Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

RIAA Website Hacked

CmdrTaco posted more than 6 years ago | from the maybe-someone-just-typed-rm--rf dept.

Security 247

gattaca writes "A lack of security controls allowed hackers to "wipe" the Recording Industry Association of America's (RIAA) website on Sunday. The existence of an SQL injection attack on the RIAA's site came to light via social network news site Reddit. Soon after hackers were making merry, turning the site into a blank slate, among other things. The RIAA has restored RIAA.org, although whether it's any more secure than before remains open to question, TorrentFreak reports."

cancel ×

247 comments

Let me be the first to cry (0, Redundant)

AndGodSed (968378) | more than 6 years ago | (#22126240)

Justice!

Re:Let me be the first to cry (5, Funny)

gnick (1211984) | more than 6 years ago | (#22126354)

No, this falls far short of justice. Justice would have been posting a bunch of copywritten songs and announcing to the world where to find them. Even better:
* Record an original piece
* Post it
* Sue the RIAA for hosting it

Just blanking a site is lazy.

Re:Let me be the first to cry (5, Funny)

phillymjs (234426) | more than 6 years ago | (#22126392)

Just blanking a site is lazy.
--
This space intentionally left blank.


Irony, thy name is gnick.

Re:Let me be the first to cry (2, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#22126472)

Or at least post press reports of dropping the charges to people who download. Then see if the judge ruled that it was hacked or if it was legitimate. Then we can use the RIAA's tactics in court to sue them.

Re:Let me be the first to cry (0)

Anonymous Coward | more than 6 years ago | (#22126816)

I don't think you understand what the word "justice" means. Maybe you mean "karma"?

Re:Let me be the first to cry (0)

Anonymous Coward | more than 6 years ago | (#22127120)

I don't think you understand what the word "justice" means. Maybe you mean "karma"?

I don't think you understand what the word, "karma," means.

Neither do most people, though; so it's okay.

Re:Let me be the first to cry (3, Insightful)

ps236 (965675) | more than 6 years ago | (#22127448)

This sounds like the best idea for what should have been done. (Except with a few hundred pieces, not just one, as the penalties are based on the number of items available for download AIUI, whether or not anyone actually downloaded them).

If they then used the 'But we were hacked, it wasn't our fault' defense, and win because of it, that would then be easier to use as a defense by anyone else whose website/PC was used for distributing copyrighted materials. The RIAA could not then say 'you should have taken reasonable care to secure it'.

If they lose, then all their fines could go to the funds to defend innocent people against them.

Re:Let me be the first to cry (3, Insightful)

LordEd (840443) | more than 6 years ago | (#22126358)

So you're saying that wrecking a database on an informational website that could likely be replaced from backup in less than an hour is the equivalent to the RIAA's normal business practices?

Well there you go Slashdot, we're even now. No complaining about the RIAA until they do something new.

Re:Let me be the first to cry (0, Offtopic)

eclectic4 (665330) | more than 6 years ago | (#22126374)

"Is there hope for Christianity?"

No, no there isn't [thegodmovie.com] .

God Movie? (0, Offtopic)

AndGodSed (968378) | more than 6 years ago | (#22126534)

Is that the one called "The God that wasn't there?"

If so, I can rest easy... its way full of holes. We actually discussed that one on http://godgab.org/ [godgab.org]

Good chat, that.

Re:God Movie? (0, Offtopic)

AndGodSed (968378) | more than 6 years ago | (#22126612)

I know, bad form and all...

I checked and it was that movie, and just for interest sake here is the link to the full thread where we discussed the movie:

http://www.godgab.org/viewtopic.php?t=1712 [godgab.org]

sorry, too lazy to html...

Well (5, Funny)

Chas (5144) | more than 6 years ago | (#22126250)

Normally I don't advocate cracking someone's site. It's childish and petty. Kinda like the RIAA itself.

But, for some reason, I'm having a really hard time working up any real sense of moral outrage over it.

This probably makes me a bad, biased person.

C'est la vie!

Re:Well (3, Funny)

notmyusualnickname (1221732) | more than 6 years ago | (#22126362)

Same here. *Rubs hands and indulges in a meglomaniacal chuckle*

Re:Well (5, Insightful)

morgan_greywolf (835522) | more than 6 years ago | (#22126496)

But, for some reason, I'm having a really hard time working up any real sense of moral outrage over it.
Four words: They had it coming.

You can't really going around acting like an ass and then expect to be treated with respect by anyone, especially if your site is riddled with basic security problems like SQL injection. Next time, hire a Web developer who isn't a stupid fscktard before gallivanting around, suing everyone, their 80-year-old grandmothers and their 6-year old children into oblivion.

Re:Well (0)

Anonymous Coward | more than 6 years ago | (#22126676)

You can't really going around acting like an ass and then expect to be treated with respect by anyone, especially if your site is riddled with basic security problems like SQL injection. Next time, hire a Web developer who isn't a stupid fscktard before gallivanting around, suing everyone, their 80-year-old grandmothers and their 6-year old children into oblivion.

Yeah, that's pretty much what I said when the Pirate Bay got hit much, much worse than this. If you're going to run around bragging about what a 1337 w4r3z h4x0r you are, you might want to secure your site first before your moron users find out what it really means for information to be free.

Well-It's all relative. (5, Insightful)

Anonymous Coward | more than 6 years ago | (#22126712)

"Four words: They had it coming."

Well if we're going to use that excuse then why stop at web site defacement? Why not put out a contract on the heads of the music companies? After all "they had it coming". What's that? Society says it's not OK? So's copyright infringement and that's not stopping anyone. Why should this be any different?

Re:Well-It's all relative. (3, Interesting)

morgan_greywolf (835522) | more than 6 years ago | (#22127240)

Well if we're going to use that excuse then why stop at web site defacement? Why not put out a contract on the heads of the music companies? After all "they had it coming"
That's why we call it 'the scales of justice'. The difference is is that would be unequal justice.

If someone punches you in the face, do you beat them to death with a crowbar? No, you punch them back. If someone pulls a knife on you, do you pull out your grenade launcher?

Re:Well-It's all relative. (5, Funny)

sponglish (759074) | more than 6 years ago | (#22127404)

If someone punches you in the face, do you beat them to death with a crowbar? No, you punch them back. If someone pulls a knife on you, do you pull out your grenade launcher?

Yeah, well... You're not from Chicago.

They pull a knife, you pull a gun. He sends one of yours to the hospital, you send one of his to the morgue. That's the Chicago way... Now do you want to do that? Are you ready to do that? I'm offering you a deal. Do you want this deal?

Re:Well-It's all relative. (5, Insightful)

hoggoth (414195) | more than 6 years ago | (#22127460)

> If someone pulls a knife on you, do you pull out your grenade launcher?

Ummm... yes.

If someone escalates to lethal force with me, I will respond with lethal force and it will be very important to *win*. Therefore, yes, I will respond to a knife with a grenade launcher.

Hell, I say nuke them from orbit.

Re:Well-It's all relative. (5, Funny)

derfy (172944) | more than 6 years ago | (#22127634)

Hell, I say nuke them from orbit.

It's the only way to be sure.

Nuke them from orbit. (4, Funny)

Chas (5144) | more than 6 years ago | (#22127764)

Actually, the only way to be "sure" is to nuke them in person.

Otherwise there's always the real possibility that they were able to take cover.

Re:Well-It's all relative. (3, Funny)

soarkalm (845400) | more than 6 years ago | (#22127482)

If someone punches you in the face, do you beat them to death with a crowbar? No, you punch them back. If someone pulls a knife on you, do you pull out your grenade launcher?
Once the knife comes out, you basically have to assume life and death. In this case, you make your opponent take up the unwise position of bringing a knife to a gunfight.

Re:Well-It's all relative. (5, Funny)

Captain Splendid (673276) | more than 6 years ago | (#22127516)

If someone pulls a knife on you, do you pull out your grenade launcher?

Sounds like the annual Cheney family reunion to me.

Re:Well-It's all relative. (1)

Firethorn (177587) | more than 6 years ago | (#22127800)

Cheney's a classic case of the wrong load for the job, or why birdshot in a self defense case is stupid.

Somebody pulls a knife on me, I'm pulling a gun, and not because I generally don't carry a knife.

Note to all Muggers, Burglars, Robbers out there: Birdshot is a GREAT round for your needs! Pick the highest gauge possible - #20 is much better than #12.

Re:Well-It's all relative. (4, Funny)

Mercano (826132) | more than 6 years ago | (#22127810)

If someone pulls a knife on you, do you pull out your grenade launcher?

No, that's just not a good idea. I mean, if someone is coming at you with a knife, he's probably at very close range, so if you tried using a grenade launcher, you'd probably taking yourself out with him. (The range for splash damage is probably understated in most video games.) A shotgun or a submachinegun would be a far better choice.

Re:Well-It's all relative. (1)

MobileTatsu-NJG (946591) | more than 6 years ago | (#22127654)

"Four words: They had it coming."

Well if we're going to use that excuse then why stop at web site defacement? Why not put out a contract on the heads of the music companies?
Because... ruining people's lives with lawsuits isn't equivalent to murder?

Murder by Fractions (3, Funny)

Dr_Barnowl (709838) | more than 6 years ago | (#22127780)

Given that socio-economic status has a strong correlation to both absolute and "healthy" life expectancy, each successful "life-ruining" lawsuit which results in a corresponding drop in socio-economic status could be interpreted as being some fraction of a murder.

I'm sure they have accumulated enough fractions by now to cover the members of the board, and maybe a few tiers of upper management too. Since they are the most compensated, they must be the most responsible, right?

NB. Tongue is firmly in cheek.

Re:Well (1)

MasterClown (323471) | more than 6 years ago | (#22126970)

Would this count as one of the Top Hits of 2008?

Why wipe it? (5, Funny)

Loibisch (964797) | more than 6 years ago | (#22126334)

It would have been so much better to make it a temporary mirror for thepiratebay.org :D

Wonder if they would have started a lawsuit against themselves...

Re:Why wipe it? (4, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#22126388)

Nah, how about a bunch of press releases saying that "the RIAA was wrong to sue music fans for sharing songs therefore we are dropping all the charges" and then seeing if the judge would say that if it was a cracked site or the RIAA itself. Or how about a plea to stop DRM by saying "it is not working" or at least informing people about the evils of DRM. The possibilities are endless, just blanking a page.... how unprofessional, it did no good to the world the way then the way it could have been done.

Re:Why wipe it? (3, Insightful)

Speare (84249) | more than 6 years ago | (#22126610)

If one of your neighbors is disappointed in your lawn care or your dog's poops, there are positive ways of stating the disagreement, and there are negative ways. Certainly, if they spraypainted their message in 2ft high letters on the exterior of your house, you'd be understandably less interested in the actual message than in cleaning the graffiti and contacting the constabulary. Likewise, defacing the website with a thoughtful "open letter" isn't likely to actually communicate anything.

Re:Why wipe it? (4, Interesting)

techpawn (969834) | more than 6 years ago | (#22126788)

But, could that open letter be used as evidence? It came from their website then if they try to use "well, anyone can make things on the internet look that way! Just because the IP address and website are ours it doesn't mean it's our data!" couldn't we counter argue that with their IP sniffing and screen shots or whatever?

I know it would never work. The judge would ph34r t3h ev1l h4xx0rz! But, if fun to dream isn't it?

Re:Why wipe it? (0, Flamebait)

Otter (3800) | more than 6 years ago | (#22126936)

Nah, how about a bunch of press releases saying that "the RIAA was wrong to sue music fans for sharing songs therefore we are dropping all the charges" and then seeing if the judge would say that if it was a cracked site or the RIAA itself.

I think we get enough of New York Country Lawyer's imbecilic legal theories as is. There's no need for him to be squeezing in "precedent from postings on defaced website" between "innocence by reason of single motherhood" and "innocence by reason of cerebral palsy".

Re:Why wipe it? (1)

Rich0 (548339) | more than 6 years ago | (#22127814)

How about posting a song written by an independant artist who could then sue the RIAA for copyright infringement and facilitation of copying by virtue of running insecure software on their website?

Re:Why wipe it? (0)

vertinox (846076) | more than 6 years ago | (#22127022)

just blanking a page.... how unprofessional, it did no good to the world the way then the way it could have been done.

Hrm... To me a blank page would most likley mean a server problem than a hack. Maybe the server had an issue and everyone assumed that the site had been hacked and someone pretended to claim responbility?

Re:Why wipe it? (5, Insightful)

Machtyn (759119) | more than 6 years ago | (#22127228)

My question is how often does the average consumer really visit a website like mpaa.org, riaa.org, or any other corporate entity presence? For me, it is less than 0.005 (or less than a 1/2%). I think the last time I visited riaa.org was a couple years ago when /. mentioned the site had been hacked. I've never visited a General Motors website, the company that makes my favorite breakfast cereal or laundry detergent. I've just never had the desire.

I suspect that the average person visits their favorite news site, gaming portal (like games.yahoo.com or legitgames.com or whatever), fark/digg/slashdot, and blogs of the different varieties. My wife will occasionally do searches for recipes, information on baby stuff, etc. We'll hit newegg.com, amazon.com, or other storefronts.

Am I wrong in my thinking that the average person would visit a site like mpaa.org, riaa.org, or other industry specific org sites? We all use tires to drive on, have you ever visited the site for Michelen or Dunlap tires? Do they have a trade org site that issues news, warnings, and user information regarding recalls/defects of certain tires? If so, I've never even considered searching it out.

My point is that very few people would see it to make it worth putting information touting your propaganda. However, if it was outrageous enough, perhaps it would make news and people might visit (by which time it would be too late, as the site would be fixed).

I wouldn't have wiped... (5, Funny)

blake1 (1148613) | more than 6 years ago | (#22126366)

instead I would have used my cunning to download the latest Britney album to their server in DRM-free MP3 format. And then promptly reported them to themselves.

Re:I wouldn't have wiped... (2, Funny)

calebt3 (1098475) | more than 6 years ago | (#22127216)

Britney album
Post something that people want, for crying out loud!

Re:I wouldn't have wiped... (0)

Anonymous Coward | more than 6 years ago | (#22127492)

Naw, it wasn't arbitrary execution. It was just a SQL injection vulnerabilty. There are only few cases where that's useful for getting arbitrary access, and as big an asshole as RIAA is, surely they are not THAT stupid.

It would've been funnier (5, Interesting)

SirLurksAlot (1169039) | more than 6 years ago | (#22126368)

if they made innocuous little changes here and there, such as changing the words "do not support file-sharing" to "fully support file-sharing." It probably would've the RIAA much longer to realize they've been had, and I'm sure they would've gotten some interesting calls and e-mails :-D

Re:It would've been funnier (1)

dattaway (3088) | more than 6 years ago | (#22126524)

Unfortunately, very few visit the RIAA site and would have caught it. The only way to get visitors is to let everyone know its hacked.

Re:It would've been funnier (4, Funny)

webmaster404 (1148909) | more than 6 years ago | (#22126582)

No the RIAA gets LOTS of visitors... they are just part of a DDOS though.

Re:It would've been funnier (1)

peragrin (659227) | more than 6 years ago | (#22126620)

exactly why completely destroy a website when slow gradual changes are so much more fun.

they probably could have gotten away with it longer too.

ZOMG!!! (1)

Kranfer (620510) | more than 6 years ago | (#22126380)

ZOMG!!!!11111oneone!!1! The RIAA got hax0rzed. Well I guess they had it coming to them. While I understand their cause, I do not understand their tactics, their methods, or how they say they fight for the artists. I must say good job to the people who found the SQL injection flaw. May their programmers be whipped and stoned... well... I guess they would just throw lawsuits and blank CD's at their programmers and accuse them of stealing MP3's. Oh well. still great news.

ha-ha (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22126394)

- nelson muntz

RIAA will use this (5, Insightful)

BadHaggis (1179673) | more than 6 years ago | (#22126402)

to justify further restrictions on P2P software. I'm sure they will be able to twist this attack into some type of political message to show that the P2P community is just a bunch of cracking criminals which need to be stopped.

While I hold little sympathy for RIAA in this matter, I would rather people found different and legal ways to thwart the RIAA's mission.

Re:RIAA will use this (5, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#22126526)

We have found legal ways. Its called not buying albums or buying into DRM. However, the RIAA thinks that it is always P2P networks that are to blame for every loss that they suffer. So if the RIAA loses sales, its not because more people are buying indie band CDs or downloading non-RIAA songs, its because of those pirates never ever because most of the music is more noise then music. The RIAA has no logic, they are used to being a monopoly. Even when we win we lose.

Slashdot will use this (0)

Anonymous Coward | more than 6 years ago | (#22126842)

"We have found legal ways. Its called not buying albums or buying into DRM. However, the RIAA thinks that it is always P2P networks that are to blame for every loss that they suffer"

Right. Just the ten or so downloads a month from this site [piratebay.com]

Re:RIAA will use this (5, Interesting)

chortick (979856) | more than 6 years ago | (#22127078)

From a recent Economist article http://www.economist.com/business/displaystory.cfm?story_id=10498664 [economist.com] :

"IN 2006 EMI, the world's fourth-biggest recorded-music company, invited some teenagers into its headquarters in London to talk to its top managers about their listening habits. At the end of the session the EMI bosses thanked them for their comments and told them to help themselves to a big pile of CDs sitting on a table. But none of the teens took any of the CDs, even though they were free. "That was the moment we realised the game was completely up," says a person who was there."

Re:RIAA will use this (1)

Anonymous Coward | more than 6 years ago | (#22126550)

Exactly. Defacing is illegal no matter how you look at it and accomplishes nothing other than proving the "bad guys" the RIAA is fighting really are criminals.

It's curious... (0)

Anonymous Coward | more than 6 years ago | (#22126404)

Odd how this completely inconsequential defacement is news here, but the compromise of the Pirate Bay, with loss of extensive user information, wasn't...

Opportunity (1)

SonicTheDeadFrog (1155815) | more than 6 years ago | (#22126406)

Isn't this kinda like going to the RIAA's headquarters and spray painting profanity on it?

Not that I don't get a good chuckle out of petty vandalism, but I'd rather people beat them at their own game.

But if they're going to go the vandalism route, couldn't they at least have done something clever like insert a redirect for IP's outside of the RIAA's own range that sent visitors to thepiratebay.org?

Now fhat they can be used for good ... (0, Offtopic)

waterford0069 (580760) | more than 6 years ago | (#22126418)

... like taking down the pro-coal lobby's propaganda sites. E.g.,
        http://www.coalamericasenergyfuture.com/ [coalameric...future.com]

Re:Now fhat they can be used for good ... (0)

Anonymous Coward | more than 6 years ago | (#22126652)

I found that site informative, and have urged my congressman & senators to encourage more coal use. I have just received a reply from all 3 of them, and they agree 100%.

Thanks for the info!

You would think that (1)

rolfc (842110) | more than 6 years ago | (#22126434)

they were using copyprotection on their site.

Re:You would think that (3, Funny)

Pingmaster (1049548) | more than 6 years ago | (#22126822)

And we ALL know how effective their copy protection schemes are...

Or is it? (4, Insightful)

mach1980 (1114097) | more than 6 years ago | (#22126452)

Do not rule out the RIAA to hire someone to do the hacking to win moral high ground.

RIAA may now turn their media machine to connect evil hackers with the pirate bay and try to put them in the same corner as child molesters and nazis.

Re:Or is it? (1)

zifn4b (1040588) | more than 6 years ago | (#22127454)

You are giving the RIAA too much credit. If they were that smart they would realize that copy protection and DRM is an exercise in futility and that their own existence is pointless.

Re:Or is it? (1)

oojimaflib (1077261) | more than 6 years ago | (#22127522)

Do we assign this to malice or stupidity?

Given the RIAA's highly sensible business practices, I think their stupidity is the only sensible assumption in this matter.

How did they get in? (0)

Anonymous Coward | more than 6 years ago | (#22126474)

I'm Impressed that the attackers had to go as far as SQL injection. Last time it was through robots.txt, so this time I was expecting like URL hacking. Perhaps Riaa.org/../../../../ or something like that.

Or maybe one of the RIAA execs playing a Sony CD.

Reddit in-joke time (0, Offtopic)

91degrees (207121) | more than 6 years ago | (#22126506)

But what does this have to do with Ron Paul?

What should have been hosted (3, Funny)

IndustrialComplex (975015) | more than 6 years ago | (#22126512)

If you are going to break into a website, then you need some sort of plan for when/if you succeed.

How about a statement like this:

"The protections applied to this website were more robust than the Digital Rights Management that is applied to CDs DVDs and other forms of digital media. Yet even that didn't stop a determined individual. If this website were a CD, it would be leaked all over the internet, and once cracked, DRM simply becomes an impediment to the legitimate users."

At least they could have tried to make it relevant. However, it is quite possible that they didn't have all that much time or total access to the site. (though if you can erase something, I'm pretty sure that is as close to total access as you need) I'm not too familiar with databases and websites so I don't know how far they could go with it.

This gives reddit a bad name (5, Insightful)

maynard (3337) | more than 6 years ago | (#22126514)

I like the site a bunch, so I say this with a twinge of reluctance. And I certainly don't like the RIAA. But that kind of behavior is plain criminal. Doesn't matter who owns the computer, it is private property and deserves respect as such.

Re:This gives reddit a bad name (1)

webmaster404 (1148909) | more than 6 years ago | (#22126556)

Reddit only reported it, much as how Slashdot would have reported it. No where in the story does it say that Reddit hacked it, no more so then if FOX or CNN reports a murder did they murder that person.

Re:This gives reddit a bad name (4, Informative)

maynard (3337) | more than 6 years ago | (#22126624)

But the community joined in on the hack with gusto [reddit.com] . The comments [reddit.com] are worth a read too.

Re:This gives reddit a bad name (4, Insightful)

Pulzar (81031) | more than 6 years ago | (#22126658)

Reddit only reported it, much as how Slashdot would have reported it. No where in the story does it say that Reddit hacked it, no more so then if FOX or CNN reports a murder did they murder that person.

How's that the same? Reddit didn't report that the site was hacked, they reported that it can be hacked and how, and then somebody hacked it.

Re:This gives reddit a bad name (0)

Anonymous Coward | more than 6 years ago | (#22126794)

It was somewhat worse than that; there was at least one reddit story whose link was a tinyURL-obfuscated SQL injection attack against the site. That one didn't actually do any direct damage -- it just ran a mySQL benchmark() -- but it's probably fair to say at a minimum that redditors were using the site to mount a DDoS on the RIAA's site.

Re:This gives reddit a bad name (3, Interesting)

neoform (551705) | more than 6 years ago | (#22127112)

If I post a bug report on a vulnerability in some piece of software, am I doing something wrong?

It is not my obligation to report it to the people who made the vulnerable software.

Your mentality is that of the DMCA.

Re:This gives reddit a bad name (2, Interesting)

RHSC (1019802) | more than 6 years ago | (#22127186)

No matter how many times the RIAA repeats its mantra, making any form of information available is not a crime

Re:This gives reddit a bad name (1)

um_atrain (810963) | more than 6 years ago | (#22127260)

That comparison does not hold. Most people should hopefully be smart enough to kill somebody if they wanted to, though they would probably need instructions to hack the site.

It is like FOX or CNN reporting about a murder, and afterwards discussing easy ways to kill people without being caught.

As for the community: Of course their gonna join in. Free revenge, click here! Who's not going to go for that!?

Re:This gives reddit a bad name (3, Funny)

Anonymous Coward | more than 6 years ago | (#22126638)

C'mon man - it's not like they hacked in to COPY the site, god dammit.

Re:This gives reddit a bad name (1)

migloo (671559) | more than 6 years ago | (#22126706)

it is private property and deserves respect as such
On the other hand, if you park your private property across my backyard, I should feel free to dump my shit on it.

Re:This gives reddit a bad name (2, Insightful)

wroshyyr (688688) | more than 6 years ago | (#22126736)

I've seen a few of these "please don't hack the riaa site" posts. If a similar flaw would be found with the pirate bay's website I'm sure these same "hackers" would also go out and exploit it. Boys will be boys.

Re:This gives reddit a bad name (4, Interesting)

Rahga (13479) | more than 6 years ago | (#22126828)

Can you co-opt the police and feds to conduct raids of private property on your behalf? No? The RIAA can and regularly does, confiscating anything that could conceivably be used to produce and distribute music, including vehicles and computers. It doesn't even matter if an organization, such as authorized mixtape producers, are acting within the law... their property is confiscated first and questions are asked later, usually past the point where a business can survive.

The RIAA are among the least of those who deserve to have their property rights defended.

Re:This gives reddit a bad name (1)

acedotcom (998378) | more than 6 years ago | (#22126978)

seriously though, those assholes had it coming

Maybe the RIAA's New Plan Caused It (2, Insightful)

briggsb (217215) | more than 6 years ago | (#22126626)

Maybe it was people protesting the RIAA's plan to put RFID chips on CDs [bbspot.com] to combat piracy that caused the attack.

Re:Maybe the RIAA's New Plan Caused It (0)

Anonymous Coward | more than 6 years ago | (#22126774)

I'm pretty sure thats a joke, dude.

Re:Maybe the RIAA's New Plan Caused It (0)

Anonymous Coward | more than 6 years ago | (#22127008)

RIAA has it here on their website [tinyurl.com]

Pics or GTFO (1)

sayfawa (1099071) | more than 6 years ago | (#22126690)

Anybody got a screen capture?

Torrentfreak has the screenshots. (4, Informative)

Spy der Mann (805235) | more than 6 years ago | (#22126840)

http://torrentfreak.com/riaa-website-hacked-080120/ [torrentfreak.com]

From the screenshots:

Who we are.
It appears that the article you requested has been temporarily removed.

Press releases and Statements
ThePirateBay.org - Get free music and movies!

Error
The page at http://riaa.com/ [riaa.com] says:
RIAA sucks ... XSS ftw?


If you want my opinion, it was an inside job. The RIAA got so jealous over they content that they decided to delete it than share it :P

Why didn't they wipe the database of names? (1)

ImYY4U (539546) | more than 6 years ago | (#22126694)

It would have been a lot better if the hackers 'wiped' the database containing the list of names that the RIAA is planning to sue. I'm sure that list, if it was in plain text format, took up at least, oh, 300 GB? I mean seriously, who isn't on their list?

Re:Why didn't they wipe the database of names? (1)

sglewis100 (916818) | more than 6 years ago | (#22127302)

Because that list wouldn't be stored on that server.

wow (5, Insightful)

kellyb9 (954229) | more than 6 years ago | (#22126704)

So you're the most hated site on the internet essentially, especially by people who proudly go by the name "pirates". And you don't protect your site??? Who exactly is running this operation?

Re:wow (5, Funny)

Osurak (1013927) | more than 6 years ago | (#22126930)

So you're the most hated site on the internet essentially, especially by people who proudly go by the name "pirates". And you don't protect your site??? Who exactly is running this operation?
Ninjas.

Obligatory Nelson quote (4, Funny)

ndtechnologies (814381) | more than 6 years ago | (#22126714)

"HA HA!"

Slashdotting (5, Funny)

megazork (953335) | more than 6 years ago | (#22126754)

The OP should have posted a link to RIAA.org so that it could have been slashdotted. =)

Sigh.... missed opportunity (4, Insightful)

Maxo-Texas (864189) | more than 6 years ago | (#22126886)

First... I agree that shutting someone else up is not a great way to have a conversation...

But if you are going to do something like this, then have a little panache.

For example, you could upload a few Mp3's with links to download them from the site.

Or upload some key quotes "Copyright should be good for forever less one day".

Or upload Jefferson's statements on copyright.

ah well...

I would prefer (1, Funny)

Anonymous Coward | more than 6 years ago | (#22127000)

that someone report them for using unlicensed software.

Re:I would prefer (1)

Sesticulus (544932) | more than 6 years ago | (#22127156)

Now that would be funny; BSA vs. RIAA death match.

Two overbearing industry organizations enter, one overbearing industry organizations leaves!

RIAA Site (1)

Velcroman98 (542642) | more than 6 years ago | (#22127028)

How about some screenshots?

This is not good (4, Insightful)

Anonymous Coward | more than 6 years ago | (#22127062)

Attacking their website will only aid them in public opinion. This gives credit to their argument that people who oppose them are criminals.

retribution (1)

Grampaw Willie (631616) | more than 6 years ago | (#22127140)

you people are just a band of scoff-laws

Screenshots of the Hack (1)

Velcroman98 (542642) | more than 6 years ago | (#22127438)

I slapped as many of the screenshots I could find together. I'll try to update. Either way, here's the hack...


Velcroman98.googlepages.com/riaa/ [slashdot.org]

Oops... (2, Funny)

Hanners1979 (959741) | more than 6 years ago | (#22127442)

Looks like someone was using the RIAA web server's CD-ROM drive to listen to their Sony album collection again...

All I have to say is.... (1)

Kildjean (871084) | more than 6 years ago | (#22127594)

Hackers: 1
RIAA: 0

Goooooooooooooooooooooooooo!! Hackers!!!!!!!!

Ojectivity (1)

firesyde424 (1127527) | more than 6 years ago | (#22127718)

For whatever reason, as much as I try, I can't bring myself to feel sorry for the RIAA. They stand between me and the reasonable use of content that I purchase with my hard earned cash. If I purchase an MP3, I expect to be able to listen to that MP3 anywhere that I listen to music. But thats not the case. While I can listen to it on my computer, I can't lug my desktop out to my car with me. So I must use my mp3 player. Except, my mp3 player is a 6 year old creative jukebox. Not compatible with any modern DRM scheme. I must then spend MORE money on a newer mp3 player or risk legal implications by stripping the DRM away from the mp3. That's like buying an orange at the grocery store and being told that I can't use my fingers to peel it because my fingers aren't "compatible" with the skin of the orange. Instead, I must buy a knife to legally peel the skin from the orange. But I can't just buy any knife. I hafta buy an "iKnife." As a consumer, I feel no sympathy for the RIAA.

Whether by ignorance or lack of attention to detail, the RIAA left a security hole big enough to drive a truck through. Someone figured out where the hole was and then posted instructions on how to drive the truck. It was only a matter of time before someone jumped into the drivers seat. While my understanding of SQL isn't exactly at a mastery level, it seems to me that this exploit could have been easily avoided. So, as a system admin, I again feel no sympathy.

Having said that, this is/was illegal. Those who helped deface the RIAA website have done nothing more than stoop to the level that the RIAA has made its home in for some time now. The RIAA is not averse to using tricks, legal games, and outright dishonesty in pushing its agenda. How is hacking their website any better?

There are better and more legal ways to fight the greed that the RIAA represents. All hacking their website does is add another dimension to an already complicated problem. Way to go guys.

Just because you can, doesn't mean you should.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...