Red circle with a line through it, crossing out the word "LIES"

Choosing a webhost, why are they all lying to us?

Preface

If you have a website you have 3 options to put your site on the internet. You can self-host, you can rent hosting space from someone else, or you can use a free hosting service. Self-hosting is the best, if you can afford it. You need a computer and a reliable internet connection, typically not residential internet but that is changing thanks to services like Google Fiber. Free hosting services are great, if you don’t need a private domain name or special server side applications. For people who want “Mydomain.com” however, renting a hosting service is usually the best choice.

Nearly every hosting provider is lying

That seems straightforward enough, so this should be easy, you visit a few websites, compare some prices, and purchase your hosting. This shouldn’t demand more than an hour of your day, but it’s not that easy. Nearly every large hosting company is outright lying about the services they offer. There’s no regulation in the hosting market and the prices are as low as they can realistically get, so the companies have resorted to competing with lies instead.

The devaluation of the word “Managed”

For example, let’s look at the word “Managed”. Every hosting provider in the world offers “Managed Hosting” if their websites are to be believed, but what does that really mean? Well not much as it turns out. The word Managed starts with “Man” because it’s supposed to mean a human being is overseeing operations, but with large hosts that have 100,000 customers how is that even possible? It’s not, they are lying. They use completely automated systems and if you require any personal support it will come from underskilled phone-operators, or you’ll pay extra for it.

Unlimited is never unlimited

The other popular buzzword in the hosting industry is “Unlimited”. Nearly every hosting provider offers “Unlimited” service, but computer hardware has a finite amount of storage space, processing power, and memory, so how can they offer “Unlimited” service? They can’t. Every hosting package in the world is limited. What’s really happening is they’ve stopped being up front about the details of their service. This makes it especially difficult to compare the value of different services because most of the details are hidden from you.

Full Disclosure

I own a technology consulting business and one of the services I offer is webhosting. I’m not writing this article to advertise my business however. I was unaware of the problems in this marketplace until I entered it, and I am disgusted by how nearly all of my competitors operate. I say nearly all, because there are a good number of honest businesses who are up front about what service you receive and for what price.

What can we do about it?

The simple answer is stop supporting hosting services which behave in dishonest ways. If their sales page doesn’t provide full details of the service you’ll receive for the prices they advertise, or if they claim to offer “Unlimited” storage/memory/CPU, or if they hide extra costs and features on sub-pages of their website, shop elsewhere.

vertical server racks and clean cabling

PowerDNS Script to add new zones using pdnsutil

I recently began using PowerDNS, and it has a really nice command line utility called “pdnsutil” which is sadly under-documented, so I am sharing my bash script which creates a new zone and a reverse dns zone, using pdnsutil.

This script is extremely basic, and I welcome any efforts to fork and improve it.

Be sure to specify your own nameservers where I have placed ns1.nameserver.com and ns2.nameserver.com

The DKIM record is based on a ‘standard’ DKIM configuration that I use, yours may vary.

Contact Simba

About

I am a furry.

I am also a fierce athiest, patriot, American citizen, pacifist.

I like video games and toys and music and instruments and movies and books and tv.

We can talk! Send e-mail to learn more about me.

Contact

If you would like to contact me in a secure fashion, please send me an E-mail encrypted with my PGP Public Key which you can find below.

You can also find me on Matrix.org as ‘SimbaLion’.

Matrix.org Device IDs

Mobile: FAHUQEBZOT 
Desktop: QZAMXZCPEX

Channels Frequented:

Social Media

If you’re interested in my opinions, start here at my blog. I do use social media sometimes, but my thoughtful posts land here.

You can find me on Twitter but I don’t really use it anymore. Instead, follow me on Mastodon, @simba@pridelands.io.

E-mail

PGP Public Key

Fingerprint: 32FF 61C4 563D 7008 2239 598B D9C6 E8A1 E28C 16F4
64-Bit: D9C6 E8A1 E28C 16F4


The “Internet of Things” must be stopped.

Preface

The Internet of Things is an idiotic idea dreamed up in a marketing lab at Apple and other corporations. Wide-eyed executives with no real grasp of technology saw an emerging market where they could capitalize and make billions of dollars, and they rushed to dive in without thought toward the consequences.

What is the Internet of Things?

The IoT or Internet of Things is the name given to a world filled with devices that have embedded operating systems which are internet-capable. On paper, in a fictional utopian paradise, it presents some pretty cool ideas. Sharing of data between apps, remote control, etc.

Where did the Internet of Things go wrong?

The IoT has been a complete fucking disaster. Because the devices are being rushed to market and made by the lowest bidders in chinese code-factories, the software is easily exploitable. The IoT has regressed internet security by 30 years in a handful of months.

What is the evidence for this disaster?

A recent DDoS attack, that is a “Distributed Denial of Service”, was launched using a botnet which is comprised at least in part by millions of “Internet of Things” devices. This was the largest recorded DDoS attack in the history of the internet and it won’t be the last. Think of this like a country testing a nuclear bomb. A black-hat hacker-for-hire group is displaying it’s capability. Next they will sell their service to anyone willing to pay.

What is the solution?

The Internet of Things needs to die, right now. Boycott all embedded devices which do not have robust security controls. Device owners need the ability to upgrade the software and install their own security controls which could be superior to the factory settings. This is absolutely required to bring embedded devices up to speed with the rest of the computerized world.

What if we do nothing?

Selling unstoppable DDoS attacks will become a common practice. With the IoT growing at a ridiculous rate, it will become trivial for anyone with some technical know-how to own networks of millions of bots. A huge black-market industry will emerge. There will be attacks on corporations, on non-profits, on news organizations, on government systems. Giant CDNs like Cloudflare will be destroyed by botnets. The internet will become a wasteland. The benefits we’ve seen in recent decades, improvements to human rights for example, will be lost.

Summary

This is a pivotal moment in human development. We have a choice to nudge our own technological evolution forward in a responsible manner, or push everyone off a cliff in a fool’s gold-rush lead by absolute idiots who are drunk on greed and have no idea how the technology works.

Let’s Encrypt IS the panacea to all our HTTPS woes.

This is a response to a blogger’s post located here: “Here’s how broken today’s web will feel in Chrome’s ‘secure by default’ future” discussing the future of encryption on the World Wide Web.

I was banned from commenting on Mr. Hunt’s page because I made one critical comment about one of his articles. So much for free expression and the exchange of ideas. I don’t feel like re-writing my opinions so when you read it, bear in mind it was originally intended as a comment.

My Comment:

I can’t entirely tell what your intention with this article is, perhaps just to discuss the subject, which is great cause it needs discussing.

There’s no debate to have, encryption is the future, it should have been the standard by now. A discussion needs to happen to wake the average user up. Encryption isn’t only about protecting privacy, it’s about security, as well as simple standards of living.

SSL is trivially easy today. You said that Let’s Encrypt is not the cure, but you are wrong. Let’s Encrypt _solves_ the problem completely. Any remaining difficulty in adapting 100% SSL is the fault of lazy engineers and developers, and nothing else.

SSL is not a luxury product. SSL _was_ a luxury product. And just like Operating Systems, Digital Audio Workstations, Anti-Virus, E-Mail, and so many other applications, the generosity and effort of computer purists have given us free tools capable of replacing proprietary models. SSL as a Luxury product is going away.

The internet is changing the world, just as people predicted it would. Corporations find a niche where they can profit and they refuse to innovate, preferring to maximize their profits by taking advantage of peoples’ ignorance for as long as possible. What has happened with Let’s Encrypt, and other technologies, is that information-freedom-fighters have liberated the masses from the control of those corporations.

The future of the internet is bright, probably more so than 100% of ‘meat-space’.


FIN.