OK, so I got bored today and added an innocent line into Someone’s hosts filewhich very innocently (and quietly) displays Face bock (bock)…
Watching Someone’s face as they tried to get round it rather than go cold-turkey was immensly funny.
I know I’m gonna pay for this at some point, but it was worth it!
Update (10-Sep-08): And now it looks like I’m paying for it through the vigilante nature of a company called MarkMonitor, who I’ve never heard of before, but who somehow have the power to shutdown websites they don’t like by literally lying about the content of said websites and hoping the service provider they contact isn’t going to check what MarkMonitor say. More to come once this is all over…
Update (15-Sep-08): If you have a policy in place to block Facebook, but would rather do it in a more fun way, then just copy the complete HTML code from the Facebook parody (http://www.facebock.co.uk) and drop it onto your own server, setting up the appropriate host headers to pick up http://www.facebook.com. [If you want the code, let me know via my Contact page]
Update (17-Sep-08): Starting to write up The Vigilante, The American Idiots & The Geek… In the meantime, I will leave http://www.parody1.co.uk/facebook available so you can make up your own mind, but redirect everything else to this post. Suprise suprise, big American companies often stick together and don’t like being challenged when they make mistakes. Others did suprise me, and had competent technical staff willing and able to give a second (correct) opinion, but MarkMonitor and 1&1 have their fictional statistic now and that’s all they’re interested in (especially when one is such a big customer of the other).
Update (16-Oct-08): By coincidence, Richard Clayton over at Light Blue Touchpaper has a writeup about how these antiphishing companies aren’t sharing data between each other, so when a real phishing website is found by one AP company, then they ignore it if they aren’t being paid by the related bank or organisation.
I guess this means that Facebook are paying MarkMonitor a lot of money, and probably per site that they get shut down; therefore it is in MarkMonitor’s interest to lie about a website if they know it will add to their statistics with little threat of them being challenged.
Richard Clayton’s article mentions a 2-5 day delay on trying to shut down phishing sites due to the lack of data sharing; it took MarkMonitor well over 12 Months to contact anyone about Facebock while 300 innocent people every day (for the past 6+ months) had been hitting the site! Either that suggests MarkMonitor are very bad at their job, or maybe that they needed a bit of extra cash off Facebook last month.
Update (19-Feb-09): Well, that was fun for a while…
… but seeing as 1&1 aren’t interested in small customers (some of their support teams are about as good at replying as Symantec’s!) I think I’m gonna say "Thanks for all the fish" and put this tedious saga behind me.
It was fun while it lasted and made me a bit of AdSense cash over the past 6 months (well, it covered the cost of the hosting and a couple of pints anyway). But seeing as Google appears to have dropped the facebock.co.uk domain from its index there’s no real point in keeping going what was originally a 15 minute joke back in July 2007 to stop "Someone" from getting to Facebook and was completely forgotten about until September 2008, when it all blew up in my face.
The comedy/frustration surrounding the technically incompetent people at MarkMonitor who decided Facebock was a phishing site*, seemed worth fighting back in September/October, but I’d kinda forgotten about it all until I spotted the stats drop off over the past coupla weeks from their usual 400 a day down to <40.
* check the Wayback machine and if the site is still there, it’s obvious to any competent person that this site could not phish anything unless login.facebook.com happened to have been DNS poisoned in which case all Facebook logins would be phished including those from the normal site!
Update (10-Dec-09): In the end I decided not to give in to harassment back in February; instead I transferred the domain over to Freeparking.co.uk (Fibranet) and made them aware of the history of the domain. They seemed happy to take my money and had no qualms about what I had told them about Markmonitor.
Things changed in October when Freeparking (Fibranet) shut the domain off without any warning and then proceeded to completely ignore any support tickets that I raised in relation to the problem for the next two months. Finally I’d had enough and decided to transfer the domain back to 1&1* and point it at this page for the foreseeable future.
It was at this point that Freeparking support finally responded to a request to change the IPS tag with a very curt message: "Hi Your domain was archived some time ago, and will shortly be deleted by the central UK registry as it is quite clearly either passing off or a phishing site. Your details have been passed to the relevant authorities. cheers paul"; so I very calmly used Nominet’s system to change the IPS tag instead.
Funnily enough Nominet have no record on their system of any deletion, I still have full control over the domain, and Freeparking (Fibranet) have still to tell me who these generic "relevant authorities" are. I am looking forward to explaining to these "authorities" just how bad Markmonitor‘s system of alleging a problem and scaring service providers into instantly shutting down domains with no oversight or response procedure is.
* just because they at least have a phone number where you can talk to a real person