Re: [ISN] RIAA defaced -again!

From: InfoSec News (isnat_private)
Date: Wed Jan 15 2003 - 04:14:01 PST

  • Next message: InfoSec News: "Re: [ISN] How Sharing Thwarts Hacks"

    Forwarded from: dude <dudeat_private>
    This is a very good point.  The TRUTH is that the RIAA hacks have all
    been super-easy and only an idiot would leave such holes open.  Right
    now as I write, their CF administrator site is wide open, with
    absolutely ZERO security to get to the login page.  I wrote them weeks
    ago of the vulnerability and they have not fixed it.
    Furthermore, the TRUTH is that all of these hacks should be
    preventable by anyone who can click a mouse and anyone who knows
    anything about IT security would know this, but jedges and lawyers
    have repeatedly displayed their unique ability to misinterperet facts
    concerning technology.
    > Forwarded from: The Unknown Security Person...
    > [With apologies to Murray Langston...  ;)  - WK]
    > I think it is obvious that the RIAA has the resources to stop
    > these defacements.  Has anybody considered the possibility that
    > maybe the RIAA wants their web site to be hacked repeatedly?  They
    > could use such events to help paint a more convincing, darker
    > picture of their "enemies", and they could use these hacks as
    > ammunition in court and before Congress to help justify stricter
    > laws, more freedom for the RIAA to take offensive action
    > themselves, etc.  Also, the RIAA might get more sympathy from
    > judges and lawmakers, and even some of the general public.
    > When kids deface the RIAA web site and provide links to
    > filesharing software, then that software is consequently going to
    > be associated with criminal activity and criminals.
    > Regards,
    > USP
    > By Drew Cullen
    > Posted: 11/01/2003 at 22:06 GMT
    > Reader reports are flooding in that the has been defaced
    > - again. At time of writing, the site appears to be down, And
    > several readers have been kind enough to include screen grabs,
    > showing that the front page today carried the following message.
    > RIAA - 0wn3d by.... ;p
    > oooh riaa want's to hack Filesharing Users / Servers ? - better
    > lern to secure your own server...
    > Sorry Admin - had to deactivate ur accounts - they'll be
    > reactivated after 2 hours
    > greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others
    > who want to stay anonymous :]
    > wanna contact ? mailto:h4x0r0815at_private
    > Underneath the greets, there is a list of RIAA 'recommended'
    > file-sharing tools, such as KaZaA and eDonkey. Downloads from
    > these sites are 'sponsored by'.
    > The RIAA site has been hacked four times in recent months. Surely,
    > they should have figured out how to put a stop to this by now?
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Jan 15 2003 - 06:49:00 PST