  EdrickI aspire to tell the story of a lifetimePremium
join:2004-09-11
Woburn, MA | Yea Good Job NOT Yea ignore the fact that I reported this to them MONTHS ago and they did nothing at all. Great Job finally realize it months later.
--
Ricky SmithVerizon FIOS User15 Mbit Down 2 Mbit Up | |
|
 | | | Re: Yea Good Job NOT Tom needs to be held accountable for this! | |
|
| | |
| | | |
| | | | | | Re: Yea Good Job NOT You do realize that Tom is not a real person, just a image by the company that made mysapce? | |
|
| | | | | | | Re: Yea Good Job NOT Huh? "Tom" is Tom Anderson, a founder of MySpace and real actual person. | |
|
| | | | | |  acethebunnymIRC is my life
join:2006-09-14
Charleston, WV | Re: Yea Good Job NOT tom is the guy that made MySpace.. but he doesn't do shit with it anymore.
--
myspace.com/acethebunny =] | |
|
eowenPremium
join:2004-05-12
Temecula, CA
1 edit | great! thats just great! now that gives me a totally good reason to dump it after several cases of errors from the site.
visiting the site at evening hours is insanely problematic but it was by choice. This time its my choice again :0 | |
|
| | Myspace's problem Myspace has not done enough to protect the security of their own network or site. Spam is rampant, and phishing has always been a problem. Some changes to what is allowed on a profile should be the first step. Removing php or any other script from being allowed to sit on a profile should be the first step.
It's not the hosting providor's fault myspace is lacking in some security. | |
|
| | | Re: Myspace's problem I don't think anybody blames the hosting provider for somebody else's security problem, but when they are found to be abetting in that activity, aren't there any good-citizen obligations to help mitigate the damage? | |
|
| | | no one is at fault except for myspace.. clearly they should keep an eye on what the hell people are embedding into the pages they create. | |
|
| |
approval from:
Steve 
| Re: Myspace's problem I have to disagree. Yes, MySpace bears some responsibility, but the hosting provider where the phished information ends up has a responsibility to act when they are advised of what's going on.
A close but not perfect analogy would be if stolen goods were showing up in a pawn shop. Even if the pawn shop owner really didn't know the items were stolen when the thief began pawning them, as soon as he's shown that they are indeed stolen, he can not plead ignorance or maintain that he has no responsibility to do anything to assist in catching the thief.
To return to the MySpace situation, the Web hosting company owners also need to realize that, if this incident prompts a criminal investigation, they could be charged with aiding and abetting the perpetrators of the crime. It's one thing if they didn't know what was going on, but as soon as they're told, they can't just ignore what's happening. If they're smart, they'd better be preserving as much evidence as they can and contacting an attorney because if this does get investigated, they're the first people the police will come to. | |
|
amungusPremium
join:2004-11-26
America Reviews:
 ·AT&T DSL Service
| the game Seems like quite a game to be playing... This should be an obvious open and shut case to anyone.
There are problems with myspace too though. They could very easily implement some simple things to increase their own security. For instance, I can stay logged in all day, it never times out. My bandmate can login, while I'm on, from anywhere, and it doesn't boot me, I just never know he was even logged in.
The myspace people should take some serious actions to reduce their own (security) issues as a matter of prudence. The whole system seems so incredibly duct-taped together that it's a miracle the thing works at all. Let alone, as others have said, the scripting.
While I agree they have security issues galore, the hosting provider in this case should be seriously accountable for allowing a phishing operation right under their noses, and not doing anything to stop it.
I think they should be seriously looked into by whatever authority. | |
|
 firephotoKDEPremium
join:2003-03-18
Brewster, WA
·Frontier Communi..
| near 40,000 emails/passwords from one of many phish scams I count about 40,000 email addresses and passwords, not accounting for duplicate logins, from the two .txt files before the current one started growing rapidly till it stopped at about 1860M.
--
Location: +48° 5' 23.40", -119° 48' 30.00" | |
|
InsderThere never was a second I in my namePremium
join:2005-04-27
Salem, MA
1 edit | Try dealing with ISPs on a daily basis I've given up notifying US ISPs that customers on their networks are spewing phish spam/hosting phish pages. I generally get the same response from them that you guys got from IPowerWeb.
--
The one, the only, the Insder. :: Fighting phishing for life. | |
|
 JAAuldeWeb DeveloperPremium,MVM
join:2001-05-09
Hagerstown, MD
kudos:3 | Previous CUstomer As a previous customer of iPowerWeb, this does not come as a surprise. Thankfully that contract has ended and I moved on. | |
|
 batterupI Can Not Tell A Lie.Premium
join:2003-02-06
Netcong, NJ | It serves them right. What MySpace is, is 14 year old girls looking like whores and 50 year old men lusting after them. There is a -o- in heaven. | |
|
|  JamesonPremium
join:2004-05-28
Fallbrook, CA
kudos:1 | Re: It serves them right. said by batterup:What MySpace is, is 14 year old girls looking like whores and 50 year old men lusting after them. There is a -o- in heaven. Obviously you don't know what your talking about.
--
DirecWay | DW6000-CE |SM5, 117 West, 970 MHz |3.2GHZ Intel|BFG GF 6800 OC |Win XP Pro SP2/98SE/ Macbook Pro OSX Tiger |PCs connected via Linksys WRT54G | DD-WRT firmware: dd-wrt.v23 SP1 | |
|
| | batterupI Can Not Tell A Lie.Premium
join:2003-02-06
Netcong, NJ Reviews:
·Verizon Online DSL
| Re: It serves them right. said by Jameson:said by batterup:What MySpace is, is 14 year old girls looking like whores and 50 year old men lusting after them. There is a -o- in heaven. Obviously you don't know what your talking about. And you are talking to me. Fool. | |
|
| | | | said by Jameson:said by batterup:What MySpace is, is 14 year old girls looking like whores and 50 year old men lusting after them. There is a -o- in heaven. Obviously you don't know what your talking about. Obviously you don't read the news. Or browse enough MySpace profiles. If you did either, you'd know that what he said is 100% accurate. I really get sick of almost daily news articles about some underage girl being visited by a 40+ year old man that she met on MySpace. And I'm sure you remember that incident of that celebrity's daughter (who was underage) whose MySpace profile was talking about all the various ways she liked to have sex. Get your facts straight.
On the topic. Clearly people must not care about their information being stolen because they always keep giving it even though the site is a virtual cesspool. However, that doesn't give MySpace a free pass to ignore the problem. I don't think the hosting company is to blame here. I think MySpace needs to be more aware and active in preventing issues like this as well as other non-technical issues (the "social engineering", if you will). | |
|
|  SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:5 | That's what got it shut down.
When a few 50 yr old iPowerWeb executives heard their MySpace login credentials got compromised they shut it down ASAP!  | |
|
MGDPremium,MVM
join:2002-07-31
kudos:9 | Amazing !! Wow!! there are the totally clueless, and then there is iPowerWeb. Clearly, the failure to respond reasonably to what was obviously a phishing support site on their IP space was gross negligence.
Even without reviewing the myspace page source code you would think that almost three quarters of a million email addresses with corresponding passwords stored in open files on their servers would generate some level of concern on iPowerWeb's part. Amazing !! | |
|
|  44402812Hack The PlanetPremium
join:2006-08-28
Plattsburgh, NY | Re: Amazing !! said by MGD:Wow!! there are the totally clueless, and then there is iPowerWeb. Clearly, the failure to respond reasonably to what was obviously a phishing support site on their IP space was gross negligence. Even without reviewing the myspace page source code you would think that almost three quarters of a million email addresses with corresponding passwords stored in open files on their servers would generate some level of concern on iPowerWeb's part. Amazing !! Who Cares!!! :P MySpace Sucks and is a complete waste of energy! | |
|
| |  SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | Re: Amazing !! said by 44402812: Who Cares!!! :P MySpace Sucks and is a complete waste of energy! More than a hundred million people disagree with you.
This might give some insight into who's actually right or not. | |
|
| | | | | Re: Amazing !! MySpace is the current geocities. Nothing pages that make my eyes hurt to look at. | |
|
| | | | Whether or not MySpace sucks is irrelevant. This is an identity theft issue, and if the hosting company won't address something like this, then one has to wonder what else they won't address. | |
|
| | iPowerweb is a spammer rathole Honestly, I'm surprised iPowerweb did anything at all. Every spam report I've ever sent them has disappeared into Dave Null's inbox, never to be seen again (for the Unix beginners, and others who may not know, that's a playful reference to /dev/null, a built-in black hole present in any Unix-type system in that anything sent to it simply disappears).
I finally stopped bothering with reporting spammer crap to them, and firewalled their entire IP address range out of our network permanently. I would recommend that others who run their own networks do the same.
In short, they seem not to care who abuses their networks, or how much abuse goes from their networks to others, as long as they get their monthly fees.
In the SysAdmin world, we call that kind of behavior "black-hat" and "block-and-forget."
Keep the peace(es). | |
|
| |  Typical of lowball web hosts
Nobody is going to put the CEO in jail for ignoring abuse complaints, so they put one minimum wage guy in charge of looking at the abuse@ queue if he has time after cleaning the toilets. And if he wants to remove a spammer support service he has to fill out a form in triplicate on his own time and the sales guy gets to tear it up and make him eat it. Alchemy and AIT are the same.
Face it, there would be no spam if there were no irresponsible ISPs. Cockroaches are simply nature's response to the ecological niche of slums with dirty kitchens. If there's a filthy slum, it's not the cockroaches' fault. Spammers are just cockroaches. Ipowerweb and Alchemy and AIT are the absentee slumlords who knowingly give them a happy home. | |
|
| | Largest group on myspace w/ 200,000 users hacked and deleted Today the LARGEST group on myspace with over 200,000 users was hacked and deleted. The group was:
»groups.myspace.com/wan
The group ID was: 100003506
The moderator got an email from this user right before it happened:
»profile.myspace.com/index.cfm?fu···34758226
Below is the correspondence from the user that he received. This is text from three emails.
Email 1: Subject: "Would you like your group to be featured on the front page of MySpace?"
Body: "Tom said he's working on it, you'll get it back once he added the new features
He took mine away too on another account and added this multiple moderator feature
because of the large groups thing "
Email 2: Subject: "YOU GOT OWNED MOTHA FUCKA!"
Body: "YOU GOT SERVED BITCH, SAY GOOD BYE TO YOUR GROUP "
Email 3: Subject: "FOWARDING MAIL AIN'T GO DO SHIT"
Body: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAHHHHHH FUCKEN HA "
____________________________________________________
It seems the phishers are out to wreak havoc on myspace and its users. | |
|
|
|
