?

Log in

There's a new blog post on franklinveaux.com: Does love mean opening yourself up to abuse? You can read it here:

http://blog.franklinveaux.com/2017/04/does-love-mean-giving-someone-the-power-to-abuse-you/

Note: After fifteen years, I've stopped bloggong on LiveJournal. This is why.


It's time to pack up and move

I've been blogging on LiveJournal since August of 2001. And what a long, strange trip it's been. In the past fifteen and a half years, I've seen a lot of changes in the way people use social media: the rise and subsequent fall of a whole host of blogging services, the gradual fading away of USENET and email lists, Facebook's march to supremacy.

In all that time I've continued to use Livejournal, partly because a lot of people know about my blog and follow me there, and partly because after more than a decade it becomes exceptionally difficult to move.

Today, when I signed on to LiveJournal, I found the writing on the wall:



LiveJournal was bought many moons ago by a Russian company, but only recently moved its servers to Russia. And since doing so, it's been required to update its Terms of Service to comply with Russian law, which is rather odious and, well, Russian.

I don't intend to go into a full analysis of the implications of the new ToS. That's been done already in many places on the Web, including here, here, here, and here. (Interestingly, there's no discussion of the change on the official LJ Policy community, and in fact there hasn't been any discussion there since 2015.)

The bits I do want to talk about are those bits directly relevant to me and this blog.

The new Terms of Service have two provisions that directly impact me: in accordance with Russian law, any blog or community read by more than 3,000 readers is considered a 'publication' and is subject to State controls on publications, including the provision that the blogger or moderator is legally liable under Russian law for any content posted by any user; and blogs are prohibited from "perform[ing] any other actions contradictory to the laws of the Russian Federation."

This blog is routinely read by more than 3,000 people, making me a "publisher" under Russian law.

And, more worrying, the Russian "gay propaganda law" forbids discussion of "sexual deviancy," which includes LGBTQ issues. "Propaganda of non-traditional relationships" is forbidden by this law.

I'm not concerned that the Kremlin is going to demand my extradition to Russia to face trial. I am concerned that there's a very real possibility this blog may disappear at any time without warning.




For a couple of years now, I've kept a backup of this blog over at blog.franklinveaux.com. The blog there is a mirror of the blog here, though links over there point to blog entries here rather than there. (Fixing that will be a massive undertaking, involving changing many hundreds of links in thousands of blog posts.)

I moved my LJ to WordPress, a process that was extraordinarily painful. There is an LJ importer for WordPress, and a tutorial for moving your LJ blog to Wordpress here, but, as I discovered, there are a few gotchas.

First, the LJ importer plugin was not tested on large blogs. It requires enormous amounts of memory to import a LiveJournal blog with more than a couple hundred entries; at the time I did the migration, I had north of 1,600 blog posts. Second, it chokes on blog entries that have more than 100 or so comments.

Many, perhaps most, Web hosting companies place limitations on memory and CPU usage that prevent the WordPress LJ importer from working on large blogs.

Second, it won't move images. If you have uploaded images to LJ's servers, you must download them and re-upload them to your new WordPress blog.

I was unable to use the LJ importer to import my entire LiveJournal blog. I finally discovered a workaround, but it's cumbersome:

  1. Create a free WordPress blog at WordPress.com.

  2. Use the importer there (it's in the Tools menu) to import your LiveJournal blog.

    If you're okay hosting your new blog at Wordpress.com, you're done. If, however, you wish to host your blog on your own server with your own WordPress installation, there are a few more steps:


  3. Use the Exporter to export a WordPress XML file of the blog.

  4. Set up your own self-hosted WordPress installation on your own server.

  5. Import the file you exported from Wordpress.com.


Images you have uploaded to LJ will, as I've mentioned, need to be uploaded to your WordPress blog. (Thank God I've never done this; I've always put my images on my own server and linked to them there.)

The problem is compounded by the fact that LiveJournal has never wanted you to move. There's no graceful way to export your LJ blog. There is an exporter of sorts, but it only exports a month at a time. The Wayback Machine at archive.org doesn't archive LiveJournal posts, at least not consistently (it has crawled my blog only 37 times despite the fact that I have some 1,700 blog entries).




This is a huge problem. LiveJournal was one of the first blogging platforms, and a tremendous amount of very valuable information about the rise of social media is in danger of being lost.

This is, of course, the curse of the modern age. A diary written with pen and paper can be lost in an attic for centuries and then, once discovered, provide insight into the lives of people in a long-gone time. But we don't record our lives that way any more. Today, our journals are kept on computer servers--servers owned by other people. And there's no leaving these journals in an attic for a century for future people to find. They require constant, and sometimes very difficult, work to maintain. Anything you host on someone else's servers for free is subject to someone else's whims.

I am dedicated to doing the work to preserve my journal. From now on, I will not be posting new journal entries here. This blog will remain for as long as it can, and I will post links here to blog updates over on blog.franklinveaux.com. I encourage others to do the same. Anything here is subject to the vargarities of Russian law and should be assumed to be unstable, subject to deletion without warning.

From this point forward, please link to new blog posts on blog.franklinveaux.com, not LiveJournal. Over the next few months, I plan to work on linking my most popular LiveJournal entries back to their mirrors on franklinveaux, and updating links there to point ot blog posts there rather than here.

Oh, and the last person to leave LJ, please remember to turn off the lights.

Tags:



There is an Italian version of More Than Two. Or rather, there is, in an alternate universe in which the Italian publisher who published the Italian-language edition of More Than Two was honest and abided by its agreements, an Italian version of More Than Two. Alas, that universe is not this universe.

In the universe we live in, the publisher signed an agreement, but then never made the payment that would have activated the rights transfer. They also added a foreword without consulting with us first, something explicitly forbidden in the agreement.

Okay, so that's shitty and all, but the place where things get especially weird is that so far, every Italian person we've talked to about this has nodded sagely and said, "Well, yes. That's Italy."

Since things have gone sideways with the Italian publisher, I've heard a number of stories of commiseration from Italians. This is, it seems, about par for the course when one sets out to do business in Italy.

Which is really weird, when you think about it.

But I didn't come here to complain about the Italian publisher of More Than Two. I came here to talk about game theory.




Say you're a businessperson who deals with a certain...unsavory element buying and selling products you legally oughtn't. Say that, for your security and that of your clients, you always do business anonymously. You don't know who your clients are, they don't know who you are, and never the two of you shall meet. You do business indirectly: you leave a suitcase full of money under the tree stump at the old Dearborn farm, and your client leaves a sack with the shady goods under a trestle out by the abandoned railroad bridge.

This is a variant on the Prisoner's Dilemma problem, which I've touched on before in the context of polyamory. This is a classic problem in game theory. You have a choice: leave your money or leave an empty suitcase. Your mystery client has a choice: leave the goods or leave an empty sack. If you both leave what you're supposed to leave, you both benefit. If one of you leaves what you're supposed to leave and the other leaves nothing, then whoever left nothing makes out double--he gets the money and the goods. And if you both leave nothing, neither of you loses but neither of you gains, either.

In game theory terms, you each have a choice: cooperate (C) or defect (D). Each of you chooses C or D. If you both choose C, you both benefit a little; if you both choose D, neither of you benefits but you also don't lose; if one chooses C and once chooses D, the person who chooses C loses and the person who chooses D gains.

The temptation, then, is very strong to defect.

Ah, but what if you don't have just a single exchange? What if you have a standing arrangement where you do the transaction every Friday night at midnight? If your mystery partner defects, you will naturally lose trust, and you'll have no reason to cooperate. But if both of you defect all the time, neither of you is getting what you want! Presumably you want the goods more than you want the money, and presumably they want the money more than they want the goods, or else you'd never agree to the exchange. So what benefit is there in both of you practicing an all-defect strategy?

So the calculation is a bit different in one-off exchanges (where there's strong incentive to defect) vs. an ongoing relationship (where there's incentive to cooperate).




These situations play out all the time in real life. Every day, we have choices to cooperate or defect, where defecting might give us short-term gain, but at the cost of long-term success. Some of those choices are made in situations where there won't be an ongoing relationship, and some in situations where there will.

Most of the time, we know the other player in these games; it's rare the other side is totally anonymous. It's also rare each side is powerless to seek redress if one party defects. In fact, you could make a case for the notion that's what civilization is: a system designed to prevent people from practicing an all-defect strategy without consequence.

We are a social species. Social entities have to work together. If everyone defects all the time, social structures break down. This is, in fact, hypothesized as the root of altruism: for social species, altruism has positive survival value. Working together, we can accomplish more, and survive challenges we can't survive apart. (There's a book about this, in fact; it's called The Evolution of Cooperation.)

But there's no getting around the fact that defecting does offer a short-term payoff, especially if you do it and your partner doesn't. And there's a huge penalty for cooperating if your partner defects. Them's the facts.

In most human societies, most people cooperate most of the time. In some societies, however, it seems people are more prone to defect.

The Italian publisher applied and all-defect strategy with us. They defected when they didn't pay us, and defected again when they added a foreword. When we complained, they said they'd stop selling the book until we resolved our differences; and while we were in the process of negotiating with them to do so, they defected yet again, continuing to sell and advertise the book when they'd said they'd stop. And then, when we complained again, they said, "Ok, sue us, Italian courts are so slow it'll never go to trial--and even if it does, we don't have any money anyway."

So finally, we stopped trying to negotiate, issued a statement, and started filing takedown requests. From the publisher's perspective, this probably felt like a defection. And neither we nor the publisher got what we wanted. And everyone shrugged and said, "Yeah, that's Italy for you."

Worse, the fact that we pulled the plug probably validated the publisher's idea. "See," they might say, "this is why we behave the way we do--because, look, people are always screwing us!" When you practice an all-D strategy, your partners are going to defect too. Which means you should defect, because they're going to defect, so why should you be the only chump cooperating?




But here's the thing: Since we are, arguably, evolved to be cooperative; since most of the encounters we have are not one-off exchanges (and even if they are, word gets around--if you screwed your last ten customers, the eleventh might not want to deal with you); and since societies need some minimum level of cooperating in order to function...why do we occasionally see places where people appear to play an all-D strategy?

One person Eve and I have spoken to has suggested that Italy has such a long history of corrupt, dysfunctional politics and essentially broken legal systems that people have developed a habit of breaking rules, simply because in a corrupt society, you must break rules simply to get anything done. This pattern has played out in Russia as well, another place where, it seems, all-D strategies are common. If that's true, it would seem to create a perfect storm of positive feedback: people begin to defect routinely, as a matter of course, because the social systems have become dysfunctional. This causes the social systems to become more dysfunctional, because societies in which many people tend to defect are intrinsically dysfunctional. That increased dysfunction causes more people to defect more often in their exchanges with others, which leads to greater dysfunction, and so it goes.

Which, if that's true, bodes ill.

There is, right now, in the US White House, a person who has made a career of defecting. The Cheeto-in-Chief is notorious for screwing his contractors, his vendors, and his financial backers; that's why he ended up in bed with Russian banks--American banks refuse to do business with him. His Orangeness has surrounded himself with people who also tend to practice all-D strategies; indeed, one could argue that the Tea Party was virtually built on a foundation of all-D behavior.

I fear that, if this idea becomes entrenched enough in US society, it will become normalized to defect as a matter of course, in all kinds of business and social interactions. Once that positive feedback loop sets in, I'm not sure how, or if, it can be reversed.

And people will sigh, and nod, and say, "You got screwed by an American company? Yeah, that's the Americans for you."

A society that works this way will never remain a world power. (Russia, I'm looking at you here.)


The Return of the Spam Tsunami

As regular readers of this blog know, I am an amateur infosec researcher, and I track spam and malware as a hobby. And, as many of you know, there are certain names--ISPs, people, affiliate networks, content delivery networks--that tend to come up again and again whenever you do a deep dive into the seedy, twisted world of spam and malware.

A while back, I wrote a blog post about a prolific spammer named Mike Boehm, who makes money sending spam emails that advertise affiliate links on affiliate Web sites. Every time someone clicks a link in one of his spam emails, they're redirected through a network of computers, all designed to put distance between the spam email and the final site, until eventually arriving at an affiliate Web site, which pays Mr. Boehm for the referral.

Lately, I've found myself buried under a blizzard--nay, dare I say, a tsunami--of spam emails that all have very similar characteristics. They advertise a site, usually with a cheap top level domain that nobody wants such as .stream or .science or .faith. Visiting the site shows a plain white page with an animated "Loading" graphic. Then, after a few seconds, you end up on a completely different site, the one actually advertised in the spam.

These spam emails have some but not all of the characteristics of Mike Boehm spam. It's been hard to track them, because they use complex JavaScript to attempt to hide how the redirection works, what affiliate network they're using, and where they redirect to. I've been collecting examples, and as the number of these spam emails arriving in my inbox has risen, so too has my blood pressure.

Today, it finally reached the point where I sat down and did the work to take apart the tricky JavaScript redirectors and figure out what's happening.

Lo and behold, the JavaScript is used to redirect visitors through Clickbank, a favored affiliate network used by Mike Boehm in the past.

The system works like this:



Basically, the spamvertised site contains hidden iFrames and/or hidden divs that have a redirection JavaScript. The redirection JavaScript attempts to conceal where the page is redirecting to. The code on the Spamvertised pages looks like this:


<script type="text/javascript" src="hxxp://[spamvertised domain]/ajax/get_js/main/"></script>
<title>Loading...</title>
<meta hxxp-equiv="content-type" content="text/html; charset=UTF-8" />
</head>
<body>
<div style="position:absolute;top:-1000px;left:-1000px;height:0px;width:0px;"><a href="hxxp://www.buzsounds.faith/tr11/6/685/416/510/81/26391725/index.htm" style="border=0;"><div></div></a></div>
<div id="show_loading">
<center><br /><br /><img src='hxxp://[spamvertised domain]/ajax/get_imgl/loading.gif/' /></center>
</div>
<div id="content" style="display:none;">
<iframe id="content_window">
<html>
<body>
<center><br /><br /><img src='hxxp://[spamvertised domain]/ajax/get_imgl/loading.gif/' /></center>
</body>
</html>
</iframe>
</div>
<script type="text/javascript">
$(document).ready(
function() {
if (ajax._loaded == false) {
var _doc = ajax.getIframeCW(document.getElementById('content_window'));
_doc.body.innerHTML = '<html><body><center><br /><br /><img src=\'hxxp://[spamvertised domain]/ajax/get_imgl/loading.gif/\' /></center></body></html>';
}
}
);
ajax.getMainPage(
param1,
param2,
param3,
param4,
param5,
param6,
param7,
qs
);
</script>



The JavaScript loaded from the script tag assembles a URL from the parameters, then loads the content of that URL.


getMainPage : function(m,l,li,s,u,o,c) {
var _u = "";

if (u == '') {
if (o == '' && c == '') {
_u = host_name+'ajax_m/get_main_page/'+m+'/'+l+'/'+li+'/'+s+'/';
}else{
_u = host_name+'ajax_m/get_main_page/'+m+'/'+l+'/'+li+'/'+s+'/'+o+'/'+c+'/';
}
}else {
if (o == '' && c == '') {
_u = host_name+'ajax_m/get_main_page/'+m+'/'+l+'/'+li+'/'+s+'/'+u+'/';
}else{
_u = host_name+'ajax_m/get_main_page/'+m+'/'+l+'/'+li+'/'+s+'/'+u+'/'+o+'/'+c+'/';
}

}

if(qs != '') {
_u = _u+"qs/?"+qs;
}

$.ajax({
url: _u,
success: function(data) {

if (pg_st == 0) {
var _w = window;
_w.location = data;
}else{
$('#show_loading').css('display','block');
$('#content').css('display','none');
var _doc = document.getElementById('content_window');
_doc.src = data;
_doc.onload = ajax.flip;
}
}
});
},



The URL that's assembled contains nothing but a text string to yet another URL. And, as it turns out, that URL belongs--surprise!--to Clickbank.

In the past, Clickbank has been reasonably responsive to spam complaints. I won't say they're great (they're slow and often don't take action until I've complained multiple times), but they do eventually shut down spamming affiliates.

They shut Mike Boehm down multiple times, and for a while, I was seeing very little spam from him.

This new tsunami of spam, accompanied by the sneaky attempts to conceal the Clickbank redirects, suggests that he's back to his old tricks, but this time trying to prevent anyone from complaining and having him shut down again.

I've managed to find the affiliate IDs he's using and file complaints with Clickbank. I hope they shut him down again.

There's a degree of entitlement among spammers I rarely see outside abusers.


Movie review: The Great Wall

We didn't plan to see The Great Wall. We actually intended to see Get Out, but owing to an unfortunate accident with a parallax time distortion unit and a group of Brazilian terrorists, we ended up in the theater a week early. The only movie that had not yet started playing was The Great Wall, starring a bunch of CG space aliens, Willem Dafoe as John Hurt doing an impression of Keanu Reeves, Matt Damon as Matt Damon, and Tian Jing as an archer-specialized player character from Skyrim.


Seriously, tell me this isn't glass armor from Skyrim.


So, with some trepidation, we ventured into the theater, expectations and parallax time distortion unit appropriately recalibrated.

The movie goes something like this:

MATT DAMON: The Chinese have the secret of black powder. We do not. Let us venture to China and steal black powder from the Chinese.
MATT DAMON'S SIDEKICK: Wait, what? If they have black powder and we don't, doesn't that mean they have better weapons than we do, thus making stealing from their military kind of a bad idea?
MATT DAMON: That's why we brought expendable extras with us. Plus, I have a magnet.
MATT DAMON'S SIDEKICK: Why do you have a magnet?
MATT DAMON: Because unlike you, I read the script.
EXPENDABLE EXTRAS: Hang on, back up a second. What was that part about expendable--

CG SPACE ALIENS come out of NOWHERE and kill the EXPENDABLE EXTRAS.

MATT DAMON: Matt Damon!

MATT DAMON and MATT DAMON'S SIDEKICK kill a CG SPACE ALIEN and chop off its ARM

MATT DAMON: Let's take that arm with us.
MATT DAMON'S SIDEKICK: Wait, what? Why?
MATT DAMON: Because it's a CG space alien's arm, of course!

Arr! Spoilers be down below!Collapse )


Moving into the Modern Era

I first released my sex game Onyx twenty years ago. I've been maintaining it and distributing it from various Web sites ever since, and to be honest, the Web sites I've been distributing it from haven't advanced a whole lot in that twenty years. Seriously, if you want to see the Web as it was in the 90s, look no further than my Symtoys site. (Mobile browser compatible? Pah! What's that? In my day, we surfed the Web on dial-up from a Mac IIvx!)

As I work on making Onyx 4 more accessible and modern, I'm also working to dust off my own corners of the Web. And I've just completed a big part of that.

I am pleased to announce a brand-new, modern Web site for Onyx. And I've also dragged my boots out of the mid-90s and upgraded to a completely new Web shopping cart for all my posters and stuff.

And you can help me celebrate!

Special offer! Use coupon code

newsite17

on checkout for $6 off registration!


Download Onyx here!

Tags:



On building a culture of consent

It's predictable. That's the most infuriating thing about it: it's so goddamn dreadfully predictable.

If it were a surprise, we could at least say that it was surprising because we didn't expect it. If we didn't expect it, that means we were expecting something else. But god damn if it isn't dreary in its monotonous predictability.

Five and a half years ago, I wrote a blog post called Assault and Consent in the BDSM Community. It concerned a person I know who'd been raped by a well-known leader in the Portland BDSM scene1. When she came forward about the assault, the BDSM scene closed ranks behind him and against her. It wasn't until many more women stepped forward to say that he had raped them, too, that he was eventually run out of the scene...but it took a long time. And during that time, the predictable and monotonous drumbeat of minimization and victim-blaming and "well I never had a problem with him" bullshit (newsflash: you never had a problem with him because you're not in his preferred victim demographic, duh) was all you could hear in the local community.

I've talked about this before, of course. It, and a succession of similar events like it with that same old same old unwillingness to deal with abuse in the community, was the reason I left the BDSM scene. I am still kinky, and I still consider other kinky folks to be my people, but god damn so many of the organized BDSM communities are dysfunctional when it comes to consent.

Ironically, given all the lip service it pays to consent.

None of this is news, at least to anyone paying attention. We live in a society where access to other people's bodies, particularly women's bodies, is considered as much a right as free speech and the right to bear arms. I mean, hell, access to other people's bodies is a goddamn advertising campaign, as this photo I took of a sign in a storefront in California quite plainly illustrates.


You know she was asking for it.


And here's the thing: It's not just about sex.

Access to, and entitlement to, other people is so pervasive, so intimately woven into the fabric of Western society, that it's the backdrop against which our lives are played out.

Not just access to other people's bodies, though there is that, but access to other people. Access to other people's time, other people's attention, other people's creativity, other people's expression.

If you're a woman, you know this already. If you're at all creative, or if you're someone who's even moderately famous, you know this already. If you're a woman who's well-known or even moderately famous, you know this so thoroughly you probably don't even need to read the rest of this blog post to know what's coming.




I wrote recently about a storm brewing in the Italian poly scene over the Italian language version of More Than Two. It's something Eve has also written about.

And before I go any further, I want to say that no, I'm not claiming what's happening with the book is in any way comparable to rape. If that's the idea you come away from this essay with, you're not paying attention.

Instead, what I want to say is that the casual entitlement to other people, the offhand attitude that suggests that person A has, by right, an expectation to access to person B, and should B object to this access, A can be expected not only to trot out the same old tired objections we've heard a hundred times, but A's friends F, U, C, and K can be expected to do the same, is the common thread that unites many different forms of consent violation.

That's the thing. That's the maddening, infuriating, and painfully mundane thing about this. People who feel an entitlement to access to other people can be counted on to justify that entitlement in the same exact ways, and it doesn't matter if we're talking about physical assault, emotional labor, control over another person's choices, or any other kind of forced intimacy. The same tools--victim-blaming, gaslighting, feigned "neutrality," cries of "oh, but I've never had a problem with him!"--get use against any kind of non-consensual access to other people, sexual or not.

And it's so predictable we barely even notice. Might I point out how fucked up that is?

Eve recently shared her blog post in a 2,500-member Italian polyamory Facebook group, one of two major groups in Italy. By then there was already a roiling, seething mass of innuendo, speculation, storytelling, and weird narrative growing around the problems with the Italian version of More Than Two, which is what typically happens in the absence of information; we are a storytelling species, and we make up stories to explain the world, without even knowing we're doing it.

So she posted. And the result was...well, it was indistinguishable from what happened five and a half years ago, around a different issue in a different community halfway around the world.

We don't like it when people we admire do something wrong, and we are, as a species, quite predictable in the ways we will hold on to the idea that folks we personally like are Pure And Noble, and folks who tell us inconveniently unpleasant things about them are Bad And Wrong.

Different situation, different crime, same disregard for consent, same rationalizations and reactions.

Fuck me if it's not as monotonous as clockwork.


On each rotation of the center gear, someone says "But she's overreacting!"





So let's cut to the chase.

If someone writes a book and you like it, that's cool.

If someone writes a book and you want to see it published where you live, that's cool.

If someone writes a book and you work with the publisher to attach a foreword to the book that you wrote without talking to the authors about first, and then you fight back when they want it removed, that's not, and never will be, cool. That's the sort of pervasive attitude of entitlement to other people I'm talking about.

If someone writes a book and you go to the publisher misrepresenting yourself as speaking on behalf of the authors, that's not only not cool, it's creepy.

If someone writes a book, and you do these things, and the authors complain, and then you begin a campaign of throwing anyone who you think publicly or privately supports the authors out of groups and events and leadership roles, that's...that's...

Sadly, that's as predictable as the rotation of a gear.

Because that's how entitlement works. That's what entitlement is. It's the belief that that access to another person, be it physical or emotional or psychological or whatever, belongs to you, it's yours by right, and anyone who tries to take it away is depriving you of what's rightfully yours.

And the victim blaming, closing ranks behind the consent violator, "oh it was all in her head" stuff? That's also part of how entitlement works, because entitlement isn't just some random guy who thinks he has the right to have access to you, entitlement is a system. It's a pattern of beliefs. It's the water in which we swim.

It's the advertising message we see hanging in a store window while we're walking down the street.

This idea, that entitlement is not just a personal failure of boundaries but a toxic environment in which we live, is central to the whole idea of consent culture. And it distresses me when people who represent themselves as part of a community built on a culture of consent behave this way.

I quit the BDSM community because by the time I left it had not succeeded, even after decades, in building a meaningful culture of consent.

I see the poly community headed the same way, and it's heartbreaking. This is not okay. Let's do better.



1 Last I heard, he'd moved to Seattle and was gaining a reputation as a rapist in the BDSM scene there, too. Funny thing, though. In all of US history, as near as I can tell, there has never once been a successful rape prosecution against a rapist who was in a kink relationship with their victim. Not one. If you want a 100% guaranteed free ride to rape with total, irrevocable legal immunity, join the kink scene. Now you know.

Tags:



There’s a strange thing that happens to writers who are in the public eye.

I’ve been writing about polyamory for many years, starting in the late 90s, when I first started talking about polyamory on Xeromag. The Web site started out as a site for the small-press magazine my former business partner and I are doing, and each of us wrote a little bit about ourselves. I wrote a page on polyamory and another on BDSM. I wasn’t really expecting to reach a large audience, and I was not really writing it for anyone in particular; mostly, I was writing the things I wished I could go back in time and tell myself ten years earlier.

But the things I wrote connected with a lot of people. Pretty soon, the Xeromag site became that site about polyamory--oh, and something about a magazine too. In 2006, the polyamory content was getting so much traffic that the rest of the site was groaning under the load, so I moved all the polyamory content to its own server and its own domain at morethantwo.com.

In 2012, I started dating Eve Rickert. In 2013, she said “Hey Franklin, we should write a book together!” In 2014, we published More Than Two.

Like the Web site, the book exploded, becoming far more popular than even our most optimistic hopes. In 2015, we did a tour of Europe to support the book. We dragged our suitcases around the streets of Amsterdam and Berlin, Bruges and Rome, Madrid and London, talking to people--sometimes through translators--about intimate details of our lives and experiences.

Then the funny thing happened.

When you write about your life in a way that resonates with people, it creates this weird sort of situation where fans of your work feel like they know you, even though you don’t know them. It’s a strange and disconcerting experience to talk to a complete stranger who knows intimate details of your life and feels connected to you. It plays tricks on your mind. Human beings are social animals, hard-wired to attach emotionally and form intimate bonds with other people, but our emotional selves never evolved to cope with the Internet and mass media.

Most folks navigate this very well. We met tons of fantastic people and had some unforgettable experiences, and even though our book tours have been miserable, uncomfortable things that have left us physically and emotionally exhausted, I wouldn’t trade them for anything.

But sometimes, that weird one-sided intimacy creates some weird, messed-up situations. The border between self and other can get fuzzy, and when it does, that one-sided intimacy can lead to some dark places.

A person who feels like they know you can feel entitled to you. And that can cause a lot of damage. Entitlement is the soil in which abusive behavior grows.

Eve has written about a situation playing out in the Italian poly scene that’s creating knock-on effects all the way across the ocean. And, as is often the case with these sorts of situations, there’s a lot of speculation, a lot of rumor, and a lot of storytelling going on. (We humans are a storytelling species. We invent stories to explain the world, often without even being aware of it.)

I urge everyone to read her essay, which you can find here. I support what she says.

It started small. Little things, not a problem on their own, but in retrospect pointing to poor boundaries, to that fuzzy distinction between self and others. One of the people who helped organize our book event in Rome, Mr. Boschetto, did a lot of work to help make the More Than Two book event successful. However, in the process, he also sought to attach himself more to us than we realized, involving himself more and more closely with us without really getting consent first. Like all creeping boundary violations, this happened gradually enough that we didn’t recognize it at first.

Things came to a head with the Italian-language version of More Than Two, which has turned into a nightmare. The Italian publisher has not abided by the terms of our contract, a matter that we’re still resolving. On top of that, Mr. Boschetto added a foreword to the book without prior consent, perhaps assuming there was greater personal connection than there was.

Okay, I get it, shit happens, and sometimes boundaries get muddled, and you work it out and move on. But in the past week, things have come off the rails in a spectacular way, one that makes it hard to assume good intent. People who have been trying to work with us to resolve the matter—people we specifically reached out to to help—have been barred from Italian poly events for working with us.

And now, we’re told (and Eve has seen), he’s taken to threatening people who disagree with him under Italy’s antiquated libel laws, under which a person can be imprisoned for saying something that offends another person even if what is said is true.

It’s impossible to reconcile these actions--banning people from events for working with someone in a professional capacity, threatening to have people imprisoned for saying things he doesn’t like--with someone whose heart is in the right place. The poly community can survive a lot, but no community can stay healthy if it silences dissent.


The Lucifer Effect effect

Eve loves to read to me. It's one of the love languages we share, and it's been a part of our relationship for years. We've read fiction (like Use of Weapons) and non-fiction (like Parasite Rex) together.

The Lucifer Effect is a book by Philip Zimbardo, the psychologist who designed the now-infamous Stanford prison experiment. The Stanford prison experiment was an attempt to understand the dynamics of deindividuation in prison environments. Zimbardo hypothesized that prisoners lose their sense of individual identity in institutional settings. The experiment, which had been focused on prisoners, ended up showing that prison guards become abusive not because they are evil or abusers, but because the psychological environment of prison creates enormous pressure for otherwise normal people to become abusive and sadistic. The experiment recruited a group of college students to role-play prisoners or guards in a false prison. Within days, the students assigned to guard roles became so violent, abusive, and sadistic, and tortured the students playing the role of prisoners so severely, that the experiment was discontinued.

And the book has turned into a rough ride for me.

Reading the book, which goes into great detail about the physical and psychological abuse inflicted on the "prisoners" by the "guards," has been surprisingly difficult. When Eve reads this book to me, I find my blood pressure shooting up, I end up angry and irritable, and I have trouble sleeping.






This is Venango Elementary School, in Venango, Nebraska, the tiny town where I grew up.

It's more fair to say this was Venango Elementary School. It closed for lack of students decades ago. Venango had 242 people living in it when I was there; at the last census, the population had fallen to 167, none of whom are children. The grounds are still maintained by a retired gentleman who's lived in Venango most of his life, but nobody's had a class here in a very long time.

When I was in middle school, I was socially isolated and alienated. I was the only kid in town who didn't follow football, and the only one who owned a computer. I had no friends, and spent my time building model rockets or dialing computer bulletin boards from my TRS-80.

Needless to say, I was bullied extensively during my career in middle school. The two worst offenders were the two Mikes, Mike A. and Mike C. They were both a couple of years older than I was and quite a lot bigger, and they were inseparable. One of them—I think it was Mike C., though time may have garbled that detail—was fond of coming to school in a T-shirt with iron-on letters on it that spelled out "It's nice to be injected but I'd rather be blown." (It's about cars, geddit? Geddit?)

The particulars of the abuse I suffered at their hands is as predictable as it is tedious, so I won't bother cataloging them. The official response from teachers and faculty was also tediously predictable; they were aware of the abuse but not particularly motivated to intervene.

I went into high school shy and with few social skills. Then, about the time I was midway through my senior year, I changed.

I had always believed that the reason I was bullied was the reasons bullies gave for bullying me: I wore glasses; I didn't like football; I liked computers. It took a very long time for me to learn that the content of bullying is completely separate from bullying. That is, bullies bully because they are bullies. If I didn't wear glasses, if I didn't like computers, if I did like football, they would still have bullied me, they just would have bullied me about different things.

But that wasn't the life-changing revelation. In fact, it didn't come until after the life-changing revelation.

The life-changing revelation was that bullies bully people who don't fight back. If you want to end bullying, you walk up to the biggest, meanest bully of the bunch, reach back, and punch him square in the face. When bullies realize you bite back, they look for easier prey.

So I went into college with a whole new attitude about violence, one that a lot of folks who know me now find difficult to believe. I was, for a while, quite willing to resort to casual violence in the service of self-protection. I got into fistfights often, and learned yet another lesson: victory does not go to the biggest or the strongest person in the fight. Victory, nine times out of ten, goes to the person who escalates fastest, the one willing to do what the other person is not. I could get in a fight with opponents far larger and stronger than I was, and I almost always came out on top, because I escalated swiftly and aggressively.




I am not the person I used to be. Or, more accurately, I am not the people I used to be. I'm not the shy, friendless, unsocialized bullying victim I was in Venango. I'm also not the aggressive, in-your-face, ready-for-a-fight guy with a hair trigger I was in college. In fact, most of the time it's hard for me to connect with either of those mindsets any more.

But man, this book.

This book does not mince detail. It describes, directly and even clinically, the abuses suffered by the "prisoners" on behalf of the "guards," abuses that range from verbal bullying to refusing to allow the prisoners to use the bathroom and forcing them to urinate and defecate in their rooms.

When Eve reads this book to me, I'm transported back to the person I was in college. I can feel my body amping up—I can feel the adrenaline, the shaking, the hair trigger coiled up inside me ready to explode that I used to feel back in my college days whenever someone would start harassing me. And I mean that literally; my hands will shake while she's reading.

I can identify with the group of students who were made into prisoners. I can understand what they're experiencing. And I believe that if I had been chosen to participate in an experiment like the SPE and had been assigned to the role of prisoner, there is a very strong likelihood I would have injured or killed one of the "guards," or been injured or killed myself in the attempt.

It's been rough, this book. It's brought me viscerally back to a time and place that I haven't been in for more than half my life now. We've had to switch from reading it in the evening before bed to reading it in the afternoon, because when we read it at night, I can't sleep.

The book is an excellent deep dive into the underworld of institutional evil (and it's astonishing how closely the casual abuse that happened in the faux prison in the basement of the Stanford psychology building mirrored the abuses in the real world at Abu Ghraib, and for exactly the same reasons). It's a book I think everyone needs to read, now more than ever, and I'm glad we're reading it.

But man, it's turned into a painful slog.


A few folks have been wondering where we're at on the Bionic Dildo, as we've taken to calling it.

We've made a lot of progress in the last few months, starting with setting up a workspace for research, development, and testing. We've moved into the new space, where we have a lot of resources we didn't have before.

The first few prototypes were put together by modifying existing sex toys. This crude approach was good enough to show us that the basic technology is sound, but the prototypes we built this way were limited, fragile, and rather uncomfortable to wear.

Since then, we've acquired a 3D printer and facilities for making ceramic molds to cast silicone. This allows us to create custom-designed silicone with electronics, sensors, and electrodes cast right in.



From 3D rendering to printed positive that we use to make a mold.
And yes, those are Lego bricks we're using as a mold box!


We've 3D printed and made silicone test casts of the insertable part of the device. Here's a test cast of the insertable with electrodes directly embedded in the cast, a huge improvement over our first few prototypes:



Right now, we're moving into a development phase aimed at answering questions like:

  • How many sensors and electrodes do we need?

  • What's the neural density of the inside wall of the vagina?

  • How much variability is there in sensitivity between different people, and between different parts of the inner anatomy of the same person?

  • What's the best way to modulate the signal in response to pressure on the sensors?

  • What's the maximum perceptual spatial resolution of the inner anatomy?


The first-generation prototype had three sensors and three electrodes, and the insertable part was rigid plastic, which as you can imagine was not terribly comfortable and certainly not workable for long-term use. The prototype we're working on now is an enormous improvement: fifteen sensors and fifteen electrodes, embedded in custom silicone that's far more comfortable.

We're excited with the progress that we've made, and looking forward to what we can learn in 2017.

Want to keep up with developments? Here's a handy list of blog posts about it:
First post
Update 1
Update 2
Update 3
Update 4
Update 5
Update 6
Update 7
Update 8
Update 9


Learning to be a Human

I don't live in my body.

I was 48 years old before I discovered this. Now, such a basic fact, you might think, would be intuitively obvious much earlier. But I've only (to my knowledge) been alive this once, and I haven't had the experience of living as anyone else, so I think I might be forgiven for not fully understanding the extent to which my experience of the world is not everyone's experience of the world.

Ah, if only we could climb behind someone else's eyes and feel the world the way they do.

Anyway, I do not live in my body. My perception of my self—my core essence, if you will—is a ball that floats somewhere behind my eyes, and is carried about by my body.

Oh, I feel my body. It relays sensory information to me. I am aware of hot and cold (especially cold; more on that in a bit), soft and hard, rough and smooth. I feel the weight of myself pressing down on my feet. I am aware of the fact that I occupy space, and of my position in space. (Well, at least to some extent. My sense of direction is a bit rubbish, as anyone who's known me for more than a few months can attest.)

But I don't live in my body. It's an apparatus, a biological machine that carries me around. "Me" is the sphere floating just behind my eyes.

And as I said, I didn't even know this until I was 48.

This is not, as it turns out, my only perceptual anomaly.

I also perceive cold as pain.

When I say this, a lot of folks don't really understand what I mean. I do not mean that cold is uncomfortable. I mean that cold is painful. An ice cube on my bare skin hurts. A lot. A cold shower is excruciating agony, and I'm not being hyperbolic when I say this. (Being wet is unpleasant under the best of circumstances. Cold water is pure agony. Worse than stubbing a toe, almost on par with touching a hot burner.)

I've always more or less assumed that other people perceive cold more or less the same way I do. There's a trope that cold showers are an antidote to unwanted sexual arousal; I'd always thought that was because the pain shocks you out of any kind of sexy head space. And swimming in ice water? That was something that a certain breed of hard-core masochist did. Some folks like flesh hook suspension; some folks swim in ice water. Same basic thing.

I've only recently become aware that there's actually a medical term for this latter condition: congenital thermal allodynia. It's an abnormal coding of pain, and it is, I think, related to the not-living-in-my-body thing.

I probably would have discovered all of this if I'd been interested in recreational drug use as a youth. And it appears there may be a common factor in both of these atypical ways I perceive the world.

Ladies and gentlebeings, I present to you: TRPA1.



This is TRPA1. It's a complex protein that acts as a receptor in nerve and other cells. It responds to cold and to the presence of certain chemicals (menthol feels cold because it activates this receptor). Variations on the structure of TRPA1 are implicated in a range of abnormal perception of pain; there's a single nucleotide polymorphism in the gene that codes for TRPA1, for instance, that results in a medical condition called "hereditary episodic pain syndrome," whose unfortunate sufferers are wracked by intermittent spasms of agonizing and debilitating pain, often triggered by...cold.

I've lived this way my entire life, completely unaware that it's not the way most folks experience the world. It wasn't until I started my first tentative explorations down the path of recreational pharmaceuticals that I discovered there was any other way to be.

For nearly all of my life, I've never had the slightest interest in recreational drug use, despite what certain of my relatives believed when I was a teenager. Aside from alcohol, I had zero experience with recreational pharmaceuticals until I was in my late 40s.

The first recreational drug I ever tried was psilocybin mushrooms. I've had several experiences with them now, which have universally been quite pleasant and agreeable.

But it's the aftereffects of a mushroom trip that are, for me, the really interesting part.

The second time I tried psilocybin mushrooms, about an hour or so after the comedown from the mushroom trip, I had the sudden and quite marked experience of completely inhabiting my body. For the first time in my entire life, I wasn't a ball of self being carried around by this complex meat machine; I was living inside my body, head to toe. (I recall looking at Eve and saying "I go all the way to the ground!")

The effect of being-in-my-bodyness persisted for a couple of hours after all the other traces of the drug trip had gone, and for a person who's spent an entire lifetime being carried about by a body but not really being in that body, I gotta say, man, it was amazing.

So I did what I always do: went on Google Scholar and started reading neurobiology papers.

My first hypothesis, born of vaguely remembered classes in neurobiology many years ago and general folk wisdom about psilocybin and other hallucinogens, was that the psilocybin (well, technically, psilocin, a metabolite of psilocybin) acted as a particularly potent serotonin agonist, dramatically increasing brain activity, particularly in the pyramidal cells in layer 5 of the brain. If psilocybin lowered the activation threshold of these cells, reasoned I, then perhaps I became more aware of my body because I was better able to process existing sensory stimulation from the peripheral nervous system, and/or better able to integrate my somatosensory perception. It sounds plausible, right? Right?



Alas, some time on Google Scholar deflated that hypothesis. It turns out that the conventional wisdom about how hallucinogens work is quite likely wrong.

Conventional wisdom is that hallucinogens promote neural activity in cells that express serotonin receptors by mimicking the action of serotonin, causing the cells to fire. Hallucinogens aren't well understood, but it's looking like this model is probably not correct.

Oh, don't get me wrong, psilocybin is a serotonin agonist and it does lower activation threshold of pyramidal cells, oh yes.

The fly in the ointment is that evidence from fMRI and BOLD studies shows an overall inhibition of brain activity resulting from psilocybin. Psilocybin promotes activation of excitatory pyramidal cells, sure, but it also promotes activation of inhibitory GABAergic neurons, resulting in overall decreased activity in several other parts of the brain. Further, this activity in the pyramidal cells produces less overall cohesion of brain activity, as this paper from the Proceedings of the National Academy of Sciences explains. (It's a really interesting article. Go read it!)

My hypothesis that psilocybin promotes the subjective experience of greater somatosensory integration by lowering activation threshold of pyramidal cells, therefore, seems suspect, unless perhaps we were to further hypothesize that this lowered activation threshold persisted after the mushroom trip was over, an assertion for which I can find no support in the literature.

So lately I've been thinking about TRPA1.

I drink a lot of tea. Not as much, perhaps, as my sweetie emanix, but a lot nonetheless.

Something I learned a long time ago is that the sensation of being wet is extremely unpleasant, but it's more tolerable after I've had my morning tea. I chalked that down to it being more unpleasant when I was sleepy than when I was awake.

It turns out caffeine is a mild TRPA1 inhibitor. That leads to the hypothesis that for all these years, I may have been self-medicating with caffeine without being aware of it. If TRPA1 is implicated in the more unpleasant somatosensory bits of being me, then caffeine may jam up the gubbins and let me function in a way that's a closer approximation to the way other folks perceive the world. (Insert witty quip about not being fully human before my morning tea here.)

So then I started to wonder, what if psilocybin is connecting me with my body by influencing TRPA1 activity? Could that explain the aftereffects of a mushroom trip? When I'm in my body, I feel warm and, for lack of a better word, glowy. My sense of self extends downward and outward until it fills up the entire biological machine in which I live. Would TRPA1 inhibition explain that?

Google Scholar offers exactly fuckall on the effects of psilocybin on TRPA1. So I turned to other searches, trying to find other drugs or substances that promoted a subjective experience of greater connection with one's own body.

I found anecdotal reports of what I was after from people who used N-phenylacetyl-L-prolylglycine ethyl ester, a supplement developed in Russia and sold as a cognitive enhancer under the Russian name Ноопепт and the English name Noopept. It's widely sold as a nootropic. New Agers and the fringier elements of the transhumanist movement, two groups I tend not to put a lot of faith in, tout it as a brain booster.

Still, noopept is cheap and easily available, and I figured as long as I was experimenting with my brain's biochemistry, it was worth a shot.



To hear tell, this stuff will do everything from make you smarter to prevent Alzheimer's. Real evidence that it does much of anything is thin on the ground, with animal models showing some protective effect against some forms of brain trauma but human trials being generally small and unpersuasive.

I started taking it, and noticed absolutely no difference at all. Still, animal models suggest it takes quite a long time to have maximum effect, so I kept taking it.

About 40 days after I started, I woke up with the feeling of being completely in my body. It didn't last long, but over the next few weeks, it came and went several times, typically for no more than an hour or two at a time.

But oh, what an hour. When you've lived your whole life as a ball being carted around balanced atop a bipedal biological machine, feeling like you inhabit your body is amazing.

The last time it happened, I was in the Adventure Van driving toward the cabin where Eve and I are currently writing not one, not two, but three books (a nonfiction followup to More Than Two titled Love More, Be Awesome, and two fiction books set in a common world, called Black Iron and Gold Gold Gold!). We were listening to music, as we often do when we travel, and I...felt the music. In my body.

I'd always more or less assumed that people who talk about "feeling music" were being metaphorical, not literal. Imagine my surprise.

I also noticed something intriguing: Feeling cold will, when I'm in my body, push me right back out again. Hence my hypothesis that not being connected with my body might in some way be related to TRPA1.

The connection with my body, intermittent and tenuous for the past few weeks, has disappeared again. I'm still taking noopept, but I haven't felt like I'm inhabiting my body for the past couple of weeks. That leads to one of two suppositions: the noopept is not really doing anything at all, which is quite likely, or I'm developing a tolerance for noopept, which seems less likely but I suppose is possible. Noopept is a racetam-like peptide; like members of the racetam class, it is an acetylcholine agonist, and while I can't find anything in the literature about noopept tolerance, tolerance of other acetylcholine agonists (though not, as near as I can tell, racetam-like acetylcholine agonists) has been observed in animal models.

So there's that.

The literature on all of this has been decidedly unhelpful. I like the experience of completely inhabiting my body, and would love to find a way to do this all the time.

I'm currently pondering three experiments. First, next time I take mushrooms (and my experience with mushrooms, limited though they are, have universally been incredibly positive; while I have no desire to take them regularly, I probably will take them again at some point in the future), I am planning to set up experiments after the comedown where I expose myself to water and cold sensations to see if the pain is reduced or eliminated in the phase during which I'm connected to my body.

Second, I'm planning to discontinue noopept for a month or so, then resume it to see if the problem is tolerance.

And finally, I've enlisted Eve to help do a controlled blind experiment involving capsules filled with noopept and capsules filled with confectioner's sugar. Eve has offered to fill a month's worth of capsules with each and then place them in numbered but otherwise unmarked bottles. The idea is to take the contents of one bottle, chosen at random with Eve not aware of which one I've chosen, for a month, recording how I feel, then take the contents of the second bottle for a month with similar record-keeping, and see if there's any subjective experience that is not consistent with the placebo effect. (Yes, I know that a sample size of one is not exactly rigorous science. I'm looking for a way to connect with my body, not publish a paper.)

I'm fifty years old and I'm still learning how to be a human being. Life is a remarkable thing.


Right now, Eve and I are in the remote cabin in the woods where we wrote More Than Two, working on two new books: a nonfiction book called Love More, Be Awesome and a novel called Black Iron.

The cabin has very limited Internet access that's approximately the same speed as old-fashioned dialup, so fetching email is always a bit dicey. Imagine my disappointment at the timing, then, of a large-scale malware attack.

The emails are all very simple: just two lines and a bit.ly URL shortener address. They come from a wide range of IP addresses with a large number of different forged From: addresses, and they all look exactly the same:



The system behind this email, however, is anything but simple.




The Network

The emails all contain a URL shortening address that uses the popular bit.ly URL shortener service. There's a complex network behind that short URL, that does a number of different things: promotes dodgy products such as supposed "brain boosting" pills, and attempts to download malware and trick people into phoning phony tech support Web sites that scam victims for hundreds of dollars in fake tech support charges (and also dupe victims into downloading more malware).

*** WARNING *** WARNING *** WARNING ***

All the sites mentioned in this post are live at the time of writing this. Most of them will attempt to download malware or redirect you to sites that attempt to download malware. Do not visit these sites if you don't know what you're doing.


When you click the link in one of these emails, you're redirected via several steps to a site called wholesoil.com that then sends you off to one of many, many possible destinations, some of which are typical run-of-the-mill spam sites and some of which are malware sites. The network looks like this:



This chart is not complete; there are many, many other malware sites that you may be redirected to. I charted well over a dozen more such sites before I quit looking.

Clicking on the link contained in the email enters you into a lottery of suck: Will you get spam? Will you get pwn3d? Hard to say!

I'm not 100% certain it's entirely random. There may be some element of looking at the browser's user agent or the visitor's IP address; visiting wholesoil.com repeatedly in a short span of time will tend to result in getting redirected to the same spam URL over and over after a while.

The people behind this network have gone to considerable lengths to hide themselves. For example, one step of the redirection happens via a domain parking service called tracted.net. The redirection script that relays traffic through this site scrubs the referrer header. When you travel from one Web site to another, your browser sends a "referrer header" that tells the new site where you came from; this is how people can tell where they're getting traffic from. But this network carefully removes that information, so that the owners of tracted.net can not easily detect this traffic.

The most common spam destination is a subdomain on a site called fastgoodforms.com. These subdomains change often: 570-inteligen.fastgoodforms.com, 324-brain.fastgoodforms.com, 923-inteligen.fastgoodforms.com, and so on.

But more often than spam, users will get redirected to a phony tech support page that displays a fake Windows error message. These sites look like this:



These sites attempt to download malware—specifically, a remote control program that allows attackers to take control of an infected computer. They also attempt to prevent the user'sWeb browser from leaving the site, and display popups over and over and over again telling the user that the computer has been infected by a virus and to call Microsoft Support at a toll-free number.

The toll-free number is owned and operated by the scammers. If you call it, you're sent to a person in India who will attempt to get your credit card number, and will try to talk you into installing software on your computer to "fix" the "problem." This software is, of course, remote control malware.




How the mighty fall

While I was tracing out this network, I discovered many, many, many of these fake tech support Web sites that are being used to spread malware and try to con users.

And that's where I noticed an interesting pattern.

The overwhelming majority of these malware sites are hosted, not on dodgy services in China or the Netherlands as you might normally expect, but on GoDaddy.



Not all of the malware sites are hosted on GoDaddy (I found one hosted on One, one hosted on Hostwinds, and one on IX Web Hosting, for example), but the vast majority—literally dozens—are.

I believe that GoDaddy is the choice of malware hosts because their abuse and security teams, which once upon a time had an excellent reputation in the Web hosting industry, have been pared back to the point they can no longer keep up...or perhaps simply no longer care. (GoDaddy was bought out by an investment group a few years back, which is when its reputation began to decline.)

I reported the Hostwinds-hosted malware site to Hostwinds abuse; it was removed about ten hours later. I reported the malware site on IX Web Hosting; it was gone in 17 minutes. But malware and phish sites on GoDaddy remain, in my experience, for an average of about a month before GoDaddy acts, and spam sites remain essentially forever.

Spammers and malware distributors are adaptable. They move Web hosts often, leaving hosting companies that take rapid action against them and congregating on tolerant sites that permit spam and malware. I suspect the fact that so many malware and fake tech support sites are hosted on GoDaddy is a consequence of the indifference or inability of their abuse and security teams.

To be fair, if you make enough noise, GoDaddy will eventually act. I have engaged with GoDaddy on Twitter, and when I do that, they will generally take down a site I complain about within a few days. The dozens of other sites, however, remain.




I am currently a GoDaddy customer. I do not use GoDaddy for Web hosting, but I do have a large number of domains registered there. I intend to begin removing my domains from GoDaddy, because I do not like supporting spam-tolerant companies. (Ironically, this was the reason I left Namecheap to go to GoDaddy; Namecheap is owned by a company called Rightside, that has become notorious for willingly hosting some of the biggest players in the spam business.)

So if you have a domain registrar you use, please leave a comment! I would love to find a replacement for GoDaddy and pull all my domains away from them. (If you're using GoDaddy for Web hosting or domains, I advise you to do likewise, unless you fancy staying with a company whose approach to security and malware is so lax.)

I would also like to invite GoDaddy representatives to offer their side of the story in the comments as well.