Comcast Briefly Loses Control of Its Domain Name 222
Fallen Andy notes that Comcast, one of the largest US ISPs, lost control of its domain name to what appeared to be juvenile social engineers of the old school — i.e. not in it for the money. The intruders got into Comcast's registrar account at Network Solutions and repointed the domain's DNS records. A blog entry at SANS points out how trivially easy this can be. Reader ElvenKnight points out an insightful interview up at Wired with the two young guys who perpetrated the hack.
Re:Stupid password (Score:3, Informative)
12345.
Re:Network Solutions seems to be the common trend. (Score:5, Informative)
From the Wired article:
Sooo, what she's saying is that Network Solutions' system was operating as designed. Is that supposed to be comforting?
Re:These guys are my heroes (Score:5, Informative)
Lazy companies create "automated systems to handle most inquiries" ignoring the fact that even their claim states its own failing, it doesn't handle them all. So we have created a database of how to circumvent the barrier to customer support.
Now if only we could force them to hire customer support grunts without such thick accents.
Re:The consequences might not be as fun (Score:4, Informative)
Re:The consequences might not be as fun (Score:2, Informative)
Oh, really? You were there? You know what they were thinking? How do you know it wasn't a couple of punk kids just screwing around and not realizing what they were getting themselves into?
I never said they shouldn't be charged. I (and the parent I responded to) both just said that they will likely be charged with much more than the crime warrants.
Re:The consequences might not be as fun (Score:3, Informative)
Terrorism, by definition, has to have some sort of political goal in mind (wanting power, autonomy, etc), and has to have the intention of intimidation. This has neither.
I don't see anyone shaking in fear over Comcast's website being inaccessible...
It's just a regular crime, not terrorism.
Re:The consequences might not be as fun (Score:3, Informative)
Re:Everything old is new again. (Score:3, Informative)
Re:The consequences might not be as fun (Score:3, Informative)
They were using bunches of free webhosts who almost definitely have servers listening on imap/pop3/smtp and other services. That said, it makes sense that logins intended for comcast ended up failing when they hit these random web hosts.
Re:The consequences might not be as fun (Score:2, Informative)
That being said, your spice/caffeine sig is AWESOME.
Re:The consequences might not be as fun (Score:1, Informative)
Some fruits are apples, but not all fruits are apples.