ICANN Loses Control of Its Own Domain Names 61
NotNormallyNormal writes "CBC picked up an AP story about ICANN recently losing control over two of their domain names on Thursday, June 26. A domain registrar run by the group transferred the domains to someone else. ICANN's press release had this to say: 'As has been widely reported, a number of domain names, including icann.com and iana.com were recently redirected to different DNS servers, allowing a group to provide visitors to those domains with their own website. It would appear the attack was sophisticated, combining both social and technological techniques, but was also limited and focused.' Comcast has had similar troubles lately as well."
Might be good for something (Score:3, Insightful)
Re:Sophisticated ? (Score:5, Insightful)
ICANN, as far as I can tell, does not follow rules. Their one and only purposes seems to be to enrich the members of its board. As a result, we have a stagnant generic TLD system with new proposals, etc being designed to extract cash for them rather than benefit the world. I have no problem with them getting hacked -- throws a spotlight on their arrogance and corruption.
ICANN'T do anything to help the world because I am too busy getting paid.
Re:HaHa (Score:2, Insightful)
Memes like the nelson laugh, beowulf cluster, soviet russia, etc are redundant because we get them all the time.
Re:Sophisticated ? (Score:4, Insightful)
Perhaps you can explain what is not valid in the WHOIS information for these domains?
The quality of Journalism? (Score:4, Insightful)
Hmm, in the CBC article is says "Visitors to those addresses are normally redirected automatically to the organization's main sites at ICANN.org and IANA.org, neither of which was affected by the attack."
What is to *re*direct here? DNS is there to translate domain names into IP addresses. It does not have any *re*direction mechanisms. Redirection is a feature of the HTTP protocol and would require to compromise the web-server (which they state has not happened.)
I wonder, Is this simply a typo or does the journalist/editor not understand what (s)he is writing about (and has no references to have this proof read)?
I'm rather vary, because I see such factual errors often in widely read media, written and edited by journalists. Sometimes I see even "experts" quoted with wrong statements. How does this reflect on news that I don't know so much about that I can spot the factual errors?
Re:Why do we need registrars? (Score:2, Insightful)
They will have less money, if they have to support the DNS infrastructure.
Re:The quality of Journalism? (Score:3, Insightful)
Being directed and being redirected are REALLY subtle differences in the mind of a techno-plebe. And no, in Canada, there is no requirement for journalists to hold CS degrees.
So, when something's directed to one place, and then directed to another place, it's not strange for a reporter to assume that it was redirected, as opposed to newly directed.
Re:Why do we need registrars? (Score:5, Insightful)
Re:The quality of Journalism? (Score:2, Insightful)
Not to talk to myself, but I just also read the "press release" from ICANN. It says the same things "icann.com and iana.com were recently redirected to different DNS servers." How can that be?
The press release also talks about "The domains in question are used only as mirrors for ICANN and IANA's main websites." Well, as of today the domains and the www.... simply point to the same web IP address, which is presumably served by the same server. In my book this is hardly a mirror, which would imply it is somewhat fault tolerant.
Also, the press release implies that only web servers where affected. However if the whole domain got routed to a different DNS server, the attackers also had ability to change the MX record, which routes mail for this domain. Did they not realize this? Or did they just not want to talk about it in their press release?
I conclude the journalists where even mislead by the official press release, which does not excuse that they did not check the content.
Re:The quality of Journalism? (Score:3, Insightful)
"simply point to the same web IP address, which is presumably served by the same server. In my book this is hardly a mirror, which would imply it is somewhat fault tolerant."
Or the IP is, you know, a Virtual IP on server load balancers and they can host the website on one thousand different servers at the same time for all you know?