Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Reasonable Expectation of Privacy From Web Hosts?

Soulskill posted more than 6 years ago | from the it's-my-internet-i'll-do-as-i-please dept.

Privacy 287

Shafted writes "I'm in a bit of dilemma, and I'm wondering what fellow Slashdotters think regarding this subject. I've been hosting web sites for some clients for years using my own server. About a year and a half ago, I got a reseller account with a company that will remain nameless. They are, however, fairly large, and they did come highly recommended. Other than the usual slow tech support, occasional server overloading, and... well... typical support staff, it's been pretty good and has saved me from having to deal with problems like hardware and driving down to the colo at 4AM to figure out a routing problem. All-in-all, it was acceptable. Until yesterday, when I was asking for a relatively minor email-related fix, and by the tech support staff's response, they had accessed my MySQL database directly and looked at the contents; presumably, in order to tell me what I was doing wrong. Regardless of the fact that they missed the boat with regards to the support question, I found it surprising that they would access my database data without my consent. When I asked them why they were accessing the database without my permission, they've pretty much ignored me, despite repeated requests asking why they think this is acceptable. So, my question is this: Do I, as a customer who, according to the acceptable use policy, owns my data, have a reasonable expectation of privacy for the data which I own, despite it being hosted on a third-party's server? Or do web hosting companies have the right to poke around at everyone's data as they see fit?" Read below for the rest of the question.Shafted continues: "I did get a response from one of the higher-ups, who said it was ok - they were perfectly within their rights, and their privacy policy supports that. Problem is, I've read the privacy policy, terms of service and acceptable use policy, and nowhere does it make mention that they have the right to look at files or data. It does indicate that I am the one who owns the data (presumably to cover copyright infringement). Another fellow indicated he felt that, as site admin, he had the right to look at whatever he wanted on the site, whether it's his data or a customer's (he, from what I can tell, is not an employee). I can understand looking at data to determine whether it violates the AUP or TOS, provided that it's justified (i.e. a scanner or audit indicates that something fishy is going on). But since I haven't violated the AUP or TOS, do they have this right? Is this something all web hosting companies do? If it isn't expressly stated, either that they do or do not have the right, does that automatically give them the right? Is this an industry norm, or did someone make a mistake and they're simply unwilling to admit to it? I'd really like to hear what some of you have to say, knowing that many of you probably have sites hosted by third-parties, and some of you may work for web hosting companies. Since this is the first one I've ever dealt with, I'm unsure whether I should expect this anywhere else, and if so I may end up going back to self-hosting."

cancel ×


Sorry! There are no comments related to the filter you selected.

You're a dumbshit. (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#24358135)

It's their boxes. Your shit sits on it. If they want to look, they can look you fucking whiney ass piece of shit.

Seriously. I hope all of you slashdot bitches fucking die.

Re:You're a dumbshit. (5, Funny)

Anonymous Coward | more than 6 years ago | (#24358197)

Wow.. I think this is the first time I've seen an Ask Slashdot so comprehensively addressed in the first comment. Nice going, dude!

As this issue has been so speedily resolved, I propose this discussion be archived immediately and we all move on to more contentious, problematic issues in other stories.

encrypt your data or dont co-lo (4, Insightful)

NynexNinja (379583) | more than 6 years ago | (#24358155)

there isn't much you can do. if you choose to co-locate your server at another location, be prepared to have other people looking at your stuff all day. If you have issues with that, either encrypt your private data, or dont co-locate your data at some hosting provider.

Re:encrypt your data or dont co-lo (4, Insightful)

blane.bramble (133160) | more than 6 years ago | (#24358713)

Not sure what the situation is in the US, but here in the UK if it's co-location (i.e. you own the box) the ISP has no right to log into your box without your permission.

And the moral of the story is (4, Insightful)

fishthegeek (943099) | more than 6 years ago | (#24358161)

that no matter what, when you sacrifice control for convenience there is always going to be a chance that someone is going to poke around your stuff. It's a risk of the business.

Re: People looking (5, Insightful)

TaoPhoenix (980487) | more than 6 years ago | (#24358285)

Isn't this the great flaw of Cloud Computing?

Playing in the clouds is convenient, but should probably be focused that way. Do serious stuff locally and transmit it as needed.

Re: People looking (1)

BPPG (1181851) | more than 6 years ago | (#24358539)

Only post what you want others to see, encrypt things that you want a particular group of people to see. Private data? Don't post it at all.

For a cloud-computer based netbook or webtop or whatever you want to call them; if you have lots of private data, get an unmountable external usb harddrive.

Re:And the moral of the story is (1)

KGIII (973947) | more than 6 years ago | (#24358319)

Agreed, 100%. What I'd recommend is compiling a list of questions to start asking before paying and moving to another provider. They have the right (maybe even obligation) to look under certain circumstances but, in most cases, they should ask permission prior to doing so. There are some exceptions - like when the government comes and tells you that you can't tell them but, well, look for a company that provides the courtesy of asking first.

Slippery Slope? (5, Insightful)

Kneo24 (688412) | more than 6 years ago | (#24358165)

Hmm... I can see your point. Nothing anywhere in their policies that you agreed state they have that right. And you also seem ok with it IF they suspect or even have proof that someone broke the agreement that both parties made.

Often times people will put private stuff on a server they rent/own and make the files/folder private so that they and a select few can only view the files. So what right does hosting company have to look at information that's private without my consent?

I think this goes beyond the "well I own it!". Guess what? When you rent out a house to other people, you don't have the right to snoop on your renter's. You can't just access their house whenever you please. There's an expectation of privacy and I think the same applies here.

My suggestion? Kindly tell them to fuck off and find another hosting company. I would suggest you make it public who this company is and what their practices are so the rest of us can avoid them too.

Re:Slippery Slope? (3, Insightful)

ScrewMaster (602015) | more than 6 years ago | (#24358371)

You can't just access their house whenever you please.

Well, in my State landlords have the right of "reasonable access". Maybe they can't just snoop as they please, but they do have the right (upon 24 hours notice, I believe) to enter their premises.

Re:Slippery Slope? (5, Insightful)

DrEldarion (114072) | more than 6 years ago | (#24358459)

They also have the right to enter when the tenant makes a maintenance request. If you think that "support call" = "maintenance request" then, well, there you go.

Re:Slippery Slope? (5, Insightful)

topham (32406) | more than 6 years ago | (#24358771)

Keep reading the legal requirements and you'll find out that 24hr access also requires a legitimate reason, not just any reason. Generally this means they need to justify it, even if it is afte the fact. They have the right the deal with emergency situations immediately, even without 24hr notice. This would include such things as smoke/fire as well as visible signs of a water leak. Still wouldn't give them the right to go through your dresser.

It is entirely unacceptable to access a customers database without explicit permission. Period.
Maybe they were trying to be helpful, that unfortunately isn't the point in this case. They have no business accessing it now without some more direct permission. I usually handle such things by talking with the appropriate customer on the phone and telling them what I am going to do. I let them ride along to the extent possible (shared screens, whatever) so they can see what I am doing. If that level of their involvement isn't possible I still ask for permission and do what's required then.

If they refuse then they are left with the possibility of losing access to the server, or its data, etc, as required to protect my servers and my business. That still doesn't give me the right to access their data because I feel like it. Even if they asked for help.

note: I will say that I've had understanding with specific customers in the past that let me do what was necessary whenever it was necessary. This is followed up by a report of what was done, giving them an opportunity to complain about it if they so choose. If they were to complain I accessed their data without permission then they would receive an apology, I would refer to the previous understanding, and confirm that it would not happen again without their explicit permission. Period. Anything else is unprofessional.

The problem here is the tendency of admins to feel like they OWN a server, instead of them having certain, specific responsibilities for that server. It's an industry wide problem, and is somewhat exhibited by the recent issue in San Francisco. (Of which I believe both parties are significantly in the wrong. It's a pissing match and the system admin is not entirely right. Without explicit cause (imagination isn't cause) you do NOT configure a device without storing it's configuration in Flash. If you do that on a number of routers and there is a power failure it would take far to long to get everything back up and running.)

If, by nature of trying to track down an unknown problem an admin sees data that is otherwise not theirs to see I expect them to keep it to themselves. Not to discuss or disclose the contents. Depending on the nature of the data I would, however, expect them to disclose that such an incident occurred. I don't want them hiding the fact they saw 100 credit card numbers while packet sniffing for a specific problem. However, actual disclosure of those credit card numbers make them subject to termination.

You own the box, not it's data. You are responsible for keeping it running to the best possible, if that means deactivating a clients access, or applications then so be it. It doesn't mean you can go digging through their files.

I don't get why people don't understand this.

Re:Slippery Slope? (1)

Free the Cowards (1280296) | more than 6 years ago | (#24358407)

If you ask your landlord to check on a blocked drain, you can't very well complain if he happens to find the porno magazines you stashed under the sink.

When you ask him to come, the place becomes fair game.

Re:Slippery Slope? (2, Insightful)

Kneo24 (688412) | more than 6 years ago | (#24358447)

The problem here is that the hosting company was looking at something that was unrelated to their problem (so they assume). You can ask your landlord to fix your sink, and whatever is under it is your problem if you don't want them seeing it, but that doesn't give them the right to go into your bedroom and rifle through your underwear drawer.

Re:Slippery Slope? (3, Informative)

Bogtha (906264) | more than 6 years ago | (#24358567)

The problem here is that the hosting company was looking at something that was unrelated to their problem (so they assume).

Where does he say that? It's unusual to have mail configuration depend upon a database, but it's not unheard of. For example, the simplest way of setting up a web interface to SpamAssassin is to configure it to read rules from a database. The only thing the Ask Slashdotter says on the matter is:

they had accessed my MySQL database directly and looked at the contents; presumably, in order to tell me what I was doing wrong.

It sounds like he has put some mail-related configuration in his database and they looked at it because his mail wasn't working correctly and they suspected he had screwed it up somehow.

Re:Slippery Slope? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24358657)

Read the sentence following that:
Regardless of the fact that they missed the boat with regards to the support question

Re:Slippery Slope? (1)

Bogtha (906264) | more than 6 years ago | (#24358695)

Yes, which means that they failed to correct the problem, not that the database was unrelated to the mail problem.

Re:Slippery Slope? (1)

Free the Cowards (1280296) | more than 6 years ago | (#24358653)

According to the question, there was some misunderstanding involved. If your landlord goes peeking through your underwear drawer because he thought you said that the plugged drain was in there, you have no grounds for a privacy complaint, although you may well have a reasonable case for saying that he needs to listen better.

For whatever reason this hosting provider thought that the database was relevant to the question being asked, so they looked at it. You may be able to fault them for being dumb but you can't fault them for violating your privacy.

Re:Slippery Slope? (0)

Anonymous Coward | more than 6 years ago | (#24358737)

Well, that's not exactly correct. As mentioned above, notice or request usually grants access to tenant premises. You still, however, have a reasonable expectation of privacy. Specifically, if you have say, a locked trunk full of porno mags or whatever, the landlord has no right to open that trunk under any circumstance.

Re:Slippery Slope? (1)

rob1980 (941751) | more than 6 years ago | (#24358425)

Guess what? When you rent out a house to other people, you don't have the right to snoop on your renter's. You can't just access their house whenever you please. There's an expectation of privacy and I think the same applies here.

If I make a "support call" to the owner of the house/apartment I'm renting - say I tell them the air conditioning isn't working - at that point I'd half expect them to go just about anywhere in inside making sure vents aren't closed, and that cooled air is making it into every room, etc.. At that point, if there's something I don't want them to see I need to have it locked up and put away.

By the same token, if this guy doesn't want his hosting company to look at the SQL database they are hosting for him when he asks them for support, he needs to find a way to secure it, or put it someplace else.

Re:Slippery Slope? (1)

Kneo24 (688412) | more than 6 years ago | (#24358497)

And what if the sink in the kitchen is broke and they go into your attic or bedroom? What does that have to do with fixing the sink in the kitchen? How about replacing a stove in the same area?

The person who feels shafted here feels that their database had nothing to do with the problem. I don't know enough about the nature of his problem to venture a guess if this is true, so I'm going to assume it is for now. If that's the case, do you think that gives them the right to go rifling through that and whatever else they please even though it's completely unrelated to the problem?

Re:Slippery Slope? (1)

rob1980 (941751) | more than 6 years ago | (#24358803)

If that's the case, do you think that gives them the right to go rifling through that and whatever else they please even though it's completely unrelated to the problem?

In that case, no - but like you said, we don't know enough about the nature of the problem. What if he's running a mailing list off of a table in his SQL database, and the list is what he was having a problem with? I'm hazarding a guess that it is, because if one of my hosting customers calls me with an e-mail problem I'm not going to just dig through their website looking for SQL data to peek at otherwise.

Re:Slippery Slope? (1)

houghi (78078) | more than 6 years ago | (#24358465)

When I have a leak in my house, the landlord can enter the house. Also when they think that the water coming out of your house is due to a leak. They enter the house and will do everything that is needed.

It is nice that my landlord leaves a note that they had enterd the house, even though nothing was wrong in the end.

Re:Slippery Slope? (0)

Anonymous Coward | more than 6 years ago | (#24358543)

Beg to differ. When you rent from a landlord and he/she thinks in good faith that there is a problem that requires inspection, the landlord does have the absolute right of inspection, although some states do ask as a courtesy that some notice is given. Many leases state no drugs, trash accumulations, feces and blood on the walls and floors, crankcase oil and industrial wastes poured down the toilets, no illegal activities conducted out of the residence like brothels, crack houses, meth labs, muslim terror cells, etc; and when these are suspected to be violated, inspections, calls to the authorities, court orders usually follow. Similarly if there is a problem with the water system and your premises are suspected for a leak, a running toilet, a shower left on during your vacation, etc, that landlord also has rights to go in, inspect, and fix the problem. He does not have the right to rummage through your stuff unless you pile a huge load of stinking laundry on top of a running toilet blocked with a tennis shoe and brimming with shit. These are real problems experienced in the past. This stuff can't just be made up. Something utterly foreign to some one's upbringing experiences like in my upstanding western North Carolina small town just does not come eagerly to the imagination unless seen and disgusted with. Your hosting company might have similar concerns. If you want to keep your data private, keep it at home or run over your old hard drives with a semi truck.

Re:Slippery Slope? (1)

shadoelord (163710) | more than 6 years ago | (#24358617)

Guess what? When you rent out a house to other people, you don't have the right to snoop on your renter's. You can't just access their house whenever you please. There's an expectation of privacy and I think the same applies here.

And here's where the analogy fails. The owner in fact does have a right to come in and fix something if its urgent (such as a water heater broke and is now flooding other apartments). They can also enter, with advanced notice, to repair and up keep the property. Its all in the fine print of the lease.

This guy asked for their help. When you go to the doctor or hospital with a problem, they run run a few tests in order to aid in their diagnosing you. Sometimes they are wrong; you still pay for the tests though.

no (0)

Anonymous Coward | more than 6 years ago | (#24358175)

it's thier box. Don't put anything on it that you would not want printed in the NY Times.

I've had worse. (4, Interesting)

Archon-X (264195) | more than 6 years ago | (#24358179)

We had some affiliate software, X, on our servers.
The internal mailing script was buggy, so I'd written another one, scrapeX.php.

We had some unrelated problems, which required them to have access to parts of the box.

All of a sudden, I'm receiving confirmations of email receipts: their incompetant 'tech' had fixed the problem, then poked around, found a script scrapeX.php and thought: well, I'd better run this, to see what it did - and ended up mailing all our clients.

Action taken: a virtual shrug.

You have to bear in mind that on hosts that are geared towards entry-level users, that the clients have a tendancy to destroy things in ways possible, which is why they probably did a look around, similarly how when you call your ISP for issue X, they normally give the list: is your power on, can you ping this, can you do that..

Re:I've had worse. (3, Insightful)

Splab (574204) | more than 6 years ago | (#24358363)

Wouw... Just wouw, he runs some code without knowing what it is supposed to do on a live server?

In a company I used to work we had an object with the function "destroyDatabase" which did exactly what it said (well cleaned up data for testing purposes). For some reason someone allowed this to get on to the live servers.

Several generations of coders later some smart guy decides to run this function on the live server, because he was wondering what the function did...

Re:I've had worse. (1)

Archon-X (264195) | more than 6 years ago | (#24358479)

It's exactly as you say: it sounds too interesting to avoid.

I can understand that 'scrapeX.php' might sound a little dubious, so I bet this guy thought he was doing his company a service by running it...

Re:I've had worse. (5, Funny)

Allicorn (175921) | more than 6 years ago | (#24358711)

REN Now, listen, Cadet. I've got a JOB for you. See this button? (Stimpy reaches for the button) DON'T TOUCH IT! It's the HISTORY ERASER button, you FOOL!

STIMPY So... what'll happen?

REN That's just IT! We don't KNOW! Maayyyybeeee something bad?... Mayyyybeeee something good! I guess we'll never know! 'Cause you're going to guard it! You won't TOUCH it, will you?

(Stimpy salutes. Ren leaves.) REN Hehhhh... hehhhh... hehhhh... hehhhh...

(Stimpy marches back and forth, staring at the button.) ANNOUNCER Oh, how long can trusty Cadet Stimpy hold out? How can he possibly resist the diabolical urge to push the button that could erase his very existence? Will his tortured mind give in to its uncontrollable desires?

(Announcer grabs Stimpy, forces him closer to button) Can he resist the temptation to push the button that, even now, beckons him ever closer? Will he succumb to the maddening urge to eradicate history? At the MERE... PUSH... of a SINGLE... BUTTON! The beeyootiful SHINY button! The jolly CANDY-LIKE button! Will he hold out, folks? CAN he hold out?


Re:I've had worse. (2, Insightful)

HereIAmJH (1319621) | more than 6 years ago | (#24358745)

I can understand that 'scrapeX.php' might sound a little dubious, so I bet this guy thought he was doing his company a service by running it...

Not really. If he suspects a script, he shouldn't run it until fully understanding what it does. If the script does something bad, he has now executed it rather than preventing it. On top of that, he's most likely doing so from a privileged account.

Re:I've had worse. (1)

UncleTogie (1004853) | more than 6 years ago | (#24358747)

I can understand that 'scrapeX.php' might sound a little dubious, so I bet this guy thought he was doing his company a service by running it...

Considering the quality of entry-level techs at many ISPs, I'd be willing to bet that he ran it to see what it'd do, nothing more...

Never underestimate the boredom of an underpaid cubicle dweller.

I don't know if it's legal, but it's unethical. (5, Interesting)

Vellmont (569020) | more than 6 years ago | (#24358195)

Who is this hosting company, and why are you protecting them? People should know what they're getting into when they enter into an agreement, and it sounds like this company isn't doing that. I don't know if this is "industry standard", legal, or whatever, but I'd run away very fast from this hosting company. Find another hosting company that'll give you assurances in writing that they won't look at your data without your permission. They can't ALL be douche bags.

so... (0)

Anonymous Coward | more than 6 years ago | (#24358199)

you asked for help? how would they be able to help you without actually trying to fix the issue?

Re:so... (1)

Anonymous Cowpat (788193) | more than 6 years ago | (#24358693)

even so, "Well, we think the problem may be related to something in your database - mind if we have a look?" would have been nice, rather than jumping straight in.

Take your business and go somewhere else (0)

Anonymous Coward | more than 6 years ago | (#24358205)

It seems that far too many people are afraid of walking with their wallets these days. Your options are:
1. File a complaint with the BBB - where probably nothing will happen
2. File a lawsuit - which will take a long time and may get nothing done
3. Take your money and go home - has the least amount of strain on you and dings them for doing something stupid.

Banks don't go in safety deposit boxes. Apartment complexes don't go through apartments looking for "hidden" animals to charge tenants more money. ISPs don't read your email (supposedly). Just go find another ISP and whenever someone asks you about this ISP just tell them the story of how they snoop your data.

So basically my thesis is: No, it's not okay for them to just go through your data without permission. You are paying them for a service and unless they build into it an audit and a process of reviews, you shouldn't have to put up with a lack of privacy.

Re:Take your business and go somewhere else (2, Insightful)

retchdog (1319261) | more than 6 years ago | (#24358269)

And all of your examples are due to the evils of government regulation.

Even the ISPs reading email, except you added a "don't" for some strange reason.

Re:Take your business and go somewhere else (1)

TaoPhoenix (980487) | more than 6 years ago | (#24358323)

The related issue is that if an abused customer leaves silently, no one else has the chance to learn of the incident to prevent it from happening again. Fighting for causes carries the price of exposure, and is not to everyone's taste. Hence, this story.

The famous phrase "give the customer the freebie and get them to quiet down" is because raucous customers can potentially galvanize the larger customer base into a unifieed action.

It's on Their Computer (0)

Anonymous Coward | more than 6 years ago | (#24358213)

I figure if it ain't on my computer, in my direct reach and control, then I don't expect privacy.

Considering a privacy policy can't stop the physical act, it's dangerous to believe a privacy policy - especially if someone reading that data could compromise you or your company.

Unusual (3, Insightful)

Bogtha (906264) | more than 6 years ago | (#24358231)

I've never had this happen as far as I know (obviously hosts can snoop without telling you). I'd say that this was quite unusual, if for no other reason that hosting companies rarely help you diagnose problems that are likely of your own making. They'll usually just tell you to revert to a supported configuration.

It seems quite odd that they'd be poking around in your database to debug a mail configuration unless you are doing something unusual. But if it is indeed technically related, I doubt you could support the argument that they shouldn't be inspecting your configuration when you ask them to help you debug something. If the database can cause your problem, then how do you expect them to help you without giving them access to it?

Id Expect Privacy. (1)

cryptodan (1098165) | more than 6 years ago | (#24358255)

Only under a court issued warrant or under your permission and physical supervision, would they then have permission to your data. That is a severe breach of any Privacy Statement. I would definitely look elsewhere for your hosting needs.

Why are you so nice? (1)

DanMc (623041) | more than 6 years ago | (#24358257)

Let's have the company name and a copy of the response from that higher up who said it was perfectly OK. I think you'd see some backpedaling. I would hope the terms of service don't say anything about you needing to refrain from criticizing their service.

I think in this case yes because... (0)

Anonymous Coward | more than 6 years ago | (#24358259)

...for example, if you let the electrician in the front door, he has free reign to look around to fix the problem unless you've told him to stay out of certain areas.

Re:I think in this case yes because... (1)

cryptodan (1098165) | more than 6 years ago | (#24358441)

...for example, if you let the electrician in the front door, he has free reign to look around to fix the problem unless you've told him to stay out of certain areas.

No, they are only there to fix the issue at hand, and are disallowed from wondering throughout your house 100% freely.

Encrypt It (1, Insightful)

joutlaw0870 (1333801) | more than 6 years ago | (#24358263)

I don't mean to be critical here but why don't you encrpyt the sensitive data prior to storing it? Yes it is going to cost you some development and testing time but it will provide with piece of mind that 3rd parties who peak at your data whether legitmattly or illegitmatlly wont be able to use it for the own purposes easily.

Re:Encrypt It (1)

Splab (574204) | more than 6 years ago | (#24358317)

They have full access to what he hosts, how do you propose the guy encrypts this without them having access to the decryption keys?

Re:Encrypt It (1)

joutlaw0870 (1333801) | more than 6 years ago | (#24358485)

Encrypt the encryption keys. This is how encryption keys are kept secure when they are exchanged by two parties.

Re:Encrypt It (1)

Splab (574204) | more than 6 years ago | (#24358741)

Anyone accessing the data needs the keys, so the keys have to either be send before users access his site or have to be stored on the server - either way it's simply not doable.

Re:Encrypt It (1)

nebulus4 (799015) | more than 6 years ago | (#24358561)

Not if he has the encryption/decryption part (including the keys) somewhere else, preferably on his own server.

Re:Encrypt It (0)

Anonymous Coward | more than 6 years ago | (#24358611)

He can't even spell, what makes you think he's thought his stupid suggestion through?

Re:Encrypt It (0)

Anonymous Coward | more than 6 years ago | (#24358801)

And you can't even punctuate. What's your point?

Re:Encrypt It (1)

twiddlingbits (707452) | more than 6 years ago | (#24358537)

Encytption/Decryption is going to place additional loads on the server, and if he is sharing that server with others (common at a co-lo) he can impact many other customers. Encryption also can increase the data size so he could end up using more bandwidth and paying more. If he has his own server and reasonable rates for bandwidth it could be done. But the keys to encrypt/decrypt would be accessible to the co-lo company so he's right back in the same problem. IMNSHO, the best solution is to take his data to another co-lo that won't snoop and if he really needs utmost protection host it himself at his facility. A compromise could be to negotiate the right to have his server off-limits to co-lo admins (they may not approve for many reasons but he can ask) but then he has to do the 4AM calls. The bottom line is, does he want to trade control for convenience.

Lemme guess, Dreamhost? (4, Interesting)

Bob of Dole (453013) | more than 6 years ago | (#24358275)

Dreamhost repeatedly did this to me when I was hosting with them. They even modified my databases more than once. Mainly adding indexes (including ones that already existed...), but they changed the type of a column once.

That's one of the many reasons I'm not using them anymore.

Re:Lemme guess, Dreamhost? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24358393)

You can argue the legality and ethics of a provider looking at users data, but to actually change a database schema is abominable.

Re:Lemme guess, Dreamhost? (1)

ameyer17 (935373) | more than 6 years ago | (#24358439)

Except the OP had a "reseller account" which is something Dreamhost doesn't offer (although they do allow reselling).
Actually, reading through the question, I kinda wondered the same thing.

Re:Lemme guess, Dreamhost? (1, Informative)

Anonymous Coward | more than 6 years ago | (#24358531)

They even modified my databases more than once. Mainly adding indexes

Ah yes, suddenly my memories of ISP server maintenance come flooding back...dozens of clients suddenly complaining that their shared server has slow to nag speed. The usual culprit was almost invariably a developer who hadn't yet got to the chapter on indexes and query performance. Personally I just flipped the switch on the entire domain, rather than 'fix' a client's database (considering that I'd probably have to be back there every couple of days while he 'developed' on the live server...just like they seem to have been for ol' Bob here). Sounds like Dreamhost puts way more futile work into their client support than is prudent or productive.

Be careful what you admit to, Bob.

From home? (3, Informative)

corychristison (951993) | more than 6 years ago | (#24358291)

I run a few servers here at home that are web-facing.

I have never found a provider that will accommodate me in any ways that I see fit, so the home solution has won me over every time I go looking.

I host my own work as well as customers. I'm running it all on a Business Class 7Mbit ADSL line... never any problems as most sites are pretty low on bandwidth.

I've recently got a new client (signed and sealed -- working on the project right now, actually). Their project is going to require their own server(s -- Yay redundancy!) for some power behind their project... if all goes well I'm going to lease some office space outside of my home and upgrade the connection to whatever the best is I can get.

The 'at home' solution offers total control. If you're making enough money off your clients, it's worth it in my opinion.

Re:From home? (4, Insightful)

Bogtha (906264) | more than 6 years ago | (#24358675)

The 'at home' solution offers total control. If you're making enough money off your clients, it's worth it in my opinion.

So long as "enough money" is enough to employ multiple competent administrators. If a server goes down, somebody needs to bring it back up in a reasonable timeframe. Being on call 24/7 is not fun. What if you are sick or injured? What if you want to go on holiday? As you said, "Yay redundancy!" It's not just hardware that needs redundancy to be reliable, wetware needs it too.

Re:From home? (1)

corychristison (951993) | more than 6 years ago | (#24358805)

Apparently you didn't even read my post, just picked parts out so you can criticize.

I've been running servers out of my home for years now. I'm trying to think of how long and I'd say it's been about 5 years now.

Only issue I've ever had was a power outage that lasted a good couple hours (apparently most of the province was out as well as the whole northern part of the state below it)... that was unavoidable. My UPS's lasted all but 20 mins of the outage. Which is fine for me. 20 minutes of 5 years down the drain is pretty darn good, if you ask me.

Colo versus Managed or Shared hosting (3, Insightful)

DigitalSorceress (156609) | more than 6 years ago | (#24358301)

I'd say that any instance where you don't fully own/control the hardware (managed servers or shared hosting), that the contract can SAY whatever it wants, but if they want to see your data, they can.

Now, I'm sure most tech support folks have better things to do than to nose through your data or read your email. There is a certain level of trust that you have to give your hosting service, or else it's just not going to work.

It's been my experience that if you want more change / access control in place, you can get it, but it's not going to be cheap. The hosting facility my previous employer used had tech support folks who always asked permission and told us what they were going to do and/or what they did, but that was a $50,000/month hosting contract.

Anyhow, You're going to have to choose... is your privacy more important than having to buy/handle your hardware? if so, then go back to a colo and be prepared for those occasional 4:00am calls. If the support is what's more important, then find a hosting provider where you have some faith in the folks involved. I maintain a very good working relationship with the main support guy where my own server is hosted. I have a lot of faith in him, and I never get redirected to the "Bangalore Bargain Bin" cuz they're not doing that outsourced support thing. To me, this is a comfortable arrangement.

In the end, security versus convenience is always going to be a give-and-take arrangement.

Derek in Palm Beach (0)

Anonymous Coward | more than 6 years ago | (#24358311)

I have been a part of several start-ups that do not have substantial financing and rely on such infrastructure to even function. The thought that the hosting service would file through our data, especially our "protected" databases, seems like a massive breach of privacy and should cause concern.

When the US (public, private, and government) farms (outsources) critical infrastructure development (software & hardware) to foreign countries without thinking of the long-term security implications, it does not surprise me that these companies just expect that activity to be "normal", but we should not.

I agree that rifling through private data, without due consent, is completely out of bounds and I informing the higher ups is always the right position, even if they disregard the ramifications.


Web hosting? (1, Insightful)

TheRaven64 (641858) | more than 6 years ago | (#24358313)

If you are buying 'web hosting' then you are essentially buying a managed server - someone else is the administrator, you are a user. You have no control over it and should have no expectation of control. If you want an expectation of privacy then you should get a dedicated server. If you are a reseller then you could probably do this quite easily - get your own co-located dedicated server somewhere and sell vhosts to your clients. If the hosting company wants the root password for your machine, run away.

While it is their servers... (1)

e. boaz (67350) | more than 6 years ago | (#24358315)

While it is their servers, and they may have legal ability to review data for certain purposes, technical support usually isn't one of those purposes allowed by some state laws or by ethics. (Please note that I am not a lawyer, but I have both been a systems administrator and a technical support representative.)

What I really question is their ethics. The person who casually looked at your data without your explicit permission showed a disturbing lack of ethics. The person who followed up with you also showed the same lack of ethics. On this basis alone, I would choose to not do business with them.

Shifting Laws in Troubled Times (3, Insightful)

b4upoo (166390) | more than 6 years ago | (#24358329)

Your question should be taken up with a good lawyer. These days things are quite unclear as to what snooping is reasonable.
        I am not a lawyer and my opinion is that anyone looking at your files acquires certain legal liability if anything at all is going on through your servers that breaks civil or criminal law. Not looking at files by you or anyone else leaves you with a great deal of legal protection.
        Recently I learned that a vague acquaintance was arrested for possession of child pornography as a popular music- file sharing site runs search
programs looking for copyrighted materials and they happened to key in on certain words or images within those porn files.
        He may have had some expectation of privacy. I really don't know. But what I do know is that famous site now has a problem if other porn passes through their site and they fail to catch it. Not doing a good enough job carries legal penalties whereas not doing any job at all relieves them of responsibility. Color that spying can be foolish, expensive and dangerous.

Even for dedicated servers, it's hard (3, Insightful)

Animats (122034) | more than 6 years ago | (#24358353)

It's a difficult issue. I have a dedicated server at APlus in Phoenix, and for the first six months, they didn't have any of the passwords for the box. Then they had a big outage and had to move the servers to another data center, and asked the users to tell them the root password so the could shut down the server, move it, and reconfigure the networking. So now they have the root password, and they did use it once without asking me first when I called in with a later problem.

It's not a big issue for this particular application, because it doesn't have any proprietary or personal data and it doesn't do credit card transactions. But for anyone selling something, it could be a very big deal.

This is to some extent a lack of Linux system administration capability. There's no standard way to give out a permission that allows only the operations a co-location facility might need to perform - startup, shutdown, IP address change, and maybe encrypted backup. APlus uses the Plesk control panel, which can do most of those things, but its security isn't designed to give the co-location operator a limited login.

Re:Even for dedicated servers, it's hard (1)

corychristison (951993) | more than 6 years ago | (#24358409)

It's a difficult issue. I have a dedicated server at APlus in Phoenix, and for the first six months, they didn't have any of the passwords for the box. Then they had a big outage and had to move the servers to another data center, and asked the users to tell them the root password so the could shut down the server, move it, and reconfigure the networking. So now they have the root password, and they did use it once without asking me first when I called in with a later problem.

Assuming this is a Linux Box, and you are SSH'ing in...
'passwd' is your friend.

Re:Even for dedicated servers, it's hard (5, Insightful)

TheRaven64 (641858) | more than 6 years ago | (#24358505)

There's no standard way to give out a permission that allows only the operations a co-location facility might need to perform - startup, shutdown, IP address change, and maybe encrypted backup

Actually, there is. First thing to note is that 'root' is just a name. It is UID 0 that is powerful, not the user named 'root'. You can create an account called root which has a different UID and it is just another user - give this account / password to the colo company and they will only find out that it's not root if they try to do something evil. Then, just give them permissions to modify the network config files and run shutdown / reboot as root and you're set.

Alternatively, you can create a 'colo' user which has write access to the network config files and has sudo access to the shutdown command, which might be cleaner, and if they complain about this limited access then move hosts.

Re:Even for dedicated servers, it's hard (1)

Ogi_UnixNut (916982) | more than 6 years ago | (#24358547)

This is to some extent a lack of Linux system administration capability. There's no standard way to give out a permission that allows only the operations a co-location facility might need to perform - startup, shutdown, IP address change, and maybe encrypted backup.

Actually there is. AFAIK the "sudo" command can be configured to allow the user to only run certain commands (like shutdown, reboot, ifconfig etc...). I know I use it to give users limited access for computer shutdown and reboot, and nothing much else.

Re:Even for dedicated servers, it's hard (1)

Dionysus (12737) | more than 6 years ago | (#24358773)

This is to some extent a lack of Linux system administration capability. There's no standard way to give out a permission that allows only the operations a co-location facility might need to perform - startup, shutdown, IP address change, and maybe encrypted backup.

Why wouldn't sudo work for this purpose? Or if you are really on the cutting edge, ACL

Re:Even for dedicated servers, it's hard (0)

Anonymous Coward | more than 6 years ago | (#24358797)

There's no standard way to give out a permission that allows only the operations a co-location facility might need to perform - startup, shutdown, IP address change, and maybe encrypted backup.

The closest thing to "standard" is probably sudo; have a user for the hosting company that only has access to run shutdown/reboot, ip/ifconfig and whatever backup script you want used.

Hindsight is 20/20; keep the user around for next time the hosting company needs access.

I'm also curious why you didn't change the root password once your machine come back. If they really wanted to get back in, sure, they could stick an extra user on the box or install a rootkit, but changing the password would've more than likely prevented the sysadmins from having casual access.

Some Customers. . . (2, Insightful)

mosb1000 (710161) | more than 6 years ago | (#24358355)

Some customers will get upset with you if you wait to fix the problem, others will get mad if you don't wait and ask them first. It is a no-win situation.

Look at the agreement (1)

cfulmer (3166) | more than 6 years ago | (#24358365)

Your rights here are largely determined by the contract between you and the hosting company. Typically, these things will list the conditions under which they will access private data stored on their server. If the contract is silent, then at best they're probably just limited to not selling data to your competitors or posting your naked pictures to porn sites.

If you are a reseller for this group, you should have more paper than just the website's terms of use and privacy policy -- those are all generally facing the site's end users and are not really intended for its main customers.

Look for the terms and conditions around the hosting agreement. If they don't say anything, you can always go back to the hosting company to negotiate alternate terms.

Recognize, however, that even if you can get them legally bound not to look into your files w/o your authorization, as a practical matter, this is hard to enforce.

Put it this way ... (1)

ScrewMaster (602015) | more than 6 years ago | (#24358415)

possession is nine-tenths of the law. They physically possess your data ... regardless of any terms-of-service or other contractual issues, if they want to look at your data they will and there's not a lot you can do about it. As others have said, about the only guarantee you can have of privacy in this case would be encryption.

You won't like my answer (0, Troll)

davmoo (63521) | more than 6 years ago | (#24358419)

You asked them to fix something. You in effect invited them in to your server. If you're going to let someone else manage your servers, that's what happens. If you're going to host on a machine with the accounts of others also present, that's what happens.

If you don't like being open like that, and don't want to deal with the support problems of colo, and don't want to have the servers located in your home, then your only real option is to lease entire machines for yourself. And then change the root passwords and keep those to yourself. Granted, if they want it bad enough they can still get to your data...just pull the hard drive and put it in another machine. But since you'd notice the downtime, that's not likely with a reputable company.

That's what I do. I lease entire machines, not just space on a server with a bunch of others running reseller accounts. I also self manage.

But again, remember one soon as you ask them "Can you fix this software problem for me?", you just invited them in.

Re:You won't like my answer (1)

TheRaven64 (641858) | more than 6 years ago | (#24358529)

Granted, if they want it bad enough they can still get to your data...just pull the hard drive and put it in another machine

You can encrypt the partition and mount it with a key that you provide after booting. They can, of course, mount the unencrypted partition and trojan SSH, and get at the key next time, but this needs you not to notice the downtime originally. Unless you use a TPM to prevent booting if the boot partition has been tampered with...

legal - might just be a dba cya (0)

Anonymous Coward | more than 6 years ago | (#24358433)

Turn this thing around. I am a DBA for a medium sized company. If I am testing an interface, for example, I can grab some data and push or pull as the case may be. If I see it on my screen, nobody cares.
However, if there is no business related reason for me to look at data (even my own personal information), I am prohibited from doing so.
The same rules should apply here. They probably were within their right because there was a technical reason (troubleshooting) to look at the data. If they weren't, that email from the "higher up" was probably a CYA to try and deflect a lawsuit.
If it really bothers you, I concur with other posters - encrypt your data.

violation (0)

Anonymous Coward | more than 6 years ago | (#24358455)

this may be a violation of civil and criminal law. you may wish to seek the advise of an attorney.

Legalities aside - don't reveal private stuff. (0)

Anonymous Coward | more than 6 years ago | (#24358495)

As a general principle - if something is accessible then you should assume that someone will access it. Whether the company had the right to do this or not - as a practical matter, you shouldn't expect their policies to protect you from their employees reading your private stuff.

If it's that important - then either encrypt it - or don't put it out on the Web site - keep it on your local PC.

It's all in the style (3, Insightful)

hyades1 (1149581) | more than 6 years ago | (#24358511)

This strikes me as one of those situations where what actually happened is less important than the company's reaction to your questions. The initial silence, followed by a response from a company official that is not in harmony with their published policy, screams "guilty conscience". They got caught with their hand in the cookie jar (yours, in this case), and they're just hoping you'll shut up and go away. I find myself wondering whether they routinely snoop databases hoping to find information that might be of use to them.

Three recommendations: Encrypt everything that matters if you decide to stay with this company; publish their name, along with a factual account of their actions and links to your documentation; if there is a relevant regulatory body or professional association, send your story to them and ask whether the company's actions and response are reasonable under the circumstances.

Hosting (1)

monty019 (1333807) | more than 6 years ago | (#24358515)

I understand your being mad and you have every right to be upset. I agree with Kneo24 by letting the public know who is working with these questionable practices. On the same hand, putting information you are concerned about sharing on a third party server is a risk you should be aware of taking, and either stop using it or be more selective with what you load, even encrypt what you are worried about sharing. Good luck and keep us posted!

Use a smaller hosting company, get better service (3, Insightful)

np_bernstein (453840) | more than 6 years ago | (#24358609)

So, a while back - 2001 according to whois, I registered my personal domain at a small webhost. It was my personal domain, and, as such, not something I was to concerned, where reliability was concerned. Anyway, I picked this place off an ad on kuro5hin (heh, remember them?) and did so based *only* on price. It turned out it was running by one guy. Over the years we exchanged a number of emails and got to know each other by name. Now, I address my support emails directly to him, and I know they're not going to screw with my stuff.

So my advice is this: If you're going to use a webhost, use somewhere small, and take the time to get to know the admins. They'll value you a lot more than some huge conglomerate.

As for legality, look to the terms of use. If they offered you virtual private hosting, well, there's an assumption of privacy. Otherwise, look at that "terms of service" document you most likely clicked right though.

And to give the a quick plug (I neither work there, nor have a financial relationship outside of paying) [] is pretty good. Feel free to tell them Nick Bernstein recommended them, maybe they give me an even better deal.

Here's how I see it (1)

pcolaman (1208838) | more than 6 years ago | (#24358615)

Unfortunately, you are in the right to assume you should have a relative expectation of privacy when it comes to your data. I say unfortunately, because they don't care and the law will back them up, not you. Basically, if they are storing the data on their equipment, while you have the copyright (rightfully so) on the data, they have the right to ensure that data does not make them an accessory to a crime or infringe on their security in any way. It's bs, but that's the unfortunate risk you take when storing private data on someone else's servers. I agree with the people who say you should co-locate data that there is no expectation of privacy on, and privately store the rest.

I work at a hosting company... (0)

Anonymous Coward | more than 6 years ago | (#24358621)

If you asked support to look into an issue, and there's a database on your server, you can give reasonable expectation that your database may be looked into.

That being said arbitrary queries are a no-no. And if someone was caught doing such a thing, you're out the door, no warning.

I deal with some of the most secure databases that you could imagine in the hosting world. But aside from running SHOW GLOBAL VARIABLES (LIKE) and SHOW GLOBAL STATUS (LIKE) and possibly run an explain across an slow query, we never pry into data.

If you enlist our DBA services then they may look a little deeper for index recommendations, and query tuning, but again, they're still not running queries just to look at data.

If you want to really keep people out of your database, put a password on root@localhost, don't give it out. If they really must get in and look at it, then keep an eye on ~/.mysql_history

My host's acceptable use policy (AUP) (1)

cornholed (1312635) | more than 6 years ago | (#24358623)

Thanks for the heads up, I had never really read through ;my hosts AUP, just did this morning, and found this: Monitoring/Privacy reserves the right to monitor any and all communications through or with facilities. Customer agrees that is not considered a secure communications medium for the purposes of the Electronic Communications Privacy Act, and that no expectation of privacy is afforded. It may become necessary for employees to examine system accounting logs and other records to determine if privacy violations or other network unfriendly activities have occurred. also reserves the right to access a Customer's mailbox or other files stored on systems to resolve system problems or mail system errors.

Half of you replying are missing the point... (4, Interesting)

NitroWolf (72977) | more than 6 years ago | (#24358635)

Half of you people replying are completely missing the point of the post. He is NOT Co-Locating a server, he is a reseller. He is using the companies equipment and hardware. He owns absolutely nothing hardware wise.

As such, the company is perfectly within their rights to inspect what data is being stored on their servers, in a SHARED database. He's not the only customer using that MySQL server. He is not the only customer using that CPU, that hard drive, that webserver.

The hosting company has every right to be sure there is nothing in the database or elsewhere that is going to compromise the other customers.

That's why you colo a server. Then it's YOURS and YOU control access to it. No one is going to be inspecting anything on it without your consent or at worst, if they hack your password and/or reboot it without your consent into single user mode. Either way, then you'll know something hinky was going on. Whereas if you are just a "reseller," the hosting provider can do whatever they want as root on a box you do NOT own.

So yeah... if the original poster doesn't like it, he needs to colo a server. If he doesn't want the hassle of that, then you're at the mercy of the system admin.

Support 101 (1)

munch117 (214551) | more than 6 years ago | (#24358663)

To provide good support, you need to understand the customer's situation and what the customer is trying to achieve.

To gain that understanding, you need to look at the customer's actual setup and actual data. If you rely only on the customer's own explanations, you are just setting yourself up for inevitable misunderstandings. No amount of careful explanation is a substitute for looking at the actual data. Also keep in mind the good doctor's advice: Everybody lies. To cure the patient, you simply have to run your own tests to find out what's going on.

Your right to privacy is that the supporter must not pass on any information to a 3rd party, no more than that.

Probably legal and unethical (1)

funnyguy (28876) | more than 6 years ago | (#24358669)

If your data is sensitive or governed by a regulation like HIPAA, you should've had a BAA in place with the host that regulated access. But from what you descibed you still OWN the data, nobody copied or used your data. Without an additional agreement, someone reading your data, code, etc is a risk you take.

Oh yeah? (0)

Anonymous Coward | more than 6 years ago | (#24358685)

We went in your database because we can.
I dare you to come down here and fight me in the parking lot!
I'll be waiting for you!!!

Circuit City Firedog Dispatch - PC & TV Techs (0, Offtopic)

ItaloSuave (645798) | more than 6 years ago | (#24358691)

-- I worked as Tech Dispatcher (a Volt temp) for, a very new Company in Billerica, Massachusetts, that is doing a great business dispatching Circuit City Firedog PC and TV Techs nationwide. They are the biggest profit center for Circuit City. The loot is truly exceptionally good, adn the Company is growing quite strongly. They have received at least two rounds of venture capital funding. Unfortunately, they could not figure out a way to consider my 53 year old personage for a regular status job. Instead, when I asked why I was not getting considered, they chose to end my work assignment, rather than answer my question. This is the kind of corporate entity you cannot trust in any respect, let alone in the personal business of mucking around in your home PC computer and wireless network. The technique used for remote tech support, was to e-mail the customer a Java applet attachment file which would supposedly expire at the conclusion of the appointed use for remote tech access to the person's home or office computer. However, I found that people were sold computers that had undesirable 30-day trial software, with pop-ups and advertisements and forceful blandishments to buy or be disabled in your PC functionality. Also, the PC tech support service guarantee was only 5 days. As such, people, particularly elderly or older Americans who were vulnerable to this sort of marketing and sales presssure, were encouraged to pay and pay again and again to fix the same problem. It was really quite disgraceful, but there you go -- mo' money means mo' business in corporate America. Based on my experience as a worker for these corporations, I would never use their proffered services, and I would be aware that they are now working with Microsoft's new "fix your computer remotely" service, whereby they download enabling software permanently and surreptitiously onto your computer. But what else is new, when it comes to Microsoft? Who controls your desktop and files, you or the Corporations and the Government? According to them, they have ownership, and you do not own your own files or desktop. Your description of a PC or Network Tech accessing your personal files is just the "tip of the iceberg" of this ongoing problem. The Internet started out free and accessable to all at a reasonable or nominal price. Now, the governments and the corporations are moving in to "take ownership" and their reach extends into your home, into your home network, into your operating system and your desktop and your files. I have heard that home PCs (and telephones) can be enabled to spy on the home's occupants, as well. So much for due process, limited government, privacy rights, worker rights, "government of, by and for the people" and informed consent.;334364884;fp;4;fpid;3 []

Let me guess... (0)

Anonymous Coward | more than 6 years ago | (#24358715)

this was a database that was on a system that they provided with a lot of other customers, right? So you paid for one of those developer plans that includes a database and web hosting.

Host your own machines at a respected data center if you want any level of data privacy.

Fixing your problem on their machine (1)

Skapare (16644) | more than 6 years ago | (#24358729)

If you wanted them to fix your programming/software/data/configuration issue on a machine they own and manage, then to me, that implies that they have to be able to look at the data itself on at least an as-needed basis. Hopefully they are discrete about it and comply with appropriate privacy requirements (e.g. never disclose what they see to anyone else besides other staff that are also working on your problems).

What if you owned the machine(s) and they were physically located in your own office space in a building you own ... and you hired a programmer or system administrator or consultant to look at your programming problem? Would you expect them to NOT look at the data? You see, I think that this is an implied situation.

When I long ago worked for an ISP (director of operations with 3 net/sysadmins reporting to me), our policy is we did not look at customer data directly unless it was for problem resolution, and then only look where problem analysis suggested the problem might be, or that information about the problem might be. For example, I did look at a couple customer mailboxes to resolve problems with why their mail agent wasn't loading the mail. Turns out there were non-compliant headers and a less than robust agent. I did not feel a need to ask to look once the evidence suggested the problem was in the content of the messages. I did ask the customer for permission to manually edit his mailbox to remove the defective mail so he could continue to use hos non-robust mail agent. And I will never divulge what I saw in that email short of a valid and verified court order to do so.

When data is accessible expect it to be accessed (1)

burnin1965 (535071) | more than 6 years ago | (#24358733)

Do I, as a customer who, according to the acceptable use policy, owns my data, have a reasonable expectation of privacy for the data which I own, despite it being hosted on a third-party's server?

IMO everyone should expect privacy, however, even with strict privacy policies and expectations in place there should be no surprise that any data which you make accessible is accessed.

Far to many web application developers are lax on security when developing their applications and storing data. End users running these applications should be pushing developers and hosting providers to implement some level of security against unauthorized access to data using least privilege and encryption of stored data.

And now for the plug. :) PHPgirder [] is an example of implementing both least privilege and encryption to protect from unauthorized access and encryption of data in the event unauthorized access does occur.

Basically the idea is to use the user level access control built into the database engine to limit access to tables and encrypt all sensitive data that is stored in those tables. This requires the use of multiple database users and while the username and password for the user with the least privilege is stored in plain text like any other web application the usernames and passwords for higher access levels in the database are stored in encrypted records in the database and require user authentication before they can be decrypted and thus provide higher levels of access to the application and the data in the database.

The same encryption and ACL technique that is used to control an application based on PHPgirder can also be applied to any pages and data that are implemented in an application using the classes by using the same database ACLs required to run PHPgirder or by adding additional ACLs upon the base PHPgirder ACLs (translation: more database usernames and passwords with restricted database access).

Now this will not stop someone who has root access to the server from intercepting user session information and stealing user's usernames and passwords to gain access to the encrypted data but it will surely stop someone from doing a casual dump of your database to peruse your data and tell you what your doing wrong.


all hosts not created equal (1)

jrozzi (1279772) | more than 6 years ago | (#24358751)

We do our hosting with Cirkuit Networks. One time when our forum was getting bombarded with spam bots, they politely called me and told me about the issue. They then asked me if it was okay if they go in and install a CAPTCHA and upgrade the forum software (which required access to SQL). It sounds to me that some hosting companies respect their users' rights to privacy a bit more than others.

Ethics (0)

Anonymous Coward | more than 6 years ago | (#24358753)

This is not so much a question of legality, but ethics. Yes, you might own the data, but you don't own the server. By allowing your data to be hosted on another person's server, you gave them the right to snoop. If you secure the data (encryption) then it will be harder to snoop. It's like taking a box of your things to a friend's house for storage. While it would be unethical for your friend to snoop through it, it is not illegal.

If you want to prevent it with your current host, request an alternate agreement of services that requires extra privacy of your data from support staff. Having worked in the hosting industry in the past, some providers are willing to do this.

Re:Ethics (1)

RPoet (20693) | more than 6 years ago | (#24358813)

By allowing your data to be hosted on another person's server, you gave them the right to snoop.

I don't think this is a given. If you rent an apartment, the landlord isn't entitled to spy on your private life just because he has ownership of the house. I think the poster has the same kind of expectation on the server space he rents, and that's reasonable.

Didn't you ask for their help? (1)

richmaine (128733) | more than 6 years ago | (#24358755)

I'm not sure I see the problem here.

You said that they looked at your data "presumably, in order to tell me what I was doing wrong." It sounds to me that you were asking for help and they were trying to provide it. I'm having trouble seeing the problem here, either practically or legally. Most privacy policies that I've seen quite reasonably say that the host can look at data as directly needed to provide you the service in question. That's sort of implied by your asking for the service - in this case your support request. For example, they can use your address to send you bills, etc.

Now perhaps the support folk were incorrect in thinking that the data in question was needed to solve the problem in question. I can't judge that from the data given. But that seems more like a support competency question than a privacy one. You suggested that you had other reasons to question their support competency (not that this is unusual, as you note.)

The followon stuff with their replies to your complaint does seem to get into the privacy issues, but maybe you got off on the wrong foot and it went downhill with their attempts at rationalization.

localhost (0)

Anonymous Coward | more than 6 years ago | (#24358761)

Setup your own local server, get a static ip address and stock up on a lot of coffee. That pretty much defeats getting around the waking at 4am thing but at least you can have complete control of your website.

There is another option that I've seen for hosting sites but it can be more expensive than your typical dedicated hosting. They allow the option to install your own OS from start to finish. At most it will force an end user to have an account to access that information. Other than that, there really isn't much you can do about security because it will be on their virtualized servers where they are being hosted. Any encrypted connections would be futile. Encrypting the partitions themselves also defeats the purpose especially when you have to enter the decryption password to get the system up and running. Essentially, when you have someone host for you, you will always give up your privacy. That being so, there are a lot of hosts out there that can be trusted, but it's always best to make sure.

Expectation of privacy? (2, Informative)

Pedrito (94783) | more than 6 years ago | (#24358765)

You're hosting on their servers. I don't think you have much expectation of privacy, frankly. I'm all for privacy, and if you own the box, then nobody should be allowed to look at it, but if you're renting the box, just like a landlord, they should have a right to inspect it for whatever reasons. They are, to some degree, responsible for what that box contains.

On a slightly different topic, you say they're pretty good except for... And then you have a list of issues with them. I don't know who your host is, but I'd recommend CrystalTech [] . I have no affiliation with them other than having hosted some sites with them over the past decade or so. Other than the occasional technical problem, for example an upgrade several years ago that broke one of my apps, or one of the two times in the past 10 years when my e-mail went down, they've been solid as rock. Additionally, when I've needed help, both their online tech support as well as their phone tech support were amazing and responsive. I'll never host with anyone else as long as they continue the way they are.

check your hosting agreement (1)

DragonTHC (208439) | more than 6 years ago | (#24358777)

I don't expect any privacy with my webhost.

partly because I realize I'm using their hardware on their site.

but mostly because it's a shared server.

If I got a dedicated server, I could set my own root password and lock them out. but then, I wouldn't get support.

If you want their support, you grant them access to the machine and its data to aid in their troubleshooting.

first lesson of outsourcing (2, Interesting)

petes_PoV (912422) | more than 6 years ago | (#24358861)

You lose control over your system.

While you can discuss the ethics or morality of having strangers accessing (or worse, changing or "accidentally" destroying it - ooops, there goes another database), the fact is that once it's off your site, it's out of your control.

Wasn't there a case recently of some politician who got their records "snooped" by an outsourced operation - consider yourself lucky that all they're doing is looking. It's not impossible to think that they could take any code you written, or sell off credit card details from your database.

Second law of outsourcing: you're tacitly admitting that someone else can run your operation better/cheaper than you can.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>