Slashdot Mirror

← Back to Stories (view on slashdot.org)

RIAA Website Hacked

Posted by CmdrTaco on from the maybe-someone-just-typed-rm--rf dept.

gattaca writes "A lack of security controls allowed hackers to "wipe" the Recording Industry Association of America's (RIAA) website on Sunday. The existence of an SQL injection attack on the RIAA's site came to light via social network news site Reddit. Soon after hackers were making merry, turning the site into a blank slate, among other things. The RIAA has restored RIAA.org, although whether it's any more secure than before remains open to question, TorrentFreak reports."

8 of 247 comments (clear)

  1. RIAA will use this by BadHaggis · · Score: 5, Insightful
    to justify further restrictions on P2P software. I'm sure they will be able to twist this attack into some type of political message to show that the P2P community is just a bunch of cracking criminals which need to be stopped.

    While I hold little sympathy for RIAA in this matter, I would rather people found different and legal ways to thwart the RIAA's mission.

    --
    Homo homini lupus
    1. Re:RIAA will use this by webmaster404 · · Score: 5, Insightful

      We have found legal ways. Its called not buying albums or buying into DRM. However, the RIAA thinks that it is always P2P networks that are to blame for every loss that they suffer. So if the RIAA loses sales, its not because more people are buying indie band CDs or downloading non-RIAA songs, its because of those pirates never ever because most of the music is more noise then music. The RIAA has no logic, they are used to being a monopoly. Even when we win we lose.

      --
      There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
  2. Re:Well by morgan_greywolf · · Score: 5, Insightful

    But, for some reason, I'm having a really hard time working up any real sense of moral outrage over it. Four words: They had it coming.

    You can't really going around acting like an ass and then expect to be treated with respect by anyone, especially if your site is riddled with basic security problems like SQL injection. Next time, hire a Web developer who isn't a stupid fscktard before gallivanting around, suing everyone, their 80-year-old grandmothers and their 6-year old children into oblivion.

    --
    My blog
  3. This gives reddit a bad name by maynard · · Score: 5, Insightful

    I like the site a bunch, so I say this with a twinge of reluctance. And I certainly don't like the RIAA. But that kind of behavior is plain criminal. Doesn't matter who owns the computer, it is private property and deserves respect as such.

  4. wow by kellyb9 · · Score: 5, Insightful

    So you're the most hated site on the internet essentially, especially by people who proudly go by the name "pirates". And you don't protect your site??? Who exactly is running this operation?

  5. Well-It's all relative. by Anonymous Coward · · Score: 5, Insightful

    "Four words: They had it coming."

    Well if we're going to use that excuse then why stop at web site defacement? Why not put out a contract on the heads of the music companies? After all "they had it coming". What's that? Society says it's not OK? So's copyright infringement and that's not stopping anyone. Why should this be any different?

    1. Re:Well-It's all relative. by hoggoth · · Score: 5, Insightful

      > If someone pulls a knife on you, do you pull out your grenade launcher?

      Ummm... yes.

      If someone escalates to lethal force with me, I will respond with lethal force and it will be very important to *win*. Therefore, yes, I will respond to a knife with a grenade launcher.

      Hell, I say nuke them from orbit.

      --
      - For the complete works of Shakespeare: cat /dev/random (may take some time)
  6. Re:Why wipe it? by Machtyn · · Score: 5, Insightful

    My question is how often does the average consumer really visit a website like mpaa.org, riaa.org, or any other corporate entity presence? For me, it is less than 0.005 (or less than a 1/2%). I think the last time I visited riaa.org was a couple years ago when /. mentioned the site had been hacked. I've never visited a General Motors website, the company that makes my favorite breakfast cereal or laundry detergent. I've just never had the desire.

    I suspect that the average person visits their favorite news site, gaming portal (like games.yahoo.com or legitgames.com or whatever), fark/digg/slashdot, and blogs of the different varieties. My wife will occasionally do searches for recipes, information on baby stuff, etc. We'll hit newegg.com, amazon.com, or other storefronts.

    Am I wrong in my thinking that the average person would visit a site like mpaa.org, riaa.org, or other industry specific org sites? We all use tires to drive on, have you ever visited the site for Michelen or Dunlap tires? Do they have a trade org site that issues news, warnings, and user information regarding recalls/defects of certain tires? If so, I've never even considered searching it out.

    My point is that very few people would see it to make it worth putting information touting your propaganda. However, if it was outrageous enough, perhaps it would make news and people might visit (by which time it would be too late, as the site would be fixed).