"We are protecting you from the hacker-terrorists"
Is this not obvious to everyone else as it is to me? People, think about what is happening here and the timing of it all.
This is a false flag operation to turn the public opinion against "hackers" so these crazy internet regulations bills can start passing and so that they can get away with spying scandal.
If these "hackers" taking down social media sites and NYT times were actually the Syrian government, they'd be going after US government targets in an effort to undermine the bombing that's about to begin.
Their regime is about to get bombed. Taking down twitter is low on their priority list. But it's quite good timing for a propaganda campaign against "hackers" and now allows the US government to label hackers as terrorists. Scary stuff.
As someone asked in the comments of the article asked (no response yet), I'm curious myself...
> "twimg.com is a domain used by Twitter which is an widget company that is part of a network of sites, cookies, and other technologies used to track you, what you do and what you click on, as you go from site to site, surfing the Web. Does that not mean that SEA will be intercepting this data?"
Ok, firstly whois Microsoft.com just returns all URLs with Microsoft.com in them, even as a subdomain, so they haven't been hacked and that result has been there for ages. Same goes for Verisign etc.
TechCrunch is reporting that registrar MelbourneIT has been hacked.. This wouldn't surprise me but I'm puzzled as to why either site would register with such a bad registrar.
How hard is this to do...
I ask because I find it harder to believe that they are responsible for this. Just like I don't trust the YouTube videos either. I would find it more likely that three letter agencies are involved as PR.
Don't trust anything you read here, folks...... too many that don't know anything about WHOIS or DNS.....
While they may have fixed twimg.com on the DNS level, changes are still taking forver to propogate back out. Right now I'm still getting no data from it.
To add to the matter, SEA is certainly aware of this:
"So, do we host http://twimg.com with Javascript code so all Twitter users will be redirect to our website? #SEA"
https://twitter.com/Official_SEA16/status/372496956020379648
The twitter frontpage is completly broken for me. Static assets like css and javascript are served by twimg.com, which are now missing. If SEA has access to a server which can take the load of twimg.com, they can inject their Javascript and possible exploits to ALL twitter users...
Woah! Has Verisign been hacked?
$ whois twitter.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.
TWITTER.COM.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
TWITTER.COM
And then:
$ whois verisign.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.
VERISIGN.COM.MIGHT.SUCK.FYRAE.COM
VERISIGN.COM
I get really crazy responses like this for almost every major site I try (cnn.com, yahoo.com, google.com).
DNS Records have been hijacked and point to Syrian Electronic Army
So not sure what to say, but this is the email I received from DynEct the other day: subject: Webinar Wednesday: Are You Prepared For DNS Disaster? sender: Dyn hello@dyn.com via dynect-mailer.net
and some info from my old whois: $ whois twitter.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.
Server Name: TWITTER.COM.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
IP Address: 209.126.190.71
Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Domain Name: TWITTER.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: NS1.P34.DYNECT.NET
Name Server: NS2.P34.DYNECT.NET
Name Server: NS3.P34.DYNECT.NET
Name Server: NS4.P34.DYNECT.NETLast update on status.twitter.com was August 6th.
Get your shit together guys, this is serious business.
Edit: looks like there's an update now: http://status.twitter.com/post/59528478030/twitter-service-i...
Why hasn't the SEA changed the nameservers?
Whoa. Twitter, NYTimes, HuffPo... all had their DNS records hacked? This seems huge.
Seems to me that melbourneit.com was the cause of these problems - that is the related link between all these different problems - basically poisoning the DNS of any popular company that uses them.
NYTimes seems to be down and Twitter is be loading all wrong because twimg.com is down. Whoa! This is some serious stuff.
Is this what DNSSEC is supposed to protect you from? (Or could they just change your dnssec records as well?)
twimg.com seems to be hijacked
this is about all the Syrian govt can retaliate with. it's not like they can physically reach and stop the USA from attacking them.
the traceroute for twimg.com end's in russia, I'm right? (141.105.64.37)
SEA has a history of doing much more than attempting to offset perceived propaganda[1]. With in that site is dozens of gigabytes of logs from Bluecoat[2] proxy hardware that sat in datacenters for Syrian ISPs.
A good amount of what is contained in the logs is things like porn searches, more porn, porn. But amongst the typical naughty bits things like religious queries for Christians, Catholics, Jews, Muslims were being recorded.
Telecomix[3] helped to leak the log-set, and as it stands it is _the_ example of how state entities monitor peoples of 'interest.' Much of these people are long since dead, killed early on as they were the most public[4].
So while the SEA's most public facing events are hijacks, phising, and massive redirects. Please do focus on the end result of pervasive surveillance[5].
[3] http://en.wikipedia.org/wiki/Telecomix
For those want to take a look at the more internal efforts of the SEA, here are some logs[1] obtained from a leaked set thanks to Telecomix[2].
The snippet of logs is from a voluminous set. A mere sample[3]:
BlueCoat Helps Assad/SEA Track Homosexuals: 2011-07-22 20:34:53 14 dee58fa2188103d6 - - - OBSERVED "unavailable" videogayz.com/ 200 TCP_HIT 6 Jul from web
BlueCoat Logs from Assad/SEA Hardware Tracks MSN: 2011-07-22 20:34:53 35850 0cb611eeb0ef8c6e - - - PROXIED "unavailable" by2msg4030114.gateway.messenger.liv… 6 Jul from web
BlueCoat Logs Show Assad/SEA Is Totally Secular, Tracks Religious Followers: 2011-07-22 20:34:52 166 7cc423995fff7f92 - - - OBSERVED "unavailable" www.syrianoz.com/news/kamishly/chur… 6 Jul from web
Sorry to be cynical and bring politics into this, but I hope that U.S. liberals respond the way they did to Bush to Obama with this strike.
Comedians, the media, etc. accused Bush of an adjust war for someone that used a chemical attack on his own people because there were no found WMD's even though there was evidence of a chemical attack.
Now we are going in again to try to save things. Will Obama come out as a hero? Probably. Should he? Well if he should, Bush needs to get some slack finally.
Don't get me wrong- I think we should do something. But when I hear we are going to do another 3 day bombing run, it's just like Iraq all over again, except this time it's who the Democrats want to bomb. Isn't there an answer that doesn't involve bombing? What are we, Germany in WWII?
US is about to bomb Syrian military assets so this is Iran's response. The SEA is clearly Iranian. Email them something in Farsi or PM one of their propaganda accounts on youtube they usually answer.
last time I checked ns1.syrianelectronicarmy.com was hosted out of Russia and includes " qatar-leaks.com" which seems to have disappeared