Talk:Fox News security hole exposes 1.5 million users' personal information

From Wikinews, the free news source you can write!
Jump to navigation Jump to search
This page and its corresponding article fall under the terms of the Creative Commons Attribution License. Taking material from this page requires attribution to Wikinews.


Factual[edit]

I challenge the accuracy of the title: "Fox News security hole exposes 1.5 million users' personal information". According to the sources, they only mention "sensitive directories" not what this article claims. --SVTCobra 17:12, 23 July 2007 (UTC)[reply]

  • You'll note that this article features firsthand reporting by a Wikinews.org member; that's where this article stands apart from everything else currently being reported.Bubbaprog 17:16, 23 July 2007 (UTC)[reply]
Where are your notes then? And don't commingle the Ziff-Davis and the Fox breaches. --SVTCobra 17:22, 23 July 2007 (UTC)[reply]
The Fox News oversight directly led to the exposure of the ZD user information. ZD was not "hacked" as the username and password were handed to the public by Fox News.Bubbaprog 17:24, 23 July 2007 (UTC)[reply]
Where does the number 1.5 mil come from and why would login information include peoples phone numbers? I never get asked for that when signing up for a news site. --SVTCobra 17:27, 23 July 2007 (UTC)[reply]
It's not login information, it's customer information. 1.5 million is a minimum number given the number of records known to be accessed; it's likely much, much higher, but I'm being conservative with what I've verified to be true.Bubbaprog 17:37, 23 July 2007 (UTC)[reply]
OK, I concede the factual basis of this story. Should the headline be changed to "Fox News security hole exposes 1.5M Ziff-Davis customers" ? --SVTCobra 21:23, 23 July 2007 (UTC)[reply]
As I understand ZD had Fox's data on one of their servers. By compromising a fox server information on how to access the data on the ZD server was obtained. --Brian McNeil / talk 21:30, 23 July 2007 (UTC)[reply]

Original Reporting[edit]

This cannot be published without at least some notes. Particularly, what was exposed and how the reporter came to know this. Source names may be concealed, but you'll potentially have to get someone else to verify the details. --Brian McNeil / talk 17:18, 23 July 2007 (UTC)[reply]

Notes[edit]

The server was compromised for more than twelve hours. I am not at liberty to discuss my specific sources for the detailed data I am reporting here, but I stand by the veracity of my information. I became aware of the breach at roughly midnight Sunday night, and investigated the broader attention given to it at a number of locations. Furthermore, it would not be difficult to verify at a minimum the existence of the file mentioned in the headline, and I'm sure another Wikinews editor can check it out.

I think my work on the Nancy Benoit article attests to my legitimacy. Frankly, every minute we argue about this is another television mention of Wikinews we miss out on. I've already risked enough getting this information to begin with to see it just be wasted or scooped by some other site.

http://it.slashdot.org/it/07/07/23/1210255.shtml

http://forums.fark.com/cgi/fark/comments.pl?IDLink=2950150

http://digg.com/security/Access_to_Ziff_Davis_Via_FTP/all Bubbaprog 18:42, 23 July 2007 (UTC)[reply]

To be honest, it almost sounds like rumor-mongering. --SVTCobra 17:58, 23 July 2007 (UTC)[reply]
There is no rumour mongering, I have now seen one of these leaked lists and can confirm the story. There are gigabytes of leaked data. --Brian McNeil / talk 18:49, 23 July 2007 (UTC)[reply]
What I said about rumours was a response to this on my talk page, which sounds a bit more like gossip. Shouldn't have replied to that here. Sorry. --SVTCobra 21:32, 23 July 2007 (UTC)[reply]
Brian, Can you also confirm that we are talking about real-world names (not just user names) and phone numbers? Do the "gigabytes" amount to 1.5 million or more? Or should we play it safe and be less specific on the number? We wouldn't want to get this wrong. --SVTCobra 21:18, 23 July 2007 (UTC)[reply]
I am very confident about the number of records in the file. The site had a total of 4-6 gb of content, with a single file 7zipped that decompresses to 1.6g or so. If you come into IRC I can tell you more.Bubbaprog 21:24, 23 July 2007 (UTC)[reply]
I have tested some of the email addresses. As some of the data is historical some are no longer valid - but I got an out of office one from one I tried. I don't want to go into too much detail, and I don't want to hang on to this too long. --Brian McNeil / talk 07:59, 24 July 2007 (UTC)[reply]

You're not at liberty to discuss your sources? Exactly who is preventing you from discussing it? Well, I feel plenty at liberty, since I don't participate in invasions and wish people would get busted for it so it would stop. For those that want to know, here are archives of the threads, originally on www.4chan.org:

http://4chanarchive.org/brchive/33804422/hacking+fox+news+-+pt.1/ http://4chanarchive.org/brchive/33804386/hacking+fox+news+-+pt.2/ http://4chanarchive.org/brchive/33814086/hacking+fox+news+-+pt.3/

Digg it![edit]

Digg this article: Make it popular. DragonFire1024 (Talk to the Dragon) 07:46, 24 July 2007 (UTC)[reply]