- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
Membership is FREE – with unlimited access to all features, tools, and discussions. Premium accounts get benefits like banner ads and newsletter exposure. ✅ Signature links are now free for all. 🚫 No AI-generated (LLM) posts allowed. Share your own thoughts and experience — accounts may be terminated for violations.
news Was there a Hack/Data Breach at Epik?
- Thread starter accurate
- Start date
-
- Tags
- #cyber #epik #epik_hack
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
I'm sure.
How do you learn to write secure code?
I'm interested since I'm trying to learn programming myself. Are there places to learn how to write more secure code?
I'm hopeful Epik did update the code.
Probably not.
Agreed.
At my full-time job we just had a ransomeware attack. Most of the steps that they are taking now are "too little too late". It was also an issue of untrained employees and bad security monitoring since the main IT guy left the company after being there for many years.
What would you do at this point to update and improve "shitty code" as you put it @Tom K.?
How do you learn to write secure code?
I'm interested since I'm trying to learn programming myself. Are there places to learn how to write more secure code?
I'm hopeful Epik did update the code.
Probably not.
Agreed.
At my full-time job we just had a ransomeware attack. Most of the steps that they are taking now are "too little too late". It was also an issue of untrained employees and bad security monitoring since the main IT guy left the company after being there for many years.
What would you do at this point to update and improve "shitty code" as you put it @Tom K.?
- Joined
- Nov 15, 2005
- Messages
- 1,020
- Reaction score
- 70
You can get a lot results in Google. But for example, when connecting to the database you should write prepared statements, open and close transactions when doing updates, keep the code up to date with the current language processor updates. Secure code is only part of the equation. The list is too long to write here.
I'm hopeful Epik did update the code.
@robmonster made it clear that the code was kept captive by the developer, it was boxed, and he operated with the Russia-based dev team on the basis of trust. And the code was from 2009. So that is very old code. Rob admitted it was seriously weak. So it raises the question, when did the code become open-source to Epik and when was the last security update made?
If the code was not being updated to work with the latest language processor versions over the years, and that's what it sounds like, the only option is a complete rewrite. IMHO.
- Joined
- Nov 15, 2005
- Messages
- 1,020
- Reaction score
- 70
BTW, those are not my words you put in quotes. Those are Rob's words.
For sure! Loved his book. Google it, buy it. Not sure if I can link but a must read for any domainer imo so....
Amazon.com: Domnomics: The business of domain names eBook : McCormac, John: Kindle Store
Amazon.com: Domnomics: The business of domain names eBook : McCormac, John: Kindle Store
www.amazon.com
I feel you. I prefer where ever there's a lot of engagement though and dnf ATM is kinda disappointing.
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
I was thinking maybe there was maybe online training specifically for this. Google is the way. 
Thanks, understood.
I did not realize this!
Wouldn't that take quite a long time?
Thanks, understood.
I did not realize this!
Wouldn't that take quite a long time?
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
That is good they are getting separated.
All of this registrar code is being rewritten from the ground up?
I'm not sure many of us care about these service, but I could be wrong.
Always had great support from the Epik team. @Epik
Glad to hear it.
I don't know much about this Gab.com story so I'm not sure I can comment well.
I do believe you need to distinguish between being a domain registrar and hosting these websites. Journalists get this wrong all the time.
Rob, you are of course free to share your opinions. Although, few CEOs or executives I have known in my career do for various reasons.
I think more the issue most have, including myself, is I do not really understand what the below means.
I have Forever Renewal of my most valuable domain with Epik.
My goodness, this thread got busy today.
Quick update:
- The tech work continues apace. Most significantly is the explicit separation of Dev and Ops. Traditionally in a small enterprise those teams can be one and the same but as an organization achieves maturity, those functions become operationally separate.
All of this registrar code is being rewritten from the ground up?
I'm not sure many of us care about these service, but I could be wrong.
Always had great support from the Epik team. @Epik
Glad to hear it.
I don't know much about this Gab.com story so I'm not sure I can comment well.
I do believe you need to distinguish between being a domain registrar and hosting these websites. Journalists get this wrong all the time.
As for the topic of "shady customers", let me remind the deal reminder of our thoughtful analysis on the topic:
The reality is that Epik has very few of these so-called problem customers.
What is also worth noting is that customers like Gab.com which the SPLC reviles just celebrated their 3 year anniversary of the brutal takedown operation that was directed against them.
Gab Social
Gab is a social network that champions free speech, individual liberty and the free flow of information online. All are welcome.gab.com
I believe Epik made the right decision in allowing them to come back online when Godaddy booted them. The controlled media has never really forgiven Epik for that decision, but the reality is that they have sown the seeds of their own destruction as evidenced by the viral "Lets go Brandon" meme which mocks media doublespeak.
Rob, you are of course free to share your opinions. Although, few CEOs or executives I have known in my career do for various reasons.
I think more the issue most have, including myself, is I do not really understand what the below means.
I have Forever Renewal of my most valuable domain with Epik.
- Joined
- Nov 15, 2005
- Messages
- 1,020
- Reaction score
- 70
I did not realize this!
Transcript of Rob Monster's live Q&A following the Epik breach
Transcript of a live Q&A session held by Rob Monster on September 16, 2021.
blog.mollywhite.net
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
If you think I'm going to watch all 4 hours of this you are mad. 
Transcript of Rob Monster's live Q&A following the Epik breach
Transcript of a live Q&A session held by Rob Monster on September 16, 2021.
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
I'm sure as a Marine veteran that must have been sickening.
Yes!Yes, I saw that. I can't believe that I saw a Marine 4-Star General state that we were using them as "tools". Honestly never been so sick.
- Joined
- Oct 12, 2003
- Messages
- 870
- Reaction score
- 181
My goodness, this thread got busy today.
Quick update:
- The tech work continues apace. Most significantly is the explicit separation of Dev and Ops. Traditionally in a small enterprise those teams can be one and the same but as an organization achieves maturity, those functions become operationally separate.
- The oldest legacy code from the 2011 acquisition of Intrust Domains is substantially being upgraded and ultimately replaced. Bear in mind that the registrar software is a rather unique class of software so full replacement is not a small task, but because we have a large dev team that work is well under way.
- Software like Masterbucks, DNProtect.com, WHOQ.com and TrustRatings.com are more representative of modern coding frameworks. They were being deployed apace. Some of these ecosystem innovations are now on a slower track due to the emphasis on the core.
- The support team continues to do an exemplary job, as it has undergone significant expansion and upgrade, operating 24.7 for email, chat and phone. Our TrustPilot score has stayed at or around 4.9 throughout the episode. Account security and domain security remain our top priority.
- Domains under management also continues to rise and never dropped below the level when the incident occurred. Today's transfers out were a benign 62 domains, quite typical for a registrar where domains are being bought and sold. Nearly 600 transfers in, vast majority of which is .com.
As for the topic of "shady customers", let me remind the deal reminder of our thoughtful analysis on the topic:
The reality is that Epik has very few of these so-called problem customers.
What is also worth noting is that customers like Gab.com which the SPLC reviles just celebrated their 3 year anniversary of the brutal takedown operation that was directed against them.
Gab Social
Gab is a social network that champions free speech, individual liberty and the free flow of information online. All are welcome.
I believe Epik made the right decision in allowing them to come back online when Godaddy booted them. The controlled media has never really forgiven Epik for that decision, but the reality is that they have sown the seeds of their own destruction as evidenced by the viral "Lets go Brandon" meme which mocks media doublespeak.
And now we have entered into a new chapter with the arrival of DWAC and a multi-billion dollar war chest with which to buy those assets that have yet to be destroyed by other means. The following image from the DWAC investor briefing is illustrative of the plan:
View attachment 5594
What these organizations will ultimately will find that not everything can be bought, and not everyone has a price. That was the implied subtext of this Tweet:
We are heading into a very interesting phase. Those of you who enjoy independent media might some day appreciate the useful role that Epik played.
If you are wondering why Epik got so much attention in the last 2 months, you might consider what others have already concluded: there are no other Epik's.
If you enjoy being lied to, or like losing your civil liberty, that is your prerogative. Most people would rather have it the American way which is why Epik is their friend and ally, even if it is occasionally uncomfortable to utter it.
Thanks to all our dear industry friends who continue to have our back, and who understand the historic times we are living in, and govern themselves accordingly.
#BeEpik
Thanks Rob.
- Joined
- Oct 12, 2003
- Messages
- 870
- Reaction score
- 181
I have on multiple occasions and have the screen captures to prove it.
Without defending epik I have called anonymous criminals and pushed back as hard as I was allowed on the lie anonymous did the world a favor by hacking epik.
- Joined
- Oct 12, 2003
- Messages
- 870
- Reaction score
- 181
You won't find it. You will find many NP members liking a lot of post and offering praise to the "security researchers" and "journalist" attacking epik and even Rob personally.
You'll also find post calling domain speculators extortionist and reference to Government supported violence.
- Joined
- Sep 15, 2009
- Messages
- 3,480
- Reaction score
- 1,189
I've read all 140+ pages, but I must've missed it or forgotten about it since it would've obviously been drowned out.
The leftist lunacy and hypocrisy amazes me day by day as they get closer to, unfortunately, getting their way. These are the same people that said the "summer of love" had "mostly peaceful protests" and turn a blind eye to the billions lost by even Black-owned businesses.
- Joined
- Sep 15, 2009
- Messages
- 3,480
- Reaction score
- 1,189
Hack aside, this attack of Rob's character is mind-bending. I cannot seem to do the mental gymnastics to agree/like it.
The irony of this not being disagreed to (at least ONE disagree/reply to disagree) on a forum that promotes the buying and selling of domain names at the least and the maximum possible price respectively is beyond me.
As Joe said, "Come on, man!" Someone should've had the fortitude to remind them of where they were, NamePros, which has "buy, sell, discuss domain names" in the logo. I'm unsure of anyone who would buy anything for $7 and sell it for $7 in any industry? Nobody wants to disagree with them on any point of view though.
The irony of this not being disagreed to (at least ONE disagree/reply to disagree) on a forum that promotes the buying and selling of domain names at the least and the maximum possible price respectively is beyond me.
As Joe said, "Come on, man!" Someone should've had the fortitude to remind them of where they were, NamePros, which has "buy, sell, discuss domain names" in the logo. I'm unsure of anyone who would buy anything for $7 and sell it for $7 in any industry? Nobody wants to disagree with them on any point of view though.
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
The whole point of domain investing is selling for a profit.
I don't get what they mean here.
I don't get what they mean here.
- Joined
- Oct 12, 2003
- Messages
- 870
- Reaction score
- 181
Possibly because any push-back is reported, labeled off topic and removed.
It gets better, the extortionist.
Attachments
- Joined
- Sep 28, 2012
- Messages
- 1,284
- Reaction score
- 493
Should Epik Change Name and Rebrand?
I think this might be something to consider.
- Joined
- Oct 12, 2003
- Messages
- 870
- Reaction score
- 181
NO.
Similar threads
