erlando
Master Poster
- Joined
- Apr 23, 2007
- Messages
- 2,432
Hmm.. The plot thickens..
www.stopsylviabrowne.com hacked?
- Thread starter Powa
- Start date
-
- Tags
- hacked stop sylvia browne
- Status
Hmm.. The plot thickens..
Axiom_Blade
Unregistered
- Joined
- Jun 8, 2006
- Messages
- 2,979
That's some eye-gougingly bad site design, too!
White text on a bright red background?
I've heard fishy stories before about GoDaddy (allegedly) axing domains that they thought were illegal or inappropriate. I'd like to know what their role is in all this.
White text on a bright red background?
I've heard fishy stories before about GoDaddy (allegedly) axing domains that they thought were illegal or inappropriate. I'd like to know what their role is in all this.
ExMinister
RSL Acolyte
- Joined
- Jul 11, 2007
- Messages
- 2,982
I noticed on the archived version of Robert's site that at the bottom it says he has the logo and content copyright 2006-2008. Can we also check to see if that needs to be renewed? I know - the computer savvy are probably already on that too. 
Also, if there are costs related to any of this, someone please start a thread over in Community so we can figure out how we can all pitch in and help out.
Also, if there are costs related to any of this, someone please start a thread over in Community so we can figure out how we can all pitch in and help out.Horatius
NWO Kitty Wrangler
- Joined
- May 9, 2006
- Messages
- 29,691
I noticed on the archived version of Robert's site that at the bottom it says he has the logo and content copyright 2006-2008. Can we also check to see if that needs to be renewed? I know - the computer savvy are probably already on that too.
Under modern US copyright law, the copyright doesn't need to be renewed, it persists for the length of time set in the law (That used to be 75 years, but I think it's been increased), so no worries there.
The dates listed are probably the dates on which the various content was created, so as to fix the potential ending date of copyright.
Thus, if this miscreant is using any of Robert's logos or text, we can sue the crap out of them. I'd suggest asking some of our Forum Lawyers for an opinion on the value of that. It might make a good lever to pry the site away from the interloper, if it comes to that.
The only advantage to the domain name is word of mouth since the Internet will use hyperlinks. So, if you're going to expect someone to type in a URL, don't pick one where the obvious thing to type (.com) leads them to exactly where you do NOT want them to go.
AvarianParakeet
Student
- Joined
- May 15, 2008
- Messages
- 48
StopPsychicFraud.com is available, but stopflimflam.com is claimed.
Great catch Powa! It's awful that on top of everything else Robert and his family have to deal with this too -- but thanks to you it was caught quickly.
IIRC, Robert had registered stopsylviabrowne.com by proxy. So I find it truly odd that it was able to be transferred. (I also assume that is what happened.) I would think that a company that offers this service would verify with their client that they truly wanted this domain to be transferred before they did so.
That being the case, I wouldn’t assume that the domain stopkaz.com or any of the other ones that Robert had registered are safe from being fraudulently transferred.
This isn’t my area of expertise but I think at the very least the company that offered the proxy service should be notified to put a domain lock on all the registered domain names. As I understand it, a domain lock can help prevent fraudulent transfers. Without it, as long as the owner of the domain doesn’t protest the transfer request by a 3rd party, it can take place.
I would also suggest that until Robert recovers that the contact information (including e-mails) for all his business affairs (not just his website’s domain registrars) be transferred to his wife.
Typically domain registrars only contact their clients by e-mail.
I heard that this kind of thing goes on, but I still can’t believe it. The punishment must not be severe enough. Anyone that pulls this kind of garbage deserves to be put into permanent bankruptcy.
ETA: Based on the google.de story that monoman linked to, I think Robert should be able to get the domain name back.
IIRC, Robert had registered stopsylviabrowne.com by proxy. So I find it truly odd that it was able to be transferred. (I also assume that is what happened.) I would think that a company that offers this service would verify with their client that they truly wanted this domain to be transferred before they did so.
That being the case, I wouldn’t assume that the domain stopkaz.com or any of the other ones that Robert had registered are safe from being fraudulently transferred.
This isn’t my area of expertise but I think at the very least the company that offered the proxy service should be notified to put a domain lock on all the registered domain names. As I understand it, a domain lock can help prevent fraudulent transfers. Without it, as long as the owner of the domain doesn’t protest the transfer request by a 3rd party, it can take place.
I would also suggest that until Robert recovers that the contact information (including e-mails) for all his business affairs (not just his website’s domain registrars) be transferred to his wife.
Typically domain registrars only contact their clients by e-mail.
I heard that this kind of thing goes on, but I still can’t believe it. The punishment must not be severe enough. Anyone that pulls this kind of garbage deserves to be put into permanent bankruptcy.
ETA: Based on the google.de story that monoman linked to, I think Robert should be able to get the domain name back.
Last edited:
It's funny how it happened. I don't think I've been to the site since Robert's stroke, but for some reason decided to click the link in my sig the other day. I took me 1.5 seconds to realize something is wrong.
I just hope this gets resolved quickly. Robert and his family really don't need this right now.
BTW, has anyone tried to contact this Boris person to find out what they're doing?
No, but when Norwegian Squirrel mentioned that the new owner had the same name as Boris Kreiman the chess player I got curious and googled him. Here's a few links:
http://en.wikipedia.org/wiki/Boris_Kreiman
http://www.kreimanchess.com/
http://www.cardplayer.com/players/results/Boris-Kreiman/28697
http://www.linkedin.com/pub/3/bb8/789
The linkedin site has a few more links that gives more info on Kreiman.
After reading all the links, I think it is the same guy. (Linkedin has a link to phonetophone.com which has a link to lifepsychic.com. If you click on a few links in the hijacked stopsylviabrowne.com web site, you eventually get to lifepsychic.com -- it usually takes about 3 clicks.)
He's a Grandmaster, the highest title a chess player can achieve, and has won over 20 international chess tournaments. He's probably brilliant.
I know intelligence has nothing to do with character, but I was still really disappointed when I found out that some one so accomplished and intelligent was behind this.
Last edited:
saganite
Black-and-white Cat-foot
- Joined
- Sep 10, 2005
- Messages
- 2,299
She lives 10 minutes from me. If she isn't kind enough to return emails, I could always stop by her place and have a polite little chat.
It depends what the story is (for example if the domain simply expired then there is no story), but if there is something dodgy or malicious going on then the press may well be interested in a scandal involving one or more celebs, pending clearance by libel lawyers.
I do hope whoever is behind this has considered that.
I do hope whoever is behind this has considered that.
Libel lawyers would be the least of the problem. The issue here is identity theft and fraud as far as I can tell.
One thing is clear: The domain did not expire.
WARNING: I am speculating and nothing more. I have no knowledge of the efforts to reclaim the domain or the circumstances under which it was lost.
This has all the earmarkings of a socially engineered attack on his email account (similar to guessing Sarah Palin's password reset function on Yahoo, etc.) Even if he registered the domain by proxy (a choice godaddy gives you) you are still able to log into godaddy's site and transfer domains. All registering by proxy does is add a layer of obfuscation to who owns the domain for the uninitiated.
This means that all they had to do was target his email account to get a password reset from Godaddy and transfer the domain to themselves. If they wanted to make it appear more legit, they would put the godaddy account back to how they found it. I highly doubt Godaddy keeps logs of account changes for very long, but they may keep IP access logs for slightly longer. Depending on how long this problem has persisted the access logs may have been rotated to /dev/null (thus being deleted.)
Godaddy is also not known for being savvy enough to stop socially engineered probings to customer service phone workers for them. Meaning it's pretty easy to call up and claim to be someone else, and it's easy to glean information that would allow someone to hijack an account. Godaddy is not known to be the most trustworthy registrar. I personally have had to ask them what email I registered something under, and they gave me that info with little confirmation of who I was. I could have been anyone with basic knowledge of home addresses, phone numbers etc. and even if I didn't know the answer some slippery con tricks using stories about moving etc. could work. In short, with the right slippery tongue, you could have Godaddy themselves change the email address the password resets go to or simply have them give you a password.
For the record: I am not involved with the efforts to reclaim the domain or in the know for what happened this is just my observations based on what I do professionally to support my music habits.
Also for the record: Password reset functions based on information about you are another password. You should engineer them to be very difficult to guess the same as you would your password. Ie. non-dictionary phrases, random characters, over a certain length etc. They should NOT be something easily guessable about yourself, and should not be grammatically correct or predictable as language.
However, Godaddy doesn't care about secret questions, etc. To retrieve a password reset, all someone would need to do is have control of the email account the registration used. If I have control of someone's email (by guessing passowrds, etc.) I can have Godaddy send me the customer login and a new password reset link. Once that is done, any function is available.
If RSL's password to a webmail account was weak then this attack would succeed eventually. Without RSL healthy and able to follow what was going on, he may not have been aware about such probings at the security of his accounts.
This is why webmail is a weak means of secure communications, and why Palin should have seen much more heat over this. If you don't have control of the server, it is very difficult to know if someone is trying to brute force your account. This is because without having access to logs on the server, you are removed from the ability to be in the loop regarding the security of your account. The answer to this is frequent password rotations, and using strong password guidelines. With RSL not able to handle this, his passwords were probably at risk longer than they should have been (assuming he did frequently rotate his passwords, etc.)
While I applaud the efforts of those helping out, ultimately the legal issues may be that RSL's better half or his attorney may be the only one that can effectively communicate to Godaddy personnel. It should probably be focused on to provide help in securing Godaddy's approval of a proxy communicator (Ie. approved non-family person, lawyer etc.) to continue to resolve the issue.
But those involved are smart and know this.
This post should not be taken as a how-to of socially engineering attacks against others on the net.
geni
Anti-homeopathy illuminati member
- Joined
- Oct 14, 2003
- Messages
- 28,209
Kasparov is about the highest profile chess person going. He also belives in Fomenko's New Chronology. Hasn't damaged him much. As long as they perform across the board people tend not to care what chess players do.
Chris H
Magician Among Spirits
- Joined
- Aug 16, 2008
- Messages
- 846
I've got about 250MB spare on my domain, theskepticsbible.com. I'm in the process of designing some other websites, and mine has kind of become a low priority. If anyone has any of Rob's articles, I'd be happy to archive them in one place online, if anyone thinks it will help?
Cheers,
Chris
Cheers,
Chris
Last edited:
Kilgore Trout
Wuse
- Joined
- Jan 17, 2007
- Messages
- 1,441
This has a little bit more domain information: http://whois.domaintools.com/stopsylviabrowne.com
Seems this grandmaster has registered 191 domains, though there's a charge to see which ones.
Seems this grandmaster has registered 191 domains, though there's a charge to see which ones.
Chris H
Magician Among Spirits
- Joined
- Aug 16, 2008
- Messages
- 846
While I am sure El_Spectre and RSL appreciate the intent, handwringing and posting random whois info isn't going to help anything. The focus here is now on why godaddy let this domain go when it was renewed, and what rectifications they will make to the situation.
We know who has the domain, and we probably will never know how it happened unless godaddy is forthcoming with logs that are most likely rotated into oblivion by now (sure we can speculate, but that's really not going to help either.)
The focus is not investigation. We have the facts (those that are working on it have already done a /whois, thanks.) The focus is diplomatically dealing with godaddy to return the DNS entries to the rightful owner.
Last edited:
- Status