Furocity is no more

[Jim Demintia]

Sure. It's not hard to hijack someone's password when you're that close to 'em, and even if you're not- it's not like people follow good practices with passwords. Any dimbulb can steal a password, and I'm sure Piche can operate a website control panel. Most web-hosting stuff is pretty dumbed down since every two-bit huckster wants to start a website and get rich on "online marketing" or whatever.

He understands enough to know that he who controls the domain controls pretty much everything. Again, I'm pretty sure he hijacked and redirected furaffinity.net for a while when he was trying to pry it out of Alkora's hands. I seem to remember reading Alkora ended up letting go of the site for probably a lot less than he should have, probably because Piche waved wads of government welfare-cash in front of him and knowing Alkora, he probably needed the money.

Sean Piche is a stupid, stupid man but that doesn't mean he's incapable of intentionally screwing someone over when he thinks it will get him what he wants. He's dumb AND malicious.

[Conan]

Didn't Piche hijack FurAffinity's DNS from Alkora when he was staging his coup?

I think it was either the opposite or didn't involve Dragoneer at all. It used to be on the ED article about FA but must have been edited out prior to the whole OhShitternet thing.

[Kindrift]

The short story is that Piche bought FA from Alkora, but never transferred the domain into his name and never had the password.  Alkora supposedly needed cash, something about an apartment with black mold on the walls, so he took the domain for ransom.  Once Alkora was satisfied, he finally gave up the domain.

[Ben]

What I find curious is that we know Gavin is online again, but after 2 weeks, Furocity is still redirecting. I wonder what gives?

[Jim Demintia]

What I find curious is that we know Gavin is online again, but after 2 weeks, Furocity is still redirecting. I wonder what gives?

Sure seems like he is having trouble getting into his DNS control panel, for whatever reason. Why else would you want to DM your domain registrar? (Are these guys really so bad with support to paying customers that you need to use Twitter?)

Is it possible that these problems are unrelated, at least directly, to the mass exodus of Furocity staff from FA's ranks? I mean that sort of stands on it's own as being inevitable, doesn't it?

[Pi]

I never understood people who both know what DNS is and have to have a web-based control panel for it — my DNS control panel is "vi /service/tinydns/data"¹. Then again, I read Twitter in emacs so maybe I'm not the target audience.
¹ _{except for that box running bind.}

[Conan]

http://gavin.furocity.com/blog/4991/

What happened:

On the 28th of October, CT was hit with a massive storm (you may have heard about this) which shut off power to about 80% of the entire state.  Where I live, the town was 98% out (similar in close towns, as well).  I was without power until this past Monday.  Cell towers were down, texting/calls were out of the question, essentially I was cut off from the rest of the world for almost all of that time.  Internet/phone service is still down for myself and much of my area.

At some point, I believe it was the 4th or 5th of November, I received a text for the first time whilst driving to my office (in reality, it was a gigantic collection of texts and emails, delivered all at once).  It was from the previous day, telling me that something was wrong with Furocity, that it was redirecting to a domain parked page, then Inkbunny, then SoFurry.  This was the first I had heard of it, and so I started to try and fix the issue from my office, as best I could.

Upon getting into my office, I tried logging into my registrar account, found that the password was incorrect, then tried logging into my business' GMail account (used as the contact for the registrar) to reset the password.  Unfortunately, that's when I realized that my business' GMail account had been compromised.  They were able to get the answers to its security questions, and thus able to change the password, then allowing them access to my registrar account.

Emails to the registrar were fruitless, so I ended up dealing with GMail's recovery system, which ended up allowing me access after providing an inordinate amount of information about the account.  Unfortunately, after I had gained access back into the account, I found that the hijacker had changed the access email for my registrar account, so that I could no longer access that account either.

This realization spurred weeks of trying to get things fixed, faxing to other countries, dealing with automatic 5-day wait periods and immense time differences which caused almost 24-hour delays between emails, just to regain access to the account and its associated domain registrations.  Now, I can't fault them for being thorough in their methods for determining the proper owner of the account (it required the faxing of legal documents -- yay, lawyers), but I -am- surprised that it is so easy to hijack a user's account on the system.

During this time, I received word that a journal was posted on SoFurry (a site on which I had never made an account), "explaining" the situation.  Please be assured that this was not me, and is not the truth of the situation.


That's about it for the bad news, now on to the good news:

Soon after I found out about the journal, Toumal (SoFurry's owner) emailed me asking for some clarification about the whole incident.  After explaining the situation, as well as detailing my actions, the journal was removed and the account is to be transferred to my ownership.

Fortunately, the hijacker had not gained access to the servers and has not obtained my password(s); as such, the data for Furocity's users remained un-accessed, and the servers have not been touched.

I had become complacent, not expecting my account to be the target of an attack.  I certainly never expected someone to come and attempt to disrupt my business like this.  I am just glad that I have very understanding (and helpful) clients, friends, colleagues, staff, and users.

I wish to give my apologies to everyone who was affected by this, especially to those who have been trying to access the site and were unable to.

I also want to express my sincere thanks and appreciation to everyone who came to my aid, or to my defense, and those who stood by the site during this harrowing experience.

Of course this begs the question: why didn't you say something sooner?

[loki]

Of course this begs the question: why didn't you say something sooner?

Because that would require having to make a decision which is ~scary~ - seriously, this guy is just another Dragoneer.

[Jim Demintia]

I dunno. Assuming he's telling the truth and not trying to spin things (hello "Gawker hack caused FAleaks"), this all seems somewhat reasonable, timeline-wise. Assuming he only found out about all this on 4 November, that he has just now only had time to sit down and write a journal about all this is not implausible. He's really lucky that it wasn't worse, ie. identity theft. This was pretty clearly a furry who did this, given the redirect.

The lesson here is use good password practices and good security practices in general. You might think truly random, lengthy passwords are a pain; but so is what happened to Gavin.

[rodox_video]

- seriously, this guy is just another Dragoneer.

whoa whoa careful dude don't think too hard, you might just stumble onto some kind of universal truth

[Spip]

Unfortunately, that's when I realized that my business' GMail account had been compromised.  They were able to get the answers to its security questions, and thus able to change the password, then allowing them access to my registrar account.

Aaargh that's why you shouldn't give real answers to 'security' questions! They only exist to get dumb users out of CSRs' hair, not to give real security! For heaven's sake, even the stupidest furries out there (e.g., me) should know this by now.

[ProvincialTwit]

Haha, he calls it a 'business'.

[Conan]

I dunno. Assuming he's telling the truth and not trying to spin things (hello "Gawker hack caused FAleaks"), this all seems somewhat reasonable, timeline-wise.

My point was he obviously had internet at his office, and should have at least tweeted something about it. Instead, he sat in silence for weeks (until the power came back at his house???).

If the same thing happened to FA, I can guarantee they'd at least acknowledge it pretty quickly, and not wait three weeks.