The Register Hacked 192
First time accepted submitter rjmx writes "Looks like The Register has been hacked. Its front page has been replaced with a page in tasteful red and black, apparently by a Turkish hacker."
It's currently a problem of access to gigabits through punybaud. -- J. C. R. Licklider
oh shit! (Score:5, Funny)
Home of the BOFH? (Score:3)
Re: (Score:2)
What was your user name again? Ah. Ok. "Clicky Clicky."
You know, that wasn't a very nice email you just sent to the President.
Oh, and here, hold this wire.
Re: (Score:3)
Re: (Score:3)
You were right, this was an upstreams DNS issue and not a hack on thereg itself.
Re:oh shit! (Score:5, Informative)
No credibility lost, it's not them who got hacked but their DNS provider.
Re: (Score:3)
No credibility lost, it's not them who got hacked but their DNS provider.
The Buzzard brand is safe.
Re: (Score:2)
The Buzzard brand is safe.
But has been rebranded as Turkey Vulture
Long live the Buzz; the Vult just sounds wrong.
Re: (Score:3)
"their"
Re:oh shit! (Score:5, Informative)
Too late: his credibility is lost :D
Re: (Score:2)
Credibility will never be the same.
Re: (Score:2)
Re: (Score:2)
No â" just missing punctuation.
So there. Credibility is lost.
Re:oh shit! (Score:5, Insightful)
Oh, I see. I didn't realize that the problems was they hadn't spent enough money on their DNS services.
Tell me, is that a new approach to network security? You just stack up piles of currency around the DNS server and then there's nothing to worry about?
I can't think of a single reason that you shouldn't expect your DNS services to be secure, no matter how little you happen to be paying for it.
Re:oh shit! (Score:4, Insightful)
Your credibility is lost when your customers say it is.
Reputation's funny that way.
Re: (Score:2)
Since most customers only say what the marketing industry makes them think, most companies have very little to fear.
But your point is taken. Reputation is funny that way. Strange how quickly reputations can be rehabilitated when there is a sufficient marketing budget, however.
Judging from the long-form commercial I saw during one of the Sunday morning news shows today, British Petroleum is responsible for the pristine environment and smiling faces aro
Re: (Score:3)
commercial I saw during one of the Sunday morning news shows today, British Petroleum
To be fair, if you're watching commercials from 1998 or earlier and expecting them to give you information about the world of today, then you're probably doing something wrong...
Re:oh shit! (Score:4, Interesting)
For me they didn't have any credibility to lose. I posted a response to one of Andrew Orlowski's articles the other week replying to someone that they shouldn't be surprised to see him agreeing with Murdoch as he's always had a historically right wing viewpoint.
That evening I couldn't log in, and every post I'd ever made to The Register had been deleted.
A site whose journalists can't even handle a post made summing up their political ideology in a polite, fair, and well sourced manner is quite comical. The worst part? my post was actually accepted by their moderator and in true Andrew Orlowski style was retroactively moderated away by him a few hours later (along with the account bad, and retroactive deletion of all my posts ever) I don't think Andrew likes it when he has to face intelligent response to his articles. None of their other bloggers... er I mean "journalists" are any more intelligent, although at least the others don't throw a hissy account banning, post deleting fit when someone disagrees with them. Of course, one might argue that it was my previous posts or something that got me a ban, and to an extent that's possibly true- not that I was trolling there, but that I often only posted to correct faults in their stories, to point out potential issues with their reasoning or to offer counter-opinions to their opinion pieces, but their readership seemed to agree with me as I had over 3000 upvotes against 1000 downvotes with even many of those downvotes stemming from engage in fanboy heavy discussions and daring to criticise some pet manufacturer's actions (cell phones, consoles etc.).
Then on top of that it wouldn't be so bad if it weren't for the fact Andrew Orlowski was constantly attacking sites like Wikipedia complaining about the clique there denying dissenting responses, or his complaints about CRU refusing to be transparent and open. None of that would be a problem if it weren't for the fact he himself often outright refuses to let people comment on his articles, and the few times he does, he goes through the already moderated comments and removes those that point out, with evidence, why he is wrong. At that point it's just sheer hypocrisy and any validity in the points he has to make is lost on the fact he needs to sort out his own inability to ensure he follows the facts, and accept that sometimes he may have been wrong before criticising others on it.
It's amusing too, because all I had to do to get round their ban on my account was request a new password, so it seems they're pretty technically inept too. This was made more amusing by the fact I then really did post a few troll comments to wind them up a bit, only to be banned again, to find that yep, I could still reset my password and repeated this for a few days before it got boring. I swear their admin must've been sat their thinking "How does he keep coming back?".
As you say, credibility goes as your customers say it does. Their actions have added me to the long list of people who also believe the site is a joke. The only reason to go there is for comedy - no, not the terribly written articles - I mean BOFH. But even that seems to be rarely produced now.
Really, The Register is like the internet's version of FUD filled trash papers like News of the World, The Daily Mail and so forth. It's written for the terminally stupid, and intelligent discussion is frowned upon and crushed with an iron fist. If you don't agree with Supreme Leader Andrew Orlowski's mad rantings and often nonsensical drivel then you are wrong.
So excuse me if I lol a bit when I hear they've been hacked.
Re: (Score:2)
Re: (Score:3)
At least all of it in the last 6 years. Check the copyright on the page. Nice touch.
Re: (Score:2)
looks like the hacker retroactively stole all their credibility!
You know, I hear lots of people go off on the Register's credibility, but I've never myself noticed a problem. Do you have any examples of what earned them that reputation?
Re: (Score:3)
See my post here:
http://news.slashdot.org/comments.pl?sid=2412564&cid=37307402 [slashdot.org]
Or enjoy reading through things like this, of which Google searches will turn up many:
http://www.edbott.com/weblog/2005/07/andrew-orlowski-is-a-hack/ [edbott.com]
http://paulfwalsh.com/why-andrew-orlowski-from-the-register-is-a-twat/ [paulfwalsh.com]
http://www.texttechnologies.com/2007/03/26/andrew-orlowski-berners-lee-spam-semantic-web/ [texttechnologies.com]
http://blogs.computerworld.com/16711/why_andrew_orlowski_is_wrong_about_net_neutrality [computerworld.com]
http://ktetch.blogspot.com/2011/05/a [blogspot.com]
Re: (Score:2)
Wow, thanks for putting all that effort into your answer. Much appreciated.
Why are they obligated to be fair and balanced? (Score:2)
You can see this pattern with most of their staff- their articles are just often outright false. Where they're not false, they completely miss fundamental points. Where they don't miss fundamental points, they just outright lie.
So that's really why they have the reputation- they're just too agenda based. Their writers all vehemently pursue their own political agendas without care for facts, without care for reason, and worst of all- without care for the truth. That's not journalism, that's propaganda.
Hmmm. As long as the publication remains profitable, the staff should be able to write whatever the fuck they want to. You make it sound like there is some kind of obligation in the publishing business to be fair and balanced. I don't think there is. And I don't think it really matters to a discerning reader that they are calling themselves journalists when they are really just propagandists; getting all sides of a story, even the distorted side, is valuable.
Re: (Score:2)
I'm saying the media is given a position of power- it is granted, in some cases, the ability to break the law in the case of public good.
With that power should come responsibility- the responsibility to use that shield of being the media to produce factual and informative news.
Publications not doing that should not legally be allowed to class themselves as media, journalists, news sites and so forth.
For what it's worth I don't think there is any value in getting a completely false story- if there was some e
Re: (Score:2)
"The curious thing about calling someone "right wing" is that your accusation can never be wrong. Everyone is "right wing" from someone's perspective. So what information is conveyed? None. It's merely an insult, not a criticism."
You've reached an interesting conclusion, but the problem is you completely missed the point.
You assume that suggesting he was right wing was ever even meant to be a criticism, so jumping to the idea that it was an insult from that flawed premise is absurd.
No, the point of the post
Re: (Score:2)
The Register is so bad, it's hard to believe they're not part of Gawker.
Oops ... (Score:1, Offtopic)
its, not it's. Sorry about that.
Re: (Score:2, Offtopic)
Last time accepted submitter rjmx writes
Fixed that for you... ;)
Re: (Score:2, Funny)
Re: (Score:2)
Or, maybe its like PHP. A recursive acronym. Here's an example you can run from my Dropbox [dropbox.com] account. IT'S (ha!) named (of course) "TITS". If you're using the BetterPrivacy plugin for Firefox (or something similar), you'll have to disable it or the page is blocked (I guess it doesn't like HTML files named "TITS.html" -- and BTW, BetterPrivacy, what does "TITS" have to do with my privacy?).
Here's a description of what it does (and how it does it):
Re: (Score:2)
And so you should be ...
Re: (Score:2)
Wha (Score:1)
Re: (Score:2)
Copyright 2005?? What the fuck? lol
Also, in the source I find:
<meta content="MSHTML 6.00.2900.3698" name="GENERATOR">
Re: (Score:2, Funny)
He was uploading the packets by individual pigeon.
Unfortunately, he had to breed the pigeons himself.
HAxorS (Score:1)
Re: (Score:1)
Re:HAxorS (Score:5, Informative)
DNS hack, some ok some down still, (Score:3, Informative)
Using Just-Ping to check from 50+ locations around the world only 5% have what is traditionally the correct IP (212.100.234.54 according to Netcraft) or so have the current IP most say the DNS is down.
http://just-ping.com/index.php?vh=www.theregister.co.uk&c=&s=ping [just-ping.com]!
I forced an update with Netcraft it now has a record of the another IP 68.68.20.116 with different server headers which I presume is the broken site.
http://uptime.netcraft.com/up/graph?site=www.theregister.co.uk [netcraft.com]
The hackers could have don
Re: (Score:2)
Where did you find the registrar for The Register? The whois information I get says
Big deal (Score:1)
the register is shithouse anyway
Website hacked? (Score:1)
Did i miss the hack? Kudos to the admin if i did. I was reading it not two hours before this too.
Re: (Score:2)
Re: (Score:2)
Using Virgin Media's DNS.
Their forum has nothing...
Re: (Score:1)
Not Found The requested URL
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.4 Perl/v5.8.8 Server at ww
Re: (Score:2, Informative)
thats not theregisters.co.uk 404, they have a custom 404
what you are seeing is the result of DNS poisoning of your ISP, the 404 is from someone elses server
the actual site is fine and has NOT been hacked.
ps the real IP of the reg is 212.100.234.54
Re: (Score:2)
Hmmm. I see them at 72.3.246.59 where they are responding to pings. The site called up from that IP looks like the Register.. I never thought about it before, but the page information from opera and konqueror doesn't seem to tell me what the IP I'm looking at is when I feed them a URL. Probably there's a stunningly obvious way to get the IP and I just need some sleep.
Re: (Score:2)
Re: (Score:3)
Picture of the UPS hack [imageshack.us]
It's DNS, so not much actual harm done to the targeted servers.
(c) 2005 TurkGuvenligi (Score:4, Funny)
Lol, why would he care about copyright? Afraid some other hacker might steal his logo?
Re:(c) 2005 TurkGuvenligi (Score:5, Informative)
If they do that would be illegal!
Re: (Score:2)
Re: (Score:2)
Reminds me of this super-stupid dude who went to the police to report his 'stash' stolen. He knew who did it and the police went with the dude to the home of the thief, and bingo - there was a big bag of weed. The police then asked him to identify it, and he confirmed "yeah, that is mine!". Presto, the police arrested him for possession and the guy that took it for theft and possession... Stupid...
Site wasn't hacked, DNS was (Score:3, Informative)
If you saw the "hacked" page, you were being routed to a different server.
Re:Site wasn't hacked, DNS was (Score:4, Informative)
Re: (Score:3)
Uhmmm...actually, I kinda wish the site itself had been hacked? Knowing this makes me feel more than a little queasy...
Lessee...
Name servers:
ns1.yumurtakabugu.com
ns2.yumurtakabugu.com
C:\Users\ionotter>ping www.theregister.co.uk
Pinging theregister.co.uk [68.68.20.116] with 32 bytes of data:
Reply from 68.68.20.116: bytes=32 time=99ms TTL=41
Reply from 68.68.20.116: bytes=32 time=90ms TTL=41
Reply from 68.68.20.116: bytes=32 time=90ms TTL=41
Reply from 68.68.20.116: bytes=32 time=90ms TTL=41
Ping statistics fo
Re: (Score:2)
Not resolving here using VirginMedia in East London, currently.
Re: (Score:3)
Poor buggers, their own site forwards you to www.theregister.co.uk :) So even entering the IP address won't work. If it is forwarding me, I think the server is still happily serving requests, to no avail. Yup, changing the hosts file has the wanted result all right.
Oh, and I've seen very few articles from the reg during Sunday, so they might be waiting for the work week to begin, sleeping off their weekend beers.
Still Hacked... (Score:2)
As of 2025 GMT, I'm still seeing the "hacked" page. Since I haven't specifically been to El Reg in over a week, I'm not seeing a cached copy.
As for the "hack"?
Wow. Going to be a very interesting read come Monday morning?
Re: (Score:2)
Its a DNS hack with a 24 hr TTL. Might take a while for service to resume. (Though I think Google DNS ignores TTL, so that might be fixed sooner than others).
Re: (Score:2)
They must have done a number on that DNS server to keep it in this state for 14 years.
Re: (Score:2)
Nah, it's probably that new metric time. So roughly at 2025.2472500. :)
Re: (Score:2)
24 hour clock: 2025 = 8:25 PM
Re: (Score:2)
24 hr clock (GMT), but the UK is 1 hour ahead (BST) so it was probably 2125Hrs (9.25pm)
UPS.com too (Score:1)
Re: (Score:2)
ups.com acer.com vodafone.com ... (Score:2)
Re: (Score:2)
Corrections (Score:5, Informative)
If cannot live without The Register, put into your hosts file
Linux: /etc/hosts
Windows: C:\windows\system32\drivers\etc\host
these two lines:
72.3.246.59 theregister.co.uk
72.3.246.59 www.theregister.co.uk
And the summary of the article is apparently wrong, someone stole/hacked into TheRegister DNS zone, TheRegister www servers are intact.
Re:Corrections (Score:5, Insightful)
Every now and then, reality self-organises in the direction of justice.
Re: (Score:2)
Even without slashdot, I imagine the Reg gets a fair amount of traffic.
I wonder if the hacker realised just how much...
You wanna impersonate them? here, have their traffic...see how your servers cope. Who pays for the bandwidth in this case?
Re: (Score:2)
Someone else, i imagine the hackers are using another hacked server to host the defacement.
Re: (Score:2)
meta content="MSHTML 6.00.2900.3698" name="GENERA (Score:3)
There you are, Microsoft aid crackers.
wtf is a yumurtakabugu? (Score:2)
host -t NS theregister.co.uk
theregister.co.uk name server ns2.yumurtakabugu.com.
theregister.co.uk name server ns3.yumurtakabugu.com.
theregister.co.uk name server ns1.yumurtakabugu.com.
theregister.co.uk name server ns4.yumurtakabugu.com.
Re:wtf is a yumurtakabugu? (Score:4, Interesting)
On the technical side, I think if you are clever enough to come to
Re: (Score:2)
it means egg shell for the uninitiated ... I happen to be bilingual :) In Turkish and English...
Okay, WHERE WERE YOU when The Register's DNS provider was hacked?
Gateworld.net too (Score:2)
Gateworld.net is down too. FYI:
Also, i do not see what good is in slashdotting them at this time.
DNS Hack (Score:2)
Several sites, including the register and ups.com were redirected by DNS to a defacement page...
A list of the sites is at:
http://www.zone-h.org/archive/notifier=TurkguvenLigi.info/page=1 [zone-h.org]
It does not seem to be a DNS poisoning, since the whois servers also reported the hacker's dns servers.
Also zone-h reports that the site was running Linux, but it is clearly whatever server the hackers redirected the DNS to that runs linux, it was not necessarily a linux system that was breached in order to actually carry ou
Re: (Score:2)
Hmm, seems to be a bit more complicated. At least in the vodafone net itself (DSL from Arcor/Vodafone).
--- snip ---
$ nslookup
> set type=ns
> theregister.co.uk
Server: 192.168.0.1 [The nameserver on the DSL router which forwards to vodafones DNS servers]
Address: 192.168.0.1#53
Non-authoritative answer:
theregister.co.uk nameserver = ns3.theregister.co.uk.
theregister.co.uk nameserver = ns4.theregister.co.uk.
theregister.co.uk nameserver = ns2.theregister.co.uk.
theregister.co.uk nameser
And.... (Score:2)
Their back..
Looks like they have got themselves sorted again.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Kittenman? Are you a kitten with the muscle structure of a man? Or a man with soft body and spirit of a kitten? .
Re: (Score:2, Insightful)
They're. For the love of all that is holy "they're back"
Testrun? (Score:3)
1) Get some SSL keys [slashdot.org]
2) Redirect the DNS Servers
3) Profit!
Re: (Score:2)
Once the DNS is redirected, you can get Godaddy to get you an SSL cert in about 1 hour. Just need access to create a txt record or modify your webpage, which shouldnt be a big deal, and since the entire thing is automated I dont think youd have any issues.
thats what they get for... (Score:2)
World hacking day (Score:2)
The seem to have declared it 'world hacking day'. I wouldn't mind a world hacking day where everyone tries to attack websites. That way at least companies will pull up their pants once a year and it will be 'open season' on sites with crappy security. Could help.
Another one... (Score:2)
h4ck1n9 is not a cr1m3
Can somebody please shut the freaking script-kiddie who thinks he's cool up? I mean seriously...it's going on my nerves that those guys are called hackers. I mean, I'm not a hacker, not even close...hell, I'm not even a network coder because I suck at it...but I respect the real hacker community enough to exclude those guys from them.
Re:Slashdot needs to be hacked with Goatse. (Score:4, Funny)
The last hacker only hacked it with OMG ponies.
Next April 1st, slashdot announces that it will accept image tags in comments. However, in preview mode all linked images will be changed to goatse. After submitting all images will be changed to Bart writing on a chalkboard "I will not post goatse images".
Re: (Score:2)
What looks wrong with that?
I came to /. from there it was working fine. Not hacked or slashdotted. (Using OpenDNS)
Re: (Score:2)
Re: (Score:3)
In that case, we just witnessed an eclipse :)
Re: (Score:3)
Not really. It's a pretty decent news site with a horrible tabloid editorial slant.
When they're publishing press releases or writing humour, they're fine, but their opinion pieces & editorials are more often than not sensationalist nonsense.
Re: (Score:2)
It's a pretty decent news site with a horrible tabloid editorial slant.
When they're publishing press releases or writing humour, they're fine, but their opinion pieces & editorials are more often than not sensationalist nonsense.
"News for nerds," eh?
Re: (Score:2)
The best thing we can do today is to come up with another word that means what hacker used to mean.
How about bit wrangler? Or just come up with something yourself and start using it and let the best jargon win.
Re: (Score:2)
Just because you're paranoid, doesn't mean they're not out to get you.
It IS very timely, isn't it? And large scale, with no apparent profitable return for the (apparent) perps - no spyware, no stolen user data, BUT it changes our perception of Turkey in a way which suits Israel very nicely, doesn't it?
(I'm not usually known for speaking out in defense of Israel's actions and intentions, but...)
Oh yes, I used to think that Turkey was a branch office of heaven, but now that I know (or have been tricked into believing) that out of the millions of Turks, one is an evil haxor, I'm instantaneously, irrevocably convinced that the entire country is in league with the devil.
Sheeesh!
Re: (Score:2)
That is, of course, assuming you've not done the DNS lookup after the attack, that the IP never changes, that they aren't running a DNS load-balanced setup, that they aren't running virtual HTTP servers (where an IP doesn't tell you which of the million-and-one websites that IP hosts that you actually want), etc.
DNS is there for a reason. It shouldn't be possible to arbitrarily change the DNS details for a domain you don't own - for a start, it means you can receive all their email or, worse, really mess w