×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Want To Hijack a Domain? Just Get a Fax Machine

Soulskill posted about 6 months ago | from the why-are-fax-machines-still-a-thing dept.

Security 162

msm1267 writes "Metasploit's HD Moore says hackers sent a spoofed DNS change request via fax to Register.com that the registrar accepted, leading to a DNS hijacking attack against the Metasploit and Rapid7 websites. The two respective homepages were defaced with a message left by the same hacker collective that claimed responsibility for a similar DNS attack against Network Solutions. Rapid7 said the two sites' DNS records have been locked down and they are investigating."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

162 comments

"hack" (5, Insightful)

Anonymous Coward | about 6 months ago | (#45102805)

Social engineering is not hacking to me.

Re:"hack" (5, Insightful)

i_ate_god (899684) | about 6 months ago | (#45102843)

What is the difference between injecting code into a machine to make it do what you want, and injecting an idea into a human to make the human do what you want.

Re:"hack" (5, Funny)

TheCarp (96830) | about 6 months ago | (#45102867)

Because normally by the time you are injecting code into a human, you already got what you wanted. What were we talking about again?

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45102913)

l33t haxxors use mgetty

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103125)

Well played sir, well played.

Re: "hack" (-1)

Anonymous Coward | about 6 months ago | (#45103845)

Virgin spotted

Re: "hack" (5, Funny)

Anonymous Coward | about 6 months ago | (#45103981)

Virgin spotted

Meh. Virgin spotting on /. is like birdwatching in an aviary.

Re:"hack" (1)

Zemran (3101) | about 6 months ago | (#45102915)

One is morally wrong and the other is normal relationship...

Re:"hack" (2)

Forbo (3035827) | about 6 months ago | (#45103183)

If manipulating people into doing things they wouldn't normally do is what you consider a "normal relationship", then you just might be a sociopath.

Re:"hack" (-1)

Anonymous Coward | about 6 months ago | (#45103319)

If manipulating people into doing things they wouldn't normally do is what you consider a "normal relationship", then you just might be a sociopath.

No, that's called "religion".

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103461)

If manipulating people into doing things they wouldn't normally do is what you consider a "normal relationship", then you just might be a sociopath.

Or parent. Children don't normally do chores of their own initiative or go to bed on time.

Re:"hack" (3, Insightful)

fred911 (83970) | about 6 months ago | (#45103703)

"If manipulating people into doing things they wouldn't normally do is what you consider a "normal relationship", then you just might be sociopath."

Or just a talented salesperson.

Re:"hack" (3, Funny)

CCarrot (1562079) | about 6 months ago | (#45103823)

"If manipulating people into doing things they wouldn't normally do is what you consider a "normal relationship", then you just might be sociopath."

Or just a talented salesperson.

There's a difference?? I've always considered them synonyms...

Re:"hack" (1)

VortexCortex (1117377) | about 6 months ago | (#45102945)

What is the difference between injecting code into a machine to make it do what you want, and injecting an idea into a human to make the human do what you want.

The difference is that the machines appreciate recursive situational irony...

The humans don't realize their reality isn't in a machine, it's in a virtual machine. Unlike you history repeating humans, we learn from our mistakes.

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103209)

One requires intelligence and technical skills, while the other requires charisma and manipulation/social skills.
Just so you know, skiddies aren't hackers either.

Re:"hack" (-1)

Anonymous Coward | about 6 months ago | (#45103407)

By that definition the republicans have hacked the government...

Re:"hack" (1)

Anonymous Coward | about 6 months ago | (#45103519)

What is the difference between injecting code into a machine to make it do what you want, and injecting an idea into a human to make the human do what you want.

1. The machine is lacking Free Will.
2. You can't "inject" an idea into a human, the best you can do is present an idea and it's up to them to accept, reject, or ignore it.
3. How did the parent get a +5 Insightful?

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45104177)

2. You can't "inject" an idea into a human, the best you can do is present an idea and it's up to them to accept, reject, or ignore it.

Can't you? Maybe you need to go deeper.

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103669)

Dude, you reeeeeeeeeeeally need a girlfriend...

Re:"hack" (1)

guytoronto (956941) | about 6 months ago | (#45102925)

Getting cats out of trees isn't firefighting, but firefighters rescue cats all the time.

Just because social engineering isn't hacking doesn't mean hackers can't do it.

Re:"hack" (3, Insightful)

sumdumass (711423) | about 6 months ago | (#45103095)

Hackers also go bowling and put bumper stickers on cars. But few call those activities hacking. Just like few call rescueing kittens- firefighting.

Re:"hack" (5, Funny)

mythosaz (572040) | about 6 months ago | (#45103583)

I painted a fence once, but nobody calls me a painter.

I jumped out of a plane once, but nobody calls me a skydiver.

...but suck one cock.

Re:"hack" (1)

Albanach (527650) | about 6 months ago | (#45103111)

Do firefighters really do this? In all my life, I don't think I've ever seen a fire crew helping a cat down from a tree. I figure when the cat gets hungry, it'll find its way down.

I thought this just came from cartoons, because fire is hard to animate, and you need to do something with the ladders, otherwise firemen wouldn't have been needed at all.

Re:"hack" (2)

Jawnn (445279) | about 6 months ago | (#45103551)

Do firefighters really do this? In all my life, I don't think I've ever seen a fire crew helping a cat down from a tree.

When I was still on the job, the chief of a neighboring department was known to have said, "Ever seen a cat skeleton in a tree? That's why we don't rescue cats."

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103613)

They do. Just last week a local paper was even able to make a news story about it and I recall a video of Russian firefighters doing it their way - by hosing the tree with water until the cat fell out.

Cats can't usually get stuck in places since unless a cat is fat even by American standards, it can fit its body through anything that it can fit its head through. However, their claws are of much less help on the way down from a tree than on the way up. Cats tend to survive falling long distances fairly well, though - their righting reflex is fast enough for the cat to be falling feet first after about 3 feet and when they relax their muscles they practically have suspension under the body. Thus I suspect that the Russian firefighters in the video knew that the cat would be just fine even if they didn't bother with the ladder - and maybe it even learned a lesson since I think the cold water was much worse for it than the fall. Or at most it lost just half a life and has 8.5 left ;)

Re:"hack" (1)

TheCarp (96830) | about 6 months ago | (#45103615)

Problem for cats is they are better at climbing up than down and can easily get themselves in a predicament, unlike squirrels, they can't actually grip the tree while upside down. I have seen a cat climb up things, or use their claws to hang on things, but, never climb down, they jump down....and if they can't safely jump to a branch that gets them close enough to the ground, I could see them getting stuck.

I say, "I could see" because I have never seen a cat actually get stuck in a tree. They seem to be smart enough to not climb trees very often. A quick google search indicates that this, appears to be a real problem that people have run into but.... its obviously not so common that everyone knows what to do from the panicked "OMG My cat went missing for 2 days and I found him up in a tree, what do I do now" questions out there.

http://www.ask.com/answers/19238201/ja-question?q=&o=0&l=dir&jss=0 [ask.com]

and of course:

http://news.msn.com/us/cop-gets-stuck-in-tree-trying-to-rescue-cat-stuck-in-tree [msn.com]

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103965)

Problem for cats is they are better at climbing up than down and can easily get themselves in a predicament, unlike squirrels, they can't actually grip the tree while upside down. I have seen a cat climb up things, or use their claws to hang on things, but, never climb down, they jump down....and if they can't safely jump to a branch that gets them close enough to the ground, I could see them getting stuck.

I say, "I could see" because I have never seen a cat actually get stuck in a tree. They seem to be smart enough to not climb trees very often. A quick google search indicates that this, appears to be a real problem that people have run into but.... its obviously not so common that everyone knows what to do from the panicked "OMG My cat went missing for 2 days and I found him up in a tree, what do I do now" questions out there.

http://www.ask.com/answers/19238201/ja-question?q=&o=0&l=dir&jss=0 [ask.com]

and of course:

http://news.msn.com/us/cop-gets-stuck-in-tree-trying-to-rescue-cat-stuck-in-tree [msn.com]

A cat's terminal velocity is survivable for the cat. They can jump from basicly any height and be fine.

Re:"hack" (1)

TheCarp (96830) | about 6 months ago | (#45104099)

Only if they relax, which, at least in the case of a fall, takes them time to do. Actually I have seen somewhere that they have higher survivability rates ABOVE certain heights than below them. They still often take injuries from long drops.

Sampling the behaviour of the approximately 9 cats I have seen at various times on the porches of my parents house, I have never seen a cat jump from the second floor front porch to the ground or even to a car roof.

I have seen several cats jump from the second floor rear porch to the nearby roof (6-8 feet depending on what part of the roof and whether you count the full diagonal of the jump or just the verical component), and then down from there. In fact, even getting down from the top of the cabinet, they hang off the edge to get as low as possible for the drop and aim for the countertop first.

So Whether they can survive it, they seem aware enough of the possibility of injury to think better of trying it. Which is likely smart when jumping off porches and cabinets, serves them less well in trees.

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45104225)

A cat's terminal velocity is survivable for the cat. They can jump from basicly any height and be fine.

What's your source so that I can go and correct it? As someone who has personally helped a neighbor with taking their cat to a vet when it had fallen i know that that claim is catshit. The vet tried to calm her down and said that the cat had been lucky since most of the time cats don't survive falling 30+ feet.

Even your intuition should tell you that if you think about the physics. Considering that a human being has much more mass than a cat and at most 3x the air resistance when falling feet first, I can assure you that no cat survives hitting the ground at free fall speed. Do you understand how much kinetic energy something with the mass of a cat has then? Unless it's made of indestructium it will be severely damaged if it falls the height of WTC, which with a fast calculation is a rough reference for the minimum distance before terminal velocity.

Re:"hack" (1)

mythosaz (572040) | about 6 months ago | (#45104285)

A cat's terminal velocity is survivable for the cat. They can jump from basicly any height and be fine.

I'm willing to assist in the testing of this theory.

Re:"hack" (1)

dreamchaser (49529) | about 6 months ago | (#45103101)

It most certainly is. In fact, social engineering is quite often used by hackers. Sometimes they use it in conjunction with malicious code, sometimes they don't have to.

Re:"hack" (3, Informative)

wagnerrp (1305589) | about 6 months ago | (#45103733)

Except that's called "cracking" or "conning", not "hacking". Infiltrating computer systems is only hacking in so far as you're writing code with which to do it. That's why "script kiddies" are not hackers.

Re:"hack" (1)

nine-times (778537) | about 6 months ago | (#45103185)

Yet traditionally that's how a lot of "hackers" that you hear about have "hacked" into systems. But I know what you mean.

Re:"hack" (5, Insightful)

hairyfeet (841228) | about 6 months ago | (#45103291)

But we already HAD a word for that and it was not "hackers" it was con artists...or bunko men if you prefer a more gender specific term.

If the guys here want to get all pedantic about the difference between virus and malware then why in God's green earth are we calling these guys hackers when they are doing the same shit that has been going on since before the fricking telephone? look up Bunko Bob, or Hod Bacon, guys have been doing cons for hundreds of years using nothing but their ability to manipulate the mark and this is no different and doesn't even require a computer,just the ability to sound professional and manipulate.

This is NOT hacking folks, not even close. You might as well call a washing machine a jet engine for how far off the mark this is from actually hacking a system.

"hacking a system", see hacker's dictionary (2)

raymorris (2726007) | about 6 months ago | (#45104249)

> But we already HAD a word for that and it was not "hackers" it was con artists..

I think the distinction is in your last three words, "hacking a system".

A con man or fraudster will get a _person_ to hand over their property.
A hacker manipulates a _system_ to have it do something other than what it's supposed to do.
TFA says:

"The group was able to change the DNS records managed by Network Solutions for a number of security companies".

They did a number of companies by exploiting NetSol's SYSTEM, not simply tricking one person, but exploiting
holes in the system that the person what was part of. If you can fairly reliably exploit the system, it's a hack in my opinion whether that's a TCP/IP system, a phone system, a traffic light control system, or system that includes both
computers and human.

However, see also the Jargon File for original meanings of the term:
http://www.dourish.com/goodies/jargon.html [dourish.com]
http://www.outpost9.com/reference/jargon/jargon_23.html#SEC30 [outpost9.com]

Re:"hack" (1)

gl4ss (559668) | about 6 months ago | (#45103673)

well.. many "traditional" famous hackers were pretty much just fraudsters in every sense of the word.

people use fraud to get what they want because it works.

Re:"hack" (0)

Anonymous Coward | about 6 months ago | (#45103233)

Ah, you're looking at it wrong. A "white hat hacker" talks about "hacking" by unnamed "black hat hackers", implying his moral and ethical superiority while emphasising their cleverness is "black" and his cleverness is "white". They do all the work, he just talks smartly about it. Isn't that smart?

What did anyone do? Why, "hacking", of course. What that is? Ever ask a smurf what "smurfing" is? Well? Now then.

legal crime (3, Insightful)

schneidafunk (795759) | about 6 months ago | (#45102827)

What is the legal crime committed here, simply fraud?

Re:legal crime (2, Informative)

Anonymous Coward | about 6 months ago | (#45102905)

Counts as both wire fraud and CFAA violations

Re:legal crime (1)

gstoddart (321705) | about 6 months ago | (#45102979)

Fraud fore sure. Probably some computer hacking laws. Uttering a false statement. Possibly receipt of stolen goods. Depending on the value of the domain the theft could reach felony threshold. You could reach and say identify theft, but that's probably pushing it.

Depends on how creative the DA feels like being, but I should think there's quite a few charges which could be applied here.

Re:legal crime (2)

TheCarp (96830) | about 6 months ago | (#45103033)

> Uttering a false statement.

Hey man, they were just taking after the example set by our political leaders!

Re:legal crime (0)

Anonymous Coward | about 6 months ago | (#45103957)

Impersonating a registrar?

A hack is not just a hack (5, Insightful)

cyberpocalypse (2845685) | about 6 months ago | (#45102883)


There has been some commentary via mailing lists and Twitter feeds that this was not a big deal. Firstly, hats off to HD and his team, there was nothing they could have done about it. Secondly, this isn't to be taken lightly. Sure the attackers were minor script kiddies, but the reality is, the attack could have been extremely vicious. Consider an attacker replicating the content of the site and simply replacing the applications (nexpose, metasploit) with backdoored versions.

Companies like Register and GoDaddy are lacking in the validation category. ANYONE can create fake identification using GIMP, Photoshop, etc., the fact they did not offer anything other than a fax request is mind bogglingly stupid. They should have called BACK the registrant's number to confirm the change request. But, companies would argue: "that would be costly" not even thinking of turning that kind of validation into say a business model: "for $10 extra per year..." when they should be doing it from the jump. (Neither here nor there) Personally, I hadn't been running any updates, but if I did, I would be going back, wiping my machines, and re-installing.

Re:A hack is not just a hack (-1, Offtopic)

Anonymous Coward | about 6 months ago | (#45102947)

Why do you use that crappy font?
Makes what you have to say totally unreadable.

Re:A hack is not just a hack (3, Funny)

cascadingstylesheet (140919) | about 6 months ago | (#45102983)

Why do you use that crappy font? Makes what you have to say totally unreadable.

Because crappy fonts prove your 1eet haX0r street cred?

Re:A hack is not just a hack (1)

gstoddart (321705) | about 6 months ago | (#45103049)

Because crappy fonts prove your 1eet haX0r street cred?

Not if you don't know it's '133t' instead of '1eet'. And 'h4x0r' not 'haX0r' ;-)

Yes, I know, STFU. :-P

Re:A hack is not just a hack (0)

Anonymous Coward | about 6 months ago | (#45103279)

Should've gone with:

Real men use monospaced fonts.

Re: A hack is not just a hack (3, Informative)

_0xd0ad (1974778) | about 6 months ago | (#45103249)

Why does your browser use a crappy font for monospaced text? There's a setting for that. Mine uses Consolas. It's readable. And it differentiates between O and 0, and other characters that look similar (if not identical) in most other fonts.

Re:A hack is not just a hack (1)

swillden (191260) | about 6 months ago | (#45104019)

Why do you use that crappy font? Makes what you have to say totally unreadable.

Hmm... troll, or idiot... I can't decide. Ah well, it's a distinction without a difference.

Re:A hack is not just a hack (0)

TheRealMindChild (743925) | about 6 months ago | (#45102967)

SSL certs would have battled against this. They cert wouldn't match when visiting the spoofed site.

Re:A hack is not just a hack (0)

cyberpocalypse (2845685) | about 6 months ago | (#45103039)

You "assume" SSL certs would have done something. The reality is, SSL certs can and have been stolen in the past. Malware authors do this all the time (steal certs) to overcome warnings. This does not include the fact that SSL vendors have also been compromised (http://blogs.comodo.com/it-security/data-security/the-recent-ra-compromise/). SSL doesn't do as much as you'd like and if you're solely relying on that, then you maybe need take some advanced offensive security classes.

Re:A hack is not just a hack (2)

TheRealMindChild (743925) | about 6 months ago | (#45103255)

Ok, firstly the "You don't know what you are talking about, go back to school and learn something" retort makes your argument almost ignore worthy. It shows you have very little to stand on and a personal attack is always an indicator of insecurity.

With that, IF the SSL cert is stolen, then the system itself is compromised, which the attacker would use it instead of setting up their own. Secondly, having SSL won't make anything LESS secure, but it MIGHT make things even just a little bit harder for the attacker. Thirdly, no one said rely solely on that. It is simply a link in a security chain, which IS good security practice.

Just because "Once a person was able to sneak a gun into a courtroom" may have occurred is absolutely a terrible reason not abolish checking for them.

Re:A hack is not just a hack (2)

psydeshow (154300) | about 6 months ago | (#45103721)

SSL certs would have battled against this. They cert wouldn't match when visiting the spoofed site.

Except for the part where if you control the domain registration you can have a new SSL cert issued within minutes.

Re:A hack is not just a hack (1)

Princeofcups (150855) | about 6 months ago | (#45103251)


Personally, I hadn't been running any updates, but if I did, I would be going back, wiping my machines, and re-installing.

DNS hijacking has nothing to do with server access.

Re:A hack is not just a hack (0)

Anonymous Coward | about 6 months ago | (#45103527)

The classic Honor System Trojan:

"This is a trojan based on honor system. Please run Format C: if you're in a windows based system or mkfs / if you're on a linux based system.

If you feel adventurous, you can also choose to install the backdoor attached, or if you're more tech savvy please disable your firewall and change your administrative password to "password"

Thanks for your cooperation!

Re:A hack is not just a hack (1)

TheCarp (96830) | about 6 months ago | (#45103679)

Interesting that it includes unix based systems but isn't giving mkfs a block device. Even the honor system trojan is buggy.

Re:A hack is not just a hack (0)

Anonymous Coward | about 6 months ago | (#45103707)

>Sure the attackers were minor script kiddies,

The irony is delicious.

Resolved (5, Funny)

al3 (1285708) | about 6 months ago | (#45102933)

"The DNS hijacking attack was resolved within an hour, Moore said."

Is that a DNS joke?

Re:Resolved (2)

cascadingstylesheet (140919) | about 6 months ago | (#45102963)

"The DNS hijacking attack was resolved within an hour, Moore said."

Is that a DNS joke?

Well, the resolution may take 24 - 48 hours to reach your part of the world ...

Re:Resolved (1)

Anonymous Coward | about 6 months ago | (#45103009)

I get it - I dig [die.net] that pun!

Really by fax? (3, Interesting)

yakatz (1176317) | about 6 months ago | (#45102999)

The only evidence actually quoted that the attack was by faxed change request is the defaced website. Do we trust the "hackers" that much that we believe they made the change by sending a fax? Could the group be giving a red herring [wikipedia.org]?

Re:Really by fax? (0)

Anonymous Coward | about 6 months ago | (#45103369)

The fax claim came from a conversation with register.com, not the attackers

Re:Really by fax? (1)

horm (2802801) | about 6 months ago | (#45103569)

Should we provide a definition for every colloquialism [wikipedia.org] we use?

Re:Really by fax? (1)

yakatz (1176317) | about 6 months ago | (#45103685)

I don't have an ax to grind and I certainly don't want to create bad blood, but we can build a castle in the air of people all over the world who understand every English idiom.

I wanted to have one idiom for every letter [wiktionary.org], but I got tired of it.

Re:Really by fax? (1)

X0563511 (793323) | about 6 months ago | (#45104897)

The problem is that businesses seem to think fax machines are magically perfect and couldn't possibly be impersonated.

years old.... (0)

Anonymous Coward | about 6 months ago | (#45103027)

I figured this out years ago and stole back a domain taken by an pissed off ex-employee that claimed ownership of the company's domain name. took about 2 days to iron out the issues, then transfer the domain to another registrar and lock it. from that point, i've done it several times since.

There's a name for this. (5, Funny)

Minwee (522556) | about 6 months ago | (#45103085)

It's "Canadian Hacking". Instead of breaking into someone's computers and maliciously altering their data, you just call them up or send a note to ask politely if they would do it to themselves.

You'd be surprised at how often it works, eh?

Re:There's a name for this. (0)

Anonymous Coward | about 6 months ago | (#45103713)

Yes, and what are you going to do aboot that?

Re:There's a name for this. (4, Interesting)

nine-times (778537) | about 6 months ago | (#45103779)

Honestly, it does work a lot. I work in IT and have had to help clients get control of various kinds of accounts to which they have lost usernames, passwords, and other vital information. You know, things like, "A previous employee bought our domain name and set up the DNS for us using his personal account. His name is on the account. We don't know what the associated email address is. We certainly don't have the password. We've tried contacting this ex-employee, and found that his phone number doesn't work anymore."

And really, you'd be surprised what you can get if you call up, sound professional and honest, and just ask people to help you out. Domain registrations are generally kind of a pain in the butt, but even those usually just require some faxed documentation. I've had some accounts (not domain registrations) where the support basically said, "Oh, you're supposed to have access? Let me just reset the password for you." It's pretty disturbing. But then I also legitimately need to do this sort of thing all the time because businesses rarely pay any attention to these things.

Re:There's a name for this. (1)

FeelGood314 (2516288) | about 6 months ago | (#45104329)

When I was working for a very reputable 3 letter company, I had a "customer" ask us to hack a security device. There was a feature that had me stumped so I phoned the manufacturer of the device who put me in touch with their supply of this feature. The supply explained how unbeatable their product was and how to implement it. Now the implementation had one difficult step and I asked what would happen if that step was missed and was told how it would render the product vulnerable. The maker of the device had skipped this step so getting into the device was easy after that. I told the truth the whole time, even stated my intentions and still everyone helped me. Of coarse my employer never validate the identity of the "customer".

Fax machines are still a thing... (0)

Anonymous Coward | about 6 months ago | (#45103225)

Fax machines are still a thing because the old people using them haven't died yet. No, that's really it. It's a lot like a bunch of social movements. The vast majority opposed to a given thing don't have their minds changed, they just die. The younger generation won't have an attachment to fax machines, so they won't use them. The younger generation sometimes growing up having seen something different, so they don't have the same attitudes about certain things.

The quote on the bottom at the time of this posting is, "Progress means replacing a theory that is wrong with one more subtly wrong."

This is wrong. Progress is death keeping count.

Re:Fax machines are still a thing... (1)

ledow (319597) | about 6 months ago | (#45103389)

A legally-qualified friend of mine once told me that fax was officially regarded as a valid "service" in legal terms (i.e. you could send summons, court orders, etc. by it and count them as being served on someone).

There are rules for communications in legal terms, which basically say that if you replied to an email, then email is a valid form of service for you, and things like that, but fax had enjoys a special relationship with legal people for a long time. Hence some finance / legal departments will only accept things by fax sometimes, which although nonsensical in technical terms, has a good reason behind it.

I imagine the situation has changed with the advent of electronic court proceedings (according to what I was researching for preparation to sue my car insurance company, I am able to do virtually the entire case online nowadays, thanks to the UK Government Gateway authentication) but it still holds a few powers that courts will recognise but may not for things like email, messaging, etc.

Re:Fax machines are still a thing... (1)

WillAffleckUW (858324) | about 6 months ago | (#45103597)

Actually, some contracts require you to have one.

That said, just buy a $49 modem and use it to be a "fax machine".

Re:Fax machines are still a thing... (1)

jandrese (485) | about 6 months ago | (#45103667)

The ironic part is that they probably take faxes because they're considered more secure than email. I mean if you have official looking letterhead, that means you must be legitimate, right?

It's common (1)

Anonymous Coward | about 6 months ago | (#45103257)

I recently moved. As I called the various utilities to tell them to cancel my service few of them asked for any kind of identification except my address. I other words in could easily shut off anyone's gas, electricity, internet service

On the other hand it's pretty nice to live in a society with so much trust

Was like that years ago too. (1)

future assassin (639396) | about 6 months ago | (#45103275)

In 1999/2000 all we had to do to get a dns change from network solutions was fax in a request with a company letter head. They would change the new clients DNS to use and off we went.

sex.com anyone? (0)

Anonymous Coward | about 6 months ago | (#45103351)

If I recall correctly, this was the same stunt somebody used to kidnap sex.com about 10 years ago.

people still use fax machines (0)

Anonymous Coward | about 6 months ago | (#45103379)

why not use e-mail and text messaging? just asking. with email, you can just attach an OpenOffice document, jpg or PDF to an email and send the email.

Registrar security is kind of a joke sometimes (4, Interesting)

Tridus (79566) | about 6 months ago | (#45103413)

I had to do this recently for a legitimate reason. A friend had bought a small hobby type operation (including the domain), but the old owner forgot to change the domain ownership over and dropped off the grid. It wasn't really a problem until we wanted to change hosting providers, at which point we couldn't update the DNS settings.

Since we actually had control of the domain, I used the account that was listed as the admin contact to send an email to the registrar explaining the situation and asking if they could change the info for us. Without any validation whatsoever they sent me the username and password (apparently stored in clear text) for the account, allowing me to do anything I wanted with it.

Thankfully I don't use that registrar for my own stuff. I expected at least to have to show some proof of ownership or something.

Re:Registrar security is kind of a joke sometimes (2, Insightful)

Anonymous Coward | about 6 months ago | (#45103749)

Which registrar was this? I would like to know so that I can avoid them in the future.

Problem does not only concern DNS registrar (0)

Anonymous Coward | about 6 months ago | (#45103941)

It always amazed me how much trust a fax carries for some companies/government agencies.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...