NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ NNSquad ] Re: ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses | Threat Level from Wired.com
- To: NNSquad <nnsquad@nnsquad.org>
- Subject: [ NNSquad ] Re: ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses | Threat Level from Wired.com
- From: Barry Gold <bgold@matrix-consultants.com>
- Date: Mon, 21 Apr 2008 08:25:58 -0700
Roy J. Tellason wrote:
<http://blog.wired.com/27bstroke6/2008/04/isps-error-page.html>
Followup on the article from yesterday ...
Once again we see the dangers of letting people who do not have the
expertise of those who designed the Internet (or even of the present
IETF) meddle with the protocols.
I wonder what Earthlink (or Comcast or Time Warner) will think when one
of these ill-thought-out(*) changes leads to a serious loss. In this
case the problem was reported before anything really bad happened, but I
can easily see this leading to the theft of millions of passwords for
Paypal, Chase Manhattan Bank, or other areas where *real money* is involved.
Then when they are served with a class-action lawsuit from all the
people who lost money in a scam that takes advantage of this kind of
thing (plus one from PayPal or BofA or Chase or Citi for their expenses
in covering some of the losses and for loss of goodwill), they will say,
"but nobody told us something like this could happen."
(*) More like, not-thought-out -- the people who make these ad-hoc
changes don't think about the consequences at all.