[Full-Disclosure] Teen hacker controls ebay
fw at deneb.enyo.de
Fri Sep 10 02:08:51 BST 2004
* Über GuidoZ:
> I believe it was done through email. DENIC received the request to
> change the DNS, then emailed Tucows to see if it was ok to make the
> changes. By default, the answer is yes. So, since no one responded
> saying "Hell no! Don't do that", the changes were made.
> Personally, I can't comprehend how the default for something like that
> would be "Yes", as it's easy to have email get lost, stopped as spam,
> overlooked, etc.
Network Solutions is being slammed because they recently made the
default "no". 8-/
> The default answer should be No, which you have to change by an
That's why many registrars answer with an automated "no" (which can be
overridden manually if necessary during the next couple of weeks).
> (Not that it's difficult to spoof an email address... hence why DNS
> changes and such should NEVER be done through email.)
Nowadays, all messages should be signed with OpenPGP.
Full-Disclosure is hosted and sponsored by Secunia.