Not much days passed when database of RockYou was compromised and the hacker also revealed in sample that what database structure was and how passwords were stored in plain text, which were including not only RockYou, but of yahoo, MySpace, Friendster etc as well. The revelation was a shock to many people and a big setback for cloud computing in a way as it shown that how things could go wrong in incompetent hands.
And last night, the world was encountered with greatest shock, when biggest micro-messaging giant Twitter, which stands as like some top 20 of largest web apps of now days, went down due to a hack attack by 22:00, Dec 17, 2009. Below are the related screenshots.
1. How twitter.com was showing the below message from some Iranian Cyber Army
2. Even Google started showing the messages on searching for twitter
3. Find the related video
Although later on after around one and half hour, it was restored back with the official message from Twitter’s side.
“ As we tweeted a bit ago, Twitter’s DNS records were temporarily compromised tonight but have now been fixed. As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we’ve investigated more fully. ”
The chapter ended, but shaken a lot of faiths. First let us here discuss the layman terms and consequences of these incidences.
Compromised DNS records: Basically when you type some address in your browser, then various DNS Servers around the world redirect you to associated IP Address as actual machine communication happens on this IP address level only and readable address are just for human convenience. Later these requests reach to the site itself, which is if big enough, then maintain its own DNS server to keep other many servers behind it on same IP with required redundancy.
Now what happen, if somehow temper DNS recordings and this DNS starts redirecting you to some other IP rather than the official one i.e. to other server, which could be holding anything like this message this time. You will get the same site address in address bar, but now its going to some other server and some other application, which just happened with Twitter.
“ Think, what worse could have happened? If the hacking side might have tried their luck a little harder through phishing means presenting you exactly the same webpage like Twitter’s login page. Million of users were just giving their usernames and passwords so easily without knowing that this time, they were giving the same information away in wrong hands for nothing. ”
There are more lessons to learn from this RockYou and Twitter incidence. RockYou password revelation wasn’t a danger to RockYou itself, but it was containing passwords of many other accounts and so if one reaches there, then could take hold of all those millions of accounts and information within. Moreover, as the common practice is, people keep on using the same username and password at all the websites they know, which means if one try logging into gmail with same username/password combination retrieved from hacked RockYou, its not a hard luck that he will succeed to login.
So, the lessons here are:
- Keep real good passwords.
- Don’t trust completely over websites security as of now.
- Avoid keeping your important info like bank account no. stored in your email ids.
- Try to have different passwords for different sites at least, if can’t manage with different usernames.
- As easiest way to hack some account usually involves the alternate email account you given, better give out your mobile no as it provides you SMS in many cases (if site doing so like Google) and in a way more securer than alternate email id case.
- Still we have to go a long way to have cloud computing working properly for us in light of such incidences.