alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[bmugford]

And this Twitter circus should stay on Twitter so us lurkers don't have to go through hundreds of posts to figure out the current status of Epik security.

No one is really forcing you to go through the posts here. Rob has plenty of outlets to update people if he wanted to. He has the Epik webstite, he has Twitter, he has his forum.

He initially posted an update about the first data breach on Twitter, then removed it. Only he can answer why that is.

The issue with Rob providing useful updates is Rob, not anyone else posting here.

Brad

 

[shoulda9393]

I don't see any trolls in this thread and all the questions asked are legitimate and Epik's spokesperson or CEO should indeed answer them.

I've also asked questions, but no, questions about the content of sites on his registrar are not appropriate for a domain forum. It's not the job of registrars to police the content of sites. MOST large domain registrars like Tucows or Enom or Directnic DO NOT take down hate sites or whatever just cuz, they need a court order to do so.

 

[Future Sensors]

I've also asked questions, but no, questions about the content of sites on his registrar are not appropriate for a domain forum. It's not the job of registrars to police the content of sites. MOST large domain registrars like Tucows or Enom or Directnic DO NOT take down hate sites or whatever just cuz, they need a court order to do so.

You have to remember that Rob is doing this for a living.

Unidentified: It does look down.

Monster: It’s down.

Monacelli: Oh, awesome.

Monster, YT1:02:43: I do this for a living. So weev, weev. Let’s talk for a second. So what’s going on…

Kirtaner: It’s been a while.​

 

[bmugford]

I've also asked questions, but no, questions about the content of sites on his registrar are not appropriate for a domain forum. It's not the job of registrars to police the content of sites. MOST large domain registrars like Tucows or Enom or Directnic DO NOT take down hate sites or whatever just cuz, they need a court order to do so.

Yes, they are in this case. The doxxing sites are specifically related to this entire story.

Rob has been given warning about them time and time again.

They were discussed in the disastrous prayer meeting or whatever video he hosted in relation to this data breach, where he said he was taking them down. That does not appear to be the case as they seem to keep popping back up.

On the previous page Rob stated the following, which seems like a tacit endorsement of this behavior -

The reality is that the people he was profiling were not lovely people. They may become more lovely in the future. If they don't then one can assume that other Joey's will emerge when thugs overreach.

All this stuff is intertwined.

Brad

 

[shoulda9393]

You have to remember that Rob is doing this for a living.

Unidentified: It does look down.

Monster: It’s down.

Monacelli: Oh, awesome.

Monster, YT1:02:43: I do this for a living. So weev, weev. Let’s talk for a second. So what’s going on…

Kirtaner: It’s been a while.​

People are telling me this thread isn't about trolls and you are quoting me a nazi troll named Weev and another longtime old anti-semitic troll "Kirtaner".

That's for Twitter, not Namepros. There is no justification for using this thread to make registrars content policers (which the large ones already aren't).

 

[shoulda9393]

Yes, they are in this case. The doxxing sites are specifically related to this entire story.

Rob has been given warning about them time and time again.

They were discussed in the disastrous prayer meeting or whatever video he hosted in relation to this data breach, where he said he was taking them down. That does not appear to be the case as they seem to keep popping back up.

All this stuff is intertwined.

Brad

If doxxing sites were at DirectNic or Tucows they'd still need a COURT ORDER to take them down. If they are doing something illegal then they need to go through AUTHORITIES, not the court of namepros.

 

[Future Sensors]

People are telling me this thread isn't about trolls and you are quoting me a nazi troll named Weev and another longtime old anti-semitic troll "Kirtaner".

That's for Twitter, not Namepros. There is no justification for using this thread to make registrars content policers (which the large ones already aren't).

It is from the video meeting that the CEO of Epik had with the alleged hackers. So highly relevant to this thread.

Any more questions?

 

[shoulda9393]

It is from the video meeting that the CEO of Epik had with the hackers. So highly relevant to this thread.

Any more questions?

Yes I want to know from Rob if passwords are currently being properly hashed and have no interest in the content of the sites he hosts, as that is not what this forum is about. That's what lowendtalk is for perhaps.

 

[bmugford]

If doxxing sites were at DirectNic or Tucows they'd still need a COURT ORDER to take them down. If they are doing something illegal then they need to go through AUTHORITIES, not the court of namepros.

No, they don't need a court order to take it down. That is just some cop-out to allow disgusting behavior.

They have a TOS.

Epik did not allow the Texas Right to Life doxxing site. That was without any court order.

Brad

 

[bmugford]

Yes I want to know from Rob if passwords are currently being properly hashed and have no interest in the content of the sites he hosts, as that is not what this forum is about. That's what lowendtalk is for perhaps.

Valid question. Add it to the long list of other valid questions that have yet to be properly addressed in this thread.

Brad

 

[Derek Peterson]

What I meant was he should report it to law enforcement if he hasn't already or file a lawsuit or and then after that just care to his customers, not the hackers or trolls or people with gripes about websites using registrars.

There is no benefit to Rob in interacting with the many trolls on here who want his business to collapse for ideological reasons, many of whom liked the posts here deterring him from perusing legal action against people both defaming his business and quite literally compromising all of it. Every time he interacts with people tangential to hackers or leakers, he is making it seem like he had to do x or y to avoid the hack, when in reality, no one should have hacked, seeded, shared, or even downloaded the highly sensitive personal info of thousands of people (including passwords, phone numbers, addresses and failed passwords of many leftists and liberal domain owners, not just right-wingers).

With regards to other posts above this one about whether Rob is himself a good person, I don't know, and don't care because his business was large enough that I could buy a few domains without worrying about that. Most of us don't use single registrars and don't care about the political leanings of registrars unless we have really weird domains. The main issue for domain owners were technical aspects like his password hashing, not his personal opinions imo.

All he's doing right now by responding to them is feeding the egos of internet junkies and people with personal vendettas they want to utilize the Epik leak for.

This is a domain forum, not a forum about *sites that use domains* or about the moral merits of Rob potentially profiting of hate speech sites (like Tucows and every other registrar does) or the drama that led up to the hack. Having a few domains on Epik, I'd just want to know what to do as a domain owner. Am I supposed to not use my password at Epik anywhere else, should I transfer out, should I not purchase anything with a credit card?

And this Twitter circus should stay on Twitter so us lurkers don't have to go through hundreds of posts to figure out the current status of Epik security.

I think the majority of the people on here are more concerned with Monster's false statements leading up to the hack and after the fact and the utter incompetence displayed by Monster and Epik, than any ideological issues. I, for example, am much more a free speech absolutist than Monster has ever pretended to be.

 

[Molly White]

Yes, they are in this case. The doxxing sites are specifically related to this entire story.

Rob has been given warning about them time and time again.

That's understating it a bit.

https://twitter.com/x/status/1439269174346457088

 

[Future Sensors]

Yes I want to know from Rob if passwords are currently being properly hashed and have no interest in the content of the sites he hosts, as that is not what this forum is about. That's what lowendtalk is for perhaps.

Good question. But don't attack members of this forum please. It won't help you getting anywhere.

 

[shoulda9393]

No, they don't need a court order to take it down. That is just some cop-out to allow disgusting behavior.

They have a TOS.

Epik did not allow the Texas Right to Life doxxing site. That was without any court order.

Brad

I mean that's just not correct. The only way most domains get taken down at Enom, Tucows, or DirectNic is court orders, not the registrar policing sites. If major registrars start policing sites according to internal policies (which of course they can do, but most choose not to), then whole swaths of people, left and right won't have a home anymore. I'm not even aware of any of those three taking down anything without a court order outside very very few exceptions (I think Enom once took down a Wikileaks .info site once, and they almost got in trouble for that).

 

[Derek Peterson]

I've also asked questions, but no, questions about the content of sites on his registrar are not appropriate for a domain forum. It's not the job of registrars to police the content of sites. MOST large domain registrars like Tucows or Enom or Directnic DO NOT take down hate sites or whatever just cuz, they need a court order to do so.

I agree. This is about the lies that and incompetence that led to the hack and the more lies and incompetence after the hack.

This whole Joey Camp and the cancelling of other sites seems more like some kind of extortion negotiation and has about nothing to do with the hack.

 

[bmugford]

I mean that's just not correct. The only way most sites get taken down at Enom, Tucows, or DirectNic is court orders, not the registrar policing sites. If major registrars start policing sites according to whim (which of course they can do, but most choose not to), then whole swaths of people, left and right won't have a home anymore. I'm not even aware of any of those three taking down anything without a court order outside very very few exceptions (I think Enom once took down a Wikileaks .info site once, and they almost got in trouble for that).

You don't need a court order to take down a website.

A private host can decide what they host with or without a court order under their TOS.

Epik would not allow Texas Right to Life to host their abortion doxxing site, without a court order since it was a TOS violation.

That is all 100% factually correct. Period.

There is absolutely no justification at this point to allow these intimidation, harassment, doxxing sites to exist. I don't think you are really aware of the type of material and communications that have been used to try and intimidate others.

The fact that there have been allegations Rob was directly involved with this when it comes to @Molly White (above) makes it even worse.

Brad

 

[Molly White]

I mean that's just not correct. The only way most domains get taken down at Enom, Tucows, or DirectNic is court orders, not the registrar policing sites. If major registrars start policing sites according to internal policies (which of course they can do, but most choose not to), then whole swaths of people, left and right won't have a home anymore. I'm not even aware of any of those three taking down anything without a court order outside very very few exceptions (I think Enom once took down a Wikileaks .info site once, and they almost got in trouble for that).

Epik has repeatedly and publicly done this, for example with prolifewhistleblower quite recently.

 

[shoulda9393]

You don't need a court order to take down a website.

A private host can decide what they host with or without a court order under their TOS.

Epik would not allow Texas Right to Life to host their abortion doxxing site, without a court order since it was a TOS violation.

That is 100% factually correct. Period.

There is absolutely no justification at this point to allow these intimidation, harassment, doxxing sites to exist. I don't think you are really connected to the type of material and communications that have been used to try and intimidate others.

The fact that there have been allegations Rob was directly involved with, especially when it comes to @Molly White makes it even worse.

Brad

I said in my post registrars don't technically need a court order. But both due to the impossibility of policing sites and the authoritarianism of doing so at the *domain* level, most choose not to unless it's something immediately, transparently illegal like child pornography.

I've been domaining for over 15 years, and I've never heard people judge a registrar by it's clients, because domain names aren't content. I mean maybe people wanting to use this thread about *content* should complain to the server companies if they some sort of extralegal thing one wants to pursue.

 

[Molly White]

I mean maybe people wanting to use this thread about *content* should complain to the server companies if they some sort of extralegal thing one wants to pursue.

That would also be Epik, who is hosting Joey Camp's doxing material as we speak.

 

[shoulda9393]

Epik has repeatedly and publicly done this, for example with prolifewhistleblower quite recently.

Epik is not a large domain registrar, and they are setting a bad precedent if they are using their domain authority to restrict access to *content* that isn't transparently and immediately illegal to the site visitors, given domain names don't host content, servers do.