On DNS attacks in the wild and journalistic...

Today I got a little taste of what it's like to *be* the news instead of reporting it.

Not fun, but educational.

It all started yesterday when Metasploit hacker HD Moore was telling me about some DNS troubles that affected his company, BreakingPoint Systems. Because the company had configured a compromised AT&T DNS server as a forwarder for its own DNS servers, they were being redirected to a fake Google Web page.

 We were joking about how it was ironic that Moore, who had just a week earlier helped write code that allowed people to do this kind of cache poisoning attack, had now witnessed its effects first-hand. "I got owned," he joked.

It was a good story, and that was too good of a line not to use, so I wrote up a news item explaining the situation. The funny thing is, the story would never have talked about people being owned, if HD hadn't used that phrase himself. It didn't need to. It was interesting enough without it.

 After the story was published, I heard from HD, and he was unhappy because, he felt he'd been misquoted and that the way I'd written the story to make it sound like BreakingPoint itself had somehow had systems hacked, which was not the case.

 I have a lot of respect for HD, so I took his objections seriously. I agreed that I hadn't given the proper context to the quote, and  I really didn't want anyone to think there was a problem at BreakingPoint, even though the company had clearly been affected by the incident.

Then we had this email exchange:

On Wednesday 30 July 2008, robert_mcmillan@idg.com wrote:

> OK we've changed the story on our wire to include that line I sent you

> previously about nothing being compromised at breaking point and to

> make it clear that the "owned" stuff was a joke. Our pubs will

> gradually make the changes as their editors come on duty.

> Sorry if that story pissed you off, it obviously wasn't my intention.

HD's answer:

Thanks! I had no problem with most of it -- the wording just conveyed the

wrong message for the folks who don't know any better and the joking

context wasn't apparent in the writing.

I thought things were OK after that, but then I saw his blog post from today, and he's clearly still not happy. I've called and emailed him asking if we could talk about this, but he doesn't want to talk. He said in an email this morning that it's "out of my hands at this point, BreakingPoint management is involved and generally not happy with the portrayal."

Anyhow, my first take on the article didn't put things in the right context, and I'd like to apologize to HD for that.

But he did say "I got owned." It was a joke. It just wasn't funny.


Copyright © 2008 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.