Well they solved that procrastination problem for you the hard way.
Sounds like my friend who still used AOL for their email for a decade until this year they got blocked by abuse when someone made a fake complaint about some usenet posting (they don't even know what usenet is!) That solved their procrastination problem too as they could never reach a human being. (They got a call several MONTHS later from AOL offering their account back, lol).
But doesn't ICANN prevent registrars from taking away access to your domain (not the hosting, the domain) like that ? Once you own a domain, registratrs can't touch it short of a URDP.
Is Yahoo actually a registrar, or did they simply register the domain on his behalf? If the former then yes they would be compelled to let him transfer it elsewhere. If the latter then Yahoo technically owns the domain and can do with it as they please.
Always, always control your own domain registration and do so at a reputable registrar. Don't use your webhost and don't use a company that does anything but domain services.
Companies that do registration on the side or as a bonus to hosting packages tend to do things like automatically re-register your domain even after billing fails without notifying you, then submit the whole $20 to a bill collector without notifying you, keep the domain operating for an extra 6 months so you have no idea that anything went wrong, but kill it after said 6 months with another 6 months left on the registration with no way to make any changes to the domain because they refer any support requests to the bill collector -- because this definitely did not happen to me and it definitely didn't happen at a company called 1&1 Internet Inc. because that would be totally absurd. cough.
Three years ago I started using Yahoo Small Business to host my domain and my personal and business email. The products were lousy,
Based on personal experience, it takes less than 3 months to realize how crappy Yahoo business related services are in general. It's really hard to feel sympathy for the guy when he had about 3 years to switch out.
Here's the trick to getting Yahoo abuse to listen to you--go through your advertising rep. We had a problem where our mails to Yahoo email addresses were being bounced for "policy reasons". All the abuse people would tell us is that it means a link in the email is bad. This was stopping Yahoo customers who purchased our products from receiving their receipts, software activation instructions, or email tech support.
We were making no headway getting this cleared up.
This was particularly galling because many of those customers came to us through our search advertising at Yahoo. We pay them a ton of money to send is leads, and then they are blocking us dealing with those customers!
So our search guy called up his Yahoo rep and explained the situation. The Yahoo rep conferenced in the abuse or IT guys (not sure which) and told them this was not acceptable and our sites need to be taken out of the blacklist or whitelisted or otherwise made to not be blocked.
The problem was fixed within 5 minutes, before we were even off the phone with the ad rep.
"...a weakness in an old install of WordPress...allowed the jerk to set up a phishing scam under my domain.
I learned all of this from Bluehost, which hosts the WordPress portion of my site."
When you log into Bluehost's control panel, and go to your installed apps, it immediately informs you whether or not you are up to date with the latest versions/patches. It has automated scripts to do the updates for you.
Either this author completely disregarded application security by not staying up to date, or he customized it so much that automated updates were not possible, but then did not maintain his own code.
Either way, and whether or not you agree with Yahoo's actions, the author needs to own his own responsibility for his apps.
Or, perhaps the author was tired of random wordpress updates breaking stuff and declined to install updates to a working system. Further, the wordpress people can't be arsed to indicate which updates are for security and which updates are for more stupid features. so unless you go through the release notes line by line for the software and all your plugins, it's very difficult to tell.
More and more, the solution seems to be static files and disqus.
If you choose to use a product like Wordpress, then you should also accept the maintenance that goes with that choice, tedious and annoying though it may be.
Installing a product, running a business on it, but ignoring patches and updates is flat out unprofessional.
After reading this and the other scary stories (Paypal and even Google come to mind) - this seems like a perfect area for a new startup that has "connections" to the inside of each of these service providers and can help you restore or at least get answers. You pay them a flat fee and have some strict timelines that they can guarantee.
Woah, no way would that arrangement last for any amount of time. "I couldn't get my money back until I bribed a third party company" would be a PR disaster of epic propotions, and the fallout would involve cutting of ties. You can insure yourself well enough by having a good network or being part of a community such as this one, but making the deal explicit would never work.
Anyway, isn't the option of lawyering up and suing basically equivilant and available today?
Well, I am basically thinking a type of arbitration which I am sure in some ways is available today. Instead of suing though, it is more like avoiding that since you never win even if you do win.
Probably not a great idea either way though and the better way to do it is to always be ready to move to another service/cloud provider. It is just another form of a disaster and should be included in your recovery plans.
Basically the same thing could happen to anyone. I own two domains with my name in them, both of which host my blog and a few random projects. Either registrar could hold my domains hostage and make me unable to receive mail for a week, just as easily as Gmail (which is actually where all my email is received at the moment, though I'm contemplating taking the plunge the other way.)
I have not researched this but I am under the impression that the registrars could not legaly do so, if you only use them as registrars and not as DNS service providers.
I think they could refuse to provide DNS service, if you hosted your domain on their own DNS servers, but I don't think they could legaly on their own i.e. change the name servers that you have defined as authorative for your domain on the registry.
Yahoo apparently believes in the Google customer support (fuck you assholes for using our service) method. We'll see if bitching on high traffic sites gets customer service from yahoo.
That was mistake #2 (second to not having decided to run the business on a more professional platform than Yahoo Small Business and a shared host like BlueHost), but regardless, the issue is still Yahoo's incredibly poor customer service.
Downvote me all you want... If you're living on some planet where you don't read about WP exploits 3, 4, 5, times a week, please send me its coordinates so I can beam over there.
Well they solved that procrastination problem for you the hard way.
Sounds like my friend who still used AOL for their email for a decade until this year they got blocked by abuse when someone made a fake complaint about some usenet posting (they don't even know what usenet is!) That solved their procrastination problem too as they could never reach a human being. (They got a call several MONTHS later from AOL offering their account back, lol).
But doesn't ICANN prevent registrars from taking away access to your domain (not the hosting, the domain) like that ? Once you own a domain, registratrs can't touch it short of a URDP.