Hacker News new | past | comments | ask | show | jobs | submit login

oops. The elastic IP reuse problem is actually pretty interesting/funny because I've seen a few scenarios.

The easiest one is cross site scripting sourced from a recently de-comissioned elastic IP. Its easy, really easy in fact. So much so that its been done more than once (duh).

Its been used for phishing, except the IP wasn't hijacked or misused, it was just reused by someone who was attentive enough to wonder what all that HTTP traffic was about.

Its been used for "shocksiting", where all of a sudden, your favorite AWS hosted website redirects to one of the more famous shocksites, serves an ad and makes them money. I won't share any of the links here, they're easy to find.

This current pinterest problem is pretty bad, I just checked the date on my machine and its 2013 so nobody with any sense should be storing unencrypted passwords. Even ROT13 would be better than nothing...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: