Slashdot Mirror
Details of the LiveJournal Account Hacks
An anonymous reader writes "Brian Krebs of the Washington Post has written about the recent spate of
hijackings at Six Apart's popular LiveJournal service. Hundreds of journals have now been taken over by a
notorious group called 'Bantown' using a series of complicated cross-site-scripting vulnerabilities. Krebs details the recent security changes made by LiveJournal in response to the takeovers." From the article: "It is unclear whether LiveJournal has managed to close the security holes that the hackers claim to have used. The company says it has, but the hackers insist there are still at least 16 other similar JavaScript flaws on the LiveJournal site that could be used conduct the same attack. [Bantown] group members said they plan to turn their attention to looking for similar flaws at another large social-networking site. "
frost pist
I have a sight for them to hack: www.yafro.com
;P
Imagine a photo blog with the mental age of 12, but the environment of a singles bar and the insecurities of all attention whores concentrated in one place. Shouldn't happen, should it? Well it has and it's called Yafro. Please h4x0r this sight friendly hackers.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
In other news, another group of hackers sometines called "the FBI" used a known exploit, sometimes called "the Warrant" to copy records from mnay major search engines.
- Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
I've been noticing LiveJournal is really slow and it hangs a lot lately.
Are you a paid user? Paid users end up in a higher priority queue, so they get their pages a lot faster. For example, I just loaded my friends page, and this is in the comments near the top of the page:
LiveJournal ExpressLane: You received this page before 4 free users, saving approximately 1 seconds!
I'm a IT tech for a major university.
We have lots of clueless people who like to install Linux onto their personal machines because they think its "cool". Well guess what? These kids don't know the first thing about patching their systems. It doesn't take long for some automated script that is port scanning the internet to find the countless vulnerabilities their systems have and turn them into drones for some Romanian kid's botnet or to become a warez dump off of our multi-gigabit pipe. The kids who have these machines get furious when I shut their switch port off because they believed, lock stock and barrel, that Linux was infinitely secure. They literally tell me that I am mistaken and yell out all sorts of varied obscenities about Open Source software being this and that better.
Please take your clueless zealotry elsewhere.
So, I repost this again, and will keep doing so every time it is moderated down.
I'm a IT tech for a major university.
We have lots of clueless people who like to install Linux onto their personal machines because they think its "cool". Well guess what? These kids don't know the first thing about patching their systems. It doesn't take long for some automated script that is port scanning the internet to find the countless vulnerabilities their systems have and turn them into drones for some Romanian kid's botnet or to become a warez dump off of our multi-gigabit pipe. The kids who have these machines get furious when I shut their switch port off because they believed, lock stock and barrel, that Linux was infinitely secure. They literally tell me that I am mistaken and yell out all sorts of varied obscenities about Open Source software being this and that better.
Please take your clueless zealotry elsewhere.