Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

RIAA Website Hacked

Posted by CmdrTaco on Mon Jan 21, 2008 10:43 AM
from the maybe-someone-just-typed-rm--rf dept.
Security IT
gattaca writes "A lack of security controls allowed hackers to "wipe" the Recording Industry Association of America's (RIAA) website on Sunday. The existence of an SQL injection attack on the RIAA's site came to light via social network news site Reddit. Soon after hackers were making merry, turning the site into a blank slate, among other things. The RIAA has restored RIAA.org, although whether it's any more secure than before remains open to question, TorrentFreak reports."
+ -
story

Related Stories

Firehose:RIAA Website Hacked by Anonymous Coward
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

RIAA Website Hacked 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Well (Score:5, Funny)

    by Chas (5144) on Monday January 21 2008, @10:45AM (#22126250) Homepage Journal
    Normally I don't advocate cracking someone's site. It's childish and petty. Kinda like the RIAA itself.

    But, for some reason, I'm having a really hard time working up any real sense of moral outrage over it.

    This probably makes me a bad, biased person.

    C'est la vie!

    • But, for some reason, I'm having a really hard time working up any real sense of moral outrage over it.
      Four words: They had it coming.

      You can't really going around acting like an ass and then expect to be treated with respect by anyone, especially if your site is riddled with basic security problems like SQL injection. Next time, hire a Web developer who isn't a stupid fscktard before gallivanting around, suing everyone, their 80-year-old grandmothers and their 6-year old children into oblivion.

      • Well-It's all relative. (Score:5, Insightful)

        by Anonymous Coward on Monday January 21 2008, @11:26AM (#22126712)
        "Four words: They had it coming."

        Well if we're going to use that excuse then why stop at web site defacement? Why not put out a contract on the heads of the music companies? After all "they had it coming". What's that? Society says it's not OK? So's copyright infringement and that's not stopping anyone. Why should this be any different?

          • Re:Well-It's all relative. (Score:5, Funny)

            by sponglish (759074) on Monday January 21 2008, @12:30PM (#22127404) Homepage

            If someone punches you in the face, do you beat them to death with a crowbar? No, you punch them back. If someone pulls a knife on you, do you pull out your grenade launcher?

            Yeah, well... You're not from Chicago.

            They pull a knife, you pull a gun. He sends one of yours to the hospital, you send one of his to the morgue. That's the Chicago way... Now do you want to do that? Are you ready to do that? I'm offering you a deal. Do you want this deal?

          • Re:Well-It's all relative. (Score:5, Insightful)

            by hoggoth (414195) on Monday January 21 2008, @12:34PM (#22127460) Journal
            > If someone pulls a knife on you, do you pull out your grenade launcher?

            Ummm... yes.

            If someone escalates to lethal force with me, I will respond with lethal force and it will be very important to *win*. Therefore, yes, I will respond to a knife with a grenade launcher.

            Hell, I say nuke them from orbit.

  • Why wipe it? (Score:5, Funny)

    by Loibisch (964797) on Monday January 21 2008, @10:51AM (#22126334)
    It would have been so much better to make it a temporary mirror for thepiratebay.org :D

    Wonder if they would have started a lawsuit against themselves...

    • Re:Why wipe it? (Score:5, Insightful)

      by webmaster404 (1148909) on Monday January 21 2008, @10:54AM (#22126388)
      Nah, how about a bunch of press releases saying that "the RIAA was wrong to sue music fans for sharing songs therefore we are dropping all the charges" and then seeing if the judge would say that if it was a cracked site or the RIAA itself. Or how about a plea to stop DRM by saying "it is not working" or at least informing people about the evils of DRM. The possibilities are endless, just blanking a page.... how unprofessional, it did no good to the world the way then the way it could have been done.

      • Re:Why wipe it? (Score:5, Insightful)

        by Machtyn (759119) on Monday January 21 2008, @12:18PM (#22127228) Homepage
        My question is how often does the average consumer really visit a website like mpaa.org, riaa.org, or any other corporate entity presence? For me, it is less than 0.005 (or less than a 1/2%). I think the last time I visited riaa.org was a couple years ago when /. mentioned the site had been hacked. I've never visited a General Motors website, the company that makes my favorite breakfast cereal or laundry detergent. I've just never had the desire.

        I suspect that the average person visits their favorite news site, gaming portal (like games.yahoo.com or legitgames.com or whatever), fark/digg/slashdot, and blogs of the different varieties. My wife will occasionally do searches for recipes, information on baby stuff, etc. We'll hit newegg.com, amazon.com, or other storefronts.

        Am I wrong in my thinking that the average person would visit a site like mpaa.org, riaa.org, or other industry specific org sites? We all use tires to drive on, have you ever visited the site for Michelen or Dunlap tires? Do they have a trade org site that issues news, warnings, and user information regarding recalls/defects of certain tires? If so, I've never even considered searching it out.

        My point is that very few people would see it to make it worth putting information touting your propaganda. However, if it was outrageous enough, perhaps it would make news and people might visit (by which time it would be too late, as the site would be fixed).

        • Re:Why wipe it? (Score:5, Interesting)

          by techpawn (969834) on Monday January 21 2008, @11:34AM (#22126788) Journal
          But, could that open letter be used as evidence? It came from their website then if they try to use "well, anyone can make things on the internet look that way! Just because the IP address and website are ours it doesn't mean it's our data!" couldn't we counter argue that with their IP sniffing and screen shots or whatever?

          I know it would never work. The judge would ph34r t3h ev1l h4xx0rz! But, if fun to dream isn't it?

  • I wouldn't have wiped... (Score:5, Funny)

    by blake1 (1148613) on Monday January 21 2008, @10:53AM (#22126366)
    instead I would have used my cunning to download the latest Britney album to their server in DRM-free MP3 format. And then promptly reported them to themselves.

  • It would've been funnier (Score:5, Interesting)

    by SirLurksAlot (1169039) on Monday January 21 2008, @10:53AM (#22126368)

    if they made innocuous little changes here and there, such as changing the words "do not support file-sharing" to "fully support file-sharing." It probably would've the RIAA much longer to realize they've been had, and I'm sure they would've gotten some interesting calls and e-mails :-D

  • RIAA will use this (Score:5, Insightful)

    by BadHaggis (1179673) on Monday January 21 2008, @10:57AM (#22126402)
    to justify further restrictions on P2P software. I'm sure they will be able to twist this attack into some type of political message to show that the P2P community is just a bunch of cracking criminals which need to be stopped.

    While I hold little sympathy for RIAA in this matter, I would rather people found different and legal ways to thwart the RIAA's mission.

    • Re:RIAA will use this (Score:5, Insightful)

      by webmaster404 (1148909) on Monday January 21 2008, @11:07AM (#22126526)
      We have found legal ways. Its called not buying albums or buying into DRM. However, the RIAA thinks that it is always P2P networks that are to blame for every loss that they suffer. So if the RIAA loses sales, its not because more people are buying indie band CDs or downloading non-RIAA songs, its because of those pirates never ever because most of the music is more noise then music. The RIAA has no logic, they are used to being a monopoly. Even when we win we lose.

      • Re:RIAA will use this (Score:5, Interesting)

        by chortick (979856) on Monday January 21 2008, @12:03PM (#22127078)
        From a recent Economist article http://www.economist.com/business/displaystory.cfm?story_id=10498664 [economist.com]:

        "IN 2006 EMI, the world's fourth-biggest recorded-music company, invited some teenagers into its headquarters in London to talk to its top managers about their listening habits. At the end of the session the EMI bosses thanked them for their comments and told them to help themselves to a big pile of CDs sitting on a table. But none of the teens took any of the CDs, even though they were free. "That was the moment we realised the game was completely up," says a person who was there."
  • I like the site a bunch, so I say this with a twinge of reluctance. And I certainly don't like the RIAA. But that kind of behavior is plain criminal. Doesn't matter who owns the computer, it is private property and deserves respect as such.

    • Re:This gives reddit a bad name (Score:5, Interesting)

      by Rahga (13479) on Monday January 21 2008, @11:38AM (#22126828) Homepage Journal
      Can you co-opt the police and feds to conduct raids of private property on your behalf? No? The RIAA can and regularly does, confiscating anything that could conceivably be used to produce and distribute music, including vehicles and computers. It doesn't even matter if an organization, such as authorized mixtape producers, are acting within the law... their property is confiscated first and questions are asked later, usually past the point where a business can survive.

      The RIAA are among the least of those who deserve to have their property rights defended.

      • Re:This gives reddit a bad name (Score:5, Insightful)

        by Pulzar (81031) on Monday January 21 2008, @11:22AM (#22126658)
        Reddit only reported it, much as how Slashdot would have reported it. No where in the story does it say that Reddit hacked it, no more so then if FOX or CNN reports a murder did they murder that person.

        How's that the same? Reddit didn't report that the site was hacked, they reported that it can be hacked and how, and then somebody hacked it.

  • wow (Score:5, Insightful)

    by kellyb9 (954229) on Monday January 21 2008, @11:26AM (#22126704)
    So you're the most hated site on the internet essentially, especially by people who proudly go by the name "pirates". And you don't protect your site??? Who exactly is running this operation?

    • Re:wow (Score:5, Funny)

      by Osurak (1013927) on Monday January 21 2008, @11:48AM (#22126930)

      So you're the most hated site on the internet essentially, especially by people who proudly go by the name "pirates". And you don't protect your site??? Who exactly is running this operation?
      Ninjas.

  • Slashdotting (Score:5, Funny)

    by megazork (953335) on Monday January 21 2008, @11:30AM (#22126754)
    The OP should have posted a link to RIAA.org so that it could have been slashdotted. =)

  • Sigh.... missed opportunity (Score:5, Insightful)

    by Maxo-Texas (864189) on Monday January 21 2008, @11:44AM (#22126886)
    First... I agree that shutting someone else up is not a great way to have a conversation...

    But if you are going to do something like this, then have a little panache.

    For example, you could upload a few Mp3's with links to download them from the site.

    Or upload some key quotes "Copyright should be good for forever less one day".

    Or upload Jefferson's statements on copyright.

    ah well...

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.