Who hacked the NZ Herald?

Forums › Off topic › Who hacked the NZ Herald?

1 | 2

oldmaknz

536 posts

Ultimate Geek

#269812 3-Nov-2009 22:30

Even if an IP exposes little to no information about the user, it does give the public knowledge of the exact connections which performed the attack (vote flood, or whatever). With an IP users with novice computer knowledge can launch Denial of Service attacks against the IPs racking up quite a bandwidth bill.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#269816 3-Nov-2009 22:50

maknz: Even if an IP exposes little to no information about the user, it does give the public knowledge of the exact connections which performed the attack (vote flood, or whatever). With an IP users with novice computer knowledge can launch Denial of Service attacks against the IPs racking up quite a bandwidth bill.

Yep. I still think it was wrong for the NZ Herald to publish that information.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

firewire

107 posts

Master Geek
+1 received by user: 11

#269819 3-Nov-2009 23:16

118.92.185.135 - 118-92-185-135.dsl.dyn.ihug.co.nz

This is a dynamic hence the dyn in the pointer.

exportgoldman

1202 posts

Uber Geek
+1 received by user: 3

Trusted

#269833 4-Nov-2009 00:25

vexxxboy: i like this quote

"Often most likely it's some kind of 18-year-old guy in a black T-shirt who's bored from looking at the new Google wave [a type of software] product and has decided to take a hack."

ok if its that easy shouldnt the herald be doing something to beef up there security

Black tshirt? Must be a Westie, probably one of the Outragous Fortune.

I agree, NZ Herald yet again leaves a lot to be desired in regards to reporting of technical information. Amusing.

It's not hard to skew badly done polls, I've been guilty of it before. :)

Tyler - Parnell Geek - iPhone 3G - Lenovo X301 - Kaseya - Great Western Steak House, these are some of my favourite things.

Nil Einne

469 posts

Ultimate Geek
+1 received by user: 35

#269853 4-Nov-2009 06:16

freitasm:
maknz: Even if an IP exposes little to no information about the user, it does give the public knowledge of the exact connections which performed the attack (vote flood, or whatever). With an IP users with novice computer knowledge can launch Denial of Service attacks against the IPs racking up quite a bandwidth bill.

Yep. I still think it was wrong for the NZ Herald to publish that information.

Surprised no one has mentioned this (unless they have and I just missed it) but it seems unlikley they can be certain that it was someone legally using these IPs doing the stacking. It may be open proxies, part of some (I presume small) bot net or open wifi. Unlikely perhaps given the probable unsophistication of the people behind this but unless you've actually identified and analysed the computers involved rather difficult to rule out. Obviously these people still have some fault for not securing their networks properly in such a case but if their DOSed or whatever and their only mistake is unsecuring the network it's IMHO even more unfair.

Worse still if they're dynamic and no longer held by anyone involved at all.

Also it may be possible (very unlikley perhaps) to get a resonable guess of someone behind a dynamic IP without any cooperation from the ISP if they've held it for a long time and have done stuff where their IP is shown and can be associated with their identitiy. Owners of blogs, forums etc where the IP is recorded could potentially associate it with their identity too. In most cases it would violate their privacy policy if they have one I presume and may even be illegal and I doubt many of the large sites (e.g. geekzone) who are most likely to have had the IP visit would, but it's not impossible.

P.S. Maybe the next NZ Herald poll will be "Should we have published the IP addresses used to hack (sic) our polls?"

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#269862 4-Nov-2009 07:31

firewire: 118.92.185.135 - 118-92-185-135.dsl.dyn.ihug.co.nz

This is a dynamic hence the dyn in the pointer.

Yes, I know it. But the paper published the IP address. My point is not that one is clearly dynamic but that it shouldn't publish at all. And as said just above - who knows if these even the correct addresses?

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Mighty Ape

Shop now at Mighty Ape (affiliate link).

webup

547 posts

Ultimate Geek
+1 received by user: 17

#269930 4-Nov-2009 10:31

I...heard of someone who skewed Rugbyheavens (stuff.co.nz) polls over a period of time.

Mostly its scripting due to sloppy web measures by the company but then I guess they arent planning for this new wave of wasted youth with too much time on their hands and the desire to skew meaningless local opinion polls.

kiwitrc

4123 posts

Uber Geek
+1 received by user: 833
Inactive user

#269958 4-Nov-2009 11:37

freitasm:

Unless they are using static IP. But it doesn't matter if these specific IP addresses are static or dynamic. We don't know for a fact which type they are. It's the same as saying "The robbers reside on Madras St, Wellington". If you lived in Madras St, would you like it?

It's not specific enough, but some people might be able to find out...

I know where the Robbers actually reside and its very close to Madras street.

1 | 2