This is a cross post with dustri.org.
We wanted to try firstheberg VPS to run some Tor-nodes. This was a bad idea, for multiples reasons.
We bought on of the cheapest one, to play around, try the bandwith, check the CPU behavior, …
The default system is akward, with some gtk2-related files (libgtk2 is installed) in /etc, emacs, Muttrc, tex-mf, … 30 binaries are setuid, more than my desktop. Awesomeness is awesome. The setup pulls some files from this host.It adds a backdoor^monitoring access. We installed tor, set a firewall up, and the relay started smoothly (with reasonable bandwidth limits).
And then it went down.
We didn’t hear anyhing from the support, nor got an email, or saw a notice on the website. Doesn’t seems nice. We rebooted it. Aproximatively three hours later, it went down again.
Time to email the support. Maybe they detected the fact that we ran a Tor node and weren’t happy with this ?
This is the answer we got:
The copy is over, I just rebooted your server
What the fuck are you talking about?! What copy? What were you doing to our VPS?
And it went down. Again. This was becoming ridiculous.
Once again, we emailed the support.
This one is on the login screen on the VNC console, could you give us the root password or log into it in order to let us verify its configuration without rebooting it?
This is insane. Maybe the support didn’t get the “V” in VPS? Did they lost the password of the hypervisor?
At this point, we abandoned the idea of using firstheberg for anything, and added it to our blacklist. We grabed some popcorn, sat up a poor-man’s keylogger, changed then gave the root password.
The support installed tcpdump.
I don’t even know what to say. I mean, we are inside an hypervisor: they can monitor our traffic. Why the hell do they need to check from inside our VM?
Then, they took a look if the ssh backdoor^wmonitoring key was still there, some bogus network commands, and then, the epic fail happened /etc/init.d/networking restart, and then a shitload of ^c and ^d.
The network is gone. The shell is gone. The VNC is gone. Aren’t you supposed to help instead of locking us out of our machine?
I was bitching about this on twitter, and surprise, I got an email notifying that :
FirstHeberg.com (@FirstHebergcom) a ajouté un de vos Tweets à ses favoris !
I rebooted the VPS, and it went online. Or was it ? The super-siny-web2.0 half-working (I’m dead serious: The web interface is a piece of crap, and half of the links are not even working) interface doesn’t even provides this indication: I don’t care about your monitoring nor your about shiny graphes: Just tell me if the machine if off or on!
This is completely wtf.
Since it seems that the main way to get support is Twitter (Emails are so 1990), we asked on it for a refund (And were to told to fuck off).
We were told that the downtime was due to a scheduled maintainance, and that the support was informed.
Despite the fact that it’s clearly written in the article 4.3 that they must inform the client of any deliberate downtime, we didn’t get any email, nor did the support told us anything related.
The VPS is now online since 2 days, but for how long?
Don’t go for firstheberg for anything serious. In fact, don’t choose them for anything at all.