Slashdot is running a story on RoadRunner intercepting domain typos. My dad noticed this ‘feature’ a few weeks ago, and opted out via their preferences page. In addition to the Slashdot story, Ryan Govostes has an interesting article (written back in December) on the security holes lurking in this opt-out program. According to his post, one could wreak all kinds of havoc with TWC’s poorly written page, enabling or disabling the service for essentially all RoadRunner customers. SQL injections also appear to be a possible line of exploits.
Comments are closed.