back to article Houseparty denied it had been hacked... while miscreants were abusing its dot-com domain name infrastructure

At the end of March, video chat app Houseparty, owned by Epic Games, responded to unsubstantiated reports that user accounts had been hacked – by offering a $1m bounty to anyone able to prove the rumors were part of a coordinated campaign to smear the company. The developer said at the time it had no evidence of any link …

  1. Jamie Jones Silver badge

    I wonder if their login cookies use a domain of *.housepartyapp.com ?

    You don't want these leaking to a third-party spammo

  2. Joe Montana

    Address recycling

    Yet another reason why we need IPv6...

    IPv4 address on AWS and other such platforms need to be recycled because there's a shortage of them, if a machine gets killed and they don't remove the DNS records then someone else will soon inherit them. The address allocations are also random and spread all over the address space AWS owns so if your trying to add firewall rules, or determine what the traffic is from a packet capture or logs its painful.

    IPv6 allocations are based on blocks per customer, so houseparty will be allocated a large block by AWS and all of their allocations will come from that. If they drop a machine then the address goes dead and won't be allocated to a different customer as it still belongs to houseparty.

    Another good example of this absolute mess is Zoom:

    https://support.zoom.us/hc/en-us/articles/201362683-Network-Firewall-or-Proxy-Server-Settings-for-Zoom

    75 separate spread out ipv4 blocks that belong to aws (and do zoom even control all the addresses in those blocks?), or a single ipv6 block that belongs exclusively to zoom... I know which i'd rather use for monitoring and firewall rule purposes.

    1. Claptrap314 Silver badge
      FAIL

      Re: Address recycling

      I'm sorry, but no.

      Certainly, it is easier (today) to grab of 2^48 or so addresses and not worry about proper address management. But sloppiness is what has gotten us into this mess.

      Subdomain mismanagement is a major problem with Microsoft. Now we see that they are "industry leaders" instead of outliers.

      If you properly manage things like DNS records, it's going to take a significant amount of effort.

      If you don't properly manage things like DNS records, you are going to have a bad time.

      IPv6 might (might) allow you to get by with pretending that you can orphan IP addresses for a while. But the pain you will be in when it all falls apart (and it will), will be orders of magnitude more severe than when you are stuck with 32 bits for the entire world to play with.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020