Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Paraguayan ccTLD Hacked, Google.com.py Redirected, Internal Database Leaked

Unknown Lamer posted about 8 months ago | from the security-audits-who-needs-em dept.

Security 44

MrJones writes "Last February 20th, hackers supposedly from Iran accessed and modified (English) the www.NIC.py database, redirecting www.google.com.py to another site. The hackers posted the whole NIC.py database containing full names, national ID numbers, street addresses, phone numbers, and more of registrants. This is not the first time (English) that NIC.py, managed by the 2 most respectful Computer Science Universities of Paraguay, was hacked. Since the entire database was released, local white hat hackers were able to calculate how much money NIC.py was making annually (English) by charging $44 US per .py domain. The local CS community are urging the NIC.py administrators to do all whats possible to protect the .py domain names since the hack was done by exploiting a simple remote code execution vulnerability. If they can modify google.com.py, just imagine what they can do to banks and financial institutions. Maybe Google can helps us."

Sorry! There are no comments related to the filter you selected.

What about Mexico? (0)

Anonymous Coward | about 8 months ago | (#46332433)

How does this affect me, Bender?

Maybe it just isn't the best criteria (5, Funny)

Anonymous Coward | about 8 months ago | (#46332445)

"managed by the 2 most respectful Computer Science Universities of Paraguay"

I'm all for politeness but I think something like this should probably be managed by the most respected Universities.

Re:Maybe it just isn't the best criteria (1)

Anonymous Coward | about 8 months ago | (#46332469)

Maybe Google can helps us with grammar.

Re:Maybe it just isn't the best criteria (1)

Anonymous Coward | about 8 months ago | (#46332701)

Well, normally, it is editors who can helps us with grammar.

But this is Slashdot... so I guess Google is our only hope.

Re:Maybe it just isn't the best criteria (1)

Elros (735454) | about 8 months ago | (#46332891)

Well, normally, it is editors who can helps us with grammar.

But this is Slashdot... so I guess Google is our only hope.

Help me, Larry Page! You're my only hope!

Re:Maybe it just isn't the best criteria (1)

radarskiy (2874255) | about 7 months ago | (#46337619)

Where could grammar help be used? The sentence in question is grammatically correct.

Re:Maybe it just isn't the best criteria (1)

ColdWetDog (752185) | about 7 months ago | (#46334849)

Oh, Paraguay [amazon.com]

not incompetent, just lazy! (0)

Anonymous Coward | about 8 months ago | (#46332463)

The Paraguayans are lazy about patching their security holes because the weather is so nice.

Re:not incompetent, just lazy! (2)

Chrisq (894406) | about 8 months ago | (#46332489)

The Paraguayans are lazy about patching their security holes because the weather is so nice.

Hence the "Maybe Google can helps us". Why bother to leave the hammock yourself!

Steve (0)

Anonymous Coward | about 8 months ago | (#46333307)

You've clearly never been.

For extra irony points (5, Funny)

Arancaytar (966377) | about 8 months ago | (#46332495)

I hope it was a vulnerability in their Python code?

Re: For extra irony points (1)

Juan de los Palotes (3551759) | about 8 months ago | (#46332743)

well, it was just a matter of Âimport nicÂ.

Re: For extra irony points (0)

Anonymous Coward | about 8 months ago | (#46332749)

/.'s unicode support sucks?

Re: For extra irony points (2)

jones_supa (887896) | about 8 months ago | (#46332847)

Anyone reading this at Dice...can you at least finally add the Unicode support to the Beta?

Re: For extra irony points (3, Funny)

Cryacin (657549) | about 8 months ago | (#46332865)

No Dice.

Re: For extra irony points (0)

Anonymous Coward | about 8 months ago | (#46333661)

What a drag!

Re: For extra irony points (1)

Soulskill (1459) | about 8 months ago | (#46341285)

It's on our to-do list (and has been for a long time), but our to-do list is pretty huge. I'll bring it up again at our next meeting and see when we can find time for it. Sorry I don't have anything more specific for you.

Re:For extra irony points (1)

Anonymous Coward | about 8 months ago | (#46332751)

There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.

Re:For extra irony points (3, Funny)

Fear the Clam (230933) | about 8 months ago | (#46332769)

There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.

The Anaconda don't want none unless you got root access, Hon.

Re:For extra irony points (1)

Nyder (754090) | about 7 months ago | (#46336397)

There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.

The Anaconda don't want none unless you got root access, Hon.

Nice Sir Mix-a-lot. =)

Most respectful? (4, Funny)

wonkey_monkey (2592601) | about 8 months ago | (#46332503)

the 2 most respectful Computer Science Universities of Paraguay

Respectful is nice. Respected would be better.

Re:Most respectful? (0)

Anonymous Coward | about 8 months ago | (#46332671)

Given the sources within the story, pretty high chance submitter is not english.

Re:Most respectful? (1)

oodaloop (1229816) | about 8 months ago | (#46332759)

I hope they at least did the needful.

jagger's dna lost in lhc composting accident (-1)

Anonymous Coward | about 8 months ago | (#46332541)

mixed in with the mutant inbred crown royal WMD on credit genociders gargoylian goop? which was to be used on the custom made (in our own image) hymenless monkeys. it all goes batfarm as the custom monkeys are still sharing their bananas & refusing to shoot each other. jagger's dna makes them (both the monkeys & crown royals) listless, always tapping their feet, swinging their hips, overwhelming the effects of the mutant crown royal aggressive abuse genes..... dark matters less & less

Re:jagger's dna lost in lhc composting accident (1)

philip.paradis (2580427) | about 8 months ago | (#46332551)

The bit about hymenless monkeys is intriguing. Newsletter?

hobbyist whiners @ lhc composting accident site (0)

Anonymous Coward | about 8 months ago | (#46332559)

let us have at it they whine. we can extract what's left of jagger out of that mess. we could make him smaller, quieter, younger,,, we have his digits....

Triple Frontier (-1, Flamebait)

benjfowler (239527) | about 8 months ago | (#46332581)

Place has always been a bit lawless; see every terrorist and criminal piece of shit on Earth is attracted to the place.

http://en.wikipedia.org/wiki/T... [wikipedia.org]

Unbelievable that these Muslims should be allowed to get away with what they do in an Christian part of the world. I certainly hope that somebody teaches them a lesson, especially seeing that lawlessness cuts both ways, and makes it a lot easier for Whitey to come and clean house -- again.

Re:Triple Frontier (1)

TheDarkMaster (1292526) | about 7 months ago | (#46334309)

A "bit"? The place is like the old north-american Wild West. All you need to do to bump into a criminal is entering the country.

News at 5 (-1)

Anonymous Coward | about 8 months ago | (#46332583)

News at 5. Script kiddie finds stupid vulnerability in website.

nothing really new in centuries until now? (0)

Anonymous Coward | about 8 months ago | (#46332611)

enter the jaggerwire. the result of dna salvaged at the lhc composting accident. it may look like just another monkey, but this ape was built to escape. never stops moving, big lips, wavy hips, no hymen to answer for or be held hostage by, she rocks....

The hacker found the password (1)

Anonymous Coward | about 8 months ago | (#46332633)

The admins didn't fool the hacker when they used "passwordo" as root password.

Re:The hacker found the password (0)

Anonymous Coward | about 7 months ago | (#46334445)

Actually, passwordo sounds like a pretty good password, since it is not a word in English or Spanish. Not even in Guarani.

Re:The hacker found the password (0)

Anonymous Coward | about 7 months ago | (#46337303)

that's the english translation for pasguord

150th generation jaggerwire spotted in the wwwild (0)

Anonymous Coward | about 8 months ago | (#46332679)

we call her cyndi http://www.youtube.com/watch?v... [youtube.com] so time space & circumstance stability is an illusion for sure. for sure we've been here before?

Slashdot only allows anonymous users to post 10 times per day (more or less, depending on moderation). A user from your IP has already shared his or her thoughts with us that many times so rock on /.

"Last February 20th, (1)

Threni (635302) | about 8 months ago | (#46333097)

You mean this February then. That was last week, not last year, therefore its misleading to say "last February".

Re:"Last February 20th, (0)

Anonymous Coward | about 8 months ago | (#46333779)

If they said "Last February" I would agree, but they said "last February 20th."

You can't say that someone made a misleading statement if they said their car seat is black when the car is red. They are talking about the car seat, not the car. Here they are talking about the day, not the month.

Re:"Last February 20th, (0)

Anonymous Coward | about 8 months ago | (#46334095)

February 20th, 2014, was this February 20th, not last February 20th, which was in 2013.

Re:"Last February 20th, (0)

Anonymous Coward | about 7 months ago | (#46335111)

According to the Free Dictionary:

last:
      3. Just past; most recent

What definition of last means "the one before the most recent"?

But I see where you're coming from, I probably wouldn't say "last weekend" on Monday to refer to Sunday. Following this usage, though, at what point does "Last February 20th" become February 20th, 2014? Is it March 1st, 2014, December 31st, 2014, or February 1st, 2015?

Can you cite a source for common rules of this vs last vs next? My googling hasn't turned up anything.

Yeah, I guess you could say it is misleading through it's ambiguity.

It's not only universities problem (1)

alefq (1215314) | about 8 months ago | (#46333697)

People buying domains for that price without complaining is also a BIG part of the problem. Paraguay has one of the most expensive TLD 44 USD, and probable the worst service. This is not an isolated case, is the reality in many other areas in my country, paraguayans running a public service abusing of other paraguayans. More and more people are buying domains outside ".py" because of that, overpriced and poor quality of service.

Re:It's not only universities problem (0)

Anonymous Coward | about 7 months ago | (#46334481)

If you buy your domain abroad, but remain physically inside Paraguay, you still have the overpriced Internet access with crappy bandwidth to deal with...

well, duh. (0)

Anonymous Coward | about 8 months ago | (#46333837)

as if universities ever had enough money to run it services properly.

sh1t! (-1)

Anonymous Coward | about 7 months ago | (#46335307)

I^7's going,

A note (1)

stonecypher (118140) | about 8 months ago | (#46340535)

Nothing needs to be hacked to get that same estimate of revenue.

Just download their zone file and multiply by their annual. The zone file even tells you when they were registered and when they're registered until, allowing you to take account of public discounts for registration length.

It's still an upper bound; you don't know what other offers or freebies are in there. But still. It's a better upper bound than the hack ostensibly provides.

Central point of failure (1)

Hypotensive (2836435) | about 8 months ago | (#46343563)

Lessons still not learned.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?