 |
 |
 |
|
| SecurityProNews > Insider Reports > Insider > MySpace Asked GoDaddy To Drop SecLists |
[ insider_reports_insider ]MySpace Asked GoDaddy To Drop SecLists
David Utter Staff Writer 2007-01-26  Insider Reports RSS Feed
At the request of MySpace, domain registrar GoDaddy removed DNS records for SecLists.org after the security site published a list of 56,000 MySpace usernames and passwords that has been circulating the Internet.
That list made it onto the Full Disclosure mailing list, operated by the pseudonymous security researcher and Nmap scanner creator Fyodor. After being sent out on Full Disclosure, SecLists.org archived the list in its 250,000 page archive. But rather than taking one of a number of other approaches, such as contacting Fyodor directly, or submitting a DMCA request to GoDaddy requesting removal of the page, MySpace contacted GoDaddy directly and engineered the shutdown, Kevin Poulsen said at the 27B Stroke 6 blog. Although a GoDaddy representative claimed in followup comments to Poulsen that they waited an hour between trying to reach him and shutting off access to SecLists.org, Fyodor provided Poulsen with a timestamped voicemail of that call, and the email announcing the domain had been deleted. Total time between the two: one minute. The response of GoDaddy's Christine Jones to that: "I think the fact that we gave him notice at all was pretty generous," she said. Fyodor's experience with GoDaddy proved frustrating, as he documented in a message to SecLists.org visitors on the now-reinstated website: Neither the email nor voicemail gave a phone number to reach them at, nor did they feel it was worth the effort to explain what the supposed violation was. They changed my domain nameserver to "NS1.SUSPENDED-FOR.SPAM-AND-ABUSE.COM". Cute, eh?
I called GoDaddy several times, and all three support people I spoke with (Craig, Ricky, then Wael) said that the abuse department doesn't take calls. They said I had email abuse_at_godaddy.com (which I had already done 3 times) and that I could then expect a response "within 1 or two business days". Given that tens of thousands of people use SecLists.Org every day, I didn't take that well. The list in question had been circulating online for nine days by the time MySpace had GoDaddy remove the domain. It can be found through a search on Google in 0.02 seconds according to a query I performed for the list. Plenty of malicious people have it already. Fyodor expressed his displeasure with the registrar during his conversation with Poulsen. "Needless to say, I'm in the market for a new registrar. One who doesn't immediately bend over for any large corporation who asks," he said. It's going to take more than a declined Super Bowl ad for GoDaddy to rebuild its goodwill after this. --- Tags: MySpace, GoDaddy, SecLists, Fyodor Add to  Del.icio.us |  Digg |  Reddit |  Furl
Get all the updates - 
View All Articles by David Utter About the Author: David Utter is a business and technology writer for SecurityProNews and WebProNews. More insider_reports_insider Articles Insider Reports RSS Feed
|
|
 |
iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us |
 |
| Contact
Us | Advertise
| Newsletter
Archive | Sitemap
| Submit an
Article | News
Feeds SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal |
Join the WebProWorld Forums: Click Here |
|
|||||||||||||||||||||||||
