The oldest ISP in New York, Panix, had its domain name hijacked over the weekend. While normally such a thing would be solely of geek interest, worthy only of coverage on a geek web site like slashdot, it is also a big warning flag for YOU. Why? Because as a large ISP, Panix moved millions of email messages through its systems, and manages the email accounts of its customers.
Those emails have been secretly redirected to places unknown since the hijacking. That's right, if you had an email address whatever@panix.com then your email has been delivered to whomever hijacked he domain, and there is little anyone can do about it.
It also means that the persons-unknown may have been sending email from your acount all this time, without yur permission or knowledge.
Now at first you might be thinking big deal, I have nothing to hide. But maybe you will come back online Monday, after Panix tech magicians have recovered their domain name, and discover that you have been signed up to every spam list in the world. Or worse, perhaps your account was used to SEND spam, andis now on a blacklist so any mal you send will be dumped into the spam bin.
How did something as important as a domainname get hijacked? Could the technical people at New York's oldest ISP really have slipped up?
No. The domain name system is poorly managed, and appears to have become a political football on an international scale. Recent regulation changes have created opportunities for hijacking, and it is not a loophole. It was known from the start that the changes could lead to hijacking, yet they were put through anyway. And now we are seeing the start of the consequences.
This weekend Panix got hijacked. What about citibank? What if someone hijacked the citibank website and sarted using it to collect your information and steal your money? Everyone uses the same Internet, withthe same rules and the same registrar regulations.
Privacy is not dead. Privacy is suffering, and being mercilessly tortured! Do we need to fight for euthenasia for privacy? Here's a tip for you -- security is the little brother of privacy. If you don't protect privacy, guess who is left exposed to the twice-left-behind class bully?
Comments