amuck-landowner

LowEndTalk/LowEndBox Gets a New Manager

drmike

100% Tier-1 Gogent
I don't know...  I am doing some sanity auditing today.. and look at what I spotted over on Lowendbox...


d.jarland.me


http://d.jarland.me/s/vf0BzmRvkV.png

http://d.jarland.me/s/O8MiLgIIrJ.png

http://d.jarland.me/s/M7tK04KBBW.png

http://d.jarland.me/s/5BeQzXh0Lf.png

http://d.jarland.me/s/5oNeiq9C7g.png

http://d.jarland.me/s/vf0BzmRvkV.png


... etc....




This started January 2nd with the first VPN offer over on Lowendbox.


d.jarland.me = hosted at Digital Ocean.


There is also:


lowend.io ... which is registered to Jarland....


which is logging the site activity via Piwik:


var u="//piwik.lowend.io/";


Which is also hosted at Digital Ocean...


Odd stuff... Just saying... I really am meh about data floating all over the universe and part of why I don't participate over on LE* and won't any time soon.


I know Jon and Alex are mucking with the sites and being neurotic.. Unsure why they are letting data float out to DO... I mean, I thought CC had servers, was a provider, etc.???? Can't set up and secure a VPS for logging and serving static content?


All this on top of the other crapware infested trash in there...
 

drmike

100% Tier-1 Gogent
And...  I just ran over to Lowendtalk and WTF do I find????????


<!-- Piwik -->
<script type="text/javascript">
var _paq = _paq || [];
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//piwik.lowend.io/";
_paq.push(['setTrackerUrl', u+'piwik.php']);
_paq.push(['setSiteId', 2]);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<noscript><p><img src="//piwik.lowend.io/piwik.php?idsite=2" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->


lowend.io again.


Another logging element and just not Jarland being rogue or working with something.  This is in there site code by the ownership....


I mean effectively every Javascript enabled browser is pinging Jarland's servers saying look at what I am viewing on Lowendtalk and Lowendbox...


Not that I trust or distrust Jarland.  It's bad when guys do this and have say Google performing this.  But when you have a guy working the brand as an employee or otherwise, and using the company he works for to host it and all that jazz.. yeah... I don't know, smells bad, is bad business form, wouldn't probably fly in civilized countries that give a flying f*ck....


I mean is Piwik that damn hard to install that a company like CC can't handle it?


Doesn't look too hard.  https://www.digitalocean.com/community/tutorials/how-to-install-piwik-on-an-ubuntu-12-04-cloud-server


or  https://wiki.debian.org/Piwik
 

DomainBop

Dormant VPSB Pathogen
. Unsure why they are letting data float out to DO..

Jarland's reason from the LETcestpit for adding the Piwik code: "Yup. I want to establish some baselines for benchmarking "success" as the site admin :)"


While I personally don't have a problem with Jarland using Piwik to log my visits, I would never let an employee or contractor add tracking code to one of my sites for a tracking script that that was hosted on their personal site so they could log my site's visitors actions for their personal use, but then again MY SITES HAVE PRIVACY POLICIES which is something that the f*cktards in Buffalo have never bothered to add to LEB/LET.  Not having a privacy policy on those two sites is a violation of the TOS of virtually every ad network, and if you operate a commercial site or collect PII and you have visitors from California you also need a privacy policy (even if your site is hosted in Buffafucklo).  Even if you don't have visitors from CA (which is unlikely) you still should add a privacy policy to protect your own ass and to reassure your site's users that you won't be misusing their info (oh wait, I forgot, this is CC the company that is infamous for spamming past and present users of its sites who never opted into receiving  emailed ads)
 
Last edited by a moderator:

souen

Active Member
Further on Jarland's response: "I mean it's no different than the existing server logs and the data I already have access to with Vanilla, it's just organized for my viewing so that I understand ways I can help improve the site. I don't understand why you wouldn't want to be part of that :("


Agreed the personal domain/installation looks patchy regardless if it's just an employee or the owner himself. @DomainBop beat me to pointing out there's no privacy policy statement. I've no objections to Piwik in general and I'm sure Jarland has good intentions, but they should have a privacy policy posted somewhere if they're going to do it. The Google Analytics has already been there for some time too, all the more important to let visitors know if passing data to storage/processing with some third party.
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
Lack of privacy policies and proper disclosures are a signature of the Buffalo guys.  Zero *ucks given about such, sadly.  Someday, maybe, they'll get around to photocopying some policies and doing the right thing.  Sad a$$e$.


Unsure why any site hands out logs and other data to workers.  Begs to ask if they hand out access to the income and bank account too.   They should since they are discourteous to the users / members as-is.


With said access and half a brain one could do a multitude of things that wouldn't be good.  I'll leave it at that. 


This makes it truly convenient for tracking and isolating people which typically isn't a necessity and technically never should be done under any circumstance.   It was in vogue 10 years ago to track useless data and sit on silos of years of data and malicious folks would scour the data later to backfill this and that.  Similarly government comes knocking and can potentially get hold of said data and implicate by association all sorts of people just because of the bad management processes of the site owner.  Of course hackers are one attack from doing the very same.


There are so many pieces of shitware up in those sites.  Kids might not care, but the sane should.


"so that I understand ways I can help improve the site"


That's simple. Organize content, tag data for content silos, look at the individual silos, isolate topics, nature of conversations that do and don't work.  Keep running data log of just end side data, not people, not activity of this user or that, but solely CONTENT performance. This is views vs. time, relationship and some emphasis on responses and ranking the responses in nature (i.e. useful/relative, drama, off topic, etc.).


Want to improve the site?  From real world view, take it multi-lingual and start having areas for non-English speakers.  That simple.  English language emphasis has worn thin since a huge chunk of the viewers are in Asia.  That's apparent all the time as those folks struggle with English and get a bad case of attitude too often from the English language literacy bullies.  Which in effect drives those potential contributors off the site since no one likes public lashings (unless it's Saturday in the public square and we all have picnic baskets).
 

jarland

The ocean is digital
So quick to judge, so reluctant to just ask :)


I uploaded several images to "d.jarland.me" (using my Dropshare app) because Wordpress was being stupid and I really didn't have time to mess with it's stupidity. I'd upload an image only to find that the image didn't work. I don't have backend access, it's something I should talk to Alex about but it was a bandaid and it got the job done. No conspiracy necessary. It's the same system I use to send customers screenshots of things in tickets.


I added Piwik simply because I wanted to try to measure my own success in running the sites. I can't possibly imagine how that presents a huge privacy risk. I'm a system administrator and I'm perfectly capable. I maintain private customer data on a very regular basis (daily), and this data is already available in Vanilla anyway but not in a way that helps me understand my value in the form of graphs, etc. I have no problem erasing this data if/when I'm no longer around.


Since I don't have access to the backend of our systems and due to their "cluster" nature I honestly don't want access (I don't need another overly complicated thing to admin), I developed a couple of my own resources to simply get things done. There's no conspiracy or malicious intent. Let me walk you through my life:


- I work for DigitalOcean
- I own and operate MXroute
- I manage the email side of Catalyst Host's shared hosting
- I have a wife and a little girl that I need to spend time with
- I admin LowEndBox/Talk
- I volunteer at the church that I used to work at
- I still need some time to myself for sanity

I'm not complaining about any of that, just trying to highlight the exceptional value of saving time is to me. If Jon and Alex take any issue with anything I do, they know they can come straight to me and there's no pushback... they own the sites and I'm only trying my hand at improving them :)
 
Last edited by a moderator:

jarland

The ocean is digital
Just wanted to add... If you guys ever have any questions about anything going on with LE*, please don't hesitate to approach me directly and just ask. I'm an open book. You'll always get the truth.
 

drmike

100% Tier-1 Gogent
So quick to judge, so reluctant to just ask :)


I uploaded several images to "d.jarland.me" (using my Dropshare app) because Wordpress was being stupid and I really didn't have time to mess with it's stupidity. I'd upload an image only to find that the image didn't work. I don't have backend access, it's something I should talk to Alex about but it was a bandaid and it got the job done. No conspiracy necessary. It's the same system I use to send customers screenshots of things in tickets.


I added Piwik simply because I wanted to try to measure my own success in running the sites. I can't possibly imagine how that presents a huge privacy risk. I'm a system administrator and I'm perfectly capable. I maintain private customer data on a very regular basis (daily), and this data is already available in Vanilla anyway but not in a way that helps me understand my value in the form of graphs, etc. I have no problem erasing this data if/when I'm no longer around.


Since I don't have access to the backend of our systems and due to their "cluster" nature I honestly don't want access (I don't need another overly complicated thing to admin), I developed a couple of my own resources to simply get things done. There's no conspiracy or malicious intent. Let me walk you through my life:


- I work for DigitalOcean
- I own and operate MXroute
- I manage the email side of Catalyst Host's shared hosting
- I have a wife and a little girl that I need to spend time with
- I admin LowEndBox/Talk
- I volunteer at the church that I used to work at
- I still need some time to myself for sanity

I'm not complaining about any of that, just trying to highlight the exceptional value of saving time is to me. If Jon and Alex take any issue with anything I do, they know they can come straight to me and there's no pushback... they own the sites and I'm only trying my hand at improving them :)

You know that you have two full plates and a clock short of hours... Still why I am head scratching on the role you took for shits and giggles.   I mean if someone I'd greenlight out of the random community there, you'd be top of the list... and well you'd get paid as a professional... I think your intentions are clean...  Still wearing a mental question mark on why you jumped into the role uncompensated.  Family is more valuable than shoring up some Inc 5k's main sales vehicle for free.


It's more about how CC is running the circus, you just are getting flack since you are their front guy now for the sites.


I can't just be lulled to sleep, cause I think highly of you... Would be bad decision, so I give you some attention where it's due and heck, you answer straight, so it is what it is.


Check it out, Wordpress being stupid, that's on them to fix.  Days of that, and it's a simple fix or they get some competence.  Speaks volumes to the whole discourteous treatment of the sites as cash cow, which they deny while being cheap arses about content payout while dumping allegedly serious coins at Cloudfail.  Walking box of inconsistencies the Buffalonians are. 


I mean really, can't Riorey protect themselves.. but offer others DDOS protection...   I should start chasing them on sales ads about that until they can't sell a lick of protection to anyone.


What's next, managed hosting?  I think they offer it in 10 different brands.  Perhaps they should ticket the help and have one of them sort the Wordpress issues out. So they can experience the ticket hockey league and stages of blah... Point is they have humans that can do such, just they have no priority on things other than collecting cash from the site, so much that an honest hard working guy like you has to use his own stuff to run their business.  Next time the cluster breaks, you'll be hosting the site at DO too ;)  One DDOS attack away from that...


I can't possibly imagine how that presents a huge privacy risk


Are you under a proper NDA / legal agreement over there?  There are many many ways and the longer it goes the more value that is out there in your hands and anyone elses that may have access clearly or as routine of a system of backups at work.  Simply said, it's a log of all activity, inclusive of IP data, time intervals, what was viewed, cookies to track across sites and perhaps externally, fingerprinting of browser that may last years to months (per gear signatures and software installs)... Enough to perma track people for a long time.   Nothing stopping other forms of injection be they good or bad intentioned that stick longer. 


Sure Google and such do this.  Reason #1 why I say no to them and continue to try to get away from that and other platforms. 


I still think you are doing a good job.  Just make them do their work and give you the tools to do your volunteer work.  It's the least they can do. In fact its legally and ethically sound thing to do.  Not that they care about such, but we should pretend that they eventually will.
 

HalfEatenPie

The Irrational One
Retired Staff
So quick to judge, so reluctant to just ask :)


I uploaded several images to "d.jarland.me" (using my Dropshare app) because Wordpress was being stupid and I really didn't have time to mess with it's stupidity. I'd upload an image only to find that the image didn't work. I don't have backend access, it's something I should talk to Alex about but it was a bandaid and it got the job done. No conspiracy necessary. It's the same system I use to send customers screenshots of things in tickets.


I added Piwik simply because I wanted to try to measure my own success in running the sites. I can't possibly imagine how that presents a huge privacy risk. I'm a system administrator and I'm perfectly capable. I maintain private customer data on a very regular basis (daily), and this data is already available in Vanilla anyway but not in a way that helps me understand my value in the form of graphs, etc. I have no problem erasing this data if/when I'm no longer around.


Since I don't have access to the backend of our systems and due to their "cluster" nature I honestly don't want access (I don't need another overly complicated thing to admin), I developed a couple of my own resources to simply get things done. There's no conspiracy or malicious intent. Let me walk you through my life:


- I work for DigitalOcean
- I own and operate MXroute
- I manage the email side of Catalyst Host's shared hosting
- I have a wife and a little girl that I need to spend time with
- I admin LowEndBox/Talk
- I volunteer at the church that I used to work at
- I still need some time to myself for sanity

I'm not complaining about any of that, just trying to highlight the exceptional value of saving time is to me. If Jon and Alex take any issue with anything I do, they know they can come straight to me and there's no pushback... they own the sites and I'm only trying my hand at improving them :)

Inb4 Catalyst Host owns Web Hosting Forums Conspiracy /s
 
Last edited by a moderator:

PowerUpHosting-Udit

New Member
Verified Provider
@jarland Wishing you congrats. Your story has been very inspiring and glad to see that you have built your entire family because of that one platform. I am not sure why does it matters so much to get paid when you are getting so much of an exposure that can help you benefit a lot more in the long run. I am sure, this would bring in fresh business to the company where he is currently working.
 
Last edited by a moderator:

HalfEatenPie

The Irrational One
Retired Staff
Amateurs sheesh.


We'd do that one properly.. Like Incero owns...

Oh snap.  Someone just connected the dots.


The Cow moos at Midnight.  I repeat.  The Cow moos at midnight.  We need a problem.... taken care of. 


By the way @jarland, we should look into getting @ryanarp working at WHT.  Then I'll really be a conspiracy. 
 
Last edited by a moderator:

Wax

New Member
Congrats @jarland! From the interactions I've had with you, You seem like a really nice guy! And LET is as good as ever so you must be doing something great! 


Thanks!
 
Last edited by a moderator:

mpkossen

New Member
I uploaded several images to "d.jarland.me" (using my Dropshare app) because Wordpress was being stupid and I really didn't have time to mess with it's stupidity. I'd upload an image only to find that the image didn't work.

That's not WordPress being stupid. That's ColoCrossing being incompetent. It's always worked like that and it will work after a minute or so.


It's what you get when you take advice on clustering from GoodHosting.

Check it out, Wordpress being stupid, that's on them to fix.  Days of that, and it's a simple fix or they get some competence.  Speaks volumes to the whole discourteous treatment of the sites as cash cow, which they deny while being cheap arses about content payout while dumping allegedly serious coins at Cloudfail.  Walking box of inconsistencies the Buffalonians are. 


I mean really, can't Riorey protect themselves.. but offer others DDOS protection...   I should start chasing them on sales ads about that until they can't sell a lick of protection to anyone.

They can't and they won't. LE* is a "least effort we could put into it" kind of thing.


The OneProvider ads being all over the place and the slots being available on BSA constantly speaks volumes.
 

HN-Matt

New Member
Verified Provider
It's what you get when you take advice on clustering from GoodHosting.

I am in before the Good Hosting clustering crisis reaches Peak Meme and subsequently auto-sinks back into the nothingness from whence it came so that we may enjoy the iced tea again.
 
Top
amuck-landowner