In light of the tsunami of hacks in the news , I take the reasonable security measures of running a tight firewall on my workstation and a SCRIPT / COOKIE blocker on my browser.
When I attempt to use Dreamhost.com, my browser warns of to a long list of third parties attempting to run scripts and write cookies.
DH tech support mentions a list of:
<< "reputable third-party providers, vetted by our designers, developers, security team members"
but claims that:
<< “Tech Support team doesn’t have a list of such third-party tools because that list changes frequently”
I have asked Dreamhost to kindly publish specific guidance on which 3rd party hosts are currently vetted and for what specific customer servide so that we can whitelist them.
PAYING CUSTOMERS deserve to know who we must allow to access our systems in order to use Dreamhost. Has anybody else gotten a better answer?
3 BILLION Yahoo accounts Hacked
145 Million Equifax accounts Hacked
US voting system Hacked?
Technical Support response from Dreamhost regarding
Full Disclosure of Vetted 3rd Party Service Providers:
DreamHost uses a variety of tools to constantly improve customer
experience. Some of these tools are offered by reputable third-party
providers, vetted by our designers, developers, security team members and
marketing people. Tech Support team doesn’t have a list of such
third-party tools because that list changes frequently. You also seem to
be fairly knowledgeable at discovering what those extra services are, so
you can do your own research too. In any case, you should be reassured
knowing that all the data collected and how it’s used is described in our
our best to protect customer’s privacy and we have a good record in doing
so but ultimately what is acceptable is based on individual’s choices:
not to use DreamHost services.