Slashdot Mirror
MethLabs Shuts out PeerGuardian
Lost&Confused writes to tell us Slyck News is reporting that most of Methlabs.org administration and development staff have been forced out of their own website. For the time being PeerGuardian is being hosted on sourceforge. However, users are advised to stop using the Methlabs.org and Blocklist.org hosted blocklists in favor of the Bluetack list until they can sort things out.
...they don't tend to be very big on the business accumen. Any enterprise where stuff like this can happen, needs to have contracts in force that head them off. The big business closed source world lives and dies by contracts and legally binding agreements. The licenses on the code produced should not be where the thoughts of legalities end. Internal legal matters are perhaps far more important.
If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
Not really. But it sounds almost exactly the same as what Michael Sims, the Slashdot editor, did to the Censorware Project.
Expecting a bitchslap in 5... 4... 3...
Bogtha Bogtha Bogtha
Indeed. We (Methlabs) had an admittedly stupid setup and were working to change it. Obviously, we worked too slow. It's a shame that small groups of friends even have to think of legalities but I guess that's reality.
Anyone have advice on keeping this from happening again, to us or other OSS groups?
http://www.slyck.com/news.php?story=913
Methlabs Update
September 16th, 2005 by Administrator
"Dear Methlabs and P2P Community,
Recently, we had several former staff members revolt against the entire P2P community as a whole. They tried to sabatoge Methlabs and attempted to wipe the Methlabs server of all its data.
Unfortunately, they gained access to site backups. In doing so, your passwords may have been compromised, although they are MD5 encrypted. We would like to you login to the Methlabs forums (http://methlabs.org/forums/) and change your password. We sincerely apologize for this issue. As of right now, the Methlabs site is back online, although forum posts from the past month have been lost.
Since all the data was stolen by former staff members, YOU MAY RECIEVE FAKE EMAILS that look like they are from Methlabs. If they do not come from the Methlabs.org domain and from our email servers, DO NOT BELIEVE THEM.
We assure you that Methlabs development will continue, and ALL OFFICIAL PROGRAMS MUST be downloaded directly from Methlabs.org . Assume that all other sites contain spyware or malicious code which may not be directly trusted.
To update everyone on the current situation, there has been some news going around the Internet of a revolt which happened in Methlabs. This is hearsay. The current real news is that PeerGuardian development and Blocklist development is on schedule, and Blocklist should be out of Beta within the next week or so.
Please spread the word that Methlabs.org is ALIVE and DO NOT believe or TRUST any emails that do not come directly from Methlabs.org and our mail servers. These emails are from disgruntled staff members trying to hurt the P2P community as a whole.
We apoligize for the current situation. Please visit http://methlabs.org/ for OFFICIAL updates, and help us spread the word!
- The Methlabs Team"
Without knowing any details, it's hard to know which party in this situation is the malicious one (possibly both). But this message on the methlabs.org blog is causing the Lost-In-Space-Robot in my head to wave its arms madly:
If the webmaster is telling the truth, this is an innocuous request. [Of course, sufficiently strong passwords will survive precomputed hash attacks, and it's still pretty hard to brute-force MD5 hashes (even given recent weaknesses).] However, if the webmaster is malicious, this is no different than a PayPal phishing scam: "Come visit our website (the legitimacy of which is, at best, in doubt) and enter your old password on a Web form. Go ahead, enter a new one, too. Thanks."
The right thing to do in this case, where you have multiple parties which may all be malicious and some of which may have your passwords, in plaintext or hashed format, is probably to stop using those passwords immediately. If you use that forum password elsewhere, change it elsewhere. As for methlabs.org, the safest course of action is probably to wait and see who the good guys are before typing any passwords in, old or new.
We are the PeerGuardian Robots
We are here to protect you
We are here to protect you from the terrible secret of PeerGuardian
Do not trust the Methlabs Robot. He is malfunctioning
Do not trust the Sourceforge robot. He is inferior.
Form an LLC (couple hundred dollars).
Give all assets that you want to protect to the LLC.
Distribute ownership of the LLC among ALL memebers, and require license changes/ownership changes/policy changes/domain changes, etc, either unanimous consent or a 2/3 (maybe 3/4) vote.
Fundamentally, the purpose of a business 'shell', in any small organization, is to put your assets in one place so that no one can legally mismanage them.
If, for example, methlabs.org had been the property of methlabs, LLC, and the administrator tried to boot you off, you could send an e-mail to your registrar from the 'director' of the LLC, indicating that the administrator was not acting in the interest of the LLC. You send them the *signed* (can be signed electronically, using the US gov't standard, which is a bit silly \ \ ) LLC articles of incorporation, showing either that the administrator member had no right to do that, OR that he wasn't a member of the LLC.
Then they hand you the 'keys' to the castle, so to speak.
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
He thought that methlabs.org had established such a good reputation that they could start charge customers money for the service?
But didn't he realize that the developers would have backup copies of the site and just set up a new site elsewhere?
I've seen this thing happen with small companies. They recruit a couple of software architects to get the core software written. Once they get the software developed they give the architects the boot, and hire cheap graduates to do any customisation.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
This and other injustices perpetrated by slashdot's editors are documented within the pages of Anti-slash: Sacred Jihad Against Slashdot. We invite you to join our community and force slashdot's editors to answer for their crimes.
In Sacred Jihad,
jihadi_31337
Also, 2 more points ;-)
.), and its a fun way to stick it to him.
;-) ) and use this as additional proof (even though small claims doesn't set a precedent) for your cybersquatting claim.
1. Form the LLC anyways. Use the name, MethLabs LLC
File a cybersquatting request. Even if you loose, its not a bad way to go. If you can show you started the project, you'll be in *really* good shape, I think. As far as I know, if you have a business name, you are virtually guaranteed the domain name. What's good for the goose is good for the gander.
Emphasize that its a *security* site. ICANN generally frowns on people trying to subvert security software.
2. Trademark the term "Peerguardian". This costs about ~$400. You may have to take a collection for this. Then, you can pretty reliably prevent him from using that term on methlabs.org.
A trademark will help you achieve number 1, above, and virtually guarantees number 3, below.
3. Sue in small claims court. Make sure to sue in *his* state, but not necessarily his jurisdiction. Even if you don't get the domain back, claim the maximum (usually $3000) in damage. The loss of your projects domain name is easily worth much, much more, but $3000 should be fairly easy to start up again with (pays Domain fees hosting fees LLC fees, etc. .
Small claims court usually only takes a day of work, and the filing fees are pretty small, too. Even if he doesn't pay, you can enter a judgement against him, have the pleasure of actually employing a creditor FOR you (not against
Plus, small claims judges are big on practical issues. They don't like to see people get screwed, and generally side with the abused party.
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell