Hacker News new | past | comments | ask | show | jobs | submit login

I'm guessing your domain wasn't a huge target then. There was a dns hijacking bug in r53 like 3-4 years ago that was fairly trivial to use. It allowed an arbitrary attacker to register new records to redirect your traffic and take a higher priority in the routing table. I probably shouldn't say much more about it because I don't think it was publicized after they fixed it.

I think you mean the BGP hack.


That wasn't reaaaaly an AWS hack. BGP hacks are still an issue since it is mostly an honor system! There are no safeguards against this except fast admin.

Well, there was that too. What I was referring to was a specific issue that allowed you to add entries for domains in r53 which were already in use (in r53). I can't remember the specifics too well, but I think it was an api validation issue on one of the endpoints. It wasn't a "I own your domain now" so much as "I receive some of your traffic sometimes".

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact