Not that Epik is a great host. It's god awful and used by many horrible sites (but probably mostly clueless and harmless ones by absolute numbers which is part of the problem). Just normally the hackers are aware they are black hat hacking for profit not posting how they are self proclaimed white hat hacking for free.
I don’t know anything of Epik before this hack, but to me it’s clear that it was only a matter of time for Epik, and people should be mad at Epik. Unsalted md5 in 2021 is just inexcusable at this point and I’m doubtful this kind of hack took any skill at all given the complete lack of security they employed.
That the first thing that came to mind is a hacking group which disbanded a decade ago is a hint what you're describing is atypical considering these kinds of hacks are constant. Check the incident list on haveibeenpwned for example most of these are self admitted black hatters or criminal gangs, not hacktivist groups.
That's not to say there isn't also a lot of meme refencing and lulz involved as well just the hactivism "we're the good guys" isn't typical even when filtering to just the 4chan/Anonymous style hacks.
> The dump is completely reminiscent of 4chan/Anonymous hacktivists as well.
4chan/Anonymous weren't normally "hacktivists". E.g. lulzec... did it for the lulz. They didn't do it claiming to be white nights they actually called out white hat hackers as corrupt. They knew what they were doing was wrong they just found it funny - there is no need comment how the hackers are bad when they go around saying they are in the leak.
The hackers here explicitly think what they were doing is good hence the extra reaction saying wait, this is certainly not white hat hacking.
> I don’t know anything of Epik before this hack, but to me it’s clear that it was only a matter of time for Epik, and people should be mad at Epik. Unsalted md5 in 2021 is just inexcusable at this point and I’m doubtful this kind of hack took any skill at all given the complete lack of security they employed.
Largely agreed however it's possible to be angry at 2 parties at the same time and it's typical that every site at the butt end of a hack is found to have bad security (hence the hack) so it's not going to get the same reaction boost for commenting as hackers leaking some of HN's non-fascist members private info out of "altruism".
I don't really care if a company run by a notorious antisemite  gets its less savoury customers doxxed and harassed.
Agreed, this is what I explained before I said "It's not the typical hack scenario."
> I don't really care if a company run by a notorious antisemite  gets its less savoury customers doxxed and harassed.
Then you'd be in good company with most of the referenced comments complaining about the more savory customers being doxxed by this as well.
That’s not a fascist ideology, I think people should have their privacy respected and this will harm innocent individuals.
Epik is notorious for being a safe haven to the most extreme of right wing sites. There's simply no way you could not know what their business model is.
Guilt by association might suck, but they still willingly associated.
However, Epik is a badly run registrar (as evident by the leaks), and the only reason any of us know about them is because they've worked so hard to attract unsavory customers. Registrars mostly offer the same service at the same price, and catering to unsavory clients is their only differentiating feature.
It's their entire marketing scheme (take on customers that legitimate registrars won't), so it's not surprising that they're actually pretty illegitimate.
I'm sorry your data was leaked, and I'd take this as a sign to move.
I wonder if the media outlets will continue with their policies of not reporting on hacked info or not?
Then at least some places put into place policies like that, though some were then modified later:
I use namecheap as my registrar and cloudflare for dns. Though the free namecheap dns worked completely fine for the years I used it too.
No. Epik is (also) known for providing good prices for (medium sized) domain owners (and everybody else who just wanted to transfer their domains for a fair price.):
The first post from someone not employed by Epik is someone from Nigeria asking if they can buy a .US domain.
An Epik staff member tells them that .US are restricted to those with US contact information (which is almost correct--you need to be a US citizen, resident, organization, or a foreign entity with a bona fide presence in the US).
Then the Epik CEO answers that post suggesting how to circumvent the .US rules:
> However, just use the free WHOIS privacy proxy. Problem solved. You will need to keep the privacy on in this case.
That won't actually work because (as the Epik staff member points out in another reply to the Nigerian post) .US does not allow WHOIS privacy proxies.
But Epik is absolutely one if not the registrar you stumbled upon the last couple of years if you looked for good transfer prices.
I just think users should give other users in this thread the benefit of the doubt that they weren't Epik customers to support a fascist, hardcore libertarian Christian, Nazi, ... CEO and his company in any form.
They might just have googled for fair .com transfers and transferred a couple of domains in.
Even the threads here on HN from back then where epik gets mentioned don't mention that stuff.
External criticism from prominent publications and organizations of Epik for its hosting of far-right sites also dates back at least as far as early 2019 .
HN search provides a story about Epik hosting Gab  as the highest popularity story result for "Epik" in the date range Jan 8th 2018 to Dec 30th 2019 (HN search is weird about date ranges and wouldn't let me do 1st to 31st) . The front page of that search result has 5 other stories that are not just incorrectly matching on the word "Epic" or companies named "Epic", one of which is about Epik's "forever domains" service and got 3 points and 2 comments. One is about 8chan getting kicked off its previous provider and mentions them moving to Epik (it appears to be the same article as my ), but the comments mostly does not talk about Epik. The other articles are all about Epik hosting Gab or far-right sites but received few upvotes and comments.
In the first page of results for the corresponding search for comments  I can find 1 comment from 'sadris talking about Epik's low pricing, 1 comment from 'boultonmark on a non-Gab story describing Epik as seeming to be "the go to company for criminals online", 2 hiring posts from somebody who happens to have epik in their username near the bottom, and two comments using the word "epic" at the bottom. The 14 by my count other comments are all about Epik hosting Gab and/or either hosting or not hosting 8chan.
: The SPLC article below  says this is the timing, but the Wayback machine doesn't have frequent enough captures of their twitter account for me to verify the timing to more precisely than between
: https://web.archive.org/web/20190119014600/https://twitter.c... has "Protector of responsible Free Speech." in their bio, tweets calling for popular Youtube channels (including Jordan Peterson) to move to BitChute, and referring to itself as "Alt-tech", which afaict is a term coined to refer specifically to technology providers that alt-right sites & people have moved to as a result of bans or moderation policies on more mainstream providers.
The HN community - or even just small parts of it - did not go hard on Epik nor Rob Monster >12 months ago and mention all the horrible things about them, and it was not as commonly known as some currently make it out to be - not even in the thread about them welcoming Gab, nor the one about them not hosting 8chan.
Your claim upthread was:
> Even the threads here on HN from back then where epik gets mentioned don't mention that stuff.
but the HN search links demonstrate that the threads here on HN from back then where Epik gets mentioned are almost all specifically about that stuff! Not all of that discussion was opposed to Epik, but that wasn't the claim you took issue with.
As to your Google Trends link, yes, Gab has never been an especially popular website, and it was not as frequently searched for then as in the period immediately after Donald Trump's twitter account was suspended, but your trends link shows that the Epik coverage (and the only HN thread about Epik to get any traction in 2018 or 2019) coincided with the most searches Gab ever got (as a result of coverage related to the Tree of Life synagogue shooting) prior to Trump's twitter suspension, and was about three times as much as it gets nowadays. It was only exceeded during the week of January 10th through 16th of this year. Epik itself, of course, has never been as frequently searched for as even Gab ( https://trends.google.com/trends/explore?date=today%205-y&q=... ).
Yes it was? That's why I said threads - not posts. Threads include the discussion, not just the articles. And like you showed, even the big discussions did not have people mention how bad of a person Rob Monster is or that Epik is that right-leaning instead of just really free-speech.
In every second about a (big) company on HN, folk here mention how bad that company or some execs are - because it is common knowledge / opinion. And it's always one of the top comment threads in the thread.
Rob Monster and Epik being that right-leaning and not just "really free-speech", and also (Christian) nut jobs - was not common knowledge at that point. Which was my initial point "upthread upthread", that Epik had 100% a boat load of users that were just there for cheap domain prices and that did not know about it and were not there to support any of this. And thus are not guilty by association (and even deserve to be in that leak), like some in this thread claim.
It sucks what happened to you, but the only thing Epik sold themselves with is the same freedom that these people are utilizing.
They have the biggest "real" (as in for existing customers and without other limitations) promo / "happy hour" thread on the biggest domain name board:
https://www.namepros.com/threads/epik-com-promo-deals-and-ha... - where they regularly had pretty good transfer in prices.
Because I don't think he would, because they are muslims, and he is a white supremacist.
It's funny because both Epik and Cloudflare used to host 8chan and the dailystormer. They are more similar than people think.
But in this specific case? They are neo-nazis and white supremacists.
The ones who hacked Epik are just as bad as the 'neo-nazis' and 'white supremacists' you speak of.
You don’t see a moral difference between people who hacked a company’s customer list, and people who want to very literally murder my family and me? Those sound the same to you?
Assuming you have this evidence, did you just leave them online and then complain here and did nothing?
Maybe being obsessed around chasing Nazis everywhere and directly approaching them yourself comes with such risks and consequences which you should leave all to the authorities to deal with rather than using extreme illegal methods to attack any sort of service in the name of this so-called 'fascism' which at this point has become meaningless.
> Oh no! Why won't somebody think about the poor neo nazis and white supremacists posting violent content and murder lists?!
I assume you have evidence of this given your long obsession with Nazis in this thread. Did you forget to report these 'specific neo nazis' that posted this or did you just leave them online?
This should be a lesson in exercising moral and ethical restraint, and being conscious of who you do business with. Guilt by association sucks, but I am very skeptical about anyone who says that they run a website on Epik, simply because it is the go-to webhost for extremist and violent content.
When I first heard of Epik, it was due to the kinds of sites/domains he handled that were being kicked off other services for egregious reasons (including and not limited to: hosting white supremacist shooter manifestos, doxxing for murder). That in of itself told me to stay far, far away from Epik.
Advocating for free speech doesn't mean moral abandonment, either. There's a reason things like fighting words, threats of harm aren't considered protected speech... and there's (sadly) quite a few on here who still have yet to learn that part of the lesson when it comes to speech online.
Epik's business model is to specifically cater to Neo Nazis.
> Epik is known for providing services to websites with far-right content, such as the social network Gab, video hosting service BitChute, conspiracy theory website InfoWars, and neo-Nazi message board website The Daily Stormer. It was described in 2019 by Vice as "a safehaven for the extreme right" and in 2021 by The Seattle Times as "a home for far-right websites" because of its willingness to host far-right websites that have been denied service by other Internet service providers. In 2021, The Daily Telegraph wrote that Epik was "a safe harbour for websites said to be enabling the spread far-right extremism and carrying Neo-Nazi content"; the same year, Fortune called the company the "right wing’s best friend online". NPR reported in February 2021 that "when websites flooded with hate speech or harmful disinformation become too radioactive for the Internet, the sites often turn to [Epik] for a lifeline."
"Due to its size, it's incompatible with most torrent clients and many users will have difficulty downloading the data. When we're able, we'll release a more accessible version of the data."
As someone who downloads a lot of 4k HDR... Linux ISOs... (I have the highest level subscriptions to Disney+, Netflix, Hulu, HBO, Spotify, Amazon, Crunchyroll, and probably more I'm forgetting but not all of my devices will get the 4k stream due to DRM requirements so depending where I want to watch it I'll just download it instead) I've tried about every popular torrent client I've heard of and none have had problems with 100 GB+ sized torrents (or even much larger). Is this really a thing or are a lot of people just using a 10 year outdated version of uTorrent or something?
But anyway, I wasn't talking about who's liable, I was simply stating the fact that those developers were criminally negligent.
(Granted, that doesn't dispute the fact that the actor is still deserving of a lot of that liability. :) )
Better analogy- if I put some items up for sale in a consignment shop, and the shop owner doesn't lock the door overnight and someone runs off with all my stuff, I'm likely to be more upset with the shop owner than the actual thief.
You should not be surprised that you might get in trouble one way or another for employing the services of neo-nazis.
> Epik is an American domain registrar and web hosting company known for providing services to websites that host far-right, neo-Nazi, and other extremist content. It has been described as a haven for the far-right because of its willingness to provide services to far-right websites that have been denied service by other Internet service providers.
> Some of Epik's notable clients have included social network Gab, neo-Nazi website The Daily Stormer, and the imageboard website 8chan. In 2021, the Parler social network moved its domain registration to Epik when it was denied hosting and other web services after it was used to help plan the 2021 storming of the U.S. Capitol. Epik has also provided hosting and registrar services to Patriots.win, formerly TheDonald.win, an independent far-right forum that has served as the successor for the r/The_Donald subreddit that was banned in June 2020."
The rest of the article goes on with details about each of those and more, including many other companies terminating services to Epik as a result. Particularly after the El Paso shooting.
> You should not be surprised that you might get in trouble one way or another for employing the services of neo-nazis.
Would you say the same if someone poisoned (does not need to be fatal) cokecola bottles for their anti-union policies? https://en.wikipedia.org/wiki/Criticism_of_Coca-Cola https://en.wikipedia.org/wiki/Sinaltrainal_v._Coca-Cola_Co.
Or if IBM employees were doxxed? https://en.wikipedia.org/wiki/IBM_and_the_Holocaust
Or if github users/employees were doxxed? https://en.wikipedia.org/wiki/GitHub#ICE_contract
Does that mean everyone deserves to get their YouTube accounts hacked because of some bad videos on someones platform?
All domain purchases
All domain transfers in/out
All whois history
All DNS changes
All email forwards, catch-alls, etc
Payment history (no credit card data)
Over 500,000 private keys
Not a good look for these "privacy" focused players.
I use AWS Route53 and Google for domain registration. Despite being "invaders" of privacy supposedly, so far they've done a pretty good job keeping my data from leaking - nothing too interesting anyways but.
One worry would be employers or others taking lists like this and doing some screening of candidates etc through it.
I would never expose the people who work for me to that kind of toxicity, nor would I expose myself and my organization to that kind of liability.
I am all for freedom of speech, insofar that people don't get charged with crimes for participating in protected of speech, but I have absolutely no reason at all to tolerate those people, and feel as though I have a moral obligation to keep them away from the people I care about.
If this was leaked for political reasons, the person who did it should have known that thousands of innocent people would be affected. I wonder how many bystanders are going to lose their jobs or be cancelled because they just happened to come across epik.com when shopping around for a domain registrar?
If you're the type of person who has strong political opinions and you happen to be a recruiter at a company, wouldn't you be tempted to do a quick CTRL+F through this dump for the names on the resumes you're screening? No one will know, and even if you know not everyone on that list is a nazi, it's better to be safe than sorry right?
Branded for life and informally blacklisted just for buying a domain name. That sucks.
Only for the "bad guys"™
There's a german saying that goes "There are 10 people at the table with a Nazi. There are 11 Nazis at the table".
If you do business with Epik, a service owned and operated by Rob Monster, who is also a virulent Gab user and proud Neo Nazi and Antisemite, then you earn some guilt by association.
And nobody chooses Epik for the price or the service. They choose Epik because their website would be terminated from most other mainstream providers for violating rules against violence and hate speech.
They are not neutral in this. They are specifically creating a service for neo-nazis and the far right.
Not all of them knew about the parler and 8chan controversies, and even if they left when this all came out, it wouldn't stop them from appearing in this list, since it includes historical data.
So maybe leave judgements and punishments to the courts, and stop using your company to be a vigilant.
Looking at Gab, Parler and now Epik, it confuses my you'd paint a giant target on your back before making sure that everything's as secure as can be.
Parler was basically a Wordpress instance hacked through one of the plugins they ran. (And since it was a WP instance the also had the whole thing scraped because of the sequential nature of the IDs Wordpress uses.)
Gab rolled their own SQL injection mitigation and failed at it, published the source code themselves since they moved to the Mastodon network and then tried to cover up the whole thing --- and got hacked again because they never reset the user tokens.
And now this with Epik.
I understand the need to attract a clientele and free speech in itself can be attractive because there's so many issues stemming from automated content removal that people often have issues with the current providers but it simply makes no sense to set yourself up for a politically motivated hack and do nothing to prevent it... it's pretty crazy.
So no, we can't really put politics aside. It is all part of the same whole.
All of my sites are things you might see submitted here.
In what ways?
For whatever "fascists" this harms, it will harm significantly more innocent people.
Two wrongs do not make a right.
Even if someone was a self declared fascist, that is still not justification.
No need for quotes, bruh.
You can disagree with someone and still think they have rights.
Why should anyone should suffer consequences for threats of harm online? You agree that someone should be allowed to threaten, harass, intimidate and harm someone else through speech online?
Freedom of speech has never meant freedom from consequences of said speech.
As far as I see it, Epik's hack is a consequence of the speech they allow. No need for government, constitution and laws to see the cause and effect here.
> As far as I see it, Epik's hack is a consequence of the speech they allow.
That's a scary logic and it's the kind of logic that harms societies. Most violent leaders have used this style of justification for their actions.
We can not fight uncivility with uncivility. Doing so only makes the situation worse.
Sounds like moral panic to me. Do you not think neo-nazis are real or something? Serious question.
Paradox of Tolerance.
> Doing so only makes the situation worse.
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
And Epik continued to host sites that were taken offline specifically for those reasons.
That's your cognitive dissonance.
It is now worse since innocent users are involved in this leak.
Read what the CEO has to say about jewish people 
They specifically cater, not just host, but CATER to those who are unable to host elsewhere due to their content.
Maybe they themselves are the criminals and the fascists all along.
However, what i am concerned about is fascism. The wiki entry classifies fascism as such: ". . .characterized by dictatorial power, forcible suppression of opposition, and strong regimentation of society"
How is this suppression of an opposing political voice considered moral, legal or otherwise permissible? And before someone here responds with "Well, their content is violent", we have laws in our society. Period.
Extra judicial anything is simply not on.