Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead.
-
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
@briankrebs The whole vulnerability publication lifecycle is such a shit show. Vulnerability management tools are now handling their own CVE databases and enriching data without waiting for NISTs bottleneck.
-
I thought squatting was prohibited? They need to enforce the policy and release the name.
Having laws, policies or rules that aren’t enforced wastes people’s time.
@HopelessDemigod @briankrebs maybe someone could escalate the problem to ICANN?
Symantec is awesome at breaking down things... it almost feels like it's their mission.
Let's buy this awesome product. And ruin it.
-
@HopelessDemigod @briankrebs maybe someone could escalate the problem to ICANN?
Symantec is awesome at breaking down things... it almost feels like it's their mission.
Let's buy this awesome product. And ruin it.
@en3py @HopelessDemigod @briankrebs
This is nothing that ICANN really has anything to do with. Unless an ICANN contracted party did something wrong or if this would fall under DNS abuse, but even then the registrar would be the one investigating. I don't think this is a case of either.
And as others already said, domain squatting is only the case if it infringes on the rights of others and us abusive. Selling domains itself does not constitute squatting.
-
@briankrebs publicly declaring a campaign to buy the domain back seems like a great way to make the price go up.
Yeah I think it might have been better to try to reach out to the owners first. According to archive org, it looks like Accenture had control over the domain already in 2023, unless the subdomain redirect messed up the archives somehow.
-
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
“Lets reward domain squatting instead of running a search/replace” -
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
@briankrebs
What am I missing here? Getting the domain back does not restore the information the links point to. Is someone saying there is a backup somewhere to restore?Restore it (old target website) anywhere (to a new host), I've downloaded the (NVD) database for local processing many times in my life... In your own copy, search and replace the domain reference to a new host...
If this is important enough to the community at large, work on getting the NVD data itself to be updated. It is all text (once upon a time, XML, now I think JSON)
Edit: clarified 'it' as "(old target website)...(to a new host)"; and 'database' as "(NVD)"
-
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
@briankrebs
Why in the hell would you pay a squatter for a domain? Fuck that guy -
Yeah I think it might have been better to try to reach out to the owners first. According to archive org, it looks like Accenture had control over the domain already in 2023, unless the subdomain redirect messed up the archives somehow.
@poing @fancysandwiches @briankrebs
Why not just fix the links and automatically point them to pages at archive org ?
-
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
@briankrebs Accenture. Of fucking course.
-
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
@briankrebs fuck that, sed -i all the links in the NVD to point at archive.org and donate the 175k to them. Getting the domain won't restore the content anyways.
-
@briankrebs fuck that, sed -i all the links in the NVD to point at archive.org and donate the 175k to them. Getting the domain won't restore the content anyways.
-
@franga2000 @briankrebs
Also this is the kinda thing a scammy group of crypto bro indians in a telegram channel would do. Buy a domain, then pretend to be concerned group of internet denizens and start a gofundme to buy the domain that they now own, trick of bunch of well meaning idiots into raising the money, and profit.
I see stupid ops like this purpetrated by indians go down all time around crypto spaces. -
Security nerds have launched a Gofundme to buy back securityfocus.com, a domain that hosted the Bugtraq site and more than 120,000 links from the National Vulnerability Database that are now dead. Whoops.
"Symantec killed Bugtraq in 2020 and let the domain lapse. Now it's squatted for $175k," writes Jonathan Brossard. "The NVD has 120,000+ broken links pointing there. The security community's memory is being held hostage."
Donate to Restore SecurityFocus & Bugtraq, organized by Jonathan Brossard
Hi, I'm endrazine — a cybersecurity researcher, and author of security tools used by… Jonathan Brossard needs your support for Restore SecurityFocus & Bugtraq
gofundme.com (www.gofundme.com)
Not sure if this matters, but DomainTools says the domain was transferred to Accenture.com, Accenture Global Services Limited in Ireland.
@briankrebs sounds like something a big consulting firm or whatever they are would typically do for the planet.
-
@poing @fancysandwiches @briankrebs
Why not just fix the links and automatically point them to pages at archive org ?
@johnlogic
Also a good idea, but likely a logistical nightmare as it involves many many different site owners/webmasters.(hmm, do we still use that term? Feels like I haven't used it in a long time.)
-
@johnlogic
Also a good idea, but likely a logistical nightmare as it involves many many different site owners/webmasters.(hmm, do we still use that term? Feels like I haven't used it in a long time.)
Sounds like an opportunity for someone to create a browser plug-in that just automatically offers to redirect links referencing the bad domain to the desired pages at the #InternetArchive .
-
@rusty_shackleford @franga2000 @briankrebs
Can you criticize a slimy company without hurling slurs at people with disabilities and of different ethnic/national backgrounds?
