[HN Gopher] The Hijacking of Perl.com
___________________________________________________________________
The Hijacking of Perl.com
Author : leejo
Score : 272 points
Date : 2021-03-01 10:31 UTC (12 hours ago)
(HTM) web link (www.perl.com)
(TXT) w3m dump (www.perl.com)
| emmelaich wrote:
| The mentioned BizCN registrar has a very shady past according to
| a simple web search.
| ArtTimeInvestor wrote:
| What would solve the constant fear of losing important domains is
| making domains NFTs on the Ethereum blockchain.
|
| This would make the situation better in two ways:
|
| 1: A normal domain move can only happen when the domain owner
| signs the transaction. If the domain owner claims to have lost
| their key, this would raise a red flag and result in an in-depth
| analysis which the domain owner has to pay.
|
| 2: The movement of the domain would be announced on the block
| chain. So in case the in-depth analysis has been tricked by an
| attacker, the righteous owner would be alarmed immediately. For
| this they would use some service that monitors the blockchain for
| them. They could then reverse the transaction with their key.
| michaelsbradley wrote:
| https://app.ens.domains/
| martin_a wrote:
| No need for some fancy blockchain technology here.
|
| You can't move most domains without written consent of the
| domain owner and you'll have to properly identify yourself
| before requesting that.
|
| In the end it's about how the registrar handles those things.
| ArtTimeInvestor wrote:
| Define "move" here. I move domains between registrars every
| now and then and I never have written anything on paper to do
| so.
| martin_a wrote:
| If I want to move .de domains from one hoster to another,
| I'll need authentication codes and alike for that. This
| process has been automated and digitalized but the current
| domain owner has to explicitly acknowledge and allow the
| transfer.
|
| This is how DENIC handles those things at least.
| knorker wrote:
| No, this is just yet another thing that "the blockchain" does
| not solve.
|
| I actually can't tell if you're being serious, or if this is
| satire about the fact that people think "the blockchain" can
| just be sprinkled and solve any problem.
| javert wrote:
| Absolutely right.
|
| I'd certainly pay for this service.
|
| Imagine domain names _actually_ being secure, like bitcoin is
| secure.
|
| I've posted this idea here before and also got shat on and
| downvoted to oblivion.
| layoutIfNeeded wrote:
| Took me a while to figure out what this "Perl" was, so if you're
| like me, I'm gonna save you some time: "Perl" seems to be the old
| name of the popular Raku language.
| hazbo wrote:
| Perl and Raku are two individual languages. Perl is still very
| much alive https://www.perl.org/
| jhfdbkofdcho wrote:
| I think he was making the funny
| hazbo wrote:
| The use of the word "popular" made me wonder this. Either
| way, happy to clarify the facts in the case that other
| people didn't get the joke.
| _joel wrote:
| Jesus, this makes me feel old. Perl's been around for decades,
| being a very common CGI language pre PHP days and also for
| general sysadmin work.
| forgotmypw17 wrote:
| I still use it as my primary language, and with CGI too.
|
| It's lightning fast, it's mature, every problem is solved, it
| still works great out of the box, and compatible with just
| about every web server out there.
|
| By "mature" I mean that any question I google there is real
| content, and not just StackOverflow. Real web-based
| knowledgebases which also happen to be lightweight HTML,
| without JS required, and with real solutions to the problem.
| doublerabbit wrote:
| I like perl, but the temple you build with it becomes very
| complicated. Sadly the fortress of TCL has won me over.
| forgotmypw17 wrote:
| I try to write it in "PHP style", meaning just a whole
| bunch of "my $someVariable = SomeFunction()", and as
| little as possible of "=~ /^#^$^&*&/ <> ;~;"
|
| It helps that I try to build and maintain two versions of
| the same codebase, so I tend to write in a language which
| is the lowest common denominator of PHP and Perl.
|
| I'm at a modest 14K lines now, and still find that I can
| find what I'm looking for with just a global text
| search...
| iso1631 wrote:
| Perl's pretty much dead, I haven't written any perl all month
| iso1631 wrote:
| Perl is now alive. 100% of the code I've written this month
| is perl.
| hpcjoe wrote:
| I see what you did there!
|
| I wrote in Perl, Python, and Julia this month (yeah, 1st
| day). Probably will have some C++ and R as well later.
| We'll see.
| [deleted]
| laserharvest wrote:
| Are you being sincere?
| dvfjsdhgfv wrote:
| You made my day, thanks!
| psim1 wrote:
| A slow heist by Chinese spammer/scammers to use a popular domain
| name. This is clever and in direct contrast to the usual gobbling
| up of domains for spam/scam purposes as soon as they expire at
| the peril of a forgetful owner.
| indymike wrote:
| Why try to assign a nationality to the thieves if that is not
| known? Domain theft is not very clever (there's a record at
| every step) and very much reversible. Being the buyer of a
| stolen domain is a bad spot: you will lose the domain and your
| money, too.
| ctur wrote:
| That is an incredibly long winded way of saying very little.
|
| Which is ironic as that is literally the opposite of the Perl
| programming language itself.
| ThePhysicist wrote:
| Key-Systems GmbH seems like a legitimate business to me (judging
| by their website and company register data), seems they acquired
| the domain from the Chinese registrar to resell it. Still, seems
| hard to believe that you wouldn't become suspicious when a
| Chinese company offers you a very popular domain name that seems
| to be in active use for sale.
|
| That said I've seen registrars make some glaring mistakes in the
| past and many still rely on faxed documents to authorize domain
| transfers, so it's not a surprise that stuff like this happens.
| Often, all it takes is finding out who's the registrar (easy),
| obtaining a blank transfer authorization form from that registrar
| (easy again), obtaining the personal or company data of the
| domain owner (a bit more difficult but still doable), fill out
| the form and fax it in. Some providers won't even bother to send
| you a notification when transferring the domain, so like here the
| legitimate owner won't notice it's gone before it's way too late.
| ryanlol wrote:
| Key-Systems is a huge registrar. It is very unlikely that they
| acquired this domain themselves, more likely it was a client of
| one of their many resellers.
| oefrha wrote:
| Neither of the registrars "acquired" or "offered" anything.
| They simply accepted transfers from some fraudulent registrant,
| and there's absolutely no reason they shouldn't allow transfers
| of domains "in active use", popular or not. It's just business
| as usual for them. The domain was eventually listed by the
| registrant on Afternic, a domain marketplace. Again, neither of
| the bounced-through registrars got anything to do with the
| listing and reselling.
| 0xbadcafebee wrote:
| I literally shuddered when I read "Perl NOC". It was like the
| ghost of a neckbearded BOFH breathed down my neck... On a serious
| note, I absolutely adore the simplicity of their blog
| (https://log.perl.org/)
| iamricks wrote:
| I had this same thing happen at my company, Godaddy somehow
| allowed someone to disable dual auth through social engineering
| and reset our password through a compromise email. They proceeded
| to initiate a domain transfer. Not sure how Godaddy would allow
| disabling dual auth over the phone.
| omega3 wrote:
| I had a very hard time reading this article. It's filled with so
| many platitudes and truisms ("And, it always helps to have
| friends and good relationships with the people who are able to
| help.") and yet it doesn't really explain what happened. For all
| I know they might have forgotten to pay for the invoice.
| omoikane wrote:
| I thought this article was interesting from an incidence
| response point of view, perhaps it have been better framed with
| a different title.
| rjbwork wrote:
| Yeah it's not very good writing, but the tl;dr is that someone
| executed a social engineering attack against Network Solutions,
| got them to update contact information for the domain owner to
| themselves, transferred it to BizCN, then transferred it to Key
| Solutions, and then attempted to auction the domain name for
| $190k.
| omega3 wrote:
| It reads like the author is basically guessing, in the
| lessons learned he mentions 2FA and in the same sentence he
| mentions that it might not have helped ultimately. He
| mentions it's a speculation, he'c not the injured party.
| Someone else did some "forensic work" yet the link doesn't
| work. I feel this should have been written by the domain
| owner or the registar.
|
| Couple of other issues: "It's important to have one face
| (mouth?) to represent the diligent work everyone was doing."
| From the registar article: "the Perl team has yet to respond
| to our request for a comment"
| briandfoy wrote:
| I don't know who The Register tried to contact, but it
| wasn't me. As soon as their article came out, however, I
| contacted the reporter.
|
| And, I've fixed the broken image. Thanks for noticing that.
| bmn__ wrote:
| grep "What we think happened"
| stanislavb wrote:
| OK, at least it isn't only me.
| CapriciousCptl wrote:
| At the very end they speculate it was a social engineering
| attack at their registrar that started last year and affected
| multiple domains. Oddly, the author says they weren't "the
| injured party" and therefore didn't ask the registrar to verify
| that. I'm not stating the registrar because there's no
| supporting evidence that they were at fault but the author gave
| it in the article.
| DFHippie wrote:
| He says he himself was not the injured party, a legal term,
| so the information was not provided to him and he does not
| have a legal right to it.
| Firehawke wrote:
| This. There's only so much he can talk about from his side,
| and whoever legally owns the domain will have to provide
| information on what exactly happened-- should he wish to.
| That's also important, the owner may not want to talk about
| it in public (but that would just make the initial blog
| post even stranger, so I'm assuming they eventually WILL
| speak up about the rest..)
| amatecha wrote:
| I mean, the second paragraph starts with "First, this wasn't an
| issue of not renewing the domain."
| omega3 wrote:
| The article was changed since my original comment.
| soulnotsoviet wrote:
| Sorry but individualization and soul and style and wit are
| American ideals. If you want drab Soviet style information
| only, look elsewhere.
| prussian wrote:
| I agree the article did a bad job keeping me interested, but I
| think it is more of a statement about the rumor mills and fake
| news about the takeover and to be cautious about falling into
| it.
| woodrow wrote:
| If you own a high value domain, you should consider asking your
| registrar/registry to turn on a registry lock [1] which protects
| you from compromises or social engineering at your domain
| registrar. It's a little more expensive and can slow down NS
| delegation updates, but otherwise you run the risk of what
| happened here to perl.com, which can be extremely disruptive even
| if your attackers don't try and resell the domain.
|
| You can check the status of a domain by looking for "Status:
| server{Delete,Transfer,Update}Prohibited" in the whois response
| for that domain [2].
|
| [1] https://krebsonsecurity.com/2020/01/does-your-domain-
| have-a-...
|
| [2] https://www.verisign.com/en_US/channel-resources/domain-
| regi...
| EvangelicalPig wrote:
| I know NetSol in theory supports registry lock, but last time I
| checked they want >$1000/year for it, and it's kind of shitty
| they don't offer robust access controls internally so you end
| up paying for it (and other registrars offer registry lock (and
| hopefully competent 2FA on top of that!) in the ~$500/year
| range)
| [deleted]
| epc wrote:
| Pairdomains (pairdomains.com) offers it for $0.00/year.
|
| But...be absolutely, 100%, certain that the information
| contained in the registry record is 100% accurate for name of
| registering organization and contact information. Because the
| process to unlock can be quite...difficult if the information
| is slightly off.
| dwohnitmok wrote:
| An unfortunate side effect of defending against social
| engineering attacks that can use very small inaccuracies to
| be successful.
| EvangelicalPig wrote:
| pairdomains.com doesn't have serverUpdateProhibited, which
| is the "registry lock" protection. The reason why it costs
| money is because I believe it involves the registrant,
| registrar and registry coordinating a manual unlock out of
| band, so in theory if the registrar-registry API is
| compromised, you're still be protected.
| kstrauser wrote:
| There's zero reason to still use NetSol in 2021 except sheer
| masochism. Namecheap offers 2FA and registry lock for free.
|
| Seriously, transfer your domains to almost literally any
| other registrar. They'll be better than NetSol.
| cfcf14 wrote:
| Aside from the primary content regarding the hijacking the
| registrar, I really enjoyed reading about the methodological
| approach they adopted for tracking information and contacts
| during the crisis.
|
| But to the primary content - I've been surprised at just how ad-
| hoc much of the internet backbone infrastructure is as I've
| learned more about it. The same could be said about the payments
| processing industry! Beneath all the complexity and sleekness
| underlying the tools we use every day seems to eventually lie a
| system of IOUs, with an honor-based resolution mechanism between
| sufficiently trustworthy entities.
| louwrentius wrote:
| > Beneath all the complexity and sleekness underlying the tools
| we use every day seems to eventually lie a system of IOUs, with
| an honor-based resolution mechanism between sufficiently
| trustworthy entities.
|
| This is how societies - in the end - work. It is all about
| trust, I think.
|
| And although there are forces to undermine that fundamental
| trust, it does still work.
| stjohnswarts wrote:
| It's how the fiat money system works as well.
| munk-a wrote:
| There really isn't a different way to work honestly. Either
| we rely on trust or force and that trust and force can be
| transferred and dissipated through a legal system but force
| loses its transferable value very quickly while trust can be
| passed on many times.
| mhh__ wrote:
| If you recall from January, even with the US election you'd
| only need a conspiracy of a few hundred people (congressmen) to
| completely overturn the election for whatever result you want.
|
| Society is made out of string at best
| munk-a wrote:
| That conspiracy was surprisingly widespread and the normal
| societal blocks didn't manage to engage early enough in the
| process to stop it but, in the end, we made through it
| alright due to societal pressures at large.
|
| I don't know what specifically would've tipped it the other
| way but I think there were several large players able to
| extend effort that ended up not doing so simply due to a lack
| of need (i.e. the military in a non-show manner).
| btilly wrote:
| I believe that the point was that if that group decided to
| overturn the results, the democratic will of the entire
| population would not have overruled them. The intent of
| those provisions is for a case like 1877 when the
| democratic will of the people was actually in question.
|
| Unanticipated in the Constitution was that a group of
| violent people would attempt to force Congress and the
| Senate to overturn the results. Had the protestors
| succeeded in that goal, it would have effectively ended the
| Republic. We would continue to be a Republic in name, just
| as Rome was after Julius Caesar crossed the Rubicon in 49
| BC. But not in reality. And not too many years would pass
| before even that charade ended. As happened in Rome when
| Augustus Caesar became the first real emperor.
| macintux wrote:
| There's also a grassroots problem: the reason it took
| desperate acts in the endgame to try to overturn the
| election was that election officials around the country
| refused to bow to pressure to change the results at the
| local and state level.
|
| That layer of defense can't be taken for granted,
| especially given how aggressively hostile towards reality
| itself many local GOP officials are becoming.
| system2 wrote:
| A very long article with no real information. Why did they even
| decide to publish this weird thing?
| brongondwana wrote:
| We nearly had something like this happen to Fastmail many years
| ago:
|
| https://fastmail.blog/2014/04/10/when-two-factor-authenticat...
|
| Scary stuff. Basically we had 24 hours to dispute via email when
| a fax was sent to our registrar with a faked up Australian
| company registration and a fake passport asking to remove 2FA and
| change the owner email to an address @qq.com.
|
| At the same time, our hostmaster email address had been signed up
| to hundreds of non-double-opt-in mailing lists, so that there was
| lots of noise for this email to be lost in.
|
| We had to fight very hard to be allowed to see the fax that was
| allegedly from us, so that we could see what they had done.
| funkisjazz wrote:
| A bit off topic, but I like the usage of "social engineering
| attack" instead of "anything to do with the word
| computers/cyber/hacking", because it places the onus on the
| correct parties and the correct systems that failed.
| OliverJones wrote:
| Nice work, Perl.com team! And, a very helpful incident report we
| can all learn from.
| k_sze wrote:
| I'm surprised that the domain name ownership hasn't been
| transferred to the Perl Foundation or something. Things might
| look ugly if Tom suddenly dies.
| bityard wrote:
| Why? Perl.com doesn't have anything to do with the Perl
| Foundation. It's a collection of blog articles from various
| Perl developers.
|
| The website for Perl is perl.org and was not affected at all by
| the perl.com hijack.
| k_sze wrote:
| The Perl.com website is already _managed_ by the Perl
| Foundation. I feel like it 's important enough that it
| warrants being under the full custody of the foundation.
| briandfoy wrote:
| No, the Perl.com website is managed by David Farrell. The
| domain is owned by Tom Christainsen. The Perl Foundation is
| not involved with the operation of either.
| galgalesh wrote:
| The "about" section of the website says
|
| > Since 1997 Perl.com has been the home for quality
| articles about Perl programming, news and culture. The
| website is managed by the The Perl Foundation.
|
| They might want to update this if it isn't the case.
| hnarn wrote:
| > John Berryhill provided some forensic work in Twitter that
| showed the compromise actually happened in September. The domain
| was transferred to the BizCN registrar in December, but the
| nameservers were not changed.
|
| Isn't this preventable with "clientTransferProhibited"[1]?
|
| > This status indicates that it is not possible to transfer the
| domain name registration, which will help prevent unauthorized
| transfers resulting from hijacking and/or fraud. If you do want
| to transfer your domain, you must first contact your registrar
| and request that they remove this status code.
|
| If nothing else, you'd think that some simple monitoring would be
| warranted if you own an important domain, like checking the exit
| code of:
|
| # whois -h whois.verisign-grs.com google.com | grep "Registrar:
| MarkMonitor, Inc."
|
| [1]: https://www.icann.org/resources/pages/epp-status-
| codes-2014-...
| bhartzer wrote:
| If the domain thief has access to the network solutions
| account, they can just remove the domain lock. They have the
| keys to everything.
|
| There are more secure registrars than network solutions that
| require much more to transfer, like others have executive lock.
| You can specify certain terms that must be done before a
| change. Like the registrar must call you on a certain phone
| number and get a password verbally.
|
| At DnProtect, we are aware of at least 20 domains that have
| been stolen since the beginning of the year. Most from network
| solutions.
| 35fbe7d3d5b9 wrote:
| I don't understand the expected outcome from this attack.
|
| The hijacking of perl.com was front page news for the
| technical community. Did the thief really think they'd just
| be able to drop it on Sedo or Afternic and be done with it?
| edoceo wrote:
| Ransom maybe?
| bhartzer wrote:
| Nah, ransom is not usually the goal by domain thieves.
| They steal them to make a quick buck by reselling them.
| bhartzer wrote:
| I don't think it's really an attack on the domain Perl.com.
| Rather, Perl was just one of the domains stolen at the same
| time as others.
|
| I'm aware of at least half a dozen or so domains that were
| stolen at the same time, by the same domain thief.
|
| This was not an attack or hijacking. It was the stealing of
| domain names.
|
| What these domain thieves do is steal the domain, transfer
| it to another registrar, then attempt to sell them.
|
| In this case, Perl.com just got caught up in a list of
| domains that were stolen at the same time. Others stolen at
| the same time also start with the letter P.
| mprovost wrote:
| Wow I haven't heard the name Tom Christiansen in years. I
| remember when he used to comment on Slashdot. This inspired me to
| find my slashdot login and dig up some of his old posts. I just
| discovered his amazing eulogy for Gary Gygax [0]. I never knew
| that Tom used to work at TSR (of D&D fame) before becoming a
| programmer.
|
| [0] https://slashdot.org/comments.pl?sid=475216&cid=22665150
| robinhouston wrote:
| He's still active online, but his online activity currently
| seems to be concentrated at the Stack Exchange site on English
| Language & Usage:
|
| https://stackexchange.com/users/216196/tchrist?tab=activity
| sundarurfriend wrote:
| I often end up on his answers on StackOverflow when searching
| things related to Unicode. [1]
|
| They tend to be complicated "nothing's easy about Unicode"
| type answers, which some users call out as pedantic. But I
| much prefer getting the full picture from an expert like him
| and then making pragmatic compromises myself where needed,
| instead of the usual quick and easy answers that end up being
| full of hidden traps.
|
| [1]
| https://stackoverflow.com/users/471272/tchrist?tab=answers
| stjohnswarts wrote:
| I too love it when people go overboard on a stackoverflow
| question and get pedantic. Usually someone else gives a
| tldr; but I go down the rabbit hole and try to learn
| something ina addition to the short answer along the way.
| collyw wrote:
| He was one of the big names in the Perl world back in the
| 2000s. Wrote some books (including the wonderful Perl Cookbook)
| and I remember having a course at work given by the Tom
| Chritstiansen Perl consultancy.
| susam wrote:
| A lot of domain name management runs on honour system. Here are
| two relevant stories regarding this:
|
| - The Duct Tape Holding the Internet Together:
| https://medium.com/thisiscala/the-duct-tape-holding-the-inte...
|
| - Sinkholed: https://susam.in/blog/sinkholed/
|
| Disclosure: I am the author of the second story.
| abhinav22 wrote:
| Interesting read. What was your conclusion to the below?:
|
| I also wondered if a domain name under a country code top-level
| domain (ccTLD) like .in is more susceptible to this kind of
| sinkholing than a domain name under a generic top-level domain
| (gTLD) like .com.
| susam wrote:
| I am still using the .in domain name since the sinkhole issue
| was resolved in Dec 2019. I haven't faced any issue again. So
| that was a total of 1 issue in 14 years of using a .in domain
| name. I am not certain if I can draw any conclusion yet other
| than what is already mentioned in my blog post which @vxNsr
| has quoted in a sibling comment.
| vxNsr wrote:
| That appears to be answered in the following sentences:
|
| > _I asked Benedict if it is worth migrating my website from
| .in to .com. He replied that in his personal opinion, NIXI
| runs an excellent, clean registry, and are very responsive in
| resolving issues when they arise. He also added that domain
| generation algorithms (DGAs) of malware are equally, and
| possibly more, problematic for .com domains. He advised
| against migrating my website._
| teddyh wrote:
| This highlights a usefulness of not choosing the largest and/or
| cheapest domain name registrar. I work at a small registrar, and
| we know all our customers and communicate with them directly.
| Social engineering attacks get harder in such an environment.
| cesarb wrote:
| > This highlights a usefulness of not choosing the largest
| and/or cheapest domain name registrar.
|
| Since the domain is that old ("This domain was registered in
| the early 90s" according to the article), was there really a
| choice? IIRC, back then the only domain name registrar
| available was Network Solutions.
| toast0 wrote:
| It doesn't take a lot of time to move to a new registrar. And
| it should be seamless as long as you aren't relying on non-
| registrar services from the old registrar and you set the
| same nameserver settings at the new registrar.
| iso1631 wrote:
| Creation Date: 1994-08-16T04:00:00Z
| Symbiote wrote:
| That might be the reason for the initial choice, but there's
| doesn't require staying with the same registrar now.
| notRobot wrote:
| Which registrar do you work for?
| teekert wrote:
| (S)He can't say or they risk growing too big ;)
| teddyh wrote:
| I have been asked this before here on HN; my answer is here:
|
| https://news.ycombinator.com/item?id=21437951
| notRobot wrote:
| Very sensible answer :)
| vxNsr wrote:
| Hmmm... in that case I wonder if such offerings exist in
| the US?
| brabel wrote:
| > And, it always helps to have friends and good relationships
| with the people who are able to help.
|
| It would be nice if, you know, people just did their jobs
| impartially regardless of whether they know or like you. But the
| reality is that not knowing the "right people" does indeed make
| things much harder, as we hear often here on HN from small
| businesses trying to deal with the tech giants.
| ufmace wrote:
| Unfortunately, it turns out to be really tough to handle every
| possible edge case correctly without a little bit of cronyism.
|
| People forget passwords, lose 2FA devices, etc all the time.
| Many of the usual methods can be hijacked much more easily than
| you might think. It's tough to make the right call for
| legitimate user who messed something up versus a particularly
| sly attacker every time without some out-of-band personal
| knowledge about the person in question.
|
| All of the fancy tech in the world can't beat "Hey, I know Tom
| pretty well, this doesn't seem like something he would want to
| do. Maybe I better ring him up through a medium I trust to
| confirm this before I do it."
| kowlo wrote:
| Cronyism is embedded in most cultures
| toast0 wrote:
| > We think that there was a social engineering attack on Network
| Solutions, including phony documents and so on. There's no reason
| for Network Solutions to reveal anything to me (again, I'm not
| the injured party), but I did talk to other domain owners
| involved and this is the basic scheme they reported.
|
| Look, if your domain is with Network Solutions, and you missed
| the other wakeup call[1] to get off of them; let this be the
| wakeup call.
|
| Network Solutions was the right (only) choice for domains in the
| 90s, but it hasn't been the right choice for domains in probably
| two decades.
|
| [1]
| https://www.theguardian.com/technology/2013/oct/08/whatsapp-...
| blfr wrote:
| So what actually happened? Neither OP nor linked press articles
| seem to really explain it.
|
| (There's a joke somewhere in here about how readable Perl is.)
| tyingq wrote:
| Skip down to the section labeled _" What we think happened"_.
|
| Essentially, someone took over the Network Solutions domain
| management account for the domain and transferred it to a
| different registrar.
|
| It's not clear if that was due to a weak password, compromised
| contact email account, someone social engineering the Network
| Solutions staff, or something else.
| bhartzer wrote:
| What actually happened is that a bunch of domain names were
| stolen at network solutions. Many of which start with the
| letter P. Perl was just one of them.
|
| We probably will never know how it was done, as network
| solutions won't say, and they shouldn't.
| TwoBit wrote:
| OK but it was probably social engineering.
___________________________________________________________________
(page generated 2021-03-01 23:01 UTC)