Podshow And Hackers

by Paul Colligan on June 6, 2007

When I got my batch of “Podshow Hacked” emails, I was expecting the Podshow naysayers to claim how this was “proof” of whatever.

They didn’t.

When Curry admitted it on his blog, I expected a bunch of annoying comments.

They didn’t show up. There were a few – but not as many as I would have expected.

I’ve had my share of hacker problems. I know a lot of people who have. It sucks, but it’s part of this business. When I got those emails the first thing that went through my mind, honestly, was “some Podshow folk ain’t getting much sleep tonight.”

Is it “sloppy” management? Sometimes. Is it a “high profile” target? Sometimes.

Whatever it is, guys, sorry. I feel your pain.

Podosphere, thank you for not blowing this out of proportion.

Technorati Tags: , ,

Unlike
  • Michael Walsh
    Hi Paul,
    Well it was more than 'just' the mailserver being hacked. If the hacker got access to the user table they have a copy of our usernames, email addresses and passwords. I posted my concern on adams blog about podshow possibly storing passwords in plaintext (they email you the password in plaintext. I'm guessing they store(d) it that way too. Sadly my posts didn't show up on adams blog. There could be a glitch in the blog system or perhaps he removed it. I don't know there story there.

    Anyway, I'm not entirely convinced about their security policy. Anyone can be hacked, but it doesn't help matters when the DB access isn't locked down (stored procedures, usernames with specific rights, permissions on views), the DB containing sloppy information, and running off-the-shelf free software without keeping up to date. Last time I poked around they were running an old version of phpmyads, exploit that and get into the system.

    I don't think the comments should be "podshow sucks" but more "podshow needs a complete security audit for podcasters to have continued faith".

    I do hope my comment doesn't vanish off your blog like it did on curry.com (I do want to believe it's just a DB storing glitch and not AC deleting comments hitting too close to home).
  • Gee, thanks Tim.
  • That's because nobody cares Paul.
blog comments powered by Disqus

Previous post:

Next post: