Information Security News mailing list archives
Re: RIAA defaced -again!
From: InfoSec News <isn () c4i org>
Date: Wed, 15 Jan 2003 06:14:01 -0600 (CST)
Forwarded from: dude <dude () fastmail ca> This is a very good point. The TRUTH is that the RIAA hacks have all been super-easy and only an idiot would leave such holes open. Right now as I write, their CF administrator site is wide open, with absolutely ZERO security to get to the login page. I wrote them weeks ago of the vulnerability and they have not fixed it. Furthermore, the TRUTH is that all of these hacks should be preventable by anyone who can click a mouse and anyone who knows anything about IT security would know this, but jedges and lawyers have repeatedly displayed their unique ability to misinterperet facts concerning technology.
Forwarded from: The Unknown Security Person... [With apologies to Murray Langston... ;) - WK] I think it is obvious that the RIAA has the resources to stop these defacements. Has anybody considered the possibility that maybe the RIAA wants their web site to be hacked repeatedly? They could use such events to help paint a more convincing, darker picture of their "enemies", and they could use these hacks as ammunition in court and before Congress to help justify stricter laws, more freedom for the RIAA to take offensive action themselves, etc. Also, the RIAA might get more sympathy from judges and lawmakers, and even some of the general public. When kids deface the RIAA web site and provide links to filesharing software, then that software is consequently going to be associated with criminal activity and criminals. Regards, USP http://www.theregister.co.uk/content/55/28817.html By Drew Cullen Posted: 11/01/2003 at 22:06 GMT Reader reports are flooding in that the RIAA.org has been defaced - again. At time of writing, the site appears to be down, And several readers have been kind enough to include screen grabs, showing that the front page today carried the following message. RIAA - 0wn3d by.... ;p oooh riaa want's to hack Filesharing Users / Servers ? - better lern to secure your own server... Sorry Admin - had to deactivate ur accounts - they'll be reactivated after 2 hours greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others who want to stay anonymous :] wanna contact ? mailto:h4x0r0815 () mail ru Underneath the greets, there is a list of RIAA 'recommended' file-sharing tools, such as KaZaA and eDonkey. Downloads from these sites are 'sponsored by www.riaa.org'. The RIAA site has been hacked four times in recent months. Surely, they should have figured out how to put a stop to this by now?
- ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- RIAA defaced -again! InfoSec News (Jan 13)
- <Possible follow-ups>
- Re: RIAA defaced -again! InfoSec News (Jan 14)
- Re: RIAA defaced -again! InfoSec News (Jan 15)