Half-Elf on Tech

Thoughts From a Professional Lesbian

Tag: essay

  • I’m not a coder and I need HELP!

    IT may be for rockstars but really, the trick to getting the best help from your techs is simple. Be honest, think about what the questions we ask you mean, be direct, and explain what you mean. Seriously. That’s all we need. Every time someone says ‘It doesn’t work’ or posts a reply in a forum ‘Me too’, we cry a little. If you’re vague, or don’t use normal terms, we may get a little pedantic on you, but the reason is that we need to make sure you have the problem we’re thinking you have before we tell you how to fix it.

    Be Honest

    The number one reason why something ‘magically’ breaks is because you changed something. This is often seen, from the end-user perspective, as an at-fault change. “I changed this, it broke, therefore it’s my fault.” And in the business world today, no one wants to be at-fault. It’s an ego thing, but it’s also a responsibility thing. Here’s a secret for you. The IT people don’t care whose fault it is. Seriously. We just want to fix the problem and make sure it doesn’t happen again. That’s all we want. So when we ask you ‘Did you make any changes?’ just tell us ‘Yeah, I modified my profile to have this line.’

    Sometimes YOU may not make the change. Sometimes you may have the server or someone else make a change. Sometimes the change seems, to you, totally un-related. It doesn’t matter. Tell us. “I didn’t change anything with IE, but I did install a new twitter app.” That may be the cause! Unrelated software sometimes is written poorly, or weirdly, or just in a way that conflicts with your other software.

    If you’re using a CMS like Drupal, WordPress or Joomla, plugins often break things in insane ways you never predicted. And server upgrades can cause conflicts with older code on your installs. Always pay attention to what’s going on with your server.

    Think about what the question we ask you means

    When we ask you if you changed anything, think about that for a moment. It’s like ‘Did you change your oil?’ That’s a pretty simple yes or no answer. But what does the question ‘What did you change?’ mean. Well pretty much it means ‘What’s changed?’ But it also means ‘What were you TOLD to change and you didn’t change?’

    The other day, I had a weird situation where someone had modified their profile a month ago to have a line to let them do something else. This was seen as inefficient, and the server guy fixed the server and told them ‘Remove any changes you made or things may break.’ They did not. Fast-forward a couple weeks and my monthly process failed. I asked if they changed anything. They said, honestly, they had not. I talked to the server guy who said ‘Well, they SHOULD have changed this…’ We changed it, it worked. Strictly speaking, they were honest, but they didn’t think about the question. They got hung up on that at-fault point. “WE didn’t change anything,” they said in email and I replied ‘Yes, but you actually were told to change that. It’s not a big deal, it’s an easy fix, but next time, remember to make the recommended changes, or at least document why you didn’t make the change. It’ll make it faster for me to debug.’

    That was singing to the wall, though. The guy was let go the next day.

    Be Direct

    This does not mean ‘Be an asshole.’ And in fact, I subscribe to Wil Wheaton’s rule: Don’t be a dick. What it means is don’t beat around the bush. I don’t need to know that you’re logging in from home and it’s distracting. I don’t need you to IM me and ask ‘How are you?’ You don’t care, and neither do I. What we care about is this: What’s the problem?

    I get a lot of IMs at work (which is why I don’t use IM at home, by the way) with people saying ‘Hello! How are you?’ and we waste about 10 minutes ‘chatting’ about stuff no one really cares about. I get that you’re trying to be polite, but you’re calling the help desk. The other problem is when someone says ‘Do you have a minute to help me?’ Honestly, rarely, but since I don’t know what you’re talking about, I can’t tell you if I have the time, so I have to say ‘Depends. What’s the problem?’

    Here’s an example of a poor IM/phone conversation with tech support (this is, by the way, an actual conversation I had recently):
    User: Hi!
    Tech: Hello, this is Jane, how may I help you?
    User: It’s Tom.
    Tech: Hello, Tom. How may I help you?
    User: How are you?
    Tech: Fine, thank you. How may I help you?
    User: Do you have a minute?
    Tech: Depends on the problem. How may I help you?
    User: I’m having a problem.
    Tech: Yes, with what?
    User: With your application.
    Tech: What’s the problem.
    User: It’s not working right.
    Tech: Okay, can you be more specific?
    User: It’s my password.
    Tech: Okay. What, specifically, is wrong with your password?
    User: It doesn’t work.
    Tech: Does it give you an error message?
    User: Oh, yes!
    Tech: And the error says….?
    User: Something about the password being bad.
    Tech: Can you try to login again and read the error, out loud, to me?
    User: Sure. Okay, it says ‘Your password is incorrect and your account has been locked out.’
    Tech: Ah. Okay, I’ll unlock your account and set your password to 123456 – Once you log in, you’ll be asked to change it.
    User: Boy, that took a long time!

    Look at how long that was. Want to see the GOOD version of the same conversation?
    User: Hi, Jane, it’s Bob. I’m having a problem with your Foobar application. When I try to login, it says my password was incorrect and I’m locked out. Can you help me?
    Tech: Sure thing, Bob. I’ll unlock your account and set your password to 123456 – Once you log in, you’ll be asked to change it.
    User: Thanks!

    Look at how much faster that went because Bob was direct and to the point. He got his problem fixed really quickly because he came prepared. And if the Tech had been busy, he could have easily transfered the call, or opened a ticket, or done a variety of things.

    Oh and for the record, I answer the phone: Company name, this is MY NAME. How may I help you?

    Explain What You Mean

    In my previous example, Bob got to the point and explained what the error was right away. This falls under ‘Explain what you mean.’ The phrase ‘It’s broken’ has lost all meaning, if it ever had any. And due to the complex nature of computers, even if your problem as simple as a botched password, we really do need you to explain ‘When I try to log in, the software says my password is invalid.’

    If you have a weird error, take a screenshot. They are rarely a bad idea, and can sometimes streamline a problem from ten minutes of talking ‘Okay, where is the icon?’ into a quick ‘Oh! Yeah, I know that one.’ If you get an error message, use the exact error with the exact verbiage, in your support request. Also remember to put your screenshots in a generic format. While PDF, RTF and DOC (and DOCX) are mostly universally readable, XPS is not. PNG is also a great one. Anything that is readable only by proprietary software is a bad idea, even if you know the other person has that software!

    Also be descriptive about what you’ve already done to trouble shoot. Don’t say ‘I did everything I could find online!’ That’s vague. Say things like ‘I tried to reset the admin password via SQL, email, PHP, and the emergency script.’ That’s descriptive and tells us what we can skip! On the other hand, don’t get all pedantic. Likely it doesn’t matter if you logged in from home or from work if your email crashes every time you read an email from Bob. On the other hand, if you can get to a website from home and not work, the odds are location does play a factor. While you should be descriptive, think about relationships between what information you’re providing and what your problem is. Later on, you might be asked ‘Does this work if you try it at home?’ But we probably won’t ask if it works on your Mac, if it’s a Windows Only application. Again, think about the questions and the relationship.

    Don’t get mad when you’re treated like a noob

    If you’re a user, sometimes when you provide a limited amount of information, techs default to the lowest common denominator. If you ask a question which we think is pretty standard, is answered in the FAQs (or by 5 minutes in Google), we tend to assume you’re new at all this, and pitch you the simple answer. This means you DON’T get told how and why something works, just how to do it. This means you may get what looks like a flippant response. This does not mean we, techs, think you’re an idiot. It means we can’t tell, from your post, if you’re a BOFH or a bean counter. So we assume bean counter and if you reply ‘Yeah, I did all that.’ well it’s your own damn fault for not telling us what you did in the first place.

    I try not to treat people like rank newbies, but. But. Sometimes I get a question that is mind-numbingly obvious with ten minutes of looking. Asking for help should be the last resort for some people. Like if you’re running a blog on your own server, you need to learn how to help yourself. On the other hand, at work, you should call for help when the software breaks. Someone is paid to fix it, and you should utilize them. Of course, if the techs have made a quick FAQ ‘if you get this error, you need to delete this temp file’ you should read it and try it.

    How to write a good help request

    So you’ve read all that and you want some examples?

    For your help desk at work, it’s pretty simple:

    I’m using software FOOBAR and when I try to do BAZ I get the following error: . I’ve included a screenshot. I was able to do BAZ yesterday, and I have not installed any new software.

    I’m a new user of FOOBAR and I can login, but when I click on BAZ, nothing displays in my right hand menu pane. Included is a screenshot.

    I need to use FOOBAR. How do I get it installed on my PC?

    Not too hard, eh? At work, generally people know if you’re an end user, a developer, or a programmer, and can skew support thusly. For public support forums, however, we have no idea so here’s a good idea:

    I’ve been using FOOBAR since version 2 and I recently upgraded from 2.9 to 3.0. Now when I try and add a new BAZ, I get an access denied error with the following output. I’ve disabled all my plugins and re-copied the files up. Same problem. I’m using a linux server and I have PHP 4.

    Variations of that rarely go amiss. Also remember on CMS support forums, most of the people there are volunteers, so calling them names will get you shunned, if not banned. On free forums (WordPress, Drupal, etc), you’re NOT a paying customer, so don’t expect to be treated like one.

    Do you have advice for the best ways to handle support requests, as a tech or a user? Sing out in the comments!

  • Backup Your Data

    We all know this adage: Your data is only as secure as your last backup. But how do you backup? What do you backup? Where do you put it so that your data is safe, secure, and above all, accessible in a pinch? (more…)

  • Internet Anonymity and Impersonation

    If you’ve visited this URL, I know who you are. I know your browser, your IP, your OS, your screen size, how you got here, who your ISP is, what country you’re in, and really, that’s a lot of stuff. It doesn’t matter if you post on this site or not, I have a way to log who you are.

    Did that scare you? Well, it should and it shouldn’t. Every website on the net has this ability, and some are more honest about what they do with that information and some are not. I use it to optimize content for my visitors, and to block my current bevy of South African residents who are harassing me.

    Five years ago, I wrote an essay for my office about how people on the internet know who you are. The intent was to raise awareness in my co-workers as to how people knew who they were, and what actions made them obvious to site-runners that they were who they were.

    Someone asked me once if it was possible to be anonymous on the net, and I told him, seriously, “Sure, don’t log in.” Expecting to be able to be truly, 100%, anonymous is like expecting to be able to come to someone’s house and never tell them your name or show them what you look like. They’d kick you out, have you arrested, or worse. A website is a house, and the same basic rules apply. You’re a guest.

    If you run your own website, be it a small, weird blog about everything, a tech blog, or a fansite, you have people who come by and will eventually be a dick. This is just a constant in life. But that means you have to keep an eye on your site, upgrade it to keep out the ones who want to hack, and find ways to keep out the ones who just want to be trolls. I’ve written a couple plugins (Ban Hammer and Impostercide) to help me with that, but at the end of the day, no plugin can be as smart as your own brain.

    Recently, in the Impostercide comments, someone asked me if Impostercide could stop anonymous users from impersonating each other. And the answer is no, no it cannot. See, Impostercide (and any similar plugin) needs to check against a list, and really, all you have is the list of members. So if someone anonymous tries to use a members email or login handle or URL, well that’s easy to catch! Sure, some people might have the same URL, but that’s pretty unlikely unless they’re running a business together… Like Ron and Andrea. I may want to rethink that part, now…

    Anyway, the point is you have to have something to check against. Anonymous users aren’t registered, so the only ‘check’ you have is IP address. In theory, you could jigger the check to say ‘If the user ID/email has commented before, check to make sure the IP is the same, and if not, flag it as bad!’ Except that wouldn’t work, since, for example, I login with multiple IPs. The world is just too mobile for that to work in any decent automated fashion. Instead, you need to use your brain.

    As a site runner, when I see a questionable comment, I make a note of the IP address first and then the email. If it’s a specialized domain (like ipstenu.org, something personal), I go to the site and check it out. If the site looks legit, I match the IP. Does it come from the same general region as the website? Does it come from the same general region as where the website says the person lives? If it’s someone I’ve seen around my sites before, does it sound like their other posts? Does the language match their website? Do they post on forums I frequent and sound like they normally do? You’d be surprised how easy it is to notice when someone doesn’t sound right. There will be an odd turn of phrase or a strange typo.

    I’ll give you a true example.

    I have a sort of twitter stalker/idiot, who pretends to be a famous person, and kisses up to me and asks I verify her celeb account as legit (this is because I run a fansite for said famous person, and I met her once). Recently she posted on my fansite blog. Her comment immediately was flagged by my moderation filter, because it was a new post from a new email address. I do this for all new comments on all sites I run. And even then, if I approve a post I’m not sure about, I manually put it in the moderation list for a while.

    What my idiot, apparently, did not know, was that when you post to a blog, it records your IP address. I looked up the IP, since someone who’s purportedly a celebrity should come from, oh, perhaps the general Los Angeles area. Or maybe her agency. But no. It’s from South Africa. South Africa happens to be where another twitter account, one that regularly harassed and insulted me, was located. In fact, if I went to that account’s twitter page, right there under location it says ‘South Africa.’

    Armed with that information, I opened up the fake celeb and the troll twitter pages, side by side, and matched time-stamps of tweets. Oh look. All tweets are roughly around the same timeframe (hours that are pre and post school for South Africa, but weird for someone in the USA).

    The lessons to take from this are simple. First is ‘Never piss off the sysadmin’ but only slightly less well known is this: If you’re going to pretend to be someone else, you need to be really good at hacking the internet, in order to hide who you actually are. And if you think someone’s being impersonated, well, it’s pretty easy to double check and follow up. If someone contacts you and says ‘Hey, that’s not me!’ follow up right away and assume they’re them. Kill both comments and email asking ‘which one’s you?’ But err on the side of caution.

    If you’re a commenter, use your brain. Never assume the person running the site doesn’t look at your data and make some snappy deductions from it.

    For a site runner, remember there is no better weapon to fight impersonators on the internet than to use your brain and think things through logically.

  • What is Cloud Hosting?

    This came up because I’m considering moving to cloud hosting. I don’t have to, yet, and since it’d cost me an extra $25 to $30 a month, I’m not planning on it just yet. (Actually, it would be pretty much WHAT I pay now, if I drop cPanel, which is an extra. But for the extra $20 I get ‘cPanel + Fantastico as well complete support of base operating system and all cPanel services. Proactive service restoration is provided.’ I don’t care about Fantastico (and tend to uninstall it), but the base OS support is useful and cPanel just makes life easier for me. Yes, I’m lazy.) But wrapping my head around the ideas behind cloud computing was a weird trip.

    A few years ago, I had a job as a Citrix tech, which meant my job was to take software normally installed on your PC, install it on a server, and somehow trick the PC into thinking ‘When I run Word, it’s actually running on this distant server, and not my desktop, but everything pretends it’s on the desktop.’ This was called a thin-client deployment, because the client (i.e. the PC), only has to have a very little bit of processing power to run things like Adobe Photoshop. By the way, fat-client means ‘everything runs on your desktop.’

    For the really old hands at this, you’ll remember when all PCs were just dumb terminals that connected to the mainframes, and you ran everything off the mainframe. Guess what? Thin-client stuff is kind of the same thing. The programs you run via thin-client basically only exist when you run them. The rest of the time, they’re not available on your PC. This is good and bad. It’s good, because a company can save millions by pushing out low-end, weefy desktops to everyone. It’s bad, because they then have to turn around and spend the millions on the servers and the network. If the server or network goes down, no one gets to work.

    What does that have to do with cloud computing? Cloud computing takes the thin-client idea of ‘on demand’ usage to a new level. Right now, ipstenu.org lives on a server (a VPS to be specific) with four other domains. I pay a flat fee for the server space, a specified amount of bandwidth, a limit of CPU, and some IP addresses. With cloud computing, I would pay a flat rate for hosting, but if I need more CPU, I can easily get more by clicking a button. And when I don’t need more? It goes away.

    Suddenly my server is able to adapt! It scales up and down on an as-need basis. Think of it like your heating bill. In the summer, when you don’t need it, the cost per month goes down. In the winter, it goes up. And unlike the gas company, you don’t pay more during winter because it’s a set, year-round rate. Woo! Or, as the video I’ve linked to below would say, it’s like a Tax. The meter keeps running at stoplights, but it runs slower, so you pay less.

    Now I will say the math for all how much all this costs, sorting out what you need, is a bit heinous. I ended up chatting with my webhost about what I would need, based on my current usage. They have their own traditional webhosting setup as well as a cloud service, and since I adore them to no end, I decided it would be smartest to just ask them about it. Yes, it would be a hassle to move everything, and likely my subversion stuff would break and need to be re-installed, but it’s definitely a better bang for my buck than to use something like a dedicated server.

    There are downsides to all this. The biggest one is security, which panics a lot of people. On cloud computing, you’re back to the same sort of place you were for shared hosting. When you need more CPU, you get another ‘slice’ of the cloud (it’s a mixed metaphor, sorry). The slices still need servers to run on, obviously, and each webhost has the option of slapping together a bunch of servers quickly and poorly, or doing it the right way. And, sadly, a lot of webhosts are leaping into the cloud without looking, shoving servers together, and not thinking about security. To those people who worry, I remind them that cloud or not, your server’s security has always been about your webhost.

    In August of 2010, it was determined that Network Solutions (a big webhost) had over 500,000 compromised websites. Reported on by Armorize Blog, they proved that any time you made a parked domain, Network Solutions put a widget on your site that served up malware and could infect PCs. This was a default widget, something that showed up if you didn’t check any boxes, on newly registered domains.

    From the horses’ mouth, Network Solutions spokeswoman Susan Wade provided this statement when asked for comment: “Regarding the widget incident from the weekend, our security team was alerted this past weekend to a malicious code that was added to a widget housed on our small business blog, growsmartbusiness.com. This widget was used to provide small business tips on Network Solutions’ under construction pages. We have removed the widget from those pages and continue to check and monitor to ensure security. Reports of the number of pages affected are not accurate. We’re still investigating to determine the number impacted.”

    Basically, Network Solutions own website was hacked and shot a ton of other sites.

    You want to complain about cloud being insecure, go ahead, but remember that your security depends on your host being a good soldier, same as always. WHich is why I recommend LiquidWeb and their Storm On Demand Hosting.

    The other thing people complain about with cloud is they can’t touch their physical server. Personally, I don’t care. The virtualization of data is a big thing, and most people actually never see their server. Mine’s somewhere in Michigan I think. Making backups isn’t easier or harder with a cloud, so you can still have a good backup of your data for emergencies. Everyone should have a backup.

    Should you move to cloud? If you’re on a VPS and starting to get too big for it, then yes. The cost is a good reason but also you’re just going to get more flexibility. If my server needs grow (which is to say, if I start crashing the server again), I’ll be moving to cloud for sure.

    Still confused? Watch this video and it will explain it in a very straightforward, amusing, manner:

  • com or org? Which WordPress is Right for Me?

    There are two WordPresses. This confuses lots of people, to the point that Matt Mullenweg has implied he’ll never name something like this again. It’s almost as confusing as pages vs posts, which is a whole different post.

    WordPress.org – The location of the software you can download and install your own WordPress blog on your own server.

    WordPress.com – The often free blogging software anyone can sign up for and have hosted by WordPress.com. It’s like Blogger or LiveJournal, only better because it’s WordPress.

    So which one is better? .com or .org?

    I usually tell people that I can’t answer that question, or to google it, or I ask them what they want to do. It’s not an easy question to answer, but I’m going to try here.

    First, I want to point out that there is no shame in not wanting to host your own blog. Seriously. It’s work, and anyone who says otherwise is an idiot. You have to stay up on your software versions, plugins, themes, etc etc and … Yeah. Work.

    So here it is, in all it’s glory: If all you want is a blog, and you don’t mind a few basic themes? Use WordPress.com. There. Done. If you’re willing to pay, you can even customize your CSS or download other themes, and have your own domain name.

    A friend asked me recently if she should use wordpress.com or self host. My email is verbatim:

    Don’t worry about where you want to be in 10 years, worry about where you want to be in a year, but only in the broad strokes. It’s like learning to paint or draw. You start with the big, simple, concepts, and learn how to do the rest as you go. If you think ‘I want something like Ning’ or ‘And I want forums’ or a wiki or whatever, well, then don’t use .com. But if all you want is a blog? Just use WordPress.com and you’re done.

    Except, see, it’s really not that simple.

    When people on WordPress.org forums ask this question, I usually tell them to read Don Campbell’s post “WordPress.org vs WordPress.com – Which One Should I Use?” It’s pretty straightforward and helpful. Lately, people have followed up that advice with ‘Okay, great. Why is one better than the other?’ Even people who read the official WordPress.com vs. WordPress.org article by WordPress ask that.

    I firmly believe that better is subjective, and it really depends what kind of blogger you want to be. However there are some obvious benefits to self-hosting.

    WordPress.com limits your free themes. If you want some fancy CSS or your own domain name or more storage, you have to pay for it. At a certain point, you will end up paying the same as you would for a hosting plan, and you’re getting ‘less’, in that you still can’t install your own plugins or third-party apps! No Wiki, no gallery. Nada. On the other hand, you pretty much never have to worry about your upgrade going bananas, or hanging .maintenance files that make you think your site is down, or incompatible PHP/SQL versions. You get the most pain-free upgrade possible.

    That said, if your blog grows and becomes popular, you will outgrown the free hosting. You’ll need to pay more for hosting. You may even have to pony up for VIP hosting if you make it big like Cute Overload. Free only takes you so far, and you get what you pay for. Pay nothing, and there’s a limit to what you’re going to get.

    But wait, you don’t pay a thing for WordPress.org! Does that mean you get nothing? No, it means that there is a limit to what you get. Free support, sure, but from people who fill in on our free time. Yes, our. I waste a lot of time helping people with obvious question, pointing out typos, and earning karma credit by trying to be a good person. There are a lot of people with a sense of entitlement, that this software should do everything without needing to know what’s going on. Listen, you weren’t born knowing how to use Microsoft Word. Some people go a lifetime without touching macros, while other people can’t fathom their life without key commands that resize and reformat sections.

    There is no one true way to nerdvana, folks. There’s no one perfect operating system, no one perfect blog software, no perfect phone. It’s all what you want, what you can use, and where your comfort zone is.

    So why would I pick WordPress.org over WordPress.com? Flexibility, growth and options. I want the ability to grow and do everything that might come down the road. Of this, WordPress, my blog, is a small part. I want SubVersion, videos, galleries, you name it.

    Why would I pick WordPress.com over WordPress.org? I wouldn’t. But I do suggest it to people now and then, when I look at their needs and say ‘You know, this is a great place to start.’ If they outgrow the .com, they can export their posts and comments over to a self-hosted install with a bit of effort. And the work required to do that is pretty typical of the savvy you’re going to need to support yourself going forward.

    Which is better? No one can answer that for you, but hopefuly some of the advice here will get you started in answering it for yourself.

  • The dangers of an unchecked MultiSite?

    Blogetery was shut down, mysteriously, over the weekend. It was a WP MultiSite setup, with around 70k blogs. Not terribly abnormal to have an install that big, but the thing as an unnamed law enforcement agency shut them down. Details, such as they were, were posted at ReadWriteWeb: 70,000 Blogs Shut Down by U.S. Law Enforcement. Their shutdown reminded me of the hazards of running a website where anyone can register and make their own site and how important it is to be vigilant about what shows up on your website.

    Discussion of the situation spun up on Web Hosting Talk where it was determined that Blogetrey had been accused of hosting inappropriate content before. That probably meant they were hosting torrents or other illegal but not shut-down worthy. Copyright infringement. The site owner claimed that every copyright violation was removed within 24 hours. By the way, if you ever get slapped with a DMCA notice (i.e. a notice that your site has content copyritten to someone else), in order to be safe from a law suit, all you have to do is remove it. Done.

    So what on earth would cause BurstNET, their host, to shut down the site without warning or notice? That’s right, he had to ask ‘What happened to my site?’ and was told it was shut down, terminated, and here’s his money back.

    Turns out he had a link.

    From BurstNET’s statement:

    “It was revealed that a link to terrorist material, including bomb-making instructions and an al-Qaeda “hit list”, had been posted to the site. “

    That’s it. A link. One link. But it was enough for a warrant which then showed this:

    “Upon review, BurstNET® determined that the posted material, in addition to potentially inciting dangerous activities, specifically violated the BurstNET® Acceptable Use Policy. This policy strictly prohibits the posting of “terrorist propaganda, racist material, or bomb/weapon instructions”. Due to this violation and the fact that the site had a history of previous abuse, BurstNET® elected to immediately disable the system.”

    Now the previous ‘abuse’ was copyvio, which was all handled legally, but clearly BurstNET was feeling the pinch. They probably got slapped with a wwarrent and did the legal thing: They shut it down.

    Reagrdless of if it was fair or not to the other 69,999 sites hosted by Blogetery, it brings up the inherent problems of running an unchecked MultiSite. Anyone can make a blog/site, anyone can update it, and anyone can get you in trouble.

    It’s been a few weeks, but finally news is coming out about the whole story. CNET’s article was invectively titled Bomb-making tips, hit list behind Blogetery closure. That said, it explained this in more detail which let everyone get a grip on what was actually going on.

    I’m not going to get into the ethics of free speech and how it does (and doesn’t) apply to your website. Instead I want to use this as a reminder of the trouble you can get into, hosting websites. I host four, three are ‘mine’ and one is a site I like and visit pretty often. I’m very much aware of what’s going on all these sites and I monitor them frequently. This is not just to my benefit, but to everyone else’s on my servers. My host would be 100% within their rights to say “Ipstenu’s got a site that has kiddie porn! Kill her account!” and that would shut down everyone on my server.

    As I mentioned before, WordPress MultiSite makes it a lot easier for someone to host a thousand blogs, unchecked, but that also means it’s a lot easier for someone to post questionable content. For copyvio cases, you’re covered when you remove the material in question, but for porn and terrorism, it’s not actually under the same purview. Again. I’m NOT going to get into the why of this, nor the right or wrong about it. If you have a website, you have to accept that your host really has no interest in being involved with a legal dispute regarding kiddie porn or terrorism.

    This means it’s down to you to constantly and consistantly monitor your site for sub-sites and domains that are questionable. For me, if a site I host gets one Cease and Desist about copyvio, I take down the material, explain to the person who runs the site why, and ask them not to do it again. At this point, it’s their job to monitor their site. Should they fail to do so a second time, I give them a final warning of ‘If you can’t keep tabs on your site and your visitors, you can’t stay here.’ Third time and I close their account, refund them what’s left on their time, and offer to give them a copy of their site and database, intact.

    For the rest, though, it’s a no-warning termination, specifically because porn and terrorism are hot button topics. I’m within my rights to do so (I own the server, I make the rules) and I owe it to the other people. My ISP is in their rights to do similar, because they own the … land my server is on. If that makes sense.

    If all this sounds like too much work for you, then you shouldn’t be running an open, anyone-can-register-and-blog, multisite. Or you should hire some staff. Multisite is not a quick money scheme, it’s a job, and you have to take it seriously.

    This is not endemic solely of WordPress, but with the advent of MultiSite becoming mainstream, it’s something that’s going to start coming up more and more. Don’t say you weren’t warned.