDime took action today because I called them on it publicly.

    ReplyDelete
  5. Jeff,

    When there is over 10 million websites in a network it isn't as easy as it may seem to you. Couple that with the fact that thousands of sites can be uploaded to a server daily makes is very complex. I agree not impossible but definitely not an easy task at hand. I don't really think these facilities have interest to host sites which violate the law, it wouldn't make any practical sense that would be true considering that 99.9999999% of their business is at stake. If they are made aware of it and don't take action that is one thing. I don't think it has anything to do with you calling them out publicly. I am sure when the NYTIMES made them aware action was taken right away because it was the right thing to do and not because they were being called out. Again to think they are out to host these kind of sites doesn't seem viable thing to think. When there is so much volume you will get some bad apples slip by.

    ReplyDelete