Dreamhost leaks 3 | 500 FTP passwords | Notes

Dreamhost leaks 3,500 FTP passwords

6 June 2007

Not all that long ago, I was praising Dreamhost for their efforts in ‘going green’, but now comes the news that somehow they’ve leaked 3,500 FTP passwords opening the hosting accounts of many users to a spam attack, with unwanted links being added to the end of many web pages.

These days, complete security is impossible, as there’s always someone willing to spend hours/days/weeks trying to crack a system, either for profit, for a cause or just for kicks. Eventually someone determined enough and resourceful enough will find a way in and you should have a plan of how to deal with this should it happen (hint: make regular backups!).

However, what annoys me most about this incident is that according to reports, Dreamhost first tried to blame individual users for their choice of PHP applications or blog systems, before finally admitting to the fault themselves. In the mean time, many users remained unaware that their accounts had been compromised. Unfortunately, this an attitude I’ve observed with other web hosts over time and not just Dreamhost – the knee-jerk reaction always seems to be to blame the user rather than question the system. I’m sure sometimes they’re right, but so often they’re not.

About Citrus Skies

Citrus Skies is a small web design studio located in Belfast, Northern Ireland, that designs and creates simple, attractive, effective websites. learn more

Notes Archive

Featured Work

The Beechill Inn

Site Design
Custom CMS

more of our work

Citrus Skies

Simple, Effective Websites