

Lulzsec Attempts Nintendo Hack - No Customer Information Lost - rkalla
http://online.wsj.com/article/SB10001424052702304474804576366802876217440.html

======
retlehs
That WSJ article only showed me 1.5 paragraphs before asking me to pay to
continue reading, here's a link to another article (not long, but doesn't ask
you to pay):

[http://www.reuters.com/article/2011/06/05/us-nintendo-
idUSTR...](http://www.reuters.com/article/2011/06/05/us-nintendo-
idUSTRE7541WP20110605)

------
rkalla
Sharing this primarily in-light of the discussion in the latest Sony-hack
story[1] on HN. Something being discussed was how common is shoddy enterprise
security. Seeing a hack attempt against Nintendo fail by one of the same
groups that hacked Sony recently was pertinent.

[1] <http://news.ycombinator.com/item?id=2621844>

~~~
Osmose
I don't know if you should consider this a failed attempt; the pastebin
release implies that they were just "warming up" before the FBI attack.
Perhaps they wanted more and failed, but perhaps they weren't aiming to
compromise them like Sony.

~~~
r00fus
Perhaps failure is a strong word, but clearly the attackers didn't gain
anything of value - unlike every single Sony attack.

------
nextparadigms
This is actually more bad news for Sony. It shows that their competitors have
much better security than they do, and Sony won't be able to claim anymore
that "it wasn't _really_ their fault, it's just that the hackers were very
good".

------
Osmose
Pastebin of the release: <http://pastebin.com/QFJN82X4>

It's apparently nintendo.com's httpd.conf. Most is just a huge pile of url
rewrites.

~~~
carbocation
I wonder what patio11 thinks of their KeepAliveTimeout settings?

    
    
      KeepAlive On
      MaxKeepAliveRequests 0
      KeepAliveTimeout 120

------
tjarratt
This is my number one pet peeve, right here:

>>>>>>>>>>>>>>

# Force all clients that hit this host to www.nintendo.com

RewriteEngine on

RewriteRule .* <http://www.nintendo.com/> [R,L]

<<<<<<<<<<<<<<

Nothing is worse than trying to go to foobar.com/something/I/know/exists and
being redirected back to the homepage. What's wrong with deep linking and
respecting URLs that a user has been to before?

More importantly, doesn't this interfere with bookmarks?

~~~
Groxx
Uh, it doesn't mean that at all. Here's a random link, note how it doesn't
redirect to the homepage:
[http://www.nintendo.com/games/detail/9xKcFNixgDWMPXx0DGu0_77...](http://www.nintendo.com/games/detail/9xKcFNixgDWMPXx0DGu0_77F-6Hwbk2s)

That's just the default behavior. There's an enormous amount of other rewrites
to handle actual functionality.

Bookmark interfering - probably. But which is worse for _most_ users: a 302 /
404 error, or being pushed somewhere useful to start from?

~~~
idle_processor
302 won't break bookmarks.

Most users get taken to where they meant to go, without noticing the domain
rewrite.

