(2024-06-03) Greed is bad
-------------------------
This one is gonna be rather short. First of all, I didn't even notice how I
had got past the 100-post milestone on this phlog. If there are any readers 
out there, then I hope it all wasn't in vain. My present life is rather 
dynamic in both good and bad senses, so I don't have a lot of time to do 
thorough writeups, although I do remember all the topics I wanted to cover, 
so stay tuned. This time, however, I want to talk about a particular case of 
greed I encountered on the past week, and it truly is something that doesn't 
go unpunished in the long run.

Imagine that you're running a VPS hosting reselling business, and your
selling point is that you're doing it for cryptocurrencies and require no 
user data except an email address. In fact, you're not doing pretty much 
anything else. How much of a markup can you ask from your customers for such 
a service (relative to the original VPS price)? +5%? +10%? +15%? Well, how 
about a whole fucking +50%? Yes, the "hosting" I stumbled upon last week (of 
course I won't tell you the name) is doing exactly that: registering 
DigitalOcean droplets via the API requests from a dashboard and charging 
1.5x the original price of the droplet, whatever it may be. That's it.

Here's how it works: you register and account and agree to the ToS (and the
ToS page is the only place on the entire website where they mention they 
just resell DigitalOcean and thus their ToS apply firsthand), you top up an 
internal spend-only "wallet" on the dashboard and you order a droplet from 
inside that dashboard as well, where you have to supply your own SSH key to 
access it. Of course, no custom images, no monitoring opt-out on the setup 
stage and no API keys (they do seem to have the ability to create them but 
they don't work at all as of now). As with DO itself, the amount in your 
wallet gets diminished on an hourly basis regardless of whether you're using 
the instance or not. And no, powering off/rebooting servers from the 
dashboard doesn't work either. You can only create or delete them. And they 
ask 1.5x for that kind of service. Pathetic.

I had done a small background check on who the developers of this abomination
might be, and after finding out, I wouldn't have any moral concerns about 
attempting to bring those scammers down. Now, what's the most creative way 
of doing this? Because if I just do something that results in a complaint 
from DigitalOcean (and I could do this there without spending a dollar), 
this will only cause my instances being terminated within a day by them and 
then the account banned by this "hosting provider", who still will be doing 
just fine even after the complaints. Luckily, they are not that high in the 
search rankings and I hope less people will find them by accident, but the 
amount of greed just amazes me. For such a markup, they could have at least 
fixed their dashboard functionality and billing vulnerabilities. But why 
bother, they probably think, if people still eat this crap?

Well, not for long, folks. Not for long.

--- Luxferre ---