No room for cowards

Brian Krebs was the keynote speaker at a MAAWG meeting a few years ago. He is a tech journalist that knows and understands the dark underworld of online crime. Yesterday, his website was taken down by a dDOS attack and the Fairfax County SWAT team was called to his house by someone.
Brian does work that is risky. His contributions to what we know about online crime are extremely valuable.
His post talking about what happened yesterday is well worth reading.
ETA: The ArsTechnica article on the event.

Related Posts

Gmail sending out warnings for 512 bit DKIM keys

As an update to yesterday’s post, Gmail is contacting postmasters at domains signing with 512 bit keys to warn them of the upcoming changes. This message also clarifies “DKIM keys failing.” Messages signed with 512 bit keys or less will be treated as unsigned by Gmail in the next week or so.

Read More

Get a helmet

There’s been a lot of interesting reaction to Steve’s security post yesterday. A lot of people seem upset that we have pointed out one of the ways that ESPs may be getting compromised. Complaints range from the message being overly simplistic, through to complaints that we just don’t understand how much of an issue security is, through to complaints that we’re not pointing out that some ESPs actually are secure. Some people have even provided counter examples of how simple it is to compromise any company, so why are we picking on ESPs.
Security is a problem any company faces. Some industries are bigger targets than others, and ESPs have really jumped up the target list. ESPs are getting lists stolen. ESPs are getting reputations stolen.
There’s one ESP I know for a fact that has lost multiple customer lists 3 times. Three companies I get email from are hosted there. When all three of those tagged addresses started getting spam, the only logical assumption was that the ESP was compromised. Again. Those are companies I want to hear from, though, and I changed addresses on their sites after every breach. What’s distressing, though, is the total lack of response from either the customer or the ESP to my notices about the breaches.  To be fair, the problem seems to have stopped more recently.
Silence and refusal to address an issue is a big problem. An address I gave a company on the Only Influencers list was stolen (I’m not going to say leaked because I actually trust them to not have violated their privacy policy) sometime back in early 2011. I didn’t notice right away because my spam filters were catching the mail, but eventually the spammers managed to get one into my inbox. When I saw it, I started checking and realized that address had been compromised a long time ago. I notified the company, with as much history of the address as I could. I ended my message with:

Read More