This is why I like hosting providers that totally ignore reports/DMCA. Even if you're not doing anything illegal, it's good to know your server won't get taken down randomly because of a false report.
Has anyone else had issues with Linode before? While this specific situation sucks, I feel like I’ve seen much more headache with AWS/GCP/Azure regarding people getting completely locked out of stuff.
I had a Garry's Mod server on Linode for a while. A player was upset they were banned and reported my instance for DDoSing them. Linode rate limited my node.
I replied to the ticket saying, "How am I DDoSing someone when the bandwidth/packet-rate graphs you host show I am not?" to which they acknowledged it was a false report, unrestricted my node and closed the ticket. Not a big deal but still odd that they did not first check their own bandwidth graphs. That to me appeared to be a front-line customer support training issue.
I should add that the player was really upset that their exploit code could not crash my server. It happened a couple times so I found the packet that took it down and used a simple iptables string filter to drop it. That is when they went with the false reporting tactic.
I received a third-party malware report from Linode once[0]. It’s possible that something has changed in the meantime since this was probably 4–5 years ago, but my own experience in a similar scenario was that Linode acted reasonably and in good faith. This tweet makes it sound like their policy and procedure hasn’t changed.
In my case, Linode opened an “AUP violation” ticket with a copy of the report, the steps they required to close the ticket (essentially: fix it and explain corrective measures), and a time when they would disable the server otherwise (which was something like 24 hours). It sounds like itch.io decided to ignore the AUP violation ticket and their server was disabled after 24 hours, just like the ticket said it would. (Waiting on a support ticket instead of calling also seems like a weird bad choice when your whole site is offline.)
I guess, having some first-hand experience with Linode’s malware handling process, that itch.io were at fault here, but I guess there may be more to the story they haven’t shared or weren’t clear on.
[0] Actually twice; some internet vigilante hooked up a virus scanner to a web crawler and was sending false positive reports directly to the abuse address for the netblock. After the second one I kindly suggested Linode stop accepting these reports, and never heard anything again.
It's always a risk when you're leasing computer resources from a 3rd party.
At least if you own the hardware, you won't lose your data (except in extreme cases where the government takes it, but if this is the case you're screwed and data / service loss is the least of your worries).
I have had two reports from/via Netcraft(for the exact same file) that resulted in Linode threatening to take down my small VPS within 24 hours. But while I don't think such a short time for response is reasonable without any actual non-bs evidence in both times they backed down after I explained to them that there was nothing wrong. Was long before the Akamai acquisition though so who knows if their procedure changed.
Hey folks, Jim at Linode here – wanted to offer some general information about our abuse practices and policies:
When we receive a valid abuse report that resolves to one of our IPs, we open a ticket (and send an email) to let you know. The ticket provides details about the abuse report we received, how to resolve it, and the timeframe in which we need a response before we remove access to the abusive content.
Since most abuse reports we process are the result of a system compromise and aren't intentional, we can be flexible. If you need additional time to investigate an abuse report we've sent you, all you need to do is respond to our ticket and ask.
If you dispute the validity of a report or believe an abuse reporter is acting in bad faith, that's feedback we listen to – you just need to respond to our ticket.
In general, if you're communicating with us and acting in good faith, we'll work with you on these matters.
My friend just got pwned by a malicious itch.io game a few days ago. They didn't reply to my report, but seemed to have taken it down after a couple days.
Later versions of windows 10 and up has a sandbox feature (https://learn.microsoft.com/en-us/windows/security/threat-pr...) you can enable to run random exes, also advised you keep a free malware scanner active etc. I resurrected an ancient piece of hardware recently and in the hunt for drivers these were key.
My personal preference rather than picking X over Y VPS provider is to spread my nodes out across several of them. This would especially be the case if I were running a revenue generating business. Providers have unplanned outages. Support teams of an individual provider can get overwhelmed and take lazy actions like those in this tweet.
By having applications and data distributed over multiple providers automation can change DNS when a provider is having issues even if said issues are self inflicted such as a lazy over-reaction to an abuse report. It may not be feasible for a company to have all their data replicated on all providers. This is probably OK. N+1 for hard to replicate data may be sufficient to have a degraded service rather than a full site down critical outage.
Another benefit to having multiple providers is letting them know the better they treat you, the more significant weight your automation will give to spinning up nodes there. Make them compete for your money.
[+] [-] derkades|3 years ago|reply
[+] [-] ashwagary|3 years ago|reply
[+] [-] waydegg|3 years ago|reply
[+] [-] LinuxBender|3 years ago|reply
I replied to the ticket saying, "How am I DDoSing someone when the bandwidth/packet-rate graphs you host show I am not?" to which they acknowledged it was a false report, unrestricted my node and closed the ticket. Not a big deal but still odd that they did not first check their own bandwidth graphs. That to me appeared to be a front-line customer support training issue.
I should add that the player was really upset that their exploit code could not crash my server. It happened a couple times so I found the packet that took it down and used a simple iptables string filter to drop it. That is when they went with the false reporting tactic.
[+] [-] csnover|3 years ago|reply
In my case, Linode opened an “AUP violation” ticket with a copy of the report, the steps they required to close the ticket (essentially: fix it and explain corrective measures), and a time when they would disable the server otherwise (which was something like 24 hours). It sounds like itch.io decided to ignore the AUP violation ticket and their server was disabled after 24 hours, just like the ticket said it would. (Waiting on a support ticket instead of calling also seems like a weird bad choice when your whole site is offline.)
I guess, having some first-hand experience with Linode’s malware handling process, that itch.io were at fault here, but I guess there may be more to the story they haven’t shared or weren’t clear on.
[0] Actually twice; some internet vigilante hooked up a virus scanner to a web crawler and was sending false positive reports directly to the abuse address for the netblock. After the second one I kindly suggested Linode stop accepting these reports, and never heard anything again.
[+] [-] metadat|3 years ago|reply
At least if you own the hardware, you won't lose your data (except in extreme cases where the government takes it, but if this is the case you're screwed and data / service loss is the least of your worries).
[+] [-] account42|3 years ago|reply
[+] [-] j_ckley|3 years ago|reply
When we receive a valid abuse report that resolves to one of our IPs, we open a ticket (and send an email) to let you know. The ticket provides details about the abuse report we received, how to resolve it, and the timeframe in which we need a response before we remove access to the abusive content.
Since most abuse reports we process are the result of a system compromise and aren't intentional, we can be flexible. If you need additional time to investigate an abuse report we've sent you, all you need to do is respond to our ticket and ask.
If you dispute the validity of a report or believe an abuse reporter is acting in bad faith, that's feedback we listen to – you just need to respond to our ticket.
In general, if you're communicating with us and acting in good faith, we'll work with you on these matters.
[+] [-] RockRobotRock|3 years ago|reply
[+] [-] iKlsR|3 years ago|reply
[+] [-] LinuxBender|3 years ago|reply
By having applications and data distributed over multiple providers automation can change DNS when a provider is having issues even if said issues are self inflicted such as a lazy over-reaction to an abuse report. It may not be feasible for a company to have all their data replicated on all providers. This is probably OK. N+1 for hard to replicate data may be sufficient to have a degraded service rather than a full site down critical outage.
Another benefit to having multiple providers is letting them know the better they treat you, the more significant weight your automation will give to spinning up nodes there. Make them compete for your money.