IT.COM

alert Epik Had A Major Breach

Spaceship Spaceship
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Have you criticized anonymous for publishing the private information of thousands of people?

There is a lot of blame to go around. The concern here is why did Epik not control the "shitty code" and why did they not take basic actions to secure the code. If they had taken all reasonable actions expected, it would be a different conversation.
 
5
•••
I said that I feel for the people whose data was leaked, and I still do.
This is the lede for the Wikipedia Epik article. You've done the last 47 out of 56 or so edits on the page.


"Epik is an American domain registrar and web hosting company known for providing services to websites that host far-right, neo-nazi, and other extremist content. It has been described as a haven for the far-right because of its willingness to provide services to far-right websites that have been denied service by other internet service providers."

As you are in control of this article, can you see how one would be suspicious you have (legally) implanted or allowed selective framing about Epik in such a way that would have been at least a contributing psychological factor in the way the data was leaked. Specifically how the information of non-right-wingers using Epik were broadly included in the leak?

Can you see how your words about sympathizing ring hollow?
 
Last edited:
2
•••
I heard you the first time you asked. I was going back through my posts here to verify that it was indeed here where I said what I thought I had, because, like I just said, I hate it when people get easily verifiable things wrong. Anyway, yes, earlier in this thread I referred to Anonymous being to blame for the leaked data. Before that I said that I feel for the people whose data was leaked, and I still do. Despite the misconceptions some people here seem to have, I was not behind the hack or otherwise involved in it—had I been, I would not have been comfortable publishing all that data.

Elsewhere in my posts here I have mentioned how much I dislike "whataboutism" too, by the way.

My question was about hypocrisy. Epik deserves criticism but anonymous is an organized criminal enterprise. It seems, to me anyway, people like to gloss over that problem.
 
3
•••
There is a lot of blame to go around. The concern here is why did Epik not control the "shitty code" and why did they not take basic actions to secure the code. If they had taken all reasonable actions expected, it would be a different conversation.

I think both issues are important.
 
4
•••
This is"Epik is an American domain registrar and web hosting company known for providing services to websites that host far-right, neo-nazi, and other extremist content. It has been described as a haven for the far-right because of its willingness to provide services to far-right websites that have been denied service by other internet service providers."

As you are in control of this article, can you see how one would be suspicious you have (legally) implanted or allowed selective framing about Epik in such a way that would have been at least a contributing psychological factor in the way the data was leaked. Specifically how the information of non-right-wingers using Epik were broadly included in the leak?

Can you see how your words about sympathizing ring hollow?

Everything in the Wiki article is well sourced.

You sure don't sound like you are an "uninvolved outlooker". You seem to know way too much and have strong opinions.

Brad
 
4
•••
Everything in the Wiki article is well sourced.

You sure don't sound like you are an "uninvolved outlooker". You seem to know way too much and have strong opinions.

Brad
Turns out selectively using other people's framinig as fact is an opinion in and of itself.

Left-wingers and non-political people used Epik. Molly purposefully left that out. It probably had psychological consequences (legally) to how non-right-wingers were broadly included in the leak
 
Last edited:
3
•••
This is the lede for the Wikipedia Epik article. You've done the last 47 out of 56 or so edits on the page.


"Epik is an American domain registrar and web hosting company known for providing services to websites that host far-right, neo-nazi, and other extremist content. It has been described as a haven for the far-right because of its willingness to provide services to far-right websites that have been denied service by other internet service providers."

As you are in control of this article, can you see how one would be suspicious you have (legally) implanted or allowed misframing about Epik in such a way that would have been at least a contributing factor in the information of non-right-wingers using Epik being leaked?

Can you see how your words about sympathizing ring hollow?

Honestly, unless that person was also wearing a tinfoil hat, no, I don't see how one could be suspicious of that. I have not had an adversarial relationship with Mr. Monster or his company until quite recently (despite his longstanding attempts to create one), when it began to be revealed that Mr. Monster had apparently had a direct hand in the doxing and harassment of myself and my family, and when that harassment escalated. And I will note, as I have already noted, that when my feelings towards Mr. Monster turned adversarial, I stopped editing the Wikipedia pages—as is proper. Unfortunately it does mean that some details and new reporting are missing from the article about the breach, which is frustrating to me, but hopefully another interested editor will come along and add them.

But if someone was suspicious that such a thing had happened, hopefully they would also know that citations are included inline in Wikipedia articles for the very purpose of allowing readers to examine the veracity of statements in a given article.
 
Last edited:
4
•••
I think both issues are important.

You are missing the point. When a site gets notoriety or popularity it will be a target of hackers. Whether it is anonymous or someone else is besides the point. The point is what actions are taken to protect sensitive customer information. If reasonable actions are implemented and still a hack attack takes place, then what is the mitigation strategy, what is the response?

So far, from what I can see, the mitigation strategy seems to be to protect the Epik brand. Which is not working out so well. Protecting customer data is not a priority.
 
Last edited:
12
•••
Honestly, unless that person was also wearing a tinfoil hat, no, I don't see how one could be suspicious of that. I have not had an adversarial relationship with Mr. Monster or his company until quite recently (despite his longstanding attempts to create one), when it began to be revealed that Mr. Monster had apparently had a direct hand in the doxing and harassment of myself and my family, and when that harassment escalated. And I will note, as I have already noted, that when my feelings towards Mr. Monster turned adversarial, I stopped editing the Wikipedia pages—as is proper.

But if someone was suspicious that such a thing had happened, hopefully they would also know that citations are included inline in Wikipedia articles for the very purpose of allowing readers to examine the veracity of statements in a given article.

The lede says two things
1. "Epik is a haven for right-wingers"

Right-wingers have at least a dozen registrars to choose from who would get the same level of speech protection.

2. "Epik is protecting people who aren't otherwise"

Those people moved to Vanwatech, Nicenic etc, months to years ago

I don't care who said it first or what Wikipedias policies about sourcing are, because making everyone think Epik only hosted right-wingers, might have, and I would say even probably had a psychological factor in left-wingers stuff being leaked.

And again, in a legal way, this wasn't so misframed as to be illegal, but this is pretty clear from someone who is not a right-winger who was in the dataset.
 
Last edited:
1
•••
Most have no idea it happened. Partially because most outlets found it unethical to make noise on behalf of trolls who wanted it, ie these hackers.

This is a serious issue, that is likely to cause fallout with passwords being used on other platforms to attempt and gain access.

You are basically trying to argue what someone doesn't know won't hurt them, when in reality what someone doesn't know can hurt them.

There is no better reason for this to be widely reported, so the people involved in the data breach can attempt to mitigate the potential damage.

Brad
 
Last edited:
4
•••
The lede says two things
1. "Epik is a haven for right-wingers"

Right-wingers have at least a dozen registrars to choose from who would get the same level of speech protection.

2. "Epik is protecting people who aren't otherwise"

Those people moved to Vanwatech, Nicenic etc, months to years ago

I don't care who said it first or what Wikipedias policies about sourcing are, because making everyone think Epik only hosted right-wingers, might have, and I would say even probably had a psychological factor in left-wingers stuff being leaked.

And again, in a legal way, this wasn't so misframed as to be illegal, but this is pretty clear from someone who is not a right-winger who was in the dataset.

Epik actively courted and provided services to right-wing groups and individuals, many of whom had just been deplatformed from various other services for pretty alarming stuff
⬇️
Epik made the news, frequently, for a sustained period of time, for doing this and not much else
⬇️
Epik's Wikipedia article is based on what is published in reliable sources (including news media)

There is a causal reason for Epik's reputation, and it is not Wikipedia. I don't think you are a Rob Monster alt, but in this you are sounding a lot like him.
 
Last edited:
3
•••
You are missing the point. When a site gets notoriety or popularity it will be a target of hackers. Whether it is anonymous or someone else is besides the point. The point is what actions are taken to protect sensitive customer information. If reasonable actions are implemented and still a hack attack takes place, then what is the mitigation strategy, what is the response?

So far, from what I can see, the mitigation strategy seems to be to protect the Epik brand. Which is not working out so well. Protecting customer data is not a priority.

Acme domains is right. There's been almost no criticism of the illegal activity with respect to the alleged hackers parading around social media, who were probably ultimately the ones responsible for the illegal breach. Had they been more secret, Rob probably would have gotten more criticism about security. But what from little I can tell, those who are self-admittedly connected to a group known for crime are prancing around.
 
Last edited:
1
•••
This is a serious issue, that is likely to cause fallout with passwords being used on other platforms to attempt and gain access.

You are basically trying to argue what someone doesn't know won't hurt them, when in reality what someone doesn't know can hurt them.

There is no better reason for this to be widely reported, so the people involved in the data breach can attempt to mitigate the potential damage.

Brad
Hopefully the haveibeenpwned outreach helped with this some too, but I agree.
 
Last edited:
2
•••
Acme domains is right. There's been almost no criticism of the illegal activity with respect to the hackers parading around social media, who were probably ultimately the ones responsible for the illegal breach. Had they been more secret, Rob probably would have gotten more criticism about security. But what from little I can tell, those who are self-admittedly connected to a group known for crime are prancing around.

I think that Rob is getting the right amount of criticism about security. If robbers break into a bank and easily steal and get away with all the money then the bank is rightfully criticized for lack of security.

Also, Wikipedia is being targeted here because it is an easy target. Before you go after Wikipedia, go after the big media companies that published articles about Epik which are used as sources for the Wikipedia article.
 
6
•••
I think that Rob is getting the right amount of criticism about security. If robbers break into a bank and easily steal and get away with all the money then the bank is rightfully criticized for lack of security.

Also, Wikipedia is being targeted here because it is an easy target. Before you go after Wikipedia, go after the big media companies that published articles about Epik which are used as sources for the Wikipedia article.
Bank robbers get sent to jail as well.
 
0
•••
0
•••
Bank robbers get sent to jail as well.
I would be curious to see the post in this thread suggesting the hack was not against the law. Without one it would be easy to mistake this for another strawman.
 
Last edited:
3
•••
Acme domains is right. There's been almost no criticism of the illegal activity with respect to the hackers parading around social media, who were probably ultimately the ones responsible for the illegal breach. Had they been more secret, Rob probably would have gotten more criticism about security. But what from little I can tell, those who are self-admittedly connected to a group known for crime are prancing around.

Well, this thread is about Epik, so that probably explains why most of the discussion is about Epik.

Also, they marketed themselves as being so secure.

I will give you an analogy -

Let's say I go to my bank. They market how safe their bank is, so I sign up for a safe deposit box.

It turns out later thieves stole everything...but the bank left the safe deposit boxes open, and the vault door open, and the front door open, etc.

You can assign blame in whatever % you want, but at the end of the day the bank's security was shit, just like Epik's was "shitty Russian code".

Epik either knew that ahead of time, and didn't care or didn't know it until the breach when they saw the code. I don't think either of those options are very impressive.

You sign up for the "Swiss bank of domains" and you get "shitty Russian code" (Rob's words).

Brad
 
Last edited:
6
•••
That part is up to law enforcement.
Rumors on Twitter about the "FBI being involved in facilitating the leak" are dumb.

If LEO has the resources and Rob's lawyers are getting involved, the hackers will most likely face criminal prosecution *at some point*. This hack effected 15 million people at most and anonymous has a very poor record as far as criminal cases. Sometimes justice gets delayed, but yea Anonymous or Anonymous related people have very poor track records with this stuff.
 
Last edited:
1
•••
Rumors on Twitter about the "FBI being involved in facilitating the leak" are dumb.

If LEO has the resources and Rob's lawyers are getting involved, the hackers will most likely face criminal prosecution *at some point*. This hack effected 15 million people at most and anonymous has a very poor record as far as criminal cases. Sometimes justice gets delayed, but yea Anonymous or Anonymous related people have very poor track records with this stuff.

This possibly may not end well for either side. There appears to be serious negligence on the Epik side and a class action is working its way up the courts, or at least in discovery stage, according to a post here. If the hackers did not cover their steps and in some way revealed their identity, may face legal action as well.
 
0
•••
Rumors on Twitter about the "FBI being involved in facilitating the leak" are dumb.

If LEO has the resources and Rob's lawyers are getting involved, the hackers will most likely face criminal prosecution *at some point*. This hack effected 15 million people at most and anonymous has a very poor record as far as criminal cases. Sometimes justice gets delayed, but yea Anonymous or Anonymous related people have very poor track records with this stuff.
😘
 
0
•••
kiss emoji

ok well for the record I don't believe in prisons.

If you are the hacker, I think prisons are inhumane, and court mandated home confinement or court mandated arts related halfway house / island retreat would work as better rehabilitative services for hackers
 
Last edited:
0
•••
ok well for the record I don't believe in prisons.

If you are the hacker, I think prisons are inhumane, and court mandated home confinement or court mandated arts related halfway house / island retreat would work as better rehabilitative services for hackers
I ALREADY NEVER GO OUTSIDE!~!!!!~~~~
 
0
•••
It shouldn't, but I'm still surprised at people trying to blame everything and everyone including this very thread for Epik's poor security status and the chaotic way it responded to the breach incident.
 
10
•••
You are missing the point. When a site gets notoriety or popularity it will be a target of hackers. Whether it is anonymous or someone else is besides the point. The point is what actions are taken to protect sensitive customer information. If reasonable actions are implemented and still a hack attack takes place, then what is the mitigation strategy, what is the response?

So far, from what I can see, the mitigation strategy seems to be to protect the Epik brand. Which is not working out so well. Protecting customer data is not a priority.

I'm not missing anything. You are justifying criminal behavior and making excuses.
 
0
•••
Back